| |
| |||||||
Log-Analyse und Auswertung: Win10: Defender Warnung Bladabindi.YPS!MTBWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
12.09.2021, 15:18
| #1 |
 |  Win10: Defender Warnung Bladabindi.YPS!MTB Liebe alle, ich habe grade eine Warnung des Windows-Defenders erhalten, dass Bladabindi.YPS!MTB entdeckt und in die Quarantäne verschoben wurde. Dort habe ich die betroffene .exe dann entfernt. Allerdings handelt es sich bei dem Programm um eine Software, die ich schon vor 1,5 Jahren heruntergeladen hatte; d.h., dass der Trojaner potentiell schon wirklich lange auf meinem System aktiv war. Deswegen würde ich mich freuen, wenn ihr einen Blick auf meine Logfiles werfen könntet, ob da vielleicht noch etwas lauert. :/ Erkannt: Backdoor:Win32/Bladabindi.YPS!MTB Datum: 12.09.2021 15:27 Details: Dieses Programm stellt einen Remotezugriff auf den Computer bereit, auf dem es installiert ist. file: C:\Vorname\Anna-Lena\Downloads\download-audacity-windows.exe Danke für eure Unterstützung! Die Logs folgen anbei: FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 11-09-2021
durchgeführt von Vorname (Administrator) auf DESKTOP-7UECPU6 (LENOVO 20FCS02400) (12-09-2021 15:42:10)
Gestartet von C:\Users\Vorname\Desktop
Geladene Profile: Vorname
Platform: Windows 10 Pro Version 21H1 19043.1165 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() [Datei ist nicht signiert] C:\Program Files\MATLAB\R2021a\bin\win64\cef_helper.exe <5>
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Vorname\AppData\Local\WebEx\ciscowebexstart.exe
(Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Vorname\AppData\Local\WebEx\WebEx\Meetings_01\atmgr.exe
(Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Vorname\AppData\Local\WebEx\WebEx\Meetings_02\atmgr.exe
(Conexant Systems LLC -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\130.4.4978\QtWebEngineProcess.exe <2>
(g10 Code GmbH -> The GnuPG Project) C:\Program Files (x86)\GnuPG\bin\gpg-agent.exe
(geek software GmbH -> geek software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Huawei Technologies Co., Ltd. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki134903.inf_amd64_2480319490c96793\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki134903.inf_amd64_2480319490c96793\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki134903.inf_amd64_2480319490c96793\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki134903.inf_amd64_2480319490c96793\IntelCpHeciSvc.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
(Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\Vorname\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\tphkload.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN11CD~1.INF\driver\shtctky.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN11CD~1.INF\driver\tpnumlkd.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN11CD~1.INF\driver\tposd.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\Lenovo\PowerMgr\EasyResume.exe
(Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(LITE-ON TECHNOLOGY CORP.) [Datei ist nicht signiert] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\Skdaemon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <12>
(OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(SafeNet, Inc. -> SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Seafile Ltd. -> ) C:\Program Files (x86)\Seafile\bin\seaf-daemon.exe
(Seafile Ltd. -> Seafile Ltd.) C:\Program Files (x86)\Seafile\bin\seafile-applet.exe
(Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\Vorname\AppData\Local\slack\app-4.19.3\slack.exe <6>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(The MathWorks, Inc. -> The MathWorks Inc.) C:\Program Files\MATLAB\R2021a\bin\win64\MATLAB.exe
(Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.) C:\Program Files\Tracker Software\PDF Editor\PDFXEdit.exe
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\Vorname\AppData\Roaming\Zoom\bin\CptHost.exe
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\Vorname\AppData\Roaming\Zoom\bin\Zoom.exe <2>
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Enhanced Performance Keyboard] => C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKDaemon.exe [4013056 2014-08-17] (LITE-ON TECHNOLOGY CORP.) [Datei ist nicht signiert]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8091424 2021-08-31] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5296864 2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [109324536 2021-03-12] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779504 2021-07-05] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1706224 2021-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKU\S-1-5-21-2422593417-987533348-2287060427-1001\...\Run: [Google Update] => C:\Users\Vorname\AppData\Local\Google\Update\1.3.36.102\GoogleUpdateCore.exe [223816 2021-08-05] (Google LLC -> Google LLC)
HKU\S-1-5-21-2422593417-987533348-2287060427-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-2422593417-987533348-2287060427-1001\...\Run: [Seafile] => C:\Program Files (x86)\Seafile\bin\seafile-applet.exe [5682848 2020-07-29] (Seafile Ltd. -> Seafile Ltd.)
