Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
In zwei verschiedenen Etherpads war plötzlich von alleine das Wort "sterben" eingefügt

In zwei verschiedenen Etherpads war plötzlich von alleine das Wort "sterben" eingefügt


Plagegeister aller Art und deren Bekämpfung: In zwei verschiedenen Etherpads war plötzlich von alleine das Wort "sterben" eingefügt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 21.10.2021, 16:36   #1
FrauXYZ
 
In zwei verschiedenen Etherpads war plötzlich von alleine das Wort "sterben" eingefügt - Frage

In zwei verschiedenen Etherpads war plötzlich von alleine das Wort "sterben" eingefügt


Hallo an alle,
ich bin Aktivistin und als solche in diversen Chatgruppen aktiv. Innerhalb der letzten Woche habe ich an zwei Etherpads mitgemacht. Eines von riseup.net und das andere war systemli.org.Beide Chat-Gruppen sind völlig unabhängig voneinander, ich bin das einzige Bindeglied. Bei beiden pads war aufeinmal das Wort "sterben" einfach so ohne Zusammenhang mitten im Text eingefügt. Niemand kann nachvollziehen, wo es herkommt. Bei systemli nur einmal, bei riseup sogar mehrere Male.
Kann das wirklich Zufall sein? Ausgerechnet "sterben" und das in zwei verschiedenen pads? Gibt es eine Malware, die so etwas kann?
Hintergrund: Ich bin als bekannte Aktivistin gegen Rechts auch sonst Drohungen ausgesetzt.

Ich hatte gestern zuerst Malwarebites runtergeladen und einen check machen lassen. Dort wurden mehrere PUP gefunden, die ich in Quarantäne schob. Leider habe ich Malwarebites schon wieder deinsatlliert und deshalb keinen Zugriff mehr auf den Bericht.
Heute habe ich Microsoft Windows-Tool zum Entfernen bösartiger Software über viele Stunden laufen lassen, aber hierzu kann ich auch keinen Bericht auf dem Laptop finden.
Nach euren angaben habe ich auch FRST laufen lassen,siehe unten. Ganz lieben Dank im Voraus!

Code:
ATTFilter
Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 20-10-2021
durchgeführt von Ruth (21-10-2021 16:27:35)
Gestartet von C:\Users\Ruth\Desktop\Programme etc
Start-Modus: Normal

