| macmesser201 | 30.01.2020 18:02 |
Beim unachtsamen Öffnen wohl Win32/Tiggre!rfn eingefangen
Liste der Anhänge anzeigen (Anzahl: 3) Windows defender sagt mir, dass ich mir einen schwerwiegenden Trojaner eingefangen habe.
Wie bekomme ich ihn weg. Habe erst mal beide externen Festplatten mit meinen Nutzdaten (Echt und Backup) abgezogen, da es sich wohl um Ransomware handelt.
Betroffene Elemente sagt mir Windows defender:
file:L:\DHL_jan 21 2020 at 1.40_8ZP290_PDF.exe
Was muss ich machen?
Danke für eure Hilfe!
Habe jetzt mal AVira drüberlaufen lassen: Folgendes Bild
hier die frst.txt-Datei: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2020
durchgeführt von Michael (Administrator) auf PCxxxHOME (Intel Corporation NUC7i5BNH) (30-01-2020 18:35:24)
Gestartet von C:\Users\Michael\Downloads
Geladene Profile: Michael (Verfügbare Profile: Admin & Michael & Administrator)
Platform: Windows 10 Pro Version 1903 18362.592 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() [Datei ist nicht signiert] C:\Program Files (x86)\DocFetcher\docfetcher-daemon-windows.exe
(ABBYY Software House -> ABBYY (BIT Software)) C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
(ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
(ABBYY SOLUTIONS LIMITED -> ABBYY.) C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(CobianSoft, Luis Cobian) [Datei ist nicht signiert] C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\89.4.278\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\89.4.278\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\89.4.278\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\89.4.278\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\89.4.278\QtWebEngineProcess.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(FUJITSU LIMITED) [Datei ist nicht signiert] C:\Windows\twain_32\fjscan32\FjtwMkup.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) INTELND1617S2 -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Luis Cobian, CobianSoft) [Datei ist nicht signiert] C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
(Luis Cobian, CobianSoft) [Datei ist nicht signiert] C:\Program Files (x86)\Cobian Backup 11\cbService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\EXCEL.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20011.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Opera Software AS -> Opera Software) C:\Users\Michael\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
(Opera Software AS -> Opera Software) C:\Users\Michael\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PFU LIMITED) [Datei ist nicht signiert] C:\Windows\twain_32\fjscan32\ERG\FTErGuid.exe
(PFU LIMITED) [Datei ist nicht signiert] C:\Windows\twain_32\fjscan32\FJTWMKSV.exe
(PFU LIMITED) [Datei ist nicht signiert] C:\Windows\twain_32\fjscan32\FTPWREVT\FTPWREVT.exe
(PFU LIMITED) [Datei ist nicht signiert] C:\Windows\twain_32\fjscan32\SOP\FtLnSOP.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(shbox.de) [Datei ist nicht signiert] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\SnagitEditor.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\TscHelp.exe
(Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\Michael\AppData\Roaming\Telegram Desktop\Telegram.exe
(Tesline-Service s.r.l. -> Tesline-Service SRL) C:\Program Files (x86)\Rohos\ntserv.exe
(Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.) C:\Program Files\Tracker Software\PDF Editor\PDFXEdit.exe
(WhatsApp Inc.) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.4.315.0_x64__cv1g1gvanyjgm\app\WhatsApp.exe
(WhatsApp Inc.) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.4.315.0_x64__cv1g1gvanyjgm\app\WhatsApp.exe
(WhatsApp Inc.) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.4.315.0_x64__cv1g1gvanyjgm\app\WhatsApp.exe
(WhatsApp Inc.) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.4.315.0_x64__cv1g1gvanyjgm\app\WhatsApp.exe
(Wolters Kluwer Deutschland GmbH -> ) C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
konnte nicht auf den Prozess zugreifen -> explorer.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [878368 2019-05-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3331264 2020-01-20] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395616 2014-09-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153952 2014-09-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2014-03-18] (shbox.de) [Datei ist nicht signiert]
HKLM-x32\...\Run: [FtLnSOP_setup] => C:\Windows\Twain_32\Fjscan32\SOP\FtLnSOP.exe [147456 2012-01-23] (PFU LIMITED) [Datei ist nicht signiert]
HKLM-x32\...\Run: [FJTWAIN Setup] => C:\Windows\Twain_32\fjscan32\FjtwMkup.exe [139264 2012-01-23] (FUJITSU LIMITED) [Datei ist nicht signiert]
HKLM-x32\...\Run: [FTPWRENV] => C:\Windows\Twain_32\Fjscan32\FTPWREVT\FTPWREVT.exe [45056 2007-10-16] (PFU LIMITED) [Datei ist nicht signiert]
