| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 10 Murofet weekly - laut Telekom PC betroffen -Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
15.01.2021, 12:02
| #1 |
| |  Windows 10 Murofet weekly - laut Telekom PC betroffen - Hallo zusammen, kann jemand sehen, ob mein PC tatsächlich betroffen ist? Die Maschine ist erst drei Monate alt - habe nur den Windows Defender drauf. Wenn er betroffen ist, wie bekomme ich den Trojaner wieder runter? Danke. Gruß, Jorge Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-01-2021
durchgeführt von User (Administrator) auf DESKTOP-FL8TLL0 (Micro-Star International Co., Ltd. MS-7C08) (15-01-2021 11:52:18)
Gestartet von C:\Users\User\Downloads
Geladene Profile: User
Platform: Windows 10 Pro Version 1909 18363.1316 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <4>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Discord Inc. -> Discord Inc.) C:\Users\User\AppData\Local\Discord\app-0.0.309\Discord.exe <6>
(F.lux Software LLC -> f.lux Software LLC) C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <67>
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_51074a304c325b5d\LMS.exe
(Mattermost, Inc. -> Mattermost, Inc.) C:\Users\User\AppData\Local\Programs\mattermost-desktop\Mattermost.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\lync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\OneDrive\20.201.1005.0009\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\Teams\current\Teams.exe <6>
(Microsoft Corporation -> Microsoft Corporation) C:\Users\User\AppData\Local\MicrosoftAdvertisingEditor\app-11.29.10036\Microsoft.Advertising.Editor.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20112.10111.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6>
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edf184f24a37bacd\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Realtek Semiconductor Corp. -> Realtek) C:\Windows\SwUSB.exe
(Slack Technologies Inc.) C:\Program Files\WindowsApps\91750D7E.Slack_4.12.0.0_x64__8she8kybcnzg4\app\Slack.exe <5>
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe <5>
(韵华软件) C:\Program Files\WindowsApps\22450.ImageResizerforWindows10_1.1.7.0_x64__0aqw1zw0x2snt\huaImageResizer.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [1138416 2020-07-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2095672 2020-10-08] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-10-13] (Adobe Inc. -> )
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [100580600 2020-08-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3374603461-1909616525-767446044-1000\...\Run: [f.lux] => C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe [1469968 2020-06-17] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-3374603461-1909616525-767446044-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\User\AppData\Local\Microsoft\Teams\Update.exe [2452664 2020-11-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3374603461-1909616525-767446044-1000\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\1.3.36.52\GoogleUpdateCore.exe [219592 2020-12-04] (Google LLC -> Google LLC)
HKU\S-1-5-21-3374603461-1909616525-767446044-1000\...\Run: [Lync] => C:\Program Files\Microsoft Office\root\Office16\lync.exe [26327880 2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3374603461-1909616525-767446044-1000\...\Run: [Microsoft.Advertising.Editor] => C:\Users\User\AppData\Local\MicrosoftAdvertisingEditor\app-11.29.10036\Microsoft.Advertising.Editor.exe [7174064 2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3374603461-1909616525-767446044-1000\...\Run: [Discord] => C:\Users\User\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3374603461-1909616525-767446044-1000\...\Run: [Mattermost] => C:\Users\User\AppData\Local\Programs\mattermost-desktop\Mattermost.exe [105166680 2020-10-26] (Mattermost, Inc. -> Mattermost, Inc.)