HKU\S-1-5-21-2422593417-987533348-2287060427-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\Vorname\AppData\Local\WebEx\ciscowebexstart.exe [4662608 2021-08-27] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-2422593417-987533348-2287060427-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5550304 2021-07-24] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2422593417-987533348-2287060427-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2422593417-987533348-2287060427-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\Vorname\AppData\Local\slack\slack.exe [309568 2021-08-25] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKU\S-1-5-21-2422593417-987533348-2287060427-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Vorname\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2422593417-987533348-2287060427-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Vorname\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2422593417-987533348-2287060427-1001\...\RunOnce: [Uninstall 21.150.0725.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vorname\AppData\Local\Microsoft\OneDrive\21.150.0725.0001"
HKU\S-1-5-21-2422593417-987533348-2287060427-1001\...\MountPoints2: {0a4629e5-c5f1-11eb-b607-54ee75a1907a} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2422593417-987533348-2287060427-1001\...\MountPoints2: {1634cc7d-445e-11eb-b5e8-54ee75a1907a} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2422593417-987533348-2287060427-1001\...\MountPoints2: {de35e9df-9e03-11eb-b601-54ee75a1907a} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MG4200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB9.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MG5600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCA.DLL [30208 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TS5000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDF.DLL [30720 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\System32\AdobePDF.dll [65160 2021-05-28] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG4200 series XPS: C:\Windows\System32\CNMXLMB9.DLL [392192 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5600 series: C:\Windows\System32\CNMLMCA.DLL [406016 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5000 series: C:\Windows\System32\CNMLMDF.DLL [485376 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\System32\CNMN6PPM.DLL [375296 2014-03-17] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\PDF-XChange V6 Printer Port Monitor (Lite): C:\WINDOWS\system32\pxcpm5L.dll [150720 2017-08-11] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\93.0.4577.63\Installer\chrmstp.exe [2021-09-09] (Google LLC -> Google LLC)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {03A0DEBE-511E-48D1-8956-04196D548344} - System32\Tasks\Microsoft\Windows\Conexant\SA2 => C:\Program Files\CONEXANT\SAII\SACpl.exe [1832280 2017-06-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
Task: {0884FE93-A11F-40D8-A88D-0F9A243C068A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5439384 2021-09-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {0BF9D692-A2CA-48A5-AA48-8C33AA3412A3} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758792 2021-07-13] (Lenovo -> )
Task: {22EE4CCA-8FEB-4C77-B00E-2AC5B2EFB4C7} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {24B8FF69-FCAB-496A-8776-847D6B136D88} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {38546662-E63D-44CD-8112-A396CDB10A09} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {38934ECF-6371-4089-B60B-7C58F7A48125} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4090464 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {3A9FB49D-FF9C-418B-96EA-422C6F073648} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-05] (Google LLC -> Google LLC)
Task: {437505E1-4BC8-4927-B771-BFA969AD0B83} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C851BFB-6781-4BC6-93AB-6FA5D3BD8C47} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\WINDOWS\System32\ibmpmsvc.exe [949632 2019-12-11] (Lenovo -> Lenovo.)
Task: {4F6A7D25-8579-4EE1-B3C2-959269D782BE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {564BB0AD-23AE-46AB-82EC-B980F2936CFF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {665DFBC1-3C34-4421-BA2E-84464D2BD81B} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758792 2021-07-13] (Lenovo -> )
Task: {6E6A47B2-560F-453E-92B9-6B962891E2ED} - System32\Tasks\MATLAB R2021a Startup Accelerator => C:\Program Files\MATLAB\R2021a\bin\win64\MATLABStartupAccelerator.exe [51200 2020-11-15] () [Datei ist nicht signiert]
Task: {787DC4CF-D7C8-4D48-B586-E22D9D8201A0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2422593417-987533348-2287060427-1001UA1d25b2128592caf => C:\Users\Vorname\AppData\Local\Google\Update\GoogleUpdate.exe [152216 2016-08-06] (Google Inc -> Google Inc.)
Task: {8F39EEDF-6519-4B99-B1B6-B5023A505ED1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2422593417-987533348-2287060427-1001Core1d25b2128552f93 => C:\Users\Vorname\AppData\Local\Google\Update\GoogleUpdate.exe [152216 2016-08-06] (Google Inc -> Google Inc.)
Task: {91A96FF1-B7D5-4B69-9FAE-24E18810AD2E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {95105BF9-BF28-480D-A5EE-5EACBC40CB41} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2422593417-987533348-2287060427-1001Core => C:\Users\Vorname\AppData\Local\Google\Update\GoogleUpdate.exe [152216 2016-08-06] (Google Inc -> Google Inc.)