HKLM-x32\...\Run: [RohosLogon] => C:\Program Files (x86)\Rohos\welcome-user.exe [1380384 2015-09-04] (Tesline-Service s.r.l. -> Tesline-Service SRL)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6261760 2020-01-23] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Cobian Backup 11 interface] => C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe [4407808 2013-03-07] (Luis Cobian, CobianSoft) [Datei ist nicht signiert]
HKLM-x32\...\Run: [DocFetcher-Daemon] => C:\Program Files (x86)\DocFetcher\docfetcher-daemon-windows.exe [563621 2018-07-30] () [Datei ist nicht signiert]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [228136 2020-01-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331368 2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2216129787-3453094354-8666996-1006\...\Run: [Opera Browser Assistant] => C:\Users\Michael\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [2785304 2020-01-28] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2216129787-3453094354-8666996-1006\...\Run: [] => [X]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-22] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{75A22DF1-B82D-56ed-B229-CD30517BD617}] -> C:\WINDOWS\system32\rohos_cp_x64.dll [2015-09-04] (Tesline-Service s.r.l. -> Tesline-Service SRL)
HKLM\Software\...\Authentication\Credential Provider Filters: [{75A22DF1-B82D-56ed-B229-CD30517BD617}] -> C:\WINDOWS\system32\rohos_cp_x64.dll [2015-09-04] (Tesline-Service s.r.l. -> Tesline-Service SRL)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Error Recovery Guide.lnk [2014-12-19]
ShortcutTarget: Error Recovery Guide.lnk -> C:\Windows\twain_32\fjscan32\ERG\FTErGuid.exe (PFU LIMITED) [Datei ist nicht signiert]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 10.lnk [2015-09-10]
ShortcutTarget: Snagit 10.lnk -> C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe (TechSmith Corporation -> TechSmith Corporation)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-08-04]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Citrix Receiver.lnk [2016-02-24]
ShortcutTarget: Citrix Receiver.lnk -> C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe (Keine Datei)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outlook 2013.lnk [2017-08-28]
ShortcutTarget: Outlook 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\outicon.exe (Microsoft Corporation -> )
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StarLeaf Breeze.lnk [2016-11-11]
ShortcutTarget: StarLeaf Breeze.lnk -> C:\Users\Michael\AppData\Local\StarLeaf\Breeze\Breeze.exe (Keine Datei)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SX Virtual Link.lnk [2014-12-19]
ShortcutTarget: SX Virtual Link.lnk -> C:\Program Files\silex technology\SX Virtual Link\Connect.exe (silex technology, Inc. -> silex technology, Inc.)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk [2014-12-22]
ShortcutTarget: Telegram.lnk -> C:\Users\Michael\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
GroupPolicy: Beschränkung ? <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05EA894B-EB58-424B-B39B-116FA972E24E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {07A021E7-A400-49D8-873B-AE62B61F4C70} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2757672 2019-11-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {12436D86-9FE5-43B5-8EEF-8B36BAD9437F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-03-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {27E52497-1F70-494F-9DCC-D68E86DDB66C} - System32\Tasks\G2MUpdateTask-S-1-5-21-2216129787-3453094354-8666996-1006 => C:\Users\Michael\AppData\Local\GoToMeeting\16576\g2mupdate.exe [32256 2020-01-24] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {32AB90BD-1B19-4379-A7E2-EF71AC6D6EAC} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {378B6735-940E-45A5-A099-EF9C0F748DAD} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe
Task: {38695BBA-0242-471D-9FE8-E978079CF2F3} - System32\Tasks\Opera scheduled Autoupdate 1570723055 => C:\Users\Michael\AppData\Local\Programs\Opera\launcher.exe [1350680 2020-01-22] (Opera Software AS -> Opera Software)
Task: {3DF6D6BF-DB8D-4F47-8528-5A6F26F92A24} - \Open URL by RoboForm -> Keine Datei <==== ACHTUNG
Task: {3FCFA83B-A405-4B82-B0B1-58AE7B8E326D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_Plugin.exe [1458232 2020-01-21] (Adobe Inc. -> Adobe)
Task: {40CE5594-D783-4DBE-863F-E954EF84B661} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task: {449CD507-AFCC-422B-99BA-19038F0707C2} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [27848432 2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG )
Task: {47843C54-CCE1-4E96-A4F7-D595D5AE0AFD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {4BB105C1-E1E5-49A8-9569-10B8D147692E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-04] (Google Inc -> Google Inc.)