HKU\S-1-5-21-3374603461-1909616525-767446044-1000\...\MountPoints2: {0dd65014-3ef6-11eb-8633-001583fb8dd2} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3374603461-1909616525-767446044-1000\...\MountPoints2: {0dd6503e-3ef6-11eb-8633-001583fb8dd2} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3374603461-1909616525-767446044-1000\...\MountPoints2: {456f8144-11e5-11eb-8628-001583fb8dd2} - "G:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\Status Monitor Language Monitor for Dell C1660w Color Printer: C:\Windows\system32\DLHLSZIL.DLL [194048 2016-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-12] (Google LLC -> Google LLC)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0111113C-9041-43CE-92AE-2495CC8BB70C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {033B9B5E-3820-4195-8581-0E68B4F5E91F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0D350D56-4657-4604-B6AA-632AC354A5D2} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-15] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {136CF686-BF3E-411D-8A8B-38F626E1298F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23061920 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {18116D94-15C5-4AE8-9CB5-013817EEDC71} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {32B590B2-1A0C-4149-843D-943E4AD8ED95} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4B549B40-65A2-4000-B9D4-DE1A67AA53EC} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-15] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {4F935833-89A5-437A-8D27-86158E0DAEA4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5029A92E-43F4-48C0-BAF5-486B75925F1D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3374603461-1909616525-767446044-1000UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2020-10-16] (Google LLC -> Google LLC)
Task: {507F0A11-2E66-4E54-B713-F532D161A957} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {68C295E0-BC19-42B4-BEB2-6E5D3D4E572C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143752 2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {83D311CF-A9A6-45F8-8613-6120B5FCA978} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3374603461-1909616525-767446044-1000Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2020-10-16] (Google LLC -> Google LLC)
Task: {A0263030-3F8A-4007-BC91-FDC05EE6F4DF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-08] (Google LLC -> Google LLC)
Task: {A8C9CF16-D7AE-4459-AD23-5431FA7CDCB6} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B5B8CDA4-F181-4A42-ACD4-BDAEE38AD729} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C77DEAED-27AB-4FC0-8C87-B4B1A9D8E51C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-08] (Google LLC -> Google LLC)
Task: {C811C031-32EE-4EF1-88EF-D686C691C7C6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143752 2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {D1BB8380-9462-4865-AD61-C5AFB8C4E9F5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D1DC75DE-A82A-4744-8E4E-1791113F4B18} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {D4900BD6-6E5C-40E9-B6B4-6B7D11E3E7B5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DFCECD2E-2D53-47AF-9B59-B171461E02ED} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-05-12] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {E6E01917-3511-43D3-BFD6-63720EEE55E3} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EA4F32AE-8E0C-4B52-9551-214EBAB4EE85} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647656 2020-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F41F5A84-7E35-42A0-ADFB-08FB4F7681C3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23061920 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {F7CBADC2-FF29-449B-A64C-7D0AB553E9E3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3292984 2020-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{07a50281-516d-4a40-975c-868185ec824f}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{44febdbe-c848-490d-a7a6-5b7661c7baae}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{fb38a045-20ec-4b86-b258-88b6b12c68f5}: [DhcpNameServer] 192.168.2.1
Edge:
======
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-12]
FireFox:
========
FF DefaultProfile: izh06ytx.default
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\izh06ytx.default [2020-10-29]