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\ProgramData\{72725B64-F17C-4EB1-9CF0-3729C6F52EB5}\DashlaneUpgradeInstaller.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 4.5.lnk -> C:\Program Files (x86)\Adobe\Adobe Digital Editions 4.5\DigitalEditions.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2021.lnk -> C:\Program Files\Adobe\Adobe Illustrator 2021\Support Files\Contents\Windows\Illustrator.exe (Adobe Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2021.lnk -> C:\Program Files\Adobe\Adobe InDesign 2021\InDesign.exe (Adobe Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk -> C:\Program Files\Adobe\Adobe Lightroom Classic\Lightroom.exe (Adobe Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk -> C:\Program Files\Adobe\Adobe Lightroom CC\lightroom.exe (Adobe)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2021.lnk -> C:\Program Files\Adobe\Adobe Media Encoder 2021\Adobe Media Encoder.exe (Adobe)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk -> C:\Program Files\Adobe\Adobe Photoshop 2021\Photoshop.exe (Adobe)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2021.lnk -> C:\Program Files\Adobe\Adobe Premiere Pro 2021\Adobe Premiere Pro.exe (Adobe)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk -> C:\Users\Ruth\AppData\Local\Host App Service\Engine\HostAppService.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dashlane.lnk -> C:\Program Files (x86)\Dashlane\Upgrade\DashlaneDownloader.exe (Dashlane, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Writer.lnk -> C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe (Microsoft Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016\Start-Center 2016.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2016\StartCenter.exe (Akademische Arbeitsgemeinschaft Verlag)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016\Informationen und Hilfe\Report erstellen.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2016\ReportTool.exe (Akademische Arbeitsgemeinschaft Verlag)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016\Informationen und Hilfe\TeamViewer.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2016\TeamViewerQS_AAV_Win.exe (TeamViewer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos\Sophos Endpoint Security and Control\Sophos Endpoint Security and Control.lnk -> C:\Windows\Installer\{09863DA9-7A9B-4430-9561-E04D178D7017}\MainGUIShortcut1.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos\Sophos Endpoint Security and Control\www.sophos.de.lnk -> C:\Windows\Installer\{09863DA9-7A9B-4430-9561-E04D178D7017}\InternetShortcut.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble\Mumble.lnk -> C:\Program Files\Mumble\mumble.exe (The Mumble Developers)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Aufzeichnungs-Manager von Skype for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OcPubMgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office-Spracheinstellungen.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetriedashboard für Office.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\msotd.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetrieprotokoll für Office.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\msoev.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Java konfigurieren.lnk -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk -> C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite\HiSuite.lnk -> C:\Program Files (x86)\HiSuite\HiSuite.exe (Huawei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite\Uninstall.lnk -> C:\Program Files (x86)\HiSuite\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\ElsterFormular.lnk -> C:\Program Files (x86)\ElsterFormular\bin\pica.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Infodatei - Support.lnk -> C:\Program Files (x86)\ElsterFormular\bin\hotlinetool.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Lizenzvertrag.lnk -> C:\Program Files (x86)\ElsterFormular\lizenzvertrag.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12\CyberLink PowerDVD 12.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD12\PDVDLP.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Home & Student Suite 2018\Corel CAPTURE 2018.lnk -> C:\Program Files (x86)\Corel\CorelDRAW Home & Student Suite 2018\Programs\Capture.exe (Corel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Home & Student Suite 2018\Corel CONNECT 2018.lnk -> C:\Program Files (x86)\Corel\CorelDRAW Home & Student Suite 2018\Connect\Connect.exe (Corel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Home & Student Suite 2018\Corel PHOTO-PAINT Home & Student 2018.lnk -> C:\Program Files (x86)\Corel\CorelDRAW Home & Student Suite 2018\Programs\PPHome.exe (Corel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Home & Student Suite 2018\CorelDRAW Home & Student 2018.lnk -> C:\Program Files (x86)\Corel\CorelDRAW Home & Student Suite 2018\Programs\DrawHome.exe (Corel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Home & Student Suite 2018\Duplexing Wizard.lnk -> c:\Windows\Installer\{F4AD4B4A-B554-49F1-B9E8-5309191269B3}\NewShortcut10_4F3DC196D40940078E83268877878C98.exe (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 5\Citavi 5.lnk -> C:\Program Files (x86)\Citavi 5\bin\Citavi.exe (Swiss Academic Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco\Cisco AnyConnect Secure Mobility Client\Cisco AnyConnect Secure Mobility Client.lnk -> C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\Brother Utilities.lnk -> C:\Program Files (x86)\Brother\BrLauncher\BrLauncher.exe (Brother Industories, Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Digital Editions 4.5\Adobe Digital Editions 4.5.lnk -> C:\Program Files (x86)\Adobe\Adobe Digital Editions 4.5\DigitalEditions.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Digital Editions 4.5\Help.lnk -> C:\Program Files (x86)\Adobe\Adobe Digital Editions 4.5\DigitalEditions.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Digital Editions 4.5\Home Page.lnk -> C:\Program Files (x86)\Adobe\Adobe Digital Editions 4.5\DigitalEditions.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Digital Editions 4.5\Uninstall.lnk -> C:\Program Files (x86)\Adobe\Adobe Digital Editions 4.5\uninstall.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Care Center.lnk -> C:\Program Files (x86)\Acer\Care Center\CareCenter.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Portal.lnk -> C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe (Acer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Power Button.lnk -> C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Quick Access.lnk -> C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer User Experience Improvement Program.lnk -> C:\Program Files\Acer\User Experience Improvement Program\Framework\Setting.exe (acer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files\7-Zip\7zFM.exe (Igor Pavlov)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files\7-Zip\7-zip.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Acer\Acer Jumpstart.lnk -> C:\Program Files (x86)\Acer\Acer Jumpstart\wall.exe (Acer)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Ruth\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant (2).lnk -> C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantTaskbar.exe (Keine Datei)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant (3).lnk -> C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantTaskbar.exe (Keine Datei)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\ElsterFormular.lnk -> C:\Program Files (x86)\ElsterFormular\bin\pica.exe ()
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Public\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Mumble.lnk -> C:\Program Files\Mumble\mumble.exe (The Mumble Developers)
Shortcut: C:\Users\Ruth\OneDrive\Dieser PC - Verknüpfung.lnk -> [LFPO :i+00@n1SPS0%G`%Dieser PC-Systemordner1SPSjc(=Oe)::{20D04FE0-3AEA-1069-A2D8-08002B30309D}E1SPSOh+')Computer]
Shortcut: C:\Users\Ruth\Music\Data (D) - Verknüpfung.lnk -> D:\ ()
Shortcut: C:\Users\Ruth\Music\Videos - Verknüpfung.lnk -> C:\Users\Ruth\Videos ()
Shortcut: C:\Users\Ruth\Links\Desktop.lnk -> C:\Users\Ruth\Desktop ()
Shortcut: C:\Users\Ruth\Links\Downloads.lnk -> C:\Users\Ruth\Downloads ()
Shortcut: C:\Users\Ruth\Documents\Zoom.lnk -> C:\Users\Ruth\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\Ruth\Documents\Corel\CorelDRAW Home & Student 2018 Beispiele\target.lnk -> C:\Program Files (x86)\Corel\CorelDRAW Home & Student Suite 2018\DrawHome\Samples ()
Shortcut: C:\Users\Ruth\Documents\Corel\Corel PHOTO-PAINT Home & Student 2018 Beispiele\target.lnk -> C:\Program Files (x86)\Corel\CorelDRAW Home & Student Suite 2018\PPHome\Samples ()
Shortcut: C:\Users\Ruth\Desktop\Adobe Lightroom Classic.lnk -> C:\Program Files\Adobe\Adobe Lightroom Classic\Lightroom.exe (Adobe Inc.)
Shortcut: C:\Users\Ruth\Desktop\Downloads - Verknüpfung.lnk -> C:\Users\Ruth\Downloads ()
Shortcut: C:\Users\Ruth\Desktop\Lightroom.lnk -> C:\Program Files\Adobe\Adobe Lightroom CC\lightroom.exe (Adobe)
Shortcut: C:\Users\Ruth\Desktop\Telegram.lnk -> C:\Users\Ruth\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC)
Shortcut: C:\Users\Ruth\Desktop\STeuer\ElsterFormular.lnk -> C:\Program Files (x86)\ElsterFormular\bin\pica.exe ()
