| |
| |||||||
Überwachung, Datenschutz und Spam: Windows-Sicherheit meldet Trojan:HTML/Phish!pzWindows 7 Fragen zu Verschlüsselung, Spam, Datenschutz & co. sind hier erwünscht. Hier geht es um Abwehr von Keyloggern oder aderen Spionagesoftware wie Spyware und Adware. Themen zum "Trojaner entfernen" oder "Malware Probleme" dürfen hier nur diskutiert werden. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen. |
02.01.2024, 12:55
| #1 |
| |  Windows-Sicherheit meldet Trojan:HTML/Phish!pz Hallo zusammen, ersteinmal ein gesundes neues Jahr 2024. Mein Problem ist aufgefallen, weil die Windows Sicherung einige Male nicht abgeschlossen werden konnte. Unter Windows-Sicherheit / Viren- & Bedrohungsschutz / Schutzverlauf finden sich 5 Einträge "Wartung unvollständig" mit besagtem Trojaner. Betroffenes Element ist immer "file: \Device\HarddiskVolumeShadowCopy24\Users\pentr\AppData\Local\Mozilla\Firefox\Profiles\r8lix907.default-release\cache2\entries\00B130FD507B21FB0847F88D12DC9F867174015C" Der Scan mit FRTS brachte folgende logs: Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01.01.2024
durchgeführt von pentr (Administrator) auf WORXX2 (Hewlett-Packard HP Z440 Workstation) (02-01-2024 12:17:23)
Gestartet von C:\Users\pentr\Downloads\FRST64(2).exe
Geladene Profile: pentr &
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.3803 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Crash Processor.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Creative Cloud UI Helper.exe <4>
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files\Adobe\Adobe Photoshop 2024\Photoshop.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.91\msedgewebview2.exe <6>
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ai.exe
(C:\Program Files\PostgreSQL\15\bin\pg_ctl.exe ->) (PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\15\bin\postgres.exe <7>
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Microsoft Corporation) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\WebView2\msedgewebview2.exe <6>
(C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS32\AppleMobileDeviceHelper.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\VFS\ProgramFilesCommonX86\Apple\Apple Application Support\distnoted.exe
(C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\iTunes.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS32\AppleMobileDeviceHelper.exe
(C:\Windows\SysWOW64\TgbStarter.exe ->) (THEGREENBOW (SISTECH S.A.) -> TheGreenBow) C:\Program Files (x86)\TheGreenBow\TheGreenBow VPN\tgbikeNG.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\iTunes.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Adobe Inc. -> Adobe) C:\Program Files\Adobe\Adobe Photoshop 2024\Photoshop.exe
(explorer.exe ->) (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering, Ltd.) C:\Program Files\Focusrite\Drivers\Focusrite Notifier.exe
(explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2311.21001.0_x64__8wekyb3d8bbwe\MicrosoftSecurityApp\MicrosoftSecurityApp.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(explorer.exe ->) (PANGOLIN LASER SYSTEMS, INC. -> Pangolin Laser Systems Inc.) C:\BEYOND52\BEYOND.exe
(explorer.exe ->) (Sven Ritter -> SWE Sven Ritter) C:\Program Files\SpeedProject\SpeedCommander 20\SpeedCommander.exe <2>
(explorer.exe ->) (THEGREENBOW (SISTECH S.A.) -> TheGreenBow) C:\Program Files (x86)\TheGreenBow\TheGreenBow VPN\vpnconf.exe
(Intel(R) Rapid Storage Technology enterprise -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <20>
(services.exe ->) () [Datei ist nicht signiert] C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Intel(R) Rapid Storage Technology enterprise -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbengine.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (ND_Apps -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvwu.inf_amd64_4716be75eaec31a5\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvwu.inf_amd64_4716be75eaec31a5\NVWMI\nvWmi64.exe <2>
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\15\bin\pg_ctl.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (THEGREENBOW (SISTECH S.A.) -> TheGreenBow) C:\Windows\SysWOW64\TgbStarter.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(svchost.exe ->) (QNAP Systems, Inc. -> ) C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [TgbVpn] => C:\Program Files (x86)\TheGreenBow\TheGreenBow VPN\vpnconf.exe [970192 2020-03-10] (THEGREENBOW (SISTECH S.A.) -> TheGreenBow)
HKLM\...\Run: [Network Configuration] => C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [826288 2020-10-20] (Oki Electric Industry Co.,Ltd. -> Oki Data Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19570992 2020-08-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Focusrite Notifier] => C:\Program Files\Focusrite\Drivers\Focusrite Notifier.exe [906840 2023-08-23] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering, Ltd.)