Task: {4F07498B-0E99-42B0-93F2-B3BA2991397B} - System32\Tasks\G2MUploadTask-S-1-5-21-2216129787-3453094354-8666996-1006 => C:\Users\Michael\AppData\Local\GoToMeeting\16576\g2mupload.exe [32256 2020-01-24] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {60102B88-BA20-40A2-972A-E0C6C546EFDA} - System32\Tasks\Opera scheduled assistant Autoupdate 1571414292 => C:\Users\Michael\AppData\Local\Programs\Opera\launcher.exe [1350680 2020-01-22] (Opera Software AS -> Opera Software)
Task: {6993C842-31C0-403D-838A-477A93071DA8} - System32\Tasks\G2MUpdateTask-S-1-5-21-1013316503-1690231437-2228150199-1155 => C:\Users\xxx\AppData\Local\GoToMeeting\8404\g2mupdate.exe [31808 2018-02-23] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {727986C7-E956-46B6-8689-566B1343AE03} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {74502E3C-5697-4D3C-90B7-854664CF3912} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-04] (Google Inc -> Google Inc.)
Task: {767E57D2-0F24-415F-A737-106C8658282C} - System32\Tasks\HPCustParticipation HP LaserJet M101-M106 => C:\Program Files\HP\HP LaserJet M101-M106\Bin\HPCustPartic.exe [6658184 2017-04-27] (Hewlett Packard -> HP Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {9C0E4A9E-FEFF-4EC6-85BB-341B91C798F2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {A29A4B16-728D-4E48-A8E1-7331D530114E} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\system32\gpupdate.exe [29696 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {A43FB1C8-F623-4579-BAE8-D8EBAA91EA1E} - System32\Tasks\G2MUploadTask-S-1-5-21-1013316503-1690231437-2228150199-1155 => C:\Users\xxx\AppData\Local\GoToMeeting\8404\g2mupload.exe [31808 2018-02-23] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {A4E42F6D-B6F2-4032-98A3-8550B484EFDF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {A52BA8E7-4C33-4310-865D-079A379983B6} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\WINDOWS\system32\gpupdate.exe [29696 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {AF6BA8A7-9675-4BE5-8F55-1A9E1063A6C6} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-03-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {C6C3C854-50CB-459C-A56D-192379BAA19B} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.EXE /NOUACCHECK
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {DCACECB0-BFE8-4C3E-AC08-CA8F904DA6E0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-21] (Adobe Inc. -> Adobe)
Task: {E881479F-0ADD-488A-98E5-E3BB1E56FABD} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4630208 2016-11-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
Task: {F8391A59-C7FB-4672-A308-1EDD7A65CC55} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [226512 2020-01-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1013316503-1690231437-2228150199-1155.job => C:\Users\xxx\AppData\Local\GoToMeeting\8404\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2216129787-3453094354-8666996-1006.job => C:\Users\Michael\AppData\Local\GoToMeeting\16576\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1013316503-1690231437-2228150199-1155.job => C:\Users\xxx\AppData\Local\GoToMeeting\8404\g2mupload.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2216129787-3453094354-8666996-1006.job => C:\Users\Michael\AppData\Local\GoToMeeting\16576\g2mupload.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0870edde-a074-40a6-8ce3-e97f27791aa8}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5fc5dc9a-0860-4eba-91af-6b83c6085645}: [DhcpNameServer] 192.168.44.1
Tcpip\..\Interfaces\{720b8e4b-a57e-4978-a4f2-180187041341}: [DhcpNameServer] 10.0.0.5 10.0.0.1
Tcpip\..\Interfaces\{bf6de677-06e8-4870-aa04-c38dbce56565}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {2BEB8D3A-B24F-4284-BBD8-B6B30EC1F64E} URL =
SearchScopes: HKU\S-1-5-21-2216129787-3453094354-8666996-1006 -> DefaultScope {2BEB8D3A-B24F-4284-BBD8-B6B30EC1F64E} URL =
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll [2011-11-08] (TechSmith Corporation -> TechSmith Corporation)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll [2011-11-08] (TechSmith Corporation -> TechSmith Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-10-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-20] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll [2011-11-08] (TechSmith Corporation -> TechSmith Corporation)
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll [2011-11-08] (TechSmith Corporation -> TechSmith Corporation)