Task: {9B1E0341-E92B-4062-9BF2-89BBE7783084} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {9DA6DEEC-563B-4CE2-8916-196E4E4A2A83} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {A7F1792D-39FE-40EC-9595-70B1E8818AC0} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [680888 2021-09-08] (Mozilla Corporation -> Mozilla Foundation)
Task: {AC7A8040-A4EF-4C7D-A72B-FB3D5CB7E898} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [1823232 2016-07-05] (Conexant Systems, Inc.) [Datei ist nicht signiert]
Task: {B14BD680-0C80-452B-922B-91BA2E9E9EAE} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {BC4D118D-B271-434F-B6BC-398A322C0ECA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2422593417-987533348-2287060427-1001UA => C:\Users\Vorname\AppData\Local\Google\Update\GoogleUpdate.exe [152216 2016-08-06] (Google Inc -> Google Inc.)
Task: {BD545E41-1F51-4858-9101-67410105B1CE} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [62136 2021-07-11] (Lenovo -> )
Task: {C7EEAFB2-91EC-4280-8F9F-18D8876D53D4} - System32\Tasks\MATLAB R2020b Startup Accelerator => C:\Program Files\MATLAB\R2020b\bin\win64\MATLABStartupAccelerator.exe [53760 2020-07-29] () [Datei ist nicht signiert]
Task: {D512E1DD-676A-4F80-9382-C4C50BDAB636} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113496 2021-09-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {D8CCB11D-9E95-4349-801F-F3F987713813} - System32\Tasks\WRU => C:\Program Files\Intel Corporation\Intel WiDi\WRU.exe
Task: {D9150840-27F0-4AFB-8F5C-75E213CA0AF0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DC5FEED7-8FA4-4C5E-A290-2186DBA2F10B} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [112824 2021-07-11] (Lenovo -> Lenovo)
Task: {DF04E5F6-2241-4EF9-9F96-BC90D201B20E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113496 2021-09-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0637436-3819-46F9-ABC2-5BE2E7FD2A71} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2422593417-987533348-2287060427-1001 => C:\Users\Vorname\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [87896 2021-08-18] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {E093A798-6373-4F9B-9234-53FE55C13707} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {E7A3AE88-5584-416A-8B97-07E2789279DF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5439384 2021-09-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {EBA0B19B-6A2D-4C6A-9FA8-CF9C2F131931} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-05] (Google LLC -> Google LLC)
Task: {F05FF9FD-3B08-440E-90AB-80CC08DD7AEF} - System32\Tasks\RtsCM => C:\WINDOWS\RtsCM64.exe
Task: {F090FB7B-16DF-47A3-890F-461D5CA9440B} - System32\Tasks\MATLAB R2016a Startup Accelerator => C:\Program Files\MATLAB\R2016a\bin\win64\MATLABStartupAccelerator.exe [44544 2015-12-28] () [Datei ist nicht signiert]
Task: {F8FBE856-ADBE-47AA-B80B-F8BF758E4CD6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2422593417-987533348-2287060427-1001Core.job => C:\Users\Vorname\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2422593417-987533348-2287060427-1001UA.job => C:\Users\Vorname\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MATLAB R2016a Startup Accelerator.job => C:\Program Files\MATLAB\R2016a\bin\win64\MATLABStartupAccelerator.exe
Task: C:\WINDOWS\Tasks\MATLAB R2020b Startup Accelerator.job => C:\Program Files\MATLAB\R2020b\bin\win64\MATLABStartupAccelerator.exe
Task: C:\WINDOWS\Tasks\MATLAB R2021a Startup Accelerator.job => C:\Program Files\MATLAB\R2021a\bin\win64\MATLABStartupAccelerator.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{01b7e1ee-e5a4-4ee2-82a9-8f5339d48ef2}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{a3cbde8e-24ad-4110-b52c-ff27c566fda4}: [DhcpNameServer] 10.114.0.1
Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Profile: C:\Users\Vorname\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-12]
Edge HomePage: Default -> hxxp://www.bing.com/?pc=COSP&ptag=D112218-N0690AB747CC590BEC44CD91F&form=CONMHP&conlogo=CT3330962
FireFox:
========
FF DefaultProfile: 5o626fqq.default
FF DefaultProfile: oixjklfr.default-1475535494820
FF ProfilePath: C:\Users\Vorname\AppData\Roaming\Zotero\Zotero\Profiles\5o626fqq.default [2021-09-06]