Shortcut: C:\Users\Ruth\Desktop\STeuer\Steuerprogramme\Steuer-Spar- Erklärung 2013.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\Steuer-Spar-Erklaerung 2013\StartCenter.exe (Keine Datei)
Shortcut: C:\Users\Ruth\Desktop\STeuer\Steuerprogramme\Steuer-Spar-Erklärung 2012.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\Steuer-Spar-Erklaerung 2012\StartCenter.exe (Keine Datei)
Shortcut: C:\Users\Ruth\Desktop\STeuer\Steuerprogramme\SteuerSparErklärung 2014.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2014\StartCenter.exe (Keine Datei)
Shortcut: C:\Users\Ruth\Desktop\STeuer\Steuerprogramme\SteuerSparErklärung 2015.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2015\StartCenter.exe (Keine Datei)
Shortcut: C:\Users\Ruth\Desktop\STeuer\Steuerprogramme\SteuerSparErklärung 2016.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2016\StartCenter.exe (Akademische Arbeitsgemeinschaft Verlag)
Shortcut: C:\Users\Ruth\Desktop\Programme etc\Acer Care Center.lnk -> C:\Program Files (x86)\Acer\Care Center\CareCenter.exe ()
Shortcut: C:\Users\Ruth\Desktop\Programme etc\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Ruth\Desktop\Programme etc\Brother Creative Center.lnk -> C:\Program Files (x86)\Brother\CreativeCenter\Brother Creative Center.url ()
Shortcut: C:\Users\Ruth\Desktop\Programme etc\Brother Utilities.lnk -> C:\Program Files (x86)\Brother\BrLauncher\BrLauncher.exe (Brother Industories, Ltd.)
Shortcut: C:\Users\Ruth\Desktop\Programme etc\Citavi 5.lnk -> C:\Program Files (x86)\Citavi 5\bin\Citavi.exe (Swiss Academic Software)
Shortcut: C:\Users\Ruth\Desktop\Programme etc\Fotosizer.lnk -> C:\Program Files\Fotosizer\Fotosizer.exe (Keine Datei)
Shortcut: C:\Users\Ruth\Desktop\Programme etc\HiSuite.lnk -> C:\Program Files (x86)\HiSuite\HiSuite.exe (Huawei)
Shortcut: C:\Users\Ruth\Desktop\Programme etc\OpenOffice 4.1.3.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Keine Datei)
Shortcut: C:\Users\Ruth\Desktop\Programme etc\PDF24.lnk -> C:\Program Files (x86)\PDF24\pdf24-Launcher.exe (Keine Datei)
Shortcut: C:\Users\Ruth\Desktop\Programme etc\Perfect Lohn und Gehalt 2017.lnk -> C:\Users\Ruth\AppData\Roaming\Microsoft\Installer\{4CC09538-B8F0-49D7-8FA4-62EF8A36DCC1}\_F823168D312B6B591E0D36.exe (Keine Datei)
Shortcut: C:\Users\Ruth\Desktop\Programme etc\Perfect Lohn und Gehalt 2018.lnk -> C:\Users\Ruth\AppData\Roaming\Microsoft\Installer\{B1BEEE87-10C1-43C4-834F-D08653EB0029}\_55C17E8505CB588511F8AD.exe (Keine Datei)
Shortcut: C:\Users\Ruth\Desktop\Programme etc\Produktpalette.lnk -> C:\Program Files (x86)\NCH Software\PhotoStage\photostage.exe (Keine Datei)
Shortcut: C:\Users\Ruth\Desktop\COrel\Corel CAPTURE 2018.lnk -> C:\Program Files (x86)\Corel\CorelDRAW Home & Student Suite 2018\Programs\Capture.exe (Corel Corporation)
Shortcut: C:\Users\Ruth\Desktop\COrel\Corel CONNECT 2018.lnk -> C:\Program Files (x86)\Corel\CorelDRAW Home & Student Suite 2018\Connect\Connect.exe (Corel Corporation)
Shortcut: C:\Users\Ruth\Desktop\COrel\Corel PHOTO-PAINT Home & Student 2018.lnk -> C:\Program Files (x86)\Corel\CorelDRAW Home & Student Suite 2018\Programs\PPHome.exe (Corel Corporation)
Shortcut: C:\Users\Ruth\Desktop\COrel\CorelDRAW Home & Student 2018.lnk -> C:\Program Files (x86)\Corel\CorelDRAW Home & Student Suite 2018\Programs\DrawHome.exe (Corel Corporation)
Shortcut: C:\Users\Ruth\Desktop\Adobe\Adobe Creative Cloud.lnk -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc.)
Shortcut: C:\Users\Ruth\Desktop\Adobe\Adobe Digital Editions 4.5.lnk -> C:\Program Files (x86)\Adobe\Adobe Digital Editions 4.5\DigitalEditions.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Ruth\Desktop\Adobe\Adobe Lightroom Classic.lnk -> C:\Program Files\Adobe\Adobe Lightroom Classic\Lightroom.exe (Adobe Inc.)
Shortcut: C:\Users\Ruth\Desktop\Adobe\Lightroom.lnk -> C:\Program Files\Adobe\Adobe Lightroom CC\lightroom.exe (Adobe)
Shortcut: C:\Users\Ruth\Creative Cloud Files\_Cloud-Dokumente.lnk -> C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe ()
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio-Manager.lnk -> C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Ruth\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Zoom.lnk -> C:\Users\Ruth\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Telegram entfernen.lnk -> C:\Users\Ruth\AppData\Roaming\Telegram Desktop\unins000.exe ()
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Telegram.lnk -> C:\Users\Ruth\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\P A I P\PAIP deinstallieren.lnk -> C:\SfdLHW\LOHN\UNINST.EXE ()
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\P A I P\PAIP Hilfe.lnk -> C:\SfdLHW\LOHN\PAIP.chm ()
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\P A I P\PAIP.lnk -> C:\SfdLHW\LOHN\PAIP.EXE ()
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\P A I P\Update online downladen.lnk -> C:\SfdLHW\LOHN\MANDLPAIP.exe ()
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane\Dashlane Passwort-Manager.lnk -> C:\Program Files (x86)\Dashlane\Upgrade\DashlaneDownloader.exe (Dashlane, Inc.)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions 4.5.lnk -> C:\Program Files (x86)\Adobe\Adobe Digital Editions 4.5\DigitalEditions.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant (2).lnk -> C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantTaskbar.exe (Keine Datei)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant (3).lnk -> C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantTaskbar.exe (Keine Datei)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Word 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Zoom.lnk -> C:\Users\Ruth\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\Ruth\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Ruth\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Ruth\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Ruth\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016\Programm-Module\Feststellungserklärung 2015.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2016\SSE.exe (Akademische Arbeitsgemeinschaft Verlag) -> -mfest
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016\Programm-Module\Gewinn-Erfassung 2016.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2016\SSE.exe (Akademische Arbeitsgemeinschaft Verlag) -> -meinurvor
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016\Programm-Module\Gewinnermittlung 2015.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2016\SSE.exe (Akademische Arbeitsgemeinschaft Verlag) -> -meinur
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016\Programm-Module\Lohnsteuer-Ermäßigung 2016.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2016\SSE.exe (Akademische Arbeitsgemeinschaft Verlag) -> -mermaess
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016\Programm-Module\Steuererklärung 2015.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2016\SSE.exe (Akademische Arbeitsgemeinschaft Verlag) -> -mnormal
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016\Programm-Module\Steuerprognose 2016.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2016\SSE.exe (Akademische Arbeitsgemeinschaft Verlag) -> -mvorweg
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016\Informationen und Hilfe\SteuerSparErklärung 2016 deinstallieren.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {D331D50C-C578-423B-8BC7-94D3133CE315}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {E6A3B3D0-4009-4E04-B9A2-A3CB34446E01}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Database Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\DATABASECOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Spreadsheet Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\SPREADSHEETCOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Database Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\DATABASECOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Office Upload Center.lnk -> C:\Program Files (x86)\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\MSOUC.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Spreadsheet Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\SPREADSHEETCOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion\Web Companion.lnk -> C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe (Lavasoft) -> --startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Auf Updates prüfen.lnk -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Info zu Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Hilfe.lnk -> C:\Program Files (x86)\ElsterFormular\bin\hilfepica.exe (Digia Plc and/or its subsidiary(-ies)) -> -collectionFile "C:\Program Files (x86)\ElsterFormular\/hilfe/elfo.bedienung.qhc" -showUrl "qthelp://elfo.bedienung/hilfe/bed_kap01/910000.html"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Installationsverwaltung.lnk -> C:\Program Files (x86)\ElsterFormular\bin\installationsverwaltung.exe () -> --zeigeDlg
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Integritätsprüfer.lnk -> C:\Program Files (x86)\ElsterFormular\bin\integritaetspruefer.exe () -> -path "C:\Program Files (x86)\ElsterFormular\
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Screenreadermodus.lnk -> C:\Program Files (x86)\ElsterFormular\bin\pica.exe () -> --sehbehindertenmodus