DPF: HKLM-x32 {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} hxxp://10.0.0.239/codebase/DVM_IPCam2.ocx
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FireFox:
========
FF DefaultProfile: 7x1ny61f.default-1571561941413
FF ProfilePath: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\7x1ny61f.default-1571561941413 [2020-01-30]
FF user.js: detected! => C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\7x1ny61f.default-1571561941413\user.js [2019-12-01]
FF Notifications: Mozilla\Firefox\Profiles\7x1ny61f.default-1571561941413 -> hxxps://www.youtube.com; hxxps://www.finanzen.net; hxxps://www.marktjagd.de; hxxps://www.aerzteblatt.de
FF NewTabOverride: Mozilla\Firefox\Profiles\7x1ny61f.default-1571561941413 -> Disabled: mailcheck@gmx.net
FF NewTabOverride: Mozilla\Firefox\Profiles\7x1ny61f.default-1571561941413 -> Enabled: keefox@chris.tomlinson
FF Extension: (German Dictionary) - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\7x1ny61f.default-1571561941413\Extensions\de-DE@dictionaries.addons.mozilla.org.xpi [2019-10-25] [ist nicht signiert]
FF Extension: (Kee - Password Manager) - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\7x1ny61f.default-1571561941413\Extensions\keefox@chris.tomlinson.xpi [2019-10-20]
FF Extension: (GMX MailCheck) - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\7x1ny61f.default-1571561941413\Extensions\mailcheck@gmx.net.xpi [2019-12-26] [UpdateUrl:hxxps://dl.gmx.net/mailcheck/firefox/updates.json]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_321.dll [2020-01-21] (Adobe Inc. -> )
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-11-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_321.dll [2020-01-21] (Adobe Inc. -> )
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2014-09-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @google.com/sewebplugin -> C:\Windows\system32\npsewebplugin.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2016-11-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-11-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR Profile: C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default [2020-01-30]
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Extension: (Präsentationen) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-02]
CHR Extension: (Docs) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-02]
CHR Extension: (Google Drive) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-02]
CHR Extension: (YouTube) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-02]
CHR Extension: (Avira Password Manager) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2020-01-21]
CHR Extension: (Tabellen) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-02]
CHR Extension: (Google Docs Offline) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-10]
CHR Extension: (Google Mail) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-28]
CHR Extension: (Chrome Media Router) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-01-21]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] (Wolters Kluwer Deutschland GmbH -> )
R2 ABBYY.Licensing.FineReader.Corporate.11.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [819976 2011-08-18] (ABBYY SOLUTIONS LIMITED -> ABBYY)
R2 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [759072 2008-05-16] (ABBYY Software House -> ABBYY (BIT Software))
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1210168 2019-11-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [535352 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484768 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484768 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574848 2020-01-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [617520 2020-01-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2989888 2020-01-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [379624 2020-01-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [240408 2020-01-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [150648 2019-12-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [Datei ist nicht signiert]
R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft) [Datei ist nicht signiert]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-03-03] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-03-03] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-01-23] (Dropbox, Inc -> Dropbox, Inc.)