FF ProfilePath: C:\Users\Vorname\AppData\Roaming\Mozilla\Firefox\Profiles\oixjklfr.default-1475535494820 [2021-09-12]
FF NewTab: Mozilla\Firefox\Profiles\oixjklfr.default-1475535494820 -> hxxp://www.bing.com/?pc=COSP&ptag=D112218-N0600AB747CC590BEC44CD91F&form=CONMHP&conlogo=CT3330962
FF Notifications: Mozilla\Firefox\Profiles\oixjklfr.default-1475535494820 -> hxxps://piratenpad.de
FF Extension: (Forest: stay focused, be present) - C:\Users\Vorname\AppData\Roaming\Mozilla\Firefox\Profiles\oixjklfr.default-1475535494820\Extensions\@forest-firefox-addon.xpi [2021-08-16]
FF Extension: (Cisco Webex Extension) - C:\Users\Vorname\AppData\Roaming\Mozilla\Firefox\Profiles\oixjklfr.default-1475535494820\Extensions\ciscowebexstart1@cisco.com.xpi [2021-07-27]
FF Extension: (HTTPS Everywhere) - C:\Users\Vorname\AppData\Roaming\Mozilla\Firefox\Profiles\oixjklfr.default-1475535494820\Extensions\https-everywhere@eff.org.xpi [2021-07-14]
FF Extension: (I don't care about cookies) - C:\Users\Vorname\AppData\Roaming\Mozilla\Firefox\Profiles\oixjklfr.default-1475535494820\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2021-08-12]
FF Extension: (Privacy Badger) - C:\Users\Vorname\AppData\Roaming\Mozilla\Firefox\Profiles\oixjklfr.default-1475535494820\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-08-19]
FF Extension: (LastPass: Free Password Manager) - C:\Users\Vorname\AppData\Roaming\Mozilla\Firefox\Profiles\oixjklfr.default-1475535494820\Extensions\support@lastpass.com.xpi [2021-09-03]
FF Extension: (uBlock Origin) - C:\Users\Vorname\AppData\Roaming\Mozilla\Firefox\Profiles\oixjklfr.default-1475535494820\Extensions\uBlock0@raymondhill.net.xpi [2021-07-31]
FF Extension: (Zotero Connector) - C:\Users\Vorname\AppData\Roaming\Mozilla\Firefox\Profiles\oixjklfr.default-1475535494820\Extensions\zotero@chnm.gmu.edu.xpi [2021-08-19] [UpdateUrl:hxxps://www.zotero.org/download/connector/firefox/release/updates.json]
FF Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\Vorname\AppData\Roaming\Mozilla\Firefox\Profiles\oixjklfr.default-1475535494820\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2021-02-25] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
FF Extension: (NoScript) - C:\Users\Vorname\AppData\Roaming\Mozilla\Firefox\Profiles\oixjklfr.default-1475535494820\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-07-29]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-04-27]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2017-08-11] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-07-05] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2017-08-11] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-07-05] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2017-08-11] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2422593417-987533348-2287060427-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2017-08-11] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR Profile: C:\Users\Vorname\AppData\Local\Google\Chrome\User Data\Default [2021-09-12]
CHR Extension: (Präsentationen) - C:\Users\Vorname\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-05]
CHR Extension: (Docs) - C:\Users\Vorname\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-05]
CHR Extension: (Google Drive) - C:\Users\Vorname\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-29]
CHR Extension: (YouTube) - C:\Users\Vorname\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-05]
CHR Extension: (Adobe Acrobat) - C:\Users\Vorname\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-01-29]
CHR Extension: (Tabellen) - C:\Users\Vorname\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-05]
CHR Extension: (Google Docs Offline) - C:\Users\Vorname\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Vorname\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Google Mail) - C:\Users\Vorname\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-29]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842480 2021-07-05] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3779840 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3547904 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9166736 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2021-08-31] (Dropbox, Inc -> Dropbox, Inc.)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1955680 2021-08-19] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-07-16] (GOG Sp. z o.o. -> GOG.com)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [4665168 2015-09-24] (SafeNet, Inc. -> SafeNet Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-07-03] (Huawei Technologies Co., Ltd. -> ) [Datei ist nicht signiert]