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Dokumente.lnk -> C:\OEM\Preload\Autorun\GUI\Acer User's Manual\00\OnePager.exe () -> /folder
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\Ruth\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Video Communications, Inc.) -> /uninstall
ShortcutWithArgument: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Ruth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) -> /recycle
ShortcutWithArgument: C:\Users\Ruth\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Ruth\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Ruth\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Ruth\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Ruth\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Ruth\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Ruth\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Ruth\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Ruth\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Ruth\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Ruth\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Ruth\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Ruth\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Ruth\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion\Frequently Asked Questions.url -> URL: hxxp//webcompanion.com/faq
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Besuchen Sie Java.com.url -> URL: hxxps//java.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Hilfe aufrufen.url -> URL: hxxps//java.com/help
InternetURL: C:\Users\Default\Favorites\Booking.com.url -> URL: hxxp//www.booking.com/index.html?aid=379334
InternetURL: C:\Users\Default\Favorites\Acer\Acer.url -> URL: hxxp//www.acer.com/
InternetURL: C:\Users\Ruth\Favorites\Bing.url -> URL: hxxp//go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Ruth\Favorites\Booking.com.url -> URL: hxxp//www.booking.com/index.html?aid=379334
InternetURL: C:\Users\Ruth\Favorites\Links\ACER Zubehör Shop.url -> URL: hxxp//go.acer.com/?id=14169&model=Aspire E5-774G
InternetURL: C:\Users\Ruth\Favorites\Acer\Acer.url -> URL: hxxp//www.acer.com/
InternetURL: C:\Users\Ruth\Desktop\Online PDF Tools.url -> URL: hxxps//tools.pdf24.org/
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-10-2021
durchgeführt von Ruth (Administrator) auf LAPTOP-ONTLQ7A6 (Acer Aspire E5-774G) (21-10-2021 16:23:38)
Gestartet von C:\Users\Ruth\Desktop\Programme etc
Geladene Profile: Ruth
Platform: Microsoft Windows 10 Home Version 21H1 19043.1288 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated -> acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <3>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(CHIP Digital GmbH -> CHIP Digital GmbH) C:\Users\Ruth\Desktop\Programme etc\Microsoft Windows-Tool zum Entfernen bösartiger Software (64 Bi - Installer _LmYq.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Huawei Software Technologies Co., LTD. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxext.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(LAVASOFT SOFTWARE CANADA INC -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Users\Ruth\AppData\Local\Temp\Windows-KB890830-x64-V5_94_exe_021102021103443352906495\Windows-KB890830-x64-V5.94.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MRT.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <8>
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_fc.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos System Protection\ssp.exe
(Sophos Limited -> Sophos Limited) C:\Program Files\Sophos\Sophos Network Threat Protection\bin\SntpService.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2018-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2018-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-05-31] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1767760 2016-06-15] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Datei ist nicht signiert]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1531872 2016-10-25] (Sophos Limited -> Sophos Limited)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1226240 2017-09-20] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779504 2021-06-27] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-2519009427-3691308270-3308470228-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8520168 2021-02-19] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\Windows\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\95.0.4638.54\Installer\chrmstp.exe [2021-10-21] (Google LLC -> Google LLC)
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [231936 2016-10-25] (Sophos Limited -> Sophos Limited)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0481BC6E-5635-4CA5-9A47-AC5F661D507F} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-05-24] (Acer Incorporated -> )
Task: {1A60F341-5B89-4C49-93D1-58C00B132EBF} - System32\Tasks\G2MUploadTask-S-1-5-21-2519009427-3691308270-3308470228-1001 => C:\Users\Ruth\AppData\Local\GoToMeeting\19796\g2mupload.exe [31176 2021-08-26] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {1DF1D4C3-3DF0-487E-87C2-D6251CB36BED} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2766240 2016-05-23] (Acer Incorporated -> Acer Incorporated)
Task: {273E8358-7A26-42D4-95C1-B5BD1A3F7DA5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1153432 2021-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D7496FC-81BD-4113-A4F4-9C2D9E4374A5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4255648 2021-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {355F852A-7001-4393-A65A-7457F7E17AF9} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4696880 2018-05-28] (Acer Incorporated -> )
Task: {445BE0B4-E8F0-4A0A-8377-5B80DEC605B5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110424 2021-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {48E63F8D-F91F-45F5-83CA-43F75A4B1A1B} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {555811AD-2715-468C-A8B3-37977A63EE31} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Task: {58CB2DE0-9746-4713-AAFC-2630ACF77B6A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4255648 2021-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {5A8C5CDE-3D27-4211-A3B4-D4A8D5FBB8DA} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {5B999013-1048-4FEF-94D3-CB2B7BF4CE96} - System32\Tasks\G2MUpdateTask-S-1-5-21-2519009427-3691308270-3308470228-1001 => C:\Users\Ruth\AppData\Local\GoToMeeting\19796\g2mupdate.exe [31176 2021-08-26] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {653E3959-7504-4AEA-940A-FCD9D10C2F26} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21978504 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {679D20F6-A943-4384-9147-5DF10F7E94E1} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {6B486B3B-A7AA-4CDA-B509-7220C9A86057} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {74439BE5-5C20-4169-BF86-9FA4B5744304} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {81F58B8C-E59F-4739-B841-181E40DB8B68} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [680888 2021-10-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {87CEDFE0-5579-43C0-913B-801B510AF87B} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {9C303386-399C-4415-BBF5-17C2159216BE} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {9F05188C-1FC0-4D90-9657-8B97BC7215FA} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [421792 2016-05-23] (Acer Incorporated -> Acer Incorporated)
Task: {A4D43E44-6386-4AD5-9B69-9CA185D0D9B6} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {AF84320B-6EBA-43A4-8C9E-457EFC766202} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-15] (Google LLC -> Google LLC)
Task: {B0A1AD74-05A7-4252-8130-70601E0180A2} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [216296 2014-03-13] (Acer Incorporated -> TODO: <Company name>)
Task: {B38F1400-2A21-4E97-9D14-057CAD4ADF41} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110424 2021-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {CDCB622E-7826-4E00-9F7A-74BA430AB669} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [64320 2019-07-11] (Acer Incorporated -> Acer)
Task: {DA373233-071A-4568-B38E-078241CD5DD3} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472992 2016-01-20] (Acer Incorporated -> Acer Incorporated)
Task: {DA3CEBCF-A854-431E-8155-B862963B9A95} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21978504 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {E28D7D70-5F9A-4819-90B5-C2819368534A} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40352 2016-01-20] (Acer Incorporated -> )
Task: {E97A2DE8-6E1D-4D7A-B34C-1C3554682FA9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-15] (Google LLC -> Google LLC)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2519009427-3691308270-3308470228-1001.job => C:\Users\Ruth\AppData\Local\GoToMeeting\19796\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2519009427-3691308270-3308470228-1001.job => C:\Users\Ruth\AppData\Local\GoToMeeting\19796\g2mupload.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.5.1
Tcpip\..\Interfaces\{d739ef88-2a37-43af-94b0-57240792d19e}: [DhcpNameServer] 192.168.5.1
Tcpip\..\Interfaces\{f0e94f4f-e82d-4db6-aacb-f68abc47670d}: [DhcpNameServer] 40.33.1.55