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\f88gxco2.default-release [2021-01-15]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-10-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-10-08] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-10-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-10-08] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2021-01-15]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://drive.google.com; hxxps://meet.google.com
CHR DefaultSearchURL: Default -> hxxps://www.gstatic.com/youtube/media/ytm/images/applauncher/music_icon_48x48.png
CHR Extension: (Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-08]
CHR Extension: (HTTP Header Spy) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\agnoocojkneiphkobpcfoaenhpjnmifb [2020-10-08]
CHR Extension: (Flash Video Downloader) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2020-10-08]
CHR Extension: (Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-08]
CHR Extension: (Redirect Path) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomidfkchockcldhbkggjokdkkebmdll [2020-10-08]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (Google Optimize) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhdplaindhdkiflmbfbciehdccfhegci [2020-10-08]
CHR Extension: (ColorZilla) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2020-10-08]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-08]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-12-15]
CHR Extension: (YouTube Music) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cinhimbnkkaeohfgghhklpknlkffjgod [2020-10-08]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2020-10-08]
CHR Extension: (Video Downloader professional) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2020-10-08]
CHR Extension: (Tabellen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-08]
CHR Extension: (ExpressVPN: VPN-Proxy, um alles zu entsperren.) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgddmllnllkalaagkghckoinaemmogpe [2021-01-04]
CHR Extension: (News Feed Eradicator for Facebook) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjcldmjmjhkklehbacihaiopjklihlgg [2020-10-26]
CHR Extension: (Page Analytics (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2020-10-08]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-30]
CHR Extension: (feedly) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2020-10-08]
CHR Extension: (ModHeader) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgpnmonknjnojddfkpgkljpfnnfcklj [2020-11-09]
CHR Extension: (Interests Explorer) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\igbgioodabklajfccehphfeicnidnhld [2020-10-08]
CHR Extension: (SwiftRead - read faster, learn faster) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipikiaejjblmdopojhpejjmbedhlibno [2021-01-13]
CHR Extension: (WhatFont) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2020-11-16]
CHR Extension: (Todoist für Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jldhpllghnbhlbpcmnajkpdmadaolakh [2020-10-08]
CHR Extension: (Google Analytics Debugger) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnkmfdileelhofjcijamephohjechhna [2020-10-08]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2021-01-13]
CHR Extension: (Window Resizer) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkelicaakdanhinjdeammmilcgefonfh [2021-01-08]
CHR Extension: (Noisli) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\klejemegaoblahjdpcajmpcnjjmkmkkf [2020-11-30]
CHR Extension: (AMZ Seller Browser) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\klgpelgeohjghmccooegimcfhanlnngc [2020-10-08]
CHR Extension: (Momentum) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2021-01-07]
CHR Extension: (Video DownloadHelper) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2021-01-13]
CHR Extension: (Marinara: Pomodoro® Assistant) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lojgmehidjdhhbmpjfamhpkpodfcodef [2020-10-08]
CHR Extension: (Ghostery – Datenschutzorientierter Werbeblocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2020-12-01]
CHR Extension: (Google Play Books) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2020-11-05]
CHR Extension: (UET Tag Helper (by Microsoft Advertising)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\naijndjklgmffmpembnkfbcjbognokbf [2020-11-30]
CHR Extension: (WASP.inspector: Analytics Solution Profiler) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\niaoghengfohplclhbjnjheodgkejpih [2020-10-08]
CHR Extension: (Save to Pocket) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2020-11-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-10-08]