R2 Lenovo Instant On; C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\EasyResume.exe [2351320 2021-07-11] (Lenovo -> Lenovo Group Limited)
S2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-01-29] (Microsoft Windows -> Microsoft Corporation)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-08-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\TPHKLOAD.exe [465200 2020-12-28] (Lenovo -> Lenovo Group Limited)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 dlcdcncm; C:\WINDOWS\System32\drivers\dlcdcncm62_x64.sys [90344 2020-04-28] (DISPLAYLINK (UK) LIMITED -> DisplayLink Corp.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 MpKsl782d1c2c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A79314AC-EB9E-4930-B915-071454EA85ED}\MpKslDrv.sys [130296 2021-09-12] (Microsoft Windows -> Microsoft Corporation)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
R0 PRTDRV; C:\WINDOWS\System32\Drivers\PRTDRV.sys [34088 2015-03-24] (Psychology Software Tools, Inc -> Psychology Software Tools)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-05-17] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74048 2021-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-09-09] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [433384 2021-09-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-09] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-09-12 15:42 - 2021-09-12 15:43 - 000040183 _____ C:\Users\Vorname\Desktop\FRST.txt
2021-09-12 15:41 - 2021-09-12 15:40 - 002302976 _____ (Farbar) C:\Users\Vorname\Desktop\FRST64(2).exe
2021-09-12 15:40 - 2021-09-12 15:40 - 002302976 _____ (Farbar) C:\Users\Vorname\Downloads\FRST64(2).exe
2021-09-12 14:36 - 2021-09-12 14:36 - 000000000 ____D C:\Users\Vorname\Downloads\dppd_workshop
2021-09-12 09:25 - 2021-09-12 09:25 - 000000000 ____D C:\Users\Vorname\Downloads\2021_dppd_workshop
2021-09-12 09:25 - 2021-09-12 09:25 - 000000000 ____D C:\Users\Vorname\Downloads\05_Folien_Goettingen
2021-09-12 09:16 - 2021-09-12 09:43 - 141764835 _____ C:\Users\Vorname\Downloads\2021_dppd_workshop.zip
2021-09-11 13:51 - 2021-09-11 13:51 - 000002107 _____ C:\Users\Vorname\Downloads\02.132.6130-Take-Home-Klausur(1).txt
2021-09-09 10:09 - 2021-09-09 10:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-09-08 13:40 - 2021-09-08 13:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-09-06 14:10 - 2021-09-06 14:11 - 000000000 ____D C:\Users\Vorname\Documents\talks
2021-09-04 16:59 - 2021-09-04 16:59 - 000000000 ____D C:\Users\Vorname\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-09-02 16:53 - 2021-09-02 16:53 - 000000096 _____ C:\Users\Vorname\.gitconfig
2021-09-02 12:26 - 2021-09-02 12:26 - 000162688 _____ C:\Users\Vorname\Desktop\FTPs Nachteilsausgleich Pressemitteilung_.pdf
2021-09-02 12:11 - 2021-09-02 12:12 - 000092094 _____ C:\Users\Vorname\Downloads\Entwurf für eine Online-Petition Nachteilsausgleichs.pdf
2021-09-02 12:09 - 2021-09-02 12:09 - 000086210 _____ C:\Users\Vorname\Downloads\DGPs Reaktion auf #ichbinhanna.pdf
2021-09-02 12:06 - 2021-09-02 12:06 - 000001423 _____ C:\Users\Vorname\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-09-01 09:42 - 2021-09-01 09:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-08-31 01:57 - 2021-08-31 01:57 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-08-31 01:57 - 2021-08-31 01:57 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-08-31 01:57 - 2021-08-31 01:57 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-08-31 01:57 - 2021-08-31 01:57 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-08-28 20:01 - 2021-08-28 20:01 - 005218396 _____ C:\Users\Vorname\Downloads\NSF2146826Robison.pdf
2021-08-26 12:27 - 2021-08-26 12:27 - 000067584 _____ C:\Users\Vorname\Desktop\Anlage-6-DRA-Fachbereiche-deutsch_DGPs.xls