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3293072 2023-10-12] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe [291416 2017-11-24] (Intel(R) Rapid Storage Technology enterprise -> Intel Corporation)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [QfinderPro] => C:\Program Files (x86)\QNAP\Qfinder\QfinderPro.exe [5788496 2023-08-17] (QNAP Systems, Inc. -> QNAP)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1131488 2023-12-15] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-3318351353-4052915309-164348779-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11517400 2023-11-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3318351353-4052915309-164348779-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2595344 2023-12-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3318351353-4052915309-164348779-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44486048 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3318351353-4052915309-164348779-1001\...\Run: [MicrosoftEdgeAutoLaunch_F327D6058D3328CD029FC604FE9ACAD4] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854280 2023-12-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3318351353-4052915309-164348779-1001\...\RunOnce: [msedge_resetsb_{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --reset-startup-boost-last-used [3854280 2023-12-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3318351353-4052915309-164348779-1011\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2595344 2023-12-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44486048 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\OKX05HPP: C:\Windows\System32\spool\prtprocs\x64\OKX05HPP.DLL [52224 2020-11-23] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2023-08-01] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Oki Language Monitor v2 x64: C:\Windows\system32\OPPFLM64.DLL [24064 2011-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
Startup: C:\Users\pentr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2022-07-22]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\pentr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outlook.lnk [2021-12-24]
ShortcutTarget: Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {2762E91E-A34D-46D4-875D-1634DD074AB7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {67CF1CF9-E463-4A98-94CB-E1772D54D3CF} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {F37E1CEA-9BFA-44F6-BC68-8DAAC6C6EDD9} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4434400 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {2DAABCB3-32FA-468F-ACD3-BA91D1494E3A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {FF86C7F4-51D2-4667-8FAF-7C142996B03D} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "b36808a4-31c8-4ac6-9d19-053952426952" --version "6.19.10858" --silent
Task: {6487A50A-D32D-4C23-B302-D2FCE46A4FE9} - System32\Tasks\CCleanerSkipUAC - pentr => C:\Program Files\CCleaner\CCleaner.exe [37458848 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {CC5FBB10-ED00-449E-AA52-143AEAEBBA25} - System32\Tasks\CCleanerSkipUAC - SYSTEM => C:\Program Files\CCleaner\CCleaner.exe [37458848 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {1D2FBCCC-94AE-415B-832E-CB95E2F1A63E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [703536 2023-10-30] (HP Inc. -> HP Inc.)
Task: {D3B252A1-2DA3-4827-A387-942C8BDDF5E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-10-30] (HP Inc. -> HP Inc.)
Task: {3F01A80C-0718-4DE0-9E9F-C808E1B17FB4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161264 2023-10-30] (HP Inc. -> HP Inc.)
Task: {EAA014D7-F6F4-4C42-B7C1-68B41E7A6651} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161264 2023-10-30] (HP Inc. -> HP Inc.)
Task: {053BAF8C-02F9-4C6A-99BE-5E5DFF59797E} - System32\Tasks\iSCSIAgentAutoStartup => C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe [1741136 2023-08-17] (QNAP Systems, Inc. -> )
Task: {DBAC1141-CE34-4B48-8084-9AC287EF02F7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {38849C6E-D4BF-4B37-BDA2-01BBB27F3996} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {8774B181-F879-4DEE-9475-84245CF37F40} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306624 2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {51D1AEAC-DDEC-4A5E-B227-D1EB170517FC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306624 2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {90614681-FF43-4343-A17E-6E54A90514F9} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169144 2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C815F64F-BA13-4983-88EE-B03FD9D8EF9E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {183DA614-29B3-4CAF-9BE5-FB158DB0FF93} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3EF12FBC-C581-4056-998B-BD6E21227F9E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {42EE3797-B8A9-41A1-B18C-2754FF707F6C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AC30F350-B1FB-4E2E-A9F8-4201FF44E881} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2023-12-21] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {3A6CC4E6-1734-4A07-B25D-0856A8D129C7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2023-12-21] (Mozilla Corporation -> Mozilla Foundation)
Task: {7DEAF2E9-67EC-46CF-A012-E6B3D1F16D5D} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2022-11-22] () [Datei ist nicht signiert]
Task: {B6DA96AF-E2A4-4C4A-88B6-FDD5395A6E6A} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1555952 2023-01-22] (Nvidia Corporation -> NVIDIA Corporation)