R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [11780320 2020-01-30] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 FJTWMKSV; C:\Windows\twain_32\fjscan32\FJTWMKSV.exe [36864 2011-07-20] (PFU LIMITED) [Datei ist nicht signiert]
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515768 2017-04-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S2 IntelAudioService; C:\WINDOWS\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [356848 2019-09-04] (Smart Sound Technology -> Intel)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2017-03-21] (Intel Corporation-Wireless Connectivity Solutions -> )
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [878368 2019-05-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [519904 2020-01-30] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3750304 2017-03-21] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [207784 2019-12-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [197176 2019-09-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 EnigmaFileMonDriver; C:\WINDOWS\System32\drivers\EnigmaFileMonDriver.sys [68424 2020-01-30] (EnigmaSoft Limited -> EnigmaSoft Limited)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [129032 2017-04-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 IntcAudioBus; C:\WINDOWS\System32\drivers\IntcAudioBus.sys [277192 2019-09-04] (Smart Sound Technology -> Intel(R) Corporation)
R3 IntcOED; C:\WINDOWS\System32\drivers\IntcOED.sys [849792 2019-09-04] (Smart Sound Technology -> Intel(R) Corporation)
S3 ITECIRfilter; C:\WINDOWS\system32\DRIVERS\ITECIRfilter.sys [36560 2015-11-24] (ITE Tech. Inc. -> ITE Tech. Inc. )
S3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8723968 2019-03-19] (Microsoft Windows -> Intel Corporation)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2020-01-08] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [356344 2019-05-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 sxuptp; C:\WINDOWS\System32\drivers\sxuptp.sys [310496 2014-12-19] (silex technology, Inc. -> silex technology, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2020-01-30 18:35 - 2020-01-30 18:35 - 000047180 _____ C:\Users\Michael\Downloads\FRST.txt
2020-01-30 18:33 - 2020-01-30 18:35 - 000000000 ____D C:\FRST
2020-01-30 18:33 - 2020-01-30 18:33 - 002581504 _____ (Farbar) C:\Users\Michael\Downloads\FRST64.exe
2020-01-30 18:14 - 2020-01-30 18:14 - 000021407 _____ C:\Users\Michael\Desktop\Aufwandsübersicht_2020_01_29.xlsm
2020-01-30 18:14 - 2020-01-30 18:14 - 000000165 ____H C:\Users\Michael\Desktop\~$Aufwandsübersicht_2020_01_29.xlsm
2020-01-30 17:47 - 2020-01-30 17:47 - 000003562 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2020-01-30 17:47 - 2020-01-30 17:47 - 000000000 ____D C:\Users\Public\Security Sessions
2020-01-30 17:46 - 2020-01-30 17:46 - 000003374 _____ C:\WINDOWS\system32\Tasks\Avira_Antivirus_Systray
2020-01-30 17:45 - 2019-12-02 10:26 - 000207784 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2020-01-30 17:45 - 2019-09-19 09:07 - 000197176 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2020-01-30 17:45 - 2019-06-07 14:09 - 000078936 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys
2020-01-30 17:45 - 2019-03-20 18:50 - 000089736 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2020-01-30 17:45 - 2019-03-20 18:50 - 000046704 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2020-01-30 17:45 - 2019-03-20 18:50 - 000045472 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2020-01-30 17:45 - 2019-03-20 18:50 - 000022336 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avelam.sys
2020-01-30 17:43 - 2020-01-30 17:43 - 000003780 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupUpdate
2020-01-30 17:43 - 2020-01-30 17:43 - 000000000 ____D C:\Users\Public\Speedup Sessions
2020-01-30 17:42 - 2020-01-30 17:47 - 000000000 ____D C:\ProgramData\Avira
2020-01-30 17:42 - 2020-01-30 17:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-01-30 17:42 - 2020-01-30 17:42 - 000001261 _____ C:\Users\Public\Desktop\Avira.lnk
2020-01-30 17:42 - 2020-01-30 17:42 - 000001261 _____ C:\ProgramData\Desktop\Avira.lnk
2020-01-30 17:40 - 2020-01-30 17:41 - 003837048 _____ (Avira Operations GmbH & Co. KG) C:\Users\Michael\Downloads\avira_de_sptl1_1399270432-1580402456__pantivirws-spotlight-release.exe