CHR Extension: (Equalizer for YouTube™) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oggiagogblgafoilijjdhcmflgekfmja [2020-10-08]
CHR Extension: (Keywords Toaster) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogppjpooagbgekafnpijhiiopgcgdalp [2020-10-08]
CHR Extension: (iinterests - Interests Extractor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiafnkijemphjhikmdjfdpgcekhkibcl [2020-10-08]
CHR Extension: (Evernote Web Clipper) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2020-12-08]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-08]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2020-10-08] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960904 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-09-24] (Huawei Technologies Co., Ltd. -> )
R2 RunSwUSB; C:\Windows\runSW.exe [59232 2018-05-02] (Realtek Semiconductor Corp. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6264144 2021-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edf184f24a37bacd\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edf184f24a37bacd\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 athur; C:\Windows\System32\drivers\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2019-10-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2020-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-01-15 11:52 - 2021-01-15 11:52 - 000030228 _____ C:\Users\User\Downloads\FRST.txt
2021-01-15 11:52 - 2021-01-15 11:52 - 000000000 ____D C:\FRST
2021-01-15 11:49 - 2021-01-15 11:49 - 002281472 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2021-01-13 05:30 - 2021-01-13 05:30 - 000568320 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2021-01-13 05:30 - 2021-01-13 05:30 - 000502784 _____ C:\Windows\system32\AssignedAccessCsp.dll
2021-01-13 05:30 - 2021-01-13 05:30 - 000500224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2021-01-13 05:30 - 2021-01-13 05:30 - 000151040 _____ C:\Windows\system32\uwfcsp.dll
2021-01-13 05:30 - 2021-01-13 05:30 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBICodec.ax
2021-01-13 05:30 - 2021-01-13 05:30 - 000094720 _____ C:\Windows\system32\VirtualMonitorManager.dll
2021-01-13 05:30 - 2021-01-13 05:30 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2021-01-13 05:29 - 2021-01-13 05:29 - 002590720 _____ C:\Windows\system32\dwmscene.dll
2021-01-13 05:29 - 2021-01-13 05:29 - 001841152 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-01-13 05:29 - 2021-01-13 05:29 - 001101312 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-01-13 05:29 - 2021-01-13 05:29 - 000696832 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2021-01-13 05:29 - 2021-01-13 05:29 - 000576512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2021-01-13 05:29 - 2021-01-13 05:29 - 000555008 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2021-01-13 05:29 - 2021-01-13 05:29 - 000549888 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2021-01-13 05:29 - 2021-01-13 05:29 - 000540672 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-01-13 05:29 - 2021-01-13 05:29 - 000458240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2021-01-13 05:29 - 2021-01-13 05:29 - 000455680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2021-01-13 05:29 - 2021-01-13 05:29 - 000453632 _____ C:\Windows\system32\ssdm.dll
2021-01-13 05:29 - 2021-01-13 05:29 - 000415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-01-13 05:29 - 2021-01-13 05:29 - 000331264 _____ C:\Windows\SysWOW64\ssdm.dll
2021-01-13 05:29 - 2021-01-13 05:29 - 000294912 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2021-01-13 05:29 - 2021-01-13 05:29 - 000266752 _____ C:\Windows\system32\HeatCore.dll
2021-01-13 05:29 - 2021-01-13 05:29 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2021-01-13 05:29 - 2021-01-13 05:29 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2021-01-13 05:29 - 2021-01-13 05:29 - 000208896 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2021-01-13 05:29 - 2021-01-13 05:29 - 000208384 _____ C:\Windows\SysWOW64\HeatCore.dll
2021-01-13 05:29 - 2021-01-13 05:29 - 000186368 _____ C:\Windows\system32\BthpanContextHandler.dll
2021-01-13 05:29 - 2021-01-13 05:29 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2021-01-13 05:29 - 2021-01-13 05:29 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax
2021-01-13 05:29 - 2021-01-13 05:29 - 000167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2021-01-13 05:29 - 2021-01-13 05:29 - 000164864 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-01-13 05:29 - 2021-01-13 05:29 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2021-01-13 05:29 - 2021-01-13 05:29 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2021-01-13 05:29 - 2021-01-13 05:29 - 000072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2021-01-13 05:29 - 2021-01-13 05:29 - 000067072 _____ C:\Windows\system32\BWContextHandler.dll
2021-01-13 05:29 - 2021-01-13 05:29 - 000061440 _____ C:\Windows\system32\rdsxvmaudio.dll
2021-01-13 05:29 - 2021-01-13 05:29 - 000053248 _____ C:\Windows\SysWOW64\BWContextHandler.dll
2021-01-13 05:29 - 2021-01-13 05:29 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2021-01-13 05:29 - 2021-01-13 05:29 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2021-01-13 05:29 - 2021-01-13 05:29 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2021-01-13 05:29 - 2021-01-13 05:29 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2021-01-13 05:29 - 2021-01-13 05:29 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2021-01-13 05:29 - 2021-01-13 05:29 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2021-01-13 05:29 - 2021-01-13 05:29 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2021-01-13 05:29 - 2021-01-13 05:29 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2021-01-13 05:29 - 2021-01-13 05:29 - 000000315 _____ C:\Windows\system32\DrtmAuth18.bin
2021-01-13 05:29 - 2021-01-13 05:29 - 000000315 _____ C:\Windows\system32\DrtmAuth17.bin
2021-01-13 05:29 - 2021-01-13 05:29 - 000000315 _____ C:\Windows\system32\DrtmAuth16.bin
2021-01-13 05:29 - 2021-01-13 05:29 - 000000315 _____ C:\Windows\system32\DrtmAuth15.bin
2021-01-13 05:29 - 2021-01-13 05:29 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2021-01-13 05:29 - 2021-01-13 05:29 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2021-01-13 05:29 - 2021-01-13 05:29 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2021-01-13 05:29 - 2021-01-13 05:29 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2021-01-12 16:52 - 2021-01-12 16:52 - 000064959 _____ C:\Users\User\Downloads\317_2020-11-01_ABOU_42.pdf
2021-01-12 16:52 - 2021-01-12 16:52 - 000064937 _____ C:\Users\User\Downloads\316_2020-11-01_ABOU_42.pdf
2021-01-12 15:08 - 2021-01-12 15:09 - 000010135 _____ C:\Users\User\Downloads\Produktgruppenbericht (1).xlsx
2021-01-12 15:04 - 2021-01-12 15:04 - 000006090 _____ C:\Users\User\Downloads\Produktgruppenbericht.xlsx
2021-01-11 14:34 - 2021-01-11 14:34 - 000362300 _____ C:\Users\User\Downloads\299675 - Verdienstbescheinigung.pdf
2021-01-11 12:26 - 2021-01-11 12:26 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-01-08 08:07 - 2021-01-08 08:18 - 002663926 _____ C:\Users\User\Downloads\299448 - Verdienstbescheinigung.pdf
2021-01-07 10:45 - 2021-01-13 19:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-06 14:58 - 2021-01-06 15:13 - 000000000 ____D C:\Users\User\AppData\Roaming\vlc
2021-01-06 14:58 - 2021-01-06 14:59 - 000000000 ____D C:\Users\User\AppData\Roaming\dvdcss
2021-01-06 14:58 - 2021-01-06 14:58 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-01-06 14:58 - 2021-01-06 14:58 - 000000916 _____ C:\ProgramData\Desktop\VLC media player.lnk
2021-01-06 14:58 - 2021-01-06 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-01-06 14:58 - 2021-01-06 14:58 - 000000000 ____D C:\Program Files\VideoLAN
2021-01-06 14:57 - 2021-01-06 14:57 - 041824168 _____ C:\Users\User\Downloads\vlc-3.0.11-win64.exe
2021-01-06 14:06 - 2021-01-06 14:07 - 000000000 ____D C:\ProgramData\DVD Shrink
2021-01-05 12:12 - 2021-01-05 12:12 - 001506597 _____ C:\Users\User\Downloads\200610_Reyes_Vertrag-1._about_you_neu.pdf
2021-01-05 12:11 - 2021-01-05 12:11 - 000788352 _____ C:\Users\User\Downloads\280_2019-10-30_NEWM_51_NEU.pdf
2021-01-05 12:11 - 2021-01-05 12:11 - 000788269 _____ C:\Users\User\Downloads\272_2019-08-27_COAC_50_NEU.pdf
2021-01-05 12:10 - 2021-01-05 12:10 - 000794325 _____ C:\Users\User\Downloads\247_2018-09-28_ITKF_4_NEU.pdf
2021-01-05 12:08 - 2021-01-05 12:08 - 000799745 _____ C:\Users\User\Downloads\157_2016-09-30_WELT_22_NEU.pdf
2021-01-05 12:00 - 2021-01-05 12:00 - 002322615 _____ C:\Users\User\Downloads\rechnungen.zip
2021-01-05 12:00 - 2021-01-05 12:00 - 000000000 ____D C:\Users\User\Downloads\rechnungen
2021-01-05 11:38 - 2021-01-05 11:38 - 000064876 _____ C:\Users\User\Downloads\157_2016-09-30_WELT_22.pdf
2021-01-05 11:32 - 2021-01-05 11:32 - 000064897 _____ C:\Users\User\Downloads\247_2018-09-28_ITKF_4.pdf