Task: {688A8257-35CF-402C-BEE5-340474D31B47} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {E2CB22EB-A5ED-412A-ABFD-BE4F7F0CB4AB} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3318351353-4052915309-164348779-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {DD4ABBEB-84CF-4065-9014-CC7733FA8620} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3318351353-4052915309-164348779-1006 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-08] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{70e651a9-a250-4d6c-8d0c-4abfe799ed45}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{ea5cf1ad-55a8-4830-8f93-b8a2a0ced240}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ea5cf1ad-55a8-4830-8f93-b8a2a0ced240}: [DhcpDomain] fritz.box
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
Edge:
=======
Edge Profile: C:\Users\pentr\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-22]
Edge Notifications: Default -> hxxps://en.softonic.com
Edge Extension: (Google Docs Offline) - C:\Users\pentr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-29]
Edge Extension: (Edge relevant text changes) - C:\Users\pentr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-13]
FireFox:
========
FF DefaultProfile: a8s34wki.default
FF ProfilePath: C:\Users\pentr\AppData\Roaming\Mozilla\Firefox\Profiles\a8s34wki.default [2021-12-16]
FF ProfilePath: C:\Users\pentr\AppData\Roaming\Mozilla\Firefox\Profiles\r8lix907.default-release [2024-01-02]
FF Notifications: Mozilla\Firefox\Profiles\r8lix907.default-release -> hxxps://drive.google.com; hxxps://www.instagram.com; hxxps://notification.myqnapcloud.com; hxxps://www.wetter.com; hxxps://twitter.com; hxxps://web.whatsapp.com
FF Extension: (AdBlocker Ultimate) - C:\Users\pentr\AppData\Roaming\Mozilla\Firefox\Profiles\r8lix907.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2023-11-30]
FF Extension: (To Google Translate) - C:\Users\pentr\AppData\Roaming\Mozilla\Firefox\Profiles\r8lix907.default-release\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2023-07-20]
FF Extension: (I don't care about cookies) - C:\Users\pentr\AppData\Roaming\Mozilla\Firefox\Profiles\r8lix907.default-release\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2023-12-06]
FF Extension: (NoScript) - C:\Users\pentr\AppData\Roaming\Mozilla\Firefox\Profiles\r8lix907.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2023-12-13]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-11-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2023-12-15] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2023-12-15] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR HKU\S-1-5-21-3318351353-4052915309-164348779-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944096 2023-12-15] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [4555744 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082784 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13233744 2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncHelper.exe [3514384 2023-12-08] (Microsoft Corporation -> Microsoft Corporation)
R2 Focusrite Control Server; C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe [1297920 2023-08-24] () [Datei ist nicht signiert]
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [887848 2023-10-30] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [886824 2023-10-30] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [882728 2023-10-30] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [886824 2023-10-30] (HP Inc. -> HP Inc.)
R2 NVWMI; C:\Windows\System32\DriverStore\FileRepository\nvwu.inf_amd64_4716be75eaec31a5\NVWMI\nvWmi64.exe [4513264 2023-07-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\OneDriveUpdaterService.exe [3851280 2023-12-08] (Microsoft Corporation -> Microsoft Corporation)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [17595136 2023-02-03] (Logitech Inc -> Logitech, Inc.)
R2 postgresql-x64-15; C:\Program Files\PostgreSQL\15\bin\pg_ctl.exe [118784 2022-11-09] (PostgreSQL Global Development Group) [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TgbIke Starter; C:\Windows\SysWOW64\TgbStarter.exe [316368 2020-03-10] (THEGREENBOW (SISTECH S.A.) -> TheGreenBow)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvwu.inf_amd64_4716be75eaec31a5\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvwu.inf_amd64_4716be75eaec31a5\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [39272 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [282624 2023-08-09] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [147968 2022-04-13] (Microsoft Corporation) [Datei ist nicht signiert]
S3 FB3SE_x64; C:\Windows\System32\Drivers\FB3SE_x64.sys [56416 2011-01-22] (Pangolin -> Pangolin Laser Systems, Inc.)
R3 FocusritePCIeSwRoot; C:\Windows\System32\drivers\FocusritePCIeSwRoot.sys [105168 2023-08-23] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsb; C:\Windows\System32\drivers\FocusriteUsb.sys [169680 2023-08-23] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsbAudio; C:\Windows\System32\drivers\FocusriteUsbAudio.sys [106192 2023-08-23] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsbSwRoot; C:\Windows\System32\drivers\FocusriteUsbSwRoot.sys [111824 2023-08-23] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R1 npcap; C:\Windows\system32\DRIVERS\npcap.sys [77792 2023-10-19] (Nmap Software LLC -> Insecure.Com LLC.)