2020-01-30 17:39 - 2020-01-30 17:39 - 000068424 _____ (EnigmaSoft Limited) C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys
2020-01-30 17:39 - 2020-01-30 17:39 - 000001055 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
2020-01-30 17:39 - 2020-01-30 17:39 - 000001055 _____ C:\ProgramData\Desktop\SpyHunter5.lnk
2020-01-30 17:39 - 2020-01-30 17:39 - 000000000 ____D C:\sh5ldr
2020-01-30 17:39 - 2020-01-30 17:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2020-01-30 17:39 - 2020-01-30 17:39 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2020-01-30 17:39 - 2020-01-30 17:39 - 000000000 ____D C:\Program Files\EnigmaSoft
2020-01-30 17:38 - 2020-01-30 17:38 - 006946736 _____ (EnigmaSoft Limited) C:\Users\Michael\Downloads\sh-remover.exe
2020-01-29 18:23 - 2020-01-30 09:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-01-24 11:57 - 2020-01-24 11:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-01-23 16:20 - 2020-01-23 16:20 - 001106896 ____N C:\Users\Michael\Desktop\Wintergarten1.pdf
2020-01-23 16:19 - 2020-01-23 16:19 - 000131623 ____N C:\Users\Michael\Desktop\26.pdf
2020-01-23 16:18 - 2020-01-23 16:18 - 000079456 ____N C:\Users\Michael\Desktop\25.pdf
2020-01-23 10:15 - 2020-01-23 10:15 - 000900674 ____N C:\Users\Michael\Desktop\Wintergarten Copy.pdf
2020-01-23 10:14 - 2020-01-23 10:14 - 000280605 ____N C:\Users\Michael\Desktop\24.pdf
2020-01-23 09:52 - 2020-01-23 09:52 - 000341303 ____N C:\Users\Michael\Desktop\Wintergarten.pdf
2020-01-23 09:52 - 2020-01-23 09:52 - 000282023 ____N C:\Users\Michael\Desktop\23.pdf
2020-01-23 00:24 - 2020-01-23 00:24 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-01-23 00:24 - 2020-01-23 00:24 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-01-23 00:24 - 2020-01-23 00:24 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-01-23 00:24 - 2020-01-23 00:24 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2020-01-21 10:35 - 2020-01-21 10:36 - 003318440 ____N (Dominik Reichl ) C:\Users\Michael\Downloads\KeePass-2.44-Setup.exe
2020-01-21 09:08 - 2020-01-29 21:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-01-20 18:35 - 2020-01-20 18:35 - 000028583 ____N C:\Users\Michael\Desktop\1Rechnung2020 (4).pdf
2020-01-20 18:34 - 2020-01-20 18:34 - 000028591 ____N C:\Users\Michael\Desktop\1Rechnung2020 (3).pdf
2020-01-20 18:32 - 2020-01-20 18:32 - 000028550 ____N C:\Users\Michael\Desktop\1Rechnung2020 (2).pdf
2020-01-20 18:31 - 2020-01-20 18:31 - 000028553 ____N C:\Users\Michael\Desktop\1Rechnung2020 (1).pdf
2020-01-20 18:29 - 2020-01-20 18:29 - 000028553 ____N C:\Users\Michael\Desktop\1Rechnung2020.pdf
2020-01-20 15:57 - 2020-01-20 15:57 - 000001283 ____N C:\Users\Michael\Desktop\Google Chrome.lnk
2020-01-20 08:41 - 2020-01-20 08:41 - 000000000 ____D C:\Users\Michael\opera autoupdate
2020-01-17 09:35 - 2020-01-17 09:35 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-17 09:35 - 2020-01-17 09:35 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-17 09:35 - 2020-01-17 09:35 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-17 09:35 - 2020-01-17 09:35 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-17 09:35 - 2020-01-17 09:35 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-17 09:35 - 2020-01-17 09:35 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-17 09:35 - 2020-01-17 09:35 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-17 09:35 - 2020-01-17 09:35 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-17 09:35 - 2020-01-17 09:35 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-17 09:35 - 2020-01-17 09:35 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-17 09:35 - 2020-01-17 09:35 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-17 09:35 - 2020-01-17 09:35 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-17 09:35 - 2020-01-17 09:35 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-17 09:35 - 2020-01-17 09:35 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-17 09:35 - 2020-01-17 09:35 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-17 09:35 - 2020-01-17 09:35 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-17 09:35 - 2020-01-17 09:35 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2020-01-17 09:35 - 2020-01-17 09:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-17 09:35 - 2020-01-17 09:35 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys
2020-01-17 09:35 - 2020-01-17 09:35 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WSDScan.sys
2020-01-17 09:35 - 2020-01-17 09:35 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-17 09:35 - 2020-01-17 09:35 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-17 09:31 - 2019-12-10 06:15 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-17 09:31 - 2019-12-10 05:59 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-17 08:54 - 2020-01-17 08:54 - 000002292 ____N C:\Users\Michael\Downloads\000000001.xml
2020-01-10 11:01 - 2020-01-10 11:01 - 000000000 ____D C:\Users\Michael\Downloads\ttusb2bda_1.0.3.9
2020-01-10 11:00 - 2020-01-10 11:00 - 000511312 ____N C:\Users\Michael\Downloads\ttusb2bda_1.0.3.9.zip
2020-01-10 10:56 - 2020-01-10 10:56 - 000000000 ____D C:\Users\Michael\Downloads\usb-firmwareupdate
2020-01-10 10:55 - 2020-01-10 10:55 - 000194473 ____N C:\Users\Michael\Downloads\usb-firmwareupdate.zip
2020-01-08 11:21 - 2020-01-08 11:21 - 000045056 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\phantomtap.sys
2020-01-07 18:28 - 2020-01-07 18:28 - 000066399 ____N C:\Users\Michael\Downloads\20200104_5232xxxxxxxx1733_-_Ihre_Abrechnung_vom_03_01_2020(1).PDF
2020-01-07 18:27 - 2020-01-07 18:27 - 000066399 ____N C:\Users\Michael\Downloads\20200104_5232xxxxxxxx1733_-_Ihre_Abrechnung_vom_03_01_2020.PDF
2020-01-02 18:02 - 2020-01-02 18:02 - 000144841 ____N C:\Users\Michael\Desktop\Glasduschtüre.pdf
2020-01-02 18:01 - 2020-01-02 18:01 - 000147866 ____N C:\Users\Michael\Desktop\Duschtüre.pdf
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2020-01-30 18:33 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-30 18:03 - 2015-06-29 13:57 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-01-30 17:52 - 2018-03-03 14:24 - 000000000 ____D C:\Users\Michael\AppData\LocalLow\Mozilla
2020-01-30 17:47 - 2019-10-10 16:56 - 000000000 ____D C:\Users\Michael\AppData\Local\Avira
2020-01-30 17:47 - 2019-10-10 16:54 - 000000000 ____D C:\Program Files (x86)\Avira
2020-01-30 17:46 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-01-30 17:45 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-30 17:42 - 2014-12-15 14:52 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-30 17:28 - 2018-03-03 13:57 - 000000000 ____D C:\Users\Michael\AppData\Roaming\KeePass
2020-01-30 17:24 - 2018-03-03 15:31 - 000000000 ___RD C:\Users\Michael\Dropbox
2020-01-30 16:30 - 2019-07-29 21:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-30 09:27 - 2018-11-22 16:31 - 000001274 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2020-01-30 09:27 - 2014-12-15 12:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-30 09:23 - 2019-07-29 21:33 - 001723292 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-30 09:23 - 2019-03-19 13:16 - 000743888 _____ C:\WINDOWS\system32\perfh007.dat
2020-01-30 09:23 - 2019-03-19 13:16 - 000150212 _____ C:\WINDOWS\system32\perfc007.dat
2020-01-30 09:22 - 2019-10-18 17:25 - 000000000 ____D C:\Users\Michael\Downloads\opera autoupdate
2020-01-30 09:18 - 2018-03-03 16:39 - 000000000 ____D C:\Users\Michael\AppData\Local\FreePDF_XP
2020-01-30 09:18 - 2018-03-03 16:22 - 000000000 ____D C:\Users\Michael\AppData\Roaming\Telegram Desktop
2020-01-30 09:17 - 2019-07-29 21:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-30 09:17 - 2018-03-01 15:44 - 000000000 __SHD C:\Users\Michael\IntelGraphicsProfiles
2020-01-29 21:37 - 2019-02-06 09:09 - 000000674 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2216129787-3453094354-8666996-1006.job
2020-01-29 21:37 - 2019-02-06 09:09 - 000000578 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2216129787-3453094354-8666996-1006.job
2020-01-29 21:37 - 2018-03-03 15:29 - 000001244 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2020-01-29 21:37 - 2018-03-03 15:29 - 000001240 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2020-01-29 18:34 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-29 18:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-29 18:22 - 2018-03-01 15:44 - 000000000 ____D C:\Users\Michael\AppData\Local\Packages