Edge: 
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Profile: C:\Users\Ruth\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-19]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: ma013eh1.default
FF ProfilePath: C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\ma013eh1.default [2021-10-21]
FF Homepage: Mozilla\Firefox\Profiles\ma013eh1.default -> hxxps//www.qwant.com/?client=ext-firefox-hp
FF NewTab: Mozilla\Firefox\Profiles\ma013eh1.default -> hxxps//myfiresearch.com/homepage?hp=1&bitmask=9996&pId=CH180901FF&iDate=2020-05-13 02:52:40&bName=
FF Session Restore: Mozilla\Firefox\Profiles\ma013eh1.default -> ist aktiviert.
FF Notifications: Mozilla\Firefox\Profiles\ma013eh1.default -> hxxps//mailstore.fernuni-hagen.de; hxxps//www.domradio.de
FF HomepageOverride: Mozilla\Firefox\Profiles\ma013eh1.default -> Enabled: qwantcomforfirefox@jetpack
FF Extension: (Facebook Container) - C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\ma013eh1.default\Extensions\@contain-facebook.xpi [2021-08-05]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\ma013eh1.default\Extensions\abb-acer@amazon.com [2016-10-20] []
FF Extension: (Mailvelope) - C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\ma013eh1.default\Extensions\jid1-AQqSMBYb0a8ADg@jetpack.xpi [2021-05-14]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\ma013eh1.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2021-10-01]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\ma013eh1.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2021-10-11]
FF Extension: (Mozilla Partner Defaults) - C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\ma013eh1.default\Extensions\partnerdefaults@mozilla.com [2016-10-20] []
FF Extension: (Qwant) - C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\ma013eh1.default\Extensions\qwantcomforfirefox@jetpack.xpi [2020-10-13]
FF Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\Ruth\AppData\Roaming\Mozilla\Firefox\Profiles\ma013eh1.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2021-06-27] [UpdateUrl:hxxps//tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2021-10-09] []
FF Extension: (Deutsch (DE) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-de@firefox.mozilla.org [2021-10-09] []
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2021-10-09] []
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: (Citavi Picker) - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2017-08-21] []
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-06-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-08-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-08-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-06-27] (Adobe Inc. -> Adobe Systems)