R3 TGBMPEnum; C:\Windows\System32\drivers\TGBMPEnum.sys [49760 2019-07-23] (THEGREENBOW (SISTECH S.A.) -> TheGreenBow)
R3 TGBVPNVirtM; C:\Windows\System32\drivers\TGBVPNVirtM.sys [182776 2020-01-28] (THEGREENBOW (SISTECH S.A.) -> TheGreenBow)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2023-12-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [594304 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
U3 iswSvc; kein ImagePath
U4 npcap_wifi; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-01-02 11:48 - 2024-01-02 11:49 - 000063705 _____ C:\Users\pentr\Downloads\Addition.txt
2024-01-02 11:46 - 2024-01-02 12:18 - 000035084 _____ C:\Users\pentr\Downloads\FRST.txt
2024-01-02 11:45 - 2024-01-02 12:17 - 000000000 ____D C:\FRST
2024-01-02 11:45 - 2024-01-02 11:45 - 000000000 ____D C:\Users\pentr\Downloads\FRST-OlderVersion
2024-01-02 11:41 - 2024-01-02 11:45 - 002387456 _____ (Farbar) C:\Users\pentr\Downloads\FRST64(2).exe
2024-01-02 11:38 - 2024-01-02 11:38 - 000000089 _____ C:\Users\pentr\Desktop\Neues Textdokument.txt
2023-12-31 11:07 - 2023-12-31 11:07 - 007449560 _____ C:\Users\pentr\Downloads\Nicht benannt(4).mp4
2023-12-30 22:14 - 2023-12-30 22:14 - 007380779 _____ C:\Users\pentr\Downloads\Nicht benannt(2).mp4
2023-12-30 22:05 - 2023-12-30 22:05 - 006007272 _____ C:\Users\pentr\Downloads\Nicht benannt(1).mp4
2023-12-30 20:57 - 2023-12-30 20:57 - 011925918 _____ C:\Users\pentr\Downloads\Nicht benannt.mp4
2023-12-30 00:21 - 2023-12-30 00:21 - 000128323 _____ C:\Users\pentr\Downloads\manufacturer-1120960-pdf-1-de-datenblatt.pdf
2023-12-29 19:41 - 2023-12-29 19:41 - 001567125 _____ C:\Users\pentr\Downloads\372987_c_372987_v4_r1_de_online.pdf
2023-12-29 08:27 - 2023-12-29 08:27 - 000194180 _____ C:\Users\pentr\Downloads\Versicherungsschein.pdf
2023-12-29 08:16 - 2023-12-29 08:16 - 000182912 _____ C:\Users\pentr\Downloads\Arc_ZVFE_JS_RECH01K650011251005222DP20024620160103sapi2pci_I2P_401703816341738_Q2f2-467.pdf.pdf
2023-12-23 22:32 - 2023-12-23 22:32 - 261740021 _____ C:\Users\pentr\Desktop\Weihnachtsgruß.mp4
2023-12-23 22:06 - 2023-12-23 22:06 - 001199260 _____ C:\Users\pentr\Downloads\NVPRSRUG.pdf
2023-12-23 22:02 - 2023-12-23 22:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neat Video v5 (SR) for Premiere
2023-12-23 22:02 - 2023-12-23 22:02 - 000000000 ____D C:\Program Files\Neat Video v5 (SR) for Premiere
2023-12-23 22:00 - 2023-12-23 22:02 - 014936904 _____ (Neat Video team, ABSoft ) C:\Users\pentr\Downloads\NeatVideo5PR(SR)-Demo-64bit-Setup.exe
2023-12-23 17:46 - 2023-12-23 17:46 - 037750368 _____ C:\Users\pentr\Desktop\In der Weihnachtsbäckerei 2_mixdown.wav
2023-12-23 17:46 - 2023-12-23 17:46 - 000589692 _____ C:\Users\pentr\Desktop\In der Weihnachtsbäckerei 2_mixdown.pkf
2023-12-23 09:49 - 2023-12-23 09:49 - 000075790 _____ C:\Users\pentr\Downloads\ShowInvoice.pdf
2023-12-22 11:07 - 2023-12-22 11:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IVGI2
2023-12-22 11:06 - 2023-12-22 11:06 - 004700073 _____ C:\Users\pentr\Downloads\IVGI2-win-installer(1).zip
2023-12-22 11:06 - 2023-12-22 11:06 - 000000000 ____D C:\Users\pentr\Downloads\IVGI2-win-installer
2023-12-22 11:02 - 2023-12-22 11:02 - 000000000 ____D C:\Users\pentr\AppData\Roaming\Tokyo Dawn Labs
2023-12-22 10:19 - 2023-12-22 11:05 - 000000000 ____D C:\Users\pentr\AppData\Roaming\Acon Digital
2023-12-22 10:19 - 2023-12-22 10:19 - 000000000 ____D C:\ProgramData\Acon Digital
2023-12-22 10:19 - 2023-12-22 10:19 - 000000000 ____D C:\Program Files\Acon Digital
2023-12-22 10:16 - 2023-12-22 10:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LALA
2023-12-22 10:12 - 2023-12-22 10:12 - 022447365 _____ C:\Users\pentr\Downloads\dragonfly-reverb-3.2.10-win64.zip
2023-12-22 10:11 - 2023-12-22 10:11 - 006086632 _____ (Acon AS ) C:\Users\pentr\Downloads\Multiply_Win64_1_3_1.exe
2023-12-22 10:09 - 2023-12-22 10:09 - 004700073 _____ C:\Users\pentr\Downloads\IVGI2-win-installer.zip
2023-12-22 10:08 - 2023-12-22 10:08 - 008098622 _____ C:\Users\pentr\Downloads\LALA_3.1.zip