2021-01-05 11:28 - 2021-01-05 11:28 - 000064906 _____ C:\Users\User\Downloads\184_2017-02-01_READ_16.pdf
2021-01-05 11:24 - 2021-01-05 11:24 - 000064909 _____ C:\Users\User\Downloads\280_2019-10-30_NEWM_51.pdf
2021-01-05 11:17 - 2021-01-05 11:17 - 001024406 _____ C:\Users\User\Downloads\40_2015-09-26_ANSA_6 (1).psd
2021-01-05 11:14 - 2021-01-05 11:14 - 000064889 _____ C:\Users\User\Downloads\40_2015-09-26_ANSA_6 (1).pdf
2021-01-05 11:13 - 2021-01-05 11:13 - 000064889 _____ C:\Users\User\Downloads\40_2015-09-26_ANSA_6.pdf
2021-01-05 11:09 - 2021-01-05 11:09 - 000064884 _____ C:\Users\User\Downloads\272_2019-08-27_COAC_50 (1).pdf
2021-01-05 11:04 - 2021-01-05 12:12 - 001683574 _____ C:\Users\User\Downloads\200610_Reyes_Vertrag-1.psd
2021-01-05 10:56 - 2021-01-05 10:56 - 000257887 _____ C:\Users\User\Downloads\200610_Reyes_Vertrag.pdf
2021-01-05 10:50 - 2021-01-05 10:50 - 000064910 _____ C:\Users\User\Downloads\305_2020-07-06_ABOU_42 (2).pdf
2021-01-05 10:49 - 2021-01-05 10:49 - 000064916 _____ C:\Users\User\Downloads\305_2020-07-06_ABOU_42 (1).pdf
2021-01-05 10:47 - 2021-01-05 10:47 - 000064910 _____ C:\Users\User\Downloads\305_2020-07-06_ABOU_42.pdf
2021-01-05 10:29 - 2021-01-05 10:29 - 000065385 _____ C:\Users\User\Downloads\2020-08-10001_2020-08-27__10050.pdf
2021-01-04 16:18 - 2021-01-04 16:18 - 000064882 _____ C:\Users\User\Downloads\272_2019-08-27_COAC_50.pdf
2021-01-04 15:33 - 2021-01-04 15:33 - 003117804 _____ C:\Users\User\Downloads\Rahmenvereinbarung Jorge Reyes vom 19.02.2018_beidseitig unterschrieben.pdf
2021-01-04 15:17 - 2021-01-05 10:46 - 000850875 _____ C:\Users\User\Downloads\323_2020-12-17_ANNA_58.pdf
2021-01-04 15:14 - 2021-01-04 15:14 - 000203812 _____ C:\Users\User\Downloads\Integral Coaching Vertrag.pdf
2021-01-04 14:32 - 2021-01-04 14:32 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-12-23 03:15 - 2020-12-27 06:17 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2020-12-21 11:56 - 2020-12-21 11:56 - 000301928 _____ C:\Users\User\Downloads\seitenstand_datenblatt.pdf
2020-12-19 17:23 - 2020-12-19 17:23 - 000065515 _____ C:\Users\User\Downloads\image4.jpeg
2020-12-19 17:23 - 2020-12-19 17:23 - 000052836 _____ C:\Users\User\Downloads\image2.jpeg
2020-12-19 17:23 - 2020-12-19 17:23 - 000050416 _____ C:\Users\User\Downloads\image3.jpeg
2020-12-19 17:22 - 2020-12-19 17:22 - 000043948 _____ C:\Users\User\Downloads\image1.jpeg
2020-12-19 17:22 - 2020-12-19 17:22 - 000041869 _____ C:\Users\User\Downloads\image0.jpeg
2020-12-19 11:17 - 2020-12-19 11:37 - 041066802 _____ C:\Users\User\Downloads\tcihd01-intro-ntrl-cnvstnl-trnc.zip
2020-12-18 11:18 - 2020-12-18 11:18 - 001818472 _____ C:\Users\User\Downloads\ILP Prospekt 2016.pdf
2020-12-17 12:50 - 2020-12-17 12:50 - 000064896 _____ C:\Users\User\Downloads\323_2020-12-17_JOCH_58.pdf
2020-12-16 18:51 - 2020-12-16 18:51 - 001669308 _____ C:\Windows\Minidump\121620-7859-01.dmp
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-01-15 11:44 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-15 11:09 - 2020-12-10 10:02 - 000000000 ____D C:\Users\User\AppData\Roaming\discord
2021-01-15 10:00 - 2020-10-06 22:26 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-01-14 12:25 - 2020-10-06 22:42 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-14 10:42 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-14 10:42 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\AppReadiness
2021-01-14 03:17 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF
2021-01-13 19:12 - 2020-10-06 22:31 - 001632524 _____ C:\Windows\system32\PerfStringBackup.INI
2021-01-13 19:12 - 2019-03-19 13:16 - 000706236 _____ C:\Windows\system32\perfh007.dat
2021-01-13 19:12 - 2019-03-19 13:16 - 000142432 _____ C:\Windows\system32\perfc007.dat
2021-01-13 19:07 - 2020-10-29 09:07 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-13 19:07 - 2020-10-08 17:41 - 000000000 ___RD C:\Users\User\Creative Cloud Files
2021-01-13 19:06 - 2020-12-10 14:11 - 000000000 ____D C:\Users\User\AppData\Roaming\Mattermost
2021-01-13 19:06 - 2020-10-29 09:07 - 000000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2021-01-13 19:06 - 2020-10-29 09:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-13 19:06 - 2020-10-08 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-13 19:06 - 2020-10-08 16:27 - 000000000 ____D C:\Program Files\Microsoft Office