Chrome: 
=======
CHR Profile: C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default [2021-10-12]
CHR Notifications: Default -> hxxps//meet.google.com; hxxps//www.facebook.com
CHR HomePage: Default -> hxxps//webstart-page.com/?s=acer&m=home&brw=ch
CHR StartupUrls: Default -> "hxxps//webstart-page.com/?s=acer&m=start&brw=ch"
CHR Extension: (Präsentationen) - C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-04]
CHR Extension: (Docs) - C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-04]
CHR Extension: (Google Drive) - C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-08]
CHR Extension: (YouTube) - C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-20]
CHR Extension: (Tabellen) - C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-04]
CHR Extension: (Google Docs Offline) - C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02]
CHR Extension: (Citavi Picker) - C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2021-04-16]
CHR Extension: (Google Mail) - C:\Users\Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-08]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn]
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842480 2021-06-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3833088 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3603200 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 brlapi; C:\WINDOWS\brltty\bin\brltty.exe [847886 2019-10-15] (Microsoft Windows -> )
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9251696 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1113864 2020-06-03] (Bayerisches Landesamt fuer Steuern -> )
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] (Huawei Software Technologies Co., LTD. -> ) [Datei ist nicht signiert]
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [Datei ist nicht signiert]
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [440224 2016-05-23] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [481696 2016-05-23] (Acer Incorporated -> Acer Incorporated)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [311544 2016-10-25] (Sophos Limited -> Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [285136 2016-10-25] (Sophos Limited -> Sophos Limited)
R2 SntpService; C:\Program Files\Sophos\Sophos Network Threat Protection\bin\SntpService.exe [901248 2016-10-25] (Sophos Limited -> Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [604000 2016-10-25] (Sophos Limited -> Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [341800 2016-10-25] (Sophos Limited -> Sophos Limited)
R2 sophossps; C:\Program Files (x86)\Sophos\Sophos System Protection\ssp.exe [2455816 2016-10-25] (Sophos Limited -> Sophos Limited)
R2 swi_filter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe [471520 2016-10-25] (Sophos Limited -> Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3339736 2016-10-25] (Sophos Limited -> Sophos Limited)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [291232 2016-02-01] (Acer Incorporated -> acer)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [28136 2021-02-19] (LAVASOFT SOFTWARE CANADA INC -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 IntelSSTSvc; "C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R1 SAVOnAccess; C:\WINDOWS\System32\DRIVERS\savonaccess.sys [161024 2016-10-25] (Sophos Limited -> Sophos Limited)
S3 sdcfilter; C:\WINDOWS\system32\DRIVERS\sdcfilter.sys [38144 2016-10-25] (Sophos Limited -> Sophos Limited)
R2 sntp; C:\WINDOWS\system32\DRIVERS\sntp.sys [116144 2016-10-25] (Sophos Limited -> Sophos Limited)
S4 SophosBootDriver; C:\WINDOWS\system32\DRIVERS\SophosBootDriver.sys [27904 2016-10-25] (Sophos Limited -> Sophos Limited)
R1 swi_callout; C:\WINDOWS\system32\DRIVERS\swi_callout.sys [32512 2016-10-25] (Sophos Limited -> Sophos Limited)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2016-08-12] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-01-08] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2021-01-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2021-01-08] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-10-21 16:22 - 2021-10-21 16:24 - 000000000 ____D C:\FRST
2021-10-21 09:46 - 2021-10-21 09:46 - 001547585 _____ C:\Users\Ruth\Documents\DAK Prüfung der Familienversicherung.pdf
2021-10-19 23:07 - 2021-10-19 23:07 - 000000000 ____D C:\Users\Ruth\AppData\Local\mbam
2021-10-19 23:06 - 2021-10-19 23:06 - 000000000 ____D C:\Program Files\Malwarebytes
2021-10-19 22:35 - 2021-10-19 22:35 - 000000000 ____D C:\Users\Ruth\Documents\TotalAV
2021-10-19 22:32 - 2021-10-19 22:32 - 000000000 ____D C:\Users\Ruth\AppData\Local\GUI
2021-10-19 22:32 - 2021-10-19 22:32 - 000000000 ____D C:\ProgramData\TotalAV
2021-10-19 22:32 - 2021-10-19 22:32 - 000000000 ____D C:\ProgramData\SecuritySuite
2021-10-15 13:09 - 2021-10-15 13:09 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-10-15 13:09 - 2021-10-15 13:09 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-10-15 13:09 - 2021-10-15 13:09 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-10-15 13:09 - 2021-10-15 13:09 - 000011495 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-10-15 13:09 - 2021-10-15 13:09 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2021-10-15 13:09 - 2021-10-15 13:09 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2021-10-15 13:08 - 2021-10-15 13:08 - 001823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-10-15 13:08 - 2021-10-15 13:08 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-10-15 13:08 - 2021-10-15 13:08 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2021-10-15 13:08 - 2021-10-15 13:08 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-10-15 13:08 - 2021-10-15 13:08 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-10-15 13:08 - 2021-10-15 13:08 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-10-15 13:08 - 2021-10-15 13:08 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-10-15 12:55 - 2021-10-15 12:55 - 000000000 ___HD C:\$WinREAgent
2021-10-12 08:13 - 2021-10-12 08:14 - 000828697 _____ C:\Users\Ruth\Desktop\VS Waldorfschule.pdf
2021-10-11 16:12 - 2021-10-11 16:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-10-09 08:49 - 2021-10-15 23:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-10-06 12:44 - 2021-10-06 12:44 - 001101290 _____ C:\Users\Ruth\Desktop\VS Datenskandal Linksextremismus.pdf
2021-10-05 22:05 - 2021-10-05 22:05 - 005655717 _____ C:\Users\Ruth\Desktop\Wer für CDU bei Wernigeröder Oberbürgermeister-Wahl starten soll.pdf
2021-10-05 20:28 - 2021-10-05 20:28 - 000349241 _____ C:\Users\Ruth\Documents\Anleitung Mumble.pdf
2021-10-05 17:50 - 2021-10-05 17:50 - 000002378 _____ C:\Users\Ruth\Documents\MumbleAutomaticCertificateBackup.p12
2021-10-05 17:28 - 2021-10-05 17:28 - 000000000 ____D C:\WINDOWS\system32\braille-tables
2021-10-05 17:28 - 2021-10-05 17:28 - 000000000 ____D C:\WINDOWS\brltty
2021-10-05 17:28 - 2019-10-15 13:47 - 000823680 _____ C:\WINDOWS\system32\liblouis.dll
2021-10-05 17:28 - 2019-10-15 13:47 - 000770936 _____ C:\WINDOWS\system32\brlapi.dll
2021-10-05 17:28 - 2019-10-15 13:47 - 000026248 _____ C:\WINDOWS\system32\Third Party Notices-Braille.txt
2021-10-05 17:24 - 2021-10-12 19:51 - 000000000 ____D C:\Users\Ruth\AppData\Roaming\Mumble
2021-10-05 17:24 - 2021-10-05 17:24 - 000001975 _____ C:\Users\Public\Desktop\Mumble.lnk
2021-10-05 17:24 - 2021-10-05 17:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
2021-10-05 17:24 - 2021-10-05 17:24 - 000000000 ____D C:\Program Files\Mumble
2021-10-05 16:49 - 2021-10-05 16:49 - 000751843 _____ C:\Users\Ruth\Desktop\VS Kruskabrücke.pdf
2021-10-04 12:48 - 2021-10-04 12:48 - 000000000 ____D C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-10-02 09:31 - 2021-10-02 09:31 - 000846105 _____ C:\Users\Ruth\Desktop\VS Psychokrieg.pdf
2021-09-29 07:33 - 2021-09-29 07:33 - 000917955 _____ C:\Users\Ruth\Desktop\VS Steuererhöhung.pdf
2021-09-28 11:46 - 2021-09-28 11:46 - 000833162 _____ C:\Users\Ruth\Desktop\Artikel Volksstimme.pdf
2021-09-26 09:55 - 2021-09-26 10:58 - 000000000 ____D C:\Users\Ruth\Desktop\Kostüm