2023-12-22 10:08 - 2023-12-22 10:08 - 005678875 _____ (Analog Obsesion ) C:\Users\pentr\Downloads\LALA_3.1.exe
2023-12-22 10:05 - 2023-12-22 10:05 - 022482867 _____ C:\Users\pentr\Downloads\TDR Nova (no installer).zip
2023-12-22 10:05 - 2023-12-22 10:05 - 009439899 _____ C:\Users\pentr\Downloads\TDR Nova (installer).zip
2023-12-21 07:48 - 2023-12-21 07:48 - 000001149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2024.lnk
2023-12-21 07:47 - 2023-12-21 07:47 - 000001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk
2023-12-21 07:46 - 2023-12-21 07:46 - 000001071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2024.lnk
2023-12-21 07:43 - 2023-12-21 07:48 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-12-20 19:46 - 2023-12-20 19:57 - 000000000 ____D C:\Users\_ashbackuppbf_
2023-12-20 19:46 - 2023-12-20 19:46 - 000000020 ___SH C:\Users\_ashbackuppbf_\ntuser.ini
2023-12-20 19:46 - 2023-12-20 19:46 - 000000000 _SHDL C:\Users\_ashbackuppbf_\Vorlagen
2023-12-20 19:46 - 2023-12-20 19:46 - 000000000 _SHDL C:\Users\_ashbackuppbf_\Startmenü
2023-12-20 19:46 - 2023-12-20 19:46 - 000000000 _SHDL C:\Users\_ashbackuppbf_\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2023-12-20 19:46 - 2023-12-20 19:46 - 000000000 _SHDL C:\Users\_ashbackuppbf_\AppData\Local\Verlauf
2023-12-20 19:46 - 2023-12-20 19:46 - 000000000 _SHDL C:\Users\_ashbackuppbf_\AppData\Local\Anwendungsdaten
2023-12-20 19:46 - 2023-12-20 19:46 - 000000000 ___SD C:\Users\_ashbackuppbf_\AppData\Roaming\Microsoft\Protect
2023-12-20 19:46 - 2023-12-20 19:46 - 000000000 ____D C:\Users\_ashbackuppbf_\AppData\Local\Ashampoo
2023-12-20 19:46 - 2021-12-16 18:17 - 000000000 ___RD C:\Users\_ashbackuppbf_\OneDrive
2023-12-20 19:46 - 2019-12-07 10:31 - 000000000 ____D C:\Users\_ashbackuppbf_\AppData\Roaming\Microsoft\Windows
2023-12-20 19:45 - 2023-12-20 19:45 - 105718768 _____ (Ashampoo GmbH & Co. KG ) C:\Users\pentr\Downloads\ashampoo_backup_free_36148.exe
2023-12-20 15:36 - 2023-12-20 15:36 - 004297870 _____ C:\Users\pentr\Downloads\HBS-diagnosis-report-2023-12-20T15 36 08.zip
2023-12-20 07:31 - 2023-12-20 07:31 - 000000000 ___HD C:\OneDriveTemp
2023-12-19 11:03 - 2023-12-19 11:03 - 000000000 ____D C:\Users\pentr\Apple
2023-12-18 18:00 - 2023-12-18 18:00 - 065482811 _____ C:\Users\pentr\Downloads\Jean Michel Jarre x Armin van Buuren - EPICA MAXIMA (Official Visualizer).mp4
2023-12-18 11:52 - 2023-12-18 11:52 - 000203488 _____ C:\Users\pentr\Downloads\Krankenschein Tepper.pdf
2023-12-17 18:32 - 2023-12-17 18:32 - 299328453 _____ C:\Users\pentr\Downloads\USBbootSetup-SeaToolsBootable.zip
2023-12-17 18:05 - 2023-12-17 18:05 - 003169795 _____ C:\Users\pentr\Downloads\HBS-diagnosis-report-2023-12-17T18 05 03.zip
2023-12-17 10:59 - 2023-12-17 10:59 - 001038452 _____ C:\Users\pentr\Downloads\In der Weihnachtsbäckerei (Instrumental).pkf
2023-12-17 10:54 - 2023-12-17 10:55 - 033229076 _____ C:\Users\pentr\Downloads\In der Weihnachtsbäckerei (Instrumental).wav
2023-12-17 09:55 - 2023-12-17 09:55 - 000000000 ____D C:\Users\pentr\AppData\Roaming\Maxon
2023-12-17 09:50 - 2023-12-17 09:50 - 000000000 ____D C:\Users\pentr\AppData\Roaming\ASCOMP Software
2023-12-17 09:49 - 2023-12-17 09:49 - 010189776 _____ (ASCOMP Software GmbH ) C:\Users\pentr\Downloads\bkmaker.exe
2023-12-16 10:53 - 2023-10-31 10:13 - 2783045887 _____ C:\Users\pentr\Downloads\A Haunting in Venice.mkv
2023-12-16 09:44 - 2023-12-22 10:05 - 000000000 ____D C:\Users\pentr\AppData\Local\RealVNC
2023-12-16 09:44 - 2023-12-16 10:40 - 000000000 ____D C:\Users\pentr\AppData\Roaming\RealVNC
2023-12-16 09:43 - 2023-12-16 09:43 - 011021376 _____ (RealVNC) C:\Users\pentr\Downloads\VNC-Viewer-7.8.0-Windows-64bit.exe
2023-12-15 09:15 - 2023-12-15 09:15 - 003936063 _____ C:\Users\pentr\Downloads\HBS-diagnosis-report-2023-12-15T09 15 52.zip
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\Windows\InboxApps
2023-12-13 18:14 - 2023-12-13 18:14 - 000001349 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator 2023.lnk