2021-01-13 19:06 - 2020-10-06 22:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-13 19:06 - 2020-10-06 22:27 - 000000000 ___RD C:\Users\User\3D Objects
2021-01-13 19:06 - 2020-10-06 22:26 - 000439216 _____ C:\Windows\system32\FNTCACHE.DAT
2021-01-13 19:06 - 2020-10-06 22:26 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-01-13 19:06 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2021-01-13 19:05 - 2020-10-16 10:04 - 000000000 ____D C:\Users\User\AppData\Roaming\Evernote
2021-01-13 19:05 - 2019-03-19 13:19 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-13 19:05 - 2019-03-19 13:19 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-13 19:05 - 2019-03-19 13:19 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\SysWOW64\F12
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\system32\UNP
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\system32\F12
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ___RD C:\Windows\PrintDialog
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\Com
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SystemResources
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\setup
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\oobe
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\migwiz
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\Dism
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\Com
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellExperiences
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellComponents
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\Provisioning
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\IME
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\bcastdvr
2021-01-13 19:05 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-13 19:05 - 2019-03-19 05:37 - 000524288 _____ C:\Windows\system32\config\BBI
2021-01-13 05:33 - 2019-03-19 05:37 - 000000000 ____D C:\Windows\CbsTemp
2021-01-13 05:32 - 2020-10-08 23:20 - 000000000 ____D C:\Windows\system32\MRT
2021-01-13 05:31 - 2020-10-08 23:20 - 135062968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-01-13 05:29 - 2020-10-06 22:27 - 002877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2021-01-12 15:08 - 2020-10-06 22:27 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2021-01-12 08:46 - 2020-10-08 17:32 - 000000000 ____D C:\Program Files\Adobe
2021-01-12 03:57 - 2020-10-16 18:11 - 000003700 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-12 03:57 - 2020-10-16 18:11 - 000003576 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-12 00:54 - 2020-10-08 16:19 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-12 00:54 - 2020-10-08 16:19 - 000002198 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-12 00:54 - 2020-10-08 16:19 - 000002198 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-01-11 12:26 - 2020-10-29 09:07 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-11 09:53 - 2020-11-09 17:12 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
2021-01-11 09:53 - 2020-11-09 17:12 - 000000000 ____D C:\Users\User\AppData\Local\MicrosoftAdvertisingEditor
2021-01-09 14:58 - 2020-10-16 18:11 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-09 14:58 - 2020-10-16 18:11 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-09 14:58 - 2020-10-16 18:11 - 000002274 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-01-04 14:32 - 2020-10-16 08:53 - 000000000 ____D C:\Users\User\AppData\Roaming\Zoom
2020-12-28 08:20 - 2019-03-19 05:37 - 000000000 ____D C:\Windows\servicing
2020-12-21 15:06 - 2020-10-16 15:17 - 000000000 ____D C:\Users\User\AppData\Roaming\Google
2020-12-19 17:20 - 2020-10-16 10:04 - 000000000 ____D C:\Users\User\AppData\Local\evernote-client-updater
2020-12-16 18:51 - 2020-10-20 15:19 - 1920173905 _____ C:\Windows\MEMORY.DMP
2020-12-16 18:51 - 2020-10-06 22:27 - 000000000 ____D C:\Windows\minidump
2020-12-16 16:10 - 2020-12-15 17:13 - 000000000 ____D C:\Users\User\Downloads\IGOR
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-10-08 18:02 - 2020-10-08 18:02 - 000000000 _____ () C:\Users\User\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Geändert von cosinus (18.01.2021 um 11:13 Uhr) Grund: code tags |
| Themen zu Windows 10 Murofet weekly - laut Telekom PC betroffen - |
| administrator, adobe, dateien, defender, explorer, firefox, geforce, google, ics, internet, microsoft, mozilla, nvcontainer.exe, nvidia, ordner, prozesse, realtek, registry, router, scan, setup, software, system32, treiber, trojaner, windows |
Baum-Darstellung