2020-01-29 18:21 - 2019-07-29 21:30 - 000004304 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2020-01-29 18:21 - 2019-07-29 21:30 - 000004072 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2020-01-28 17:42 - 2019-10-18 16:58 - 000004468 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1571414292
2020-01-27 11:10 - 2019-02-06 09:09 - 000000000 ____D C:\Users\Michael\AppData\Local\GoToMeeting
2020-01-24 18:30 - 2019-07-29 21:30 - 000003838 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-2216129787-3453094354-8666996-1006
2020-01-24 18:30 - 2019-07-29 21:30 - 000003742 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-2216129787-3453094354-8666996-1006
2020-01-24 11:59 - 2019-10-10 16:57 - 000004232 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1570723055
2020-01-24 11:59 - 2019-10-10 16:57 - 000001428 ____N C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2020-01-24 11:57 - 2018-03-03 15:29 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-01-23 17:25 - 2019-10-11 14:12 - 000000000 ____D C:\Users\Michael\Downloads\Telegram Desktop
2020-01-22 17:00 - 2015-08-04 15:10 - 000002293 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-21 18:19 - 2019-11-29 10:14 - 000004600 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-21 18:19 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-01-21 18:19 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-01-21 10:36 - 2019-10-20 11:06 - 000001170 ____N C:\Users\Michael\Desktop\KeePass 2.lnk
2020-01-21 10:36 - 2014-12-15 12:50 - 000001182 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2020-01-21 10:36 - 2014-12-15 12:50 - 000000000 ____D C:\Program Files (x86)\KeePass Password Safe 2
2020-01-21 09:15 - 2019-07-29 21:24 - 000000000 ____D C:\Users\Michael
2020-01-21 09:15 - 2014-12-15 12:47 - 000001167 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-20 08:36 - 2019-07-29 21:21 - 000609288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-19 21:52 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-19 21:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-19 21:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-19 21:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-19 21:52 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-01-19 15:56 - 2019-07-29 21:30 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2216129787-3453094354-8666996-1006
2020-01-19 15:56 - 2019-07-29 21:24 - 000002424 ____N C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-19 15:56 - 2018-03-01 15:46 - 000000000 ___RD C:\Users\Michael\OneDrive
2020-01-17 09:41 - 2014-12-14 15:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-17 09:37 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-17 09:37 - 2014-12-15 13:29 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-01-17 09:37 - 2014-12-14 15:59 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-12 12:05 - 2018-03-03 15:29 - 000000000 ____D C:\Users\Michael\AppData\Local\Dropbox
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2005-12-09 09:37 - 2005-12-09 09:37 - 001093632 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\mfc80.dll
2005-12-09 09:37 - 2005-12-09 09:37 - 001079808 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\mfc80u.dll
2005-12-09 09:37 - 2005-12-09 09:37 - 000069632 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\mfcm80.dll
2005-12-09 09:37 - 2005-12-09 09:37 - 000057344 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\mfcm80u.dll
2005-12-09 09:38 - 2005-12-09 09:38 - 000000522 _____ () C:\Program Files (x86)\Common Files\Microsoft.VC80.CRT.manifest
2005-12-09 09:38 - 2005-12-09 09:38 - 000000550 _____ () C:\Program Files (x86)\Common Files\Microsoft.VC80.MFC.manifest
2005-12-09 09:37 - 2005-12-09 09:37 - 000479232 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\msvcm80.dll
2005-12-09 09:37 - 2005-12-09 09:37 - 000548864 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\msvcp80.dll
2005-12-09 09:37 - 2005-12-09 09:37 - 000626688 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\msvcr80.dll
2019-11-17 16:26 - 2019-11-17 16:26 - 000003584 ____N () C:\Users\Michael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-06-26 18:46 - 2019-06-26 18:46 - 000011651 ____N () C:\Users\Michael\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