2023-12-13 18:07 - 2023-12-13 18:07 - 000001089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition 2024.lnk
2023-12-13 17:56 - 2023-12-13 17:56 - 000001257 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2024.lnk
2023-12-13 17:54 - 2023-12-13 17:54 - 000001137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2024.lnk
2023-12-13 17:49 - 2023-12-13 17:49 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2024.lnk
2023-12-13 16:38 - 2023-12-13 16:38 - 000016707 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2023-12-13 16:30 - 2023-12-13 16:30 - 000000000 ___HD C:\$WinREAgent
2023-12-13 16:23 - 2023-12-13 16:23 - 000004636 _____ C:\Users\pentr\Downloads\sitemap(1).xml
2023-12-13 16:06 - 2023-12-13 16:06 - 000004489 _____ C:\Users\pentr\Downloads\sitemap.xml
2023-12-12 15:33 - 2023-12-12 15:33 - 000000000 ____D C:\Users\pentr\AppData\Local\QfinderPro
2023-12-12 15:32 - 2023-12-12 15:32 - 033999536 _____ (QNAP Systems, Inc.) C:\Users\pentr\Downloads\QNAPQfinderProWindows-7.9.1.0817.exe
2023-12-12 15:32 - 2023-12-12 15:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QNAP
2023-12-12 14:39 - 2023-12-19 07:27 - 000000000 ____D C:\Program Files (x86)\SeaTools5
2023-12-12 14:39 - 2023-12-12 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SeaTools
2023-12-12 14:38 - 2023-12-12 14:38 - 051958280 _____ (Seagate) C:\Users\pentr\Downloads\SeaToolsWindowsInstaller.exe
2023-12-12 12:41 - 2023-12-12 12:41 - 006969600 _____ C:\Users\pentr\Downloads\100869623_B.pdf
2023-12-12 12:17 - 2023-12-12 12:17 - 000000000 ____D C:\Users\pentr\.ssh
2023-12-12 09:22 - 2023-12-12 09:22 - 000009326 _____ C:\Users\pentr\Downloads\cm_log_2023-12-12_09-22-45.zip
2023-12-11 14:41 - 2023-12-11 14:41 - 000000000 ____D C:\Users\pentr\Downloads\HBS-diagnosis-report-2023-12-11T14 33 30
2023-12-11 14:33 - 2023-12-11 14:33 - 003972979 _____ C:\Users\pentr\Downloads\HBS-diagnosis-report-2023-12-11T14 33 30.zip
2023-12-11 12:55 - 2023-12-11 12:55 - 000000494 _____ C:\Users\pentr\Downloads\Integrity Check_20231211.zip
2023-12-11 12:08 - 2023-12-11 12:08 - 000003460 _____ C:\Windows\system32\Tasks\npcapwatchdog
2023-12-11 12:08 - 2023-12-11 12:08 - 000001834 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2023-12-11 12:08 - 2023-12-11 12:08 - 000000000 ____D C:\Windows\SysWOW64\Npcap
2023-12-11 12:08 - 2023-12-11 12:08 - 000000000 ____D C:\Windows\system32\Npcap
2023-12-11 12:02 - 2023-12-11 12:02 - 000010720 _____ C:\Users\pentr\Downloads\QuFirewall_Q19BB03462_Basic protection_20231211.pcap
2023-12-10 18:12 - 2023-12-10 18:12 - 001041980 _____ C:\Users\pentr\Downloads\Rolf Zuckowski | In der Weihnachtsbäckerei.pkf
2023-12-10 18:10 - 2023-12-10 18:11 - 033341126 _____ C:\Users\pentr\Downloads\Rolf Zuckowski | In der Weihnachtsbäckerei.wav
2023-12-10 09:05 - 2023-12-22 11:07 - 000000000 ____D C:\Program Files\VSTPlugins
2023-12-10 09:05 - 2023-12-22 11:07 - 000000000 ____D C:\Program Files\Common Files\VST3
2023-12-10 09:05 - 2023-12-10 09:05 - 000000000 ____D C:\Program Files\Common Files\Avid
2023-12-10 09:05 - 2023-12-10 09:05 - 000000000 ____D C:\Program Files (x86)\VSTPlugins
2023-12-10 09:05 - 2023-12-10 09:05 - 000000000 ____D C:\Program Files (x86)\Auburn Sounds
2023-12-10 09:03 - 2023-12-10 09:03 - 027523282 _____ C:\Users\pentr\Downloads\Graillon-FREE-2.7.zip
2023-12-09 11:22 - 2023-12-09 11:22 - 009625260 _____ C:\Users\pentr\Downloads\Weihnachtslied an Weihnachtslied: Der schönste Weihnachtslieder Mix.pkf
2023-12-09 11:16 - 2023-12-09 11:19 - 308006102 _____ C:\Users\pentr\Downloads\Weihnachtslied an Weihnachtslied: Der schönste Weihnachtslieder Mix.wav
2023-12-09 11:03 - 2023-12-09 11:03 - 001911877 _____ C:\Users\pentr\Downloads\Scarlett2i2 3rd Gen User Guide_DE_0.pdf
2023-12-08 18:15 - 2023-12-08 18:15 - 000043065 _____ C:\Users\pentr\Downloads\kindergeburtstag.jpeg
2023-12-07 17:31 - 2023-12-07 17:31 - 000000000 ____D C:\Users\pentr\Downloads\gpg4usb-0.3.3-1
2023-12-07 17:30 - 2023-12-07 17:30 - 024339124 _____ C:\Users\pentr\Downloads\gpg4usb-0.3.3-1.zip
2023-12-07 17:13 - 2023-12-11 11:48 - 000000000 ____D C:\Users\pentr\AppData\Roaming\tor