2021-08-25 15:22 - 2021-08-25 15:22 - 000001402 _____ C:\Users\Vorname\AppData\Local\recently-used.xbel
2021-08-24 13:59 - 2021-08-25 15:01 - 000325656 _____ C:\Users\Vorname\Downloads\EEG Layout Flanker Study.pdf
2021-08-23 18:02 - 2021-08-23 18:02 - 000000000 ____D C:\Users\Vorname\Documents\Konferenzen
2021-08-23 16:00 - 2021-08-23 16:00 - 000000158 _____ C:\Users\Vorname\Downloads\Exp23_estimatedParms_SSP_odd.csv
2021-08-23 12:45 - 2021-08-23 12:46 - 000798359 _____ C:\Users\Vorname\Downloads\1-s2.0-S0004370221000862-main.pdf
2021-08-20 15:55 - 2021-08-20 15:58 - 179358544 _____ (The R Foundation ) C:\Users\Vorname\Downloads\rtools40v2-x86_64.exe
2021-08-20 14:12 - 2021-08-20 14:12 - 000234118 _____ C:\Users\Vorname\Desktop\VL-Verzeichnis.pdf
2021-08-18 10:59 - 2021-08-18 10:59 - 000000000 ____D C:\Users\Vorname\AppData\LocalLow\3909
2021-08-18 10:59 - 2021-08-18 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Return of the Obra Dinn [GOG.com]
2021-08-18 10:25 - 2021-08-18 10:25 - 000001207 _____ C:\Users\Public\Desktop\GOG GALAXY.lnk
2021-08-18 10:25 - 2021-08-18 10:25 - 000000000 ____D C:\Users\Vorname\AppData\Local\GOG.com
2021-08-18 10:25 - 2021-08-18 10:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2021-08-18 10:23 - 2021-08-19 17:18 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2021-08-18 10:19 - 2021-08-18 10:59 - 000000000 ____D C:\ProgramData\GOG.com
2021-08-18 10:18 - 2021-08-18 10:18 - 000493640 _____ (GOG Sp. z o.o.) C:\Users\Vorname\Downloads\GOG_Galaxy_Return_of_the_Obra_Dinn.exe
2021-08-17 17:55 - 2021-08-17 17:55 - 000000000 ____D C:\WINDOWS\LastGood
2021-08-17 17:55 - 2020-03-09 11:56 - 001520600 _____ (Synaptics Inc.) C:\WINDOWS\system32\CX64Proxy.dll
2021-08-17 17:55 - 2017-06-29 07:04 - 001150464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2021-08-17 17:55 - 2013-05-15 16:27 - 000406208 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\CSpkExt64.dll
2021-08-17 17:55 - 2012-06-29 14:04 - 000050848 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxPageMaster64.dll
2021-08-17 17:55 - 2012-01-16 11:42 - 000666240 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\C3DHPExt64.dll
2021-08-16 15:35 - 2021-08-16 15:35 - 000000791 _____ C:\Users\Vorname\Downloads\Lab Manual.Rmd
2021-08-16 14:16 - 2021-08-16 16:40 - 000001807 _____ C:\Users\Vorname\Downloads\02.132.6130-Take-Home-Klausur.txt
2021-08-16 09:42 - 2021-08-16 09:43 - 000469939 _____ C:\Users\Vorname\Downloads\Extraordinary_claims_extraordinary_evidence_A_disc.pdf
2021-08-13 13:59 - 2021-08-13 13:59 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-13 13:59 - 2021-08-13 13:59 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-13 13:59 - 2021-08-13 13:59 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-13 13:59 - 2021-08-13 13:59 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-13 13:59 - 2021-08-13 13:59 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-13 13:59 - 2021-08-13 13:59 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-13 13:59 - 2021-08-13 13:59 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-13 13:53 - 2021-08-13 13:53 - 000000000 ___HD C:\$WinREAgent
2021-08-13 11:55 - 2021-08-13 11:55 - 000211444 _____ C:\Users\Vorname\Desktop\Deutsche Bahn bahn.de - Verbindungen - Verfügbarkeit.pdf
2021-08-13 11:19 - 2021-08-13 11:19 - 000068096 _____ C:\Users\Vorname\Documents\Kopie von Anlage-6-DRA-Fachbereiche-deutsch.xls
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-09-12 15:43 - 2016-11-15 02:40 - 000000000 ____D C:\FRST
2021-09-12 15:40 - 2018-06-07 08:40 - 000000000 ____D C:\Users\Vorname\AppData\Roaming\Slack
2021-09-12 15:07 - 2020-06-05 15:57 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-12 14:55 - 2017-12-07 20:54 - 000000000 ____D C:\Users\Vorname\AppData\Local\Packages
2021-09-12 14:46 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-12 14:36 - 2016-08-09 16:21 - 000000000 ____D C:\Users\Vorname\Documents\Lehre
2021-09-12 14:29 - 2020-10-27 13:08 - 000000000 ____D C:\Users\Vorname\Documents\Outlook-Dateien
2021-09-12 13:43 - 2021-01-29 18:40 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2422593417-987533348-2287060427-1001