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-10-21 16:25 - 2016-10-20 21:45 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-21 16:23 - 2017-08-21 21:46 - 000000000 ____D C:\Users\Ruth\Desktop\Programme etc
2021-10-21 15:49 - 2020-10-20 10:04 - 000003508 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck
2021-10-21 15:47 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-21 15:46 - 2020-10-20 09:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-21 14:23 - 2017-11-16 17:58 - 000013877 _____ C:\Users\Ruth\Desktop\SGedächtnis (2).odt
2021-10-21 14:21 - 2019-10-29 12:48 - 000000000 ____D C:\Users\Ruth\Documents\Research weda
2021-10-21 14:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-10-21 14:03 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-21 10:46 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-10-21 10:34 - 2016-10-25 12:54 - 139806512 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-10-21 10:33 - 2020-09-22 22:38 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-10-21 10:20 - 2020-10-20 10:04 - 001723002 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-21 10:20 - 2019-12-07 16:50 - 000744968 _____ C:\WINDOWS\system32\perfh007.dat
2021-10-21 10:20 - 2019-12-07 16:50 - 000150354 _____ C:\WINDOWS\system32\perfc007.dat
2021-10-21 10:20 - 2016-11-29 10:46 - 000000000 ____D C:\Users\Ruth\AppData\LocalLow\Mozilla
2021-10-21 10:13 - 2021-02-22 12:05 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-21 10:13 - 2020-10-20 10:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-21 10:13 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-10-21 10:13 - 2017-06-08 16:23 - 000000000 ____D C:\ProgramData\NVIDIA
2021-10-21 10:13 - 2016-10-20 21:38 - 000000000 __SHD C:\Users\Ruth\IntelGraphicsProfiles
2021-10-21 08:14 - 2019-12-15 15:29 - 000002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-21 08:14 - 2019-12-15 15:29 - 000002256 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-20 13:03 - 2020-06-07 12:05 - 000000000 ____D C:\Users\Ruth\AppData\Roaming\Telegram Desktop
2021-10-19 23:10 - 2017-02-14 16:17 - 000000000 ____D C:\Users\Ruth\AppData\Local\CrashDumps
2021-10-19 22:16 - 2019-03-21 12:45 - 000000000 ____D C:\Users\Ruth\AppData\Local\D3DSCache
2021-10-18 16:51 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-18 16:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-18 12:33 - 2016-08-23 18:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-10-16 15:12 - 2021-01-29 20:56 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-16 15:12 - 2021-01-29 20:56 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-10-16 15:12 - 2016-12-01 11:43 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-10-15 23:30 - 2020-10-20 09:54 - 000529080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-10-15 23:30 - 2016-05-05 18:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-10-15 23:28 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-10-15 23:28 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-15 23:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-15 23:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-10-15 23:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-15 23:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-10-15 23:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-10-15 23:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-10-15 23:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-10-15 13:12 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-15 12:55 - 2016-10-25 12:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-10-15 09:19 - 2017-12-07 12:51 - 000000000 ____D C:\Users\Ruth\Documents\die LINKE
2021-10-15 09:13 - 2020-12-02 12:07 - 000000000 ____D C:\Users\Ruth\Documents\Dorff
2021-10-14 21:27 - 2021-03-30 17:04 - 000000000 ____D C:\Users\Ruth\Downloads\Telegram Desktop
2021-10-13 13:10 - 2020-10-20 10:04 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-10-12 18:26 - 2020-10-20 10:04 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2519009427-3691308270-3308470228-1001
2021-10-12 18:26 - 2020-10-20 09:57 - 000002400 _____ C:\Users\Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-12 14:16 - 2017-11-17 15:05 - 000000000 ____D C:\Users\Ruth\AppData\Local\Packages
2021-10-12 07:30 - 2020-07-30 12:05 - 000000000 ____D C:\Users\Ruth\Documents\LSA Schlusslicht
2021-10-11 16:12 - 2016-05-05 18:08 - 000001236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-10-10 18:02 - 2020-10-02 00:18 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-10 09:20 - 2021-01-29 20:56 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-10 09:20 - 2021-01-29 20:56 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-07 12:55 - 2017-02-14 16:14 - 000006409 _____ C:\Users\Ruth\Desktop\SGedächtnis (1).odt
2021-10-05 18:24 - 2017-02-15 12:09 - 000000000 ____D C:\Users\Ruth\AppData\Local\ElevatedDiagnostics
2021-10-04 19:02 - 2020-09-21 13:49 - 000000000 ____D C:\Users\Ruth\AppData\Local\Windows Live
2021-10-04 12:48 - 2020-03-29 11:03 - 000000000 ____D C:\Users\Ruth\AppData\Roaming\Zoom
2021-10-03 15:42 - 2017-01-30 19:55 - 000000703 _____ C:\WINDOWS\BRRBCOM.INI
2021-10-01 06:20 - 2020-10-20 10:04 - 000003632 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-01 06:20 - 2020-10-20 10:04 - 000003508 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2018-11-21 11:41 - 2020-08-05 18:16 - 000000475 _____ () C:\Users\Ruth\AppData\Roaming\FSLog.log
2020-11-19 13:31 - 2020-11-19 13:31 - 000102053 _____ () C:\Users\Ruth\AppData\Roaming\PhotoStage.dmp
2020-09-22 23:17 - 2020-09-22 23:17 - 000000000 _____ () C:\Users\Ruth\AppData\Local\oobelibMkey.log
2018-03-27 20:59 - 2018-03-27 20:59 - 000000857 _____ () C:\Users\Ruth\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
Geändert von FrauXYZ (21.10.2021 um 17:00 Uhr) Grund: code tag