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-01-02 12:13 - 2022-09-02 12:48 - 000000000 ____D C:\Users\pentr\AppData\Local\LogiOptionsPlus
2024-01-02 12:08 - 2023-10-04 16:54 - 000000000 ____D C:\Users\pentr\AppData\Roaming\KeePass
2024-01-02 11:56 - 2021-12-16 16:42 - 000000000 ____D C:\Users\pentr\AppData\Local\D3DSCache
2024-01-02 11:55 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-02 09:21 - 2020-11-19 08:43 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-12-31 12:38 - 2021-12-22 23:36 - 000000000 ____D C:\Users\pentr\AppData\Roaming\vlc
2023-12-31 11:24 - 2021-12-18 09:55 - 000000000 ____D C:\Users\pentr\AppData\Roaming\Microsoft\Word
2023-12-30 21:28 - 2023-11-11 15:24 - 000000000 ____D C:\Users\pentr\AppData\Roaming\XnView
2023-12-30 18:31 - 2021-05-04 12:17 - 000000000 ____D C:\ProgramData\NVIDIA
2023-12-30 18:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2023-12-30 08:51 - 2022-05-16 17:37 - 000000000 ____D C:\Users\pentr\AppData\Roaming\com.adobe.dunamis
2023-12-27 09:24 - 2023-10-04 16:35 - 000000000 ____D C:\Users\pentr\AppData\Local\CrashDumps
2023-12-23 09:34 - 2020-11-19 08:46 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-12-23 09:34 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-12-23 09:34 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-12-22 13:42 - 2023-05-24 19:50 - 000000000 ____D C:\BEYOND52
2023-12-22 10:05 - 2021-12-26 17:07 - 000000000 ____D C:\Windows\Minidump
2023-12-22 10:01 - 2021-12-16 21:46 - 000000000 ____D C:\Program Files\CCleaner
2023-12-21 07:48 - 2022-02-12 19:59 - 000000000 ___HD C:\adobeTemp
2023-12-21 07:48 - 2021-12-16 18:48 - 000000000 ____D C:\Program Files\Adobe
2023-12-21 07:48 - 2021-12-16 17:09 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-12-21 07:48 - 2021-12-16 17:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-12-21 07:46 - 2021-12-16 18:49 - 000000000 ____D C:\ProgramData\Adobe
2023-12-21 07:46 - 2021-12-16 18:48 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-12-20 19:56 - 2023-03-18 10:25 - 000000000 ____D C:\Users\pentr\AppData\Local\Ashampoo Backup PBF
2023-12-20 07:37 - 2021-02-15 12:57 - 001568902 _____ C:\Windows\system32\perfh007.dat
2023-12-20 07:37 - 2021-02-15 12:57 - 000390846 _____ C:\Windows\system32\perfc007.dat
2023-12-20 07:37 - 2020-11-19 08:54 - 000004502 _____ C:\Windows\system32\PerfStringBackup.INI
2023-12-20 07:31 - 2022-10-01 11:52 - 000000000 ___RD C:\Users\pentr\iCloudDrive
2023-12-20 07:31 - 2021-12-16 18:52 - 000000000 ___RD C:\Users\pentr\Creative Cloud Files
2023-12-20 07:31 - 2021-12-16 16:44 - 000000000 ___RD C:\Users\pentr\OneDrive
2023-12-20 07:30 - 2021-05-04 11:49 - 000008192 ___SH C:\DumpStack.log.tmp
2023-12-20 07:30 - 2020-11-19 08:43 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-12-20 07:30 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-12-20 07:29 - 2021-12-16 16:40 - 000000000 ____D C:\Users\pentr
2023-12-18 13:05 - 2019-12-07 10:51 - 000000000 ____D C:\Windows\system32\FxsTmp
2023-12-17 17:19 - 2023-10-04 08:51 - 000000000 ____D C:\Program Files\KeePass Password Safe 2
2023-12-17 08:55 - 2021-12-16 17:01 - 000000000 ___SD C:\Users\pentr\AppData\Roaming\Microsoft\Credentials
2023-12-15 09:02 - 2023-08-10 10:14 - 000001389 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2023-12-15 09:02 - 2021-12-16 18:48 - 000000000 ____D C:\Program Files (x86)\Adobe
2023-12-13 18:59 - 2021-12-16 16:42 - 000000000 ____D C:\Users\pentr\AppData\Local\Packages
2023-12-13 18:59 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-12-13 18:58 - 2022-12-21 08:45 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-12-13 18:58 - 2020-11-19 08:43 - 000498384 _____ C:\Windows\system32\FNTCACHE.DAT