2021-09-12 13:43 - 2021-01-29 18:33 - 000002407 _____ C:\Users\Vorname\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-12 13:30 - 2021-01-31 16:32 - 000000000 ____D C:\Users\Vorname\AppData\Local\Deployment
2021-09-12 13:30 - 2021-01-29 18:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-12 13:11 - 2018-05-15 17:00 - 000000000 ____D C:\Users\Vorname\AppData\Local\D3DSCache
2021-09-12 12:37 - 2021-01-29 18:40 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-09-12 12:15 - 2016-11-16 20:06 - 000000000 ____D C:\Users\Vorname\AppData\LocalLow\Mozilla
2021-09-12 12:00 - 2017-04-27 13:42 - 000000000 ____D C:\Users\Vorname\Documents\Citavi 5
2021-09-12 11:45 - 2020-11-13 17:31 - 000000000 ____D C:\Users\Vorname\Documents\Anwalt
2021-09-12 11:44 - 2021-08-12 14:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-09-12 11:44 - 2016-08-06 17:58 - 000000000 ____D C:\Users\Vorname\AppData\Roaming\gnupg
2021-09-12 11:44 - 2016-08-06 17:26 - 000001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-09-12 11:41 - 2021-05-22 14:26 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-09-12 08:59 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-12 08:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-12 08:56 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-12 08:55 - 2021-05-22 14:29 - 000000000 ___RD C:\Users\Vorname\Creative Cloud Files
2021-09-12 08:55 - 2020-06-17 21:07 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-12 08:55 - 2016-10-06 19:56 - 000000000 ____D C:\Users\Vorname\AppData\Local\Dropbox
2021-09-12 08:54 - 2016-08-05 20:39 - 000000000 __SHD C:\Users\Vorname\IntelGraphicsProfiles
2021-09-11 14:04 - 2016-08-27 01:13 - 000000000 ____D C:\Users\Vorname\Documents\MATLAB
2021-09-10 17:56 - 2021-01-08 19:09 - 000000000 ____D C:\Users\Vorname\AppData\Local\RStudio
2021-09-10 17:56 - 2016-08-11 18:58 - 000000000 ____D C:\Users\Vorname\AppData\Roaming\RStudio
2021-09-10 13:50 - 2016-09-01 22:54 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-09-10 10:56 - 2016-09-24 00:07 - 000000000 ____D C:\Users\Vorname\Documents\Vorträge
2021-09-09 16:03 - 2020-06-05 15:58 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-09 16:03 - 2020-04-20 15:25 - 000000000 ____D C:\Users\Vorname\AppData\Local\WebEx
2021-09-09 16:03 - 2020-04-20 15:24 - 000000000 ____D C:\Users\Vorname\AppData\LocalLow\WebEx
2021-09-09 10:19 - 2018-02-14 22:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-09-09 10:09 - 2016-10-04 00:57 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-09-08 12:07 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-08 12:05 - 2021-05-22 14:25 - 000000000 ____D C:\Program Files\Adobe
2021-09-06 17:01 - 2019-01-11 11:37 - 000000000 ____D C:\Users\Vorname\Zotero
2021-09-06 14:16 - 2018-12-13 19:49 - 000000000 ___SD C:\Users\Vorname\Seafile
2021-09-06 10:05 - 2016-10-06 20:02 - 000000000 ___RD C:\Users\Vorname\Dropbox
2021-09-04 16:59 - 2017-10-27 18:24 - 000000000 ____D C:\Users\Vorname\AppData\Roaming\Zoom
2021-09-03 11:26 - 2020-09-30 18:20 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-03 10:18 - 2020-11-02 10:04 - 000000000 ____D C:\Users\Vorname\AppData\Roaming\Zenkit
2021-09-02 16:53 - 2021-01-29 18:33 - 000000000 ____D C:\Users\Vorname
2021-09-02 16:09 - 2016-08-11 18:58 - 000013368 _____ C:\Users\Vorname\Documents\.Rhistory
2021-09-02 16:08 - 2016-08-31 22:29 - 000000000 ____D C:\Projects
2021-09-02 14:58 - 2017-10-27 19:57 - 000000000 ____D C:\Users\Vorname\AppData\Roaming\jamovi
2021-09-02 11:40 - 2016-08-09 13:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-09-02 11:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-09-01 18:11 - 2016-08-06 17:33 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-09-01 09:42 - 2016-10-06 19:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-08-27 10:52 - 2020-03-24 14:02 - 000002384 _____ C:\Users\Vorname\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-08-26 15:51 - 2020-03-23 13:18 - 000000000 ____D C:\Users\Vorname\Documents\Bib Abteilung
2021-08-26 12:07 - 2021-01-29 18:41 - 001722792 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-26 12:07 - 2019-12-07 16:51 - 000744968 _____ C:\WINDOWS\system32\perfh007.dat