 

Themen zu In zwei verschiedenen Etherpads war plötzlich von alleine das Wort "sterben" eingefügt
adobe, autorun, defender, desktop, diverse, entfernen, firewall, geforce, google, home, iexplore.exe, internet explorer, malware, microsoft, mozilla, nvidia, performance, photoshop, programme, realtek, registry, secure, security, software, updates


« Win 10: Defender blockiert explorer.exe / sihost.exe / dllhost.exe --> Virus? | Bladabini noch aktiv? (Teil 1) »


Ähnliche Themen: In zwei verschiedenen Etherpads war plötzlich von alleine das Wort "sterben" eingefügt


  1. Bei Anmeldung auf der GMX-Seite erscheint ein grauer Bildschirm und das Wort "spinner"
    Log-Analyse und Auswertung - 13.04.2021 (26)
  2. Kaspersky enttarnt UEFI-BIOS-"Bootkit" auf zwei Computern
    Nachrichten - 06.10.2020 (0)
  3. Firefox-Meldung "Windows 10 ist beschädigt" und Fund von zwei W97M/Agent Programmen
    Plagegeister aller Art und deren Bekämpfung - 15.12.2018 (17)
  4. AdwCleaner zeigt zwei "PUP.Optional.Legacy"-Funde nach Scan
    Plagegeister aller Art und deren Bekämpfung - 19.08.2017 (5)
  5. "Help your Files"-Datei in verschiedenen Ordnern
    Plagegeister aller Art und deren Bekämpfung - 29.11.2015 (2)
  6. Apple: Zwei-Faktor-Authentifizierung kommt erst "schrittweise"
    Nachrichten - 29.09.2015 (0)
  7. Plötzlich Software "picexa.exe" installiert, "delta-homes.com" als Startseite in sämtlichen Browsern
    Log-Analyse und Auswertung - 10.04.2015 (11)
  8. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  9. Win7: Malwarebytes zeigt zwei "Malicious items" an
    Log-Analyse und Auswertung - 30.11.2014 (11)
  10. Bluescreen "IRQL not less or equal" auf zwei PCs (Win Vista, 8.1)
    Alles rund um Windows - 10.08.2014 (4)
  11. Windows XP: Avira-Scan ergibt zwei "DomaIQ (I)"-Funde
    Log-Analyse und Auswertung - 07.01.2014 (13)
  12. "monstermarketplace.com" Infektion und ihre Folgen; "Anti-Virus-Blocker"," unsichtbare Toolbars" + "Browser-Hijacker" von selbst installiert
    Log-Analyse und Auswertung - 16.11.2013 (21)
  13. Windows XP Nach Installation von HP Player immer zwei Startseiten beim Öffnen von Google chrome "start.iminent.com" und "Search gol"
    Log-Analyse und Auswertung - 08.10.2013 (5)
  14. "TR/Crypt.XPACK.Gen" in verschiedenen Ordnern
    Plagegeister aller Art und deren Bekämpfung - 01.05.2011 (23)
  15. hohe load durch prozess "system" und "explorer.exe" verbindet alleine nach russland
    Plagegeister aller Art und deren Bekämpfung - 08.12.2010 (10)
  16. Es wird "äääääääää" und "$" eingefügt. Antvir, Malware finden nichts!
    Mülltonne - 07.07.2009 (0)
  17. "Adware.Virtumonde"/"Downloader.MisleadApp"/"TR/VB.agt.4"/"NewDotNet.A.1350"/"Fakerec
    Plagegeister aller Art und deren Bekämpfung - 22.08.2008 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema In zwei verschiedenen Etherpads war plötzlich von alleine das Wort "sterben" eingefügt - Hallo an alle, ich bin Aktivistin und als solche in diversen Chatgruppen aktiv. Innerhalb der letzten Woche habe ich an zwei Etherpads mitgemacht. Eines von riseup.net und das andere war - In zwei verschiedenen Etherpads war plötzlich von alleine das Wort "sterben" eingefügt...
Archiv
Du betrachtest: In zwei verschiedenen Etherpads war plötzlich von alleine das Wort "sterben" eingefügt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131