2023-12-13 18:57 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-12-13 18:57 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-12-13 18:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-12-13 18:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2023-12-13 18:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2023-12-13 18:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2023-12-13 18:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2023-12-13 18:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-12-13 18:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-12-13 18:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-12-13 18:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-12-13 18:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2023-12-13 18:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2023-12-13 18:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2023-12-13 18:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-12-13 18:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2023-12-13 18:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-12-13 18:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2023-12-13 18:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-12-13 18:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-12-13 18:57 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2023-12-13 17:49 - 2021-12-16 18:49 - 000000000 ____D C:\Users\pentr\AppData\Roaming\Adobe
2023-12-13 16:50 - 2022-09-15 17:35 - 000000000 ____D C:\Users\pentr\AppData\Local\ElevatedDiagnostics
2023-12-13 16:40 - 2019-12-07 10:54 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2023-12-13 16:40 - 2019-12-07 10:54 - 000020827 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2023-12-13 16:40 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-12-13 16:38 - 2020-11-19 08:45 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-12-13 15:44 - 2023-03-09 14:16 - 000003380 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-12-13 15:44 - 2021-12-16 21:46 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-12-12 15:32 - 2023-02-16 17:49 - 000003040 _____ C:\Windows\system32\Tasks\iSCSIAgentAutoStartup
2023-12-11 12:55 - 2022-01-12 17:29 - 000000000 ____D C:\Users\pentr\AppData\Roaming\Microsoft\Excel
2023-12-11 12:10 - 2022-08-01 15:53 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-12-11 12:08 - 2022-04-04 16:44 - 000000000 ____D C:\Program Files\Npcap
2023-12-11 12:08 - 2022-04-04 16:43 - 000000000 ____D C:\Program Files\Wireshark
2023-12-11 12:07 - 2021-12-16 16:30 - 000000000 ____D C:\ProgramData\Package Cache
2023-12-08 18:13 - 2023-01-19 18:00 - 000002155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-12-08 18:13 - 2022-07-30 08:51 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3318351353-4052915309-164348779-1001
2023-12-08 18:13 - 2022-07-30 08:51 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-12-07 18:28 - 2021-12-16 17:09 - 000000000 ____D C:\Users\pentr\AppData\LocalLow\Mozilla
2023-12-07 16:49 - 2020-11-19 08:43 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-12-06 18:20 - 2023-07-31 08:48 - 000003530 _____ C:\Windows\system32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0
2023-12-06 18:20 - 2022-03-17 17:35 - 000003506 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2023-12-05 12:16 - 2022-07-30 08:58 - 000000000 ____D C:\Program Files\Microsoft Office
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2022-03-17 18:32 - 2022-03-17 18:32 - 000000000 _____ () C:\Users\pentr\AppData\Local\oobelibMkey.log
2023-10-04 16:01 - 2023-11-25 09:49 - 000000128 _____ () C:\Users\pentr\AppData\Local\PUTTY.RND
2021-12-16 21:02 - 2021-12-16 21:02 - 000007605 _____ () C:\Users\pentr\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Bis auf den Scan habe ich noch nichts unternommen. Woher das kommen könnte kann ich mir nicht erklären. Wie ich gelesen habe, gibt es hier schon einen solchen Fall. VG Thomas |
| Themen zu Windows-Sicherheit meldet Trojan:HTML/Phish!pz |
| administrator, adobe, bonjour, defender, desktop, file, firefox, google, internet, internet explorer, mozilla, nvidia, pdf, photoshop, problem, prozesse, realtek, registry, rundll, scan, server, software, svchost.exe, trojan, trojan:html/phish!pz, windows |
Baum-Darstellung