2021-08-26 12:07 - 2019-12-07 16:51 - 000150354 _____ C:\WINDOWS\system32\perfc007.dat
2021-08-26 09:34 - 2018-11-20 21:21 - 000000000 ____D C:\Users\Vorname\AppData\Local\LenovoServiceBridge
2021-08-25 20:01 - 2020-10-24 09:14 - 000000000 ____D C:\Users\Vorname\AppData\Local\slack
2021-08-25 20:01 - 2019-10-31 15:03 - 000000000 ____D C:\Users\Vorname\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2021-08-25 20:01 - 2017-08-22 18:46 - 000000000 ____D C:\Users\Vorname\AppData\Local\SquirrelTemp
2021-08-25 14:56 - 2021-01-09 17:31 - 000000000 ____D C:\Users\Vorname\.dbus-keyrings
2021-08-24 09:06 - 2019-01-11 11:33 - 000000000 ____D C:\Program Files (x86)\Zotero
2021-08-23 11:53 - 2021-03-22 15:01 - 000000041 _____ C:\Users\Vorname\Documents\.Renviron
2021-08-18 10:25 - 2016-08-06 03:27 - 000000000 ____D C:\ProgramData\Package Cache
2021-08-17 17:55 - 2019-12-17 19:54 - 000000000 ____D C:\WINDOWS\TempInst
2021-08-17 17:55 - 2017-05-14 13:37 - 001705080 _____ (TODO: <Company name>) C:\WINDOWS\SysWOW64\RebootPrompt.exe
2021-08-17 09:56 - 2017-12-05 10:49 - 000000000 ____D C:\Users\Vorname\AppData\Local\ElevatedDiagnostics
2021-08-17 01:22 - 2020-09-30 18:20 - 000740168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-08-17 01:22 - 2020-09-30 18:20 - 000486728 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-08-16 09:34 - 2021-02-08 20:47 - 000003604 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6f65dc9349f6
2021-08-16 09:34 - 2021-01-29 18:40 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-14 13:40 - 2016-08-06 17:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-13 16:08 - 2021-01-29 18:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-13 16:08 - 2021-01-29 18:31 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-13 16:07 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-13 16:06 - 2021-01-29 18:31 - 000453304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-13 16:06 - 2016-10-06 19:56 - 000001252 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-08-13 16:06 - 2016-10-06 19:56 - 000001248 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-08-13 16:05 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-08-13 16:05 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-13 16:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-13 16:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-13 16:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-13 16:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-13 16:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-13 16:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-08-13 16:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-13 16:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-13 15:17 - 2016-12-16 01:22 - 000000000 ____D C:\Users\Vorname\Documents\Reviews
2021-08-13 15:16 - 2021-01-29 18:40 - 000004312 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-08-13 15:16 - 2021-01-29 18:40 - 000004080 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-08-13 14:02 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-13 11:42 - 2021-08-09 15:48 - 000068096 _____ C:\Users\Vorname\Desktop\Anlage-6-DRA-Fachbereiche-deutsch.xls
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2016-09-25 21:51 - 2017-03-15 19:21 - 000000600 _____ () C:\Users\Vorname\AppData\Roaming\winscp.rnd
2021-05-22 17:45 - 2021-05-22 17:45 - 000000000 _____ () C:\Users\Vorname\AppData\Local\oobelibMkey.log
2016-09-25 20:38 - 2017-03-13 22:29 - 000000600 _____ () C:\Users\Vorname\AppData\Local\PUTTY.RND
2021-08-25 15:22 - 2021-08-25 15:22 - 000001402 _____ () C:\Users\Vorname\AppData\Local\recently-used.xbel
2016-11-15 02:55 - 2016-11-15 02:55 - 000007601 _____ () C:\Users\Vorname\AppData\Local\Resmon.ResmonCfg
2017-03-07 17:13 - 2021-01-08 19:01 - 006889472 _____ () C:\Users\Vorname\AppData\Local\WebpageIcons.db
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
| Themen zu Win10: Defender Warnung Bladabindi.YPS!MTB |
| .dll, administrator, adobe, backdoor, canon, computer, defender, firefox, google, homepage, internet, microsoft, mozilla, openvpn, ordner, pdf, performance, port, programm, prozesse, registry, scan, software, system, trojaner, usb, warnung |
Baum-Darstellung