Nach OpenOffice Update Start des Google Chrome Browsers mit www.1online/?w=RD1919 und about:blank

Joha22 · 06.08.2021, 00:21

Der Rechner läuft eigentlich gut, jetzt ohne www.1online

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 03-08-2021
durchgeführt von joreu (Administrator) auf LAPTOP-M93ISQU4 (LENOVO 80NT) (06-08-2021 01:11:59)
Gestartet von C:\Users\joreu\Downloads
Geladene Profile: joreu
Platform: Windows 10 Home Version 20H2 19042.1110 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

() [Datei ist nicht signiert] C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
() [Datei ist nicht signiert] C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
() [Datei ist nicht signiert] C:\SSLVPN CLIENT\SvpnAgent.exe
() [Datei ist nicht signiert] C:\SSLVPN CLIENT\SvpnService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Blue Jeans Network, Inc. -> BlueJeans) C:\Users\joreu\AppData\Local\BlueJeans\current\BlueJeans.Detector.exe <2>
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(geek software GmbH -> geek software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Hang Zhou H3C Technologies Co., Ltd. -> H3C Technologies Co., Limited) C:\Program Files (x86)\iNode\iNode Client\iNodeImg.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxEM.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseInfo.exe
(Intel(R) Software Development Products -> Intel(R) Corporation) C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> ) C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.62\identity_helper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SensorDataService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(New H3C Technologies Co., Ltd. -> ) C:\Program Files (x86)\iNode\iNode Client\iNodeCmn.exe
(New H3C Technologies Co., Ltd. -> ) C:\Program Files (x86)\iNode\iNode Client\iNodeMon.exe
(New H3C Technologies Co., Ltd. -> ) C:\Program Files (x86)\iNode\iNode Client\iNodeSec.exe
(New H3C Technologies Co., Ltd. -> ) C:\Program Files (x86)\iNode\iNode Client\iNodeSslvpn.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SHANGHAI BEST ORAY INFORMATION TECHNOLOGY CO., LTD. -> Shanghai Best Oray Information Technology Co., Ltd.) C:\Program Files (x86)\Oray\SunLogin\SunloginClient\SunloginClient.exe <2>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Tencent Technology(Shenzhen) Company Limited -> ) C:\Users\joreu\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\ThumbPlayer\3022\extracted\WeChatPlayer.exe
(Tencent Technology(Shenzhen) Company Limited -> ) C:\Users\joreu\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\XWeb\206\extracted\WechatBrowser.exe <5>
(Tencent Technology(Shenzhen) Company Limited -> Tencent) C:\Program Files (x86)\Tencent\WeChat\WeChat.exe
(Tencent Technology(Shenzhen) Company Limited -> The Tencent Authors) C:\Users\joreu\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\XWeb\206\extracted\WeChatApp.exe
(TimeCamp S.A. -> ) C:\Users\joreu\AppData\Local\TimeCamp\reshost.exe
(TimeCamp S.A. -> TimeCamp S.A.) C:\Users\joreu\AppData\Local\TimeCamp\TimeCamp.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16404224 2015-10-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-10-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-10-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-10-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-12-09] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [628736 2015-06-16] () [Datei ist nicht signiert]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3937448 2015-08-11] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1027472 2015-12-23] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM-x32\...\Run: [Intel(R) RealSense(TM) SDK info server] => C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseInfo.exe [21144 2015-10-15] (Intel(R) Software Development Products -> Intel Corporation)
HKLM-x32\...\Run: [SunloginClient] => "C:\Program Files (x86)\Oray\SunLogin\SunloginClient\SunloginClient.exe" --cmd=autorun
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
HKU\S-1-5-21-2195592823-2369997380-2430910645-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-05-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2195592823-2369997380-2430910645-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2019-05-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2195592823-2369997380-2430910645-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-05-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2195592823-2369997380-2430910645-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\joreu\AppData\Local\Microsoft\Teams\Update.exe [1790192 2019-08-06] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2195592823-2369997380-2430910645-1001\...\Run: [EPSON BX300F Series (Kopie 1)] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIEJE.EXE [221696 2008-01-22] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2195592823-2369997380-2430910645-1001\...\Run: [EPSON BX300F Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIEJE.EXE [221696 2008-01-22] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2195592823-2369997380-2430910645-1001\...\Run: [EPSON Stylus Office BX300F] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIEJE.EXE [221696 2008-01-22] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2195592823-2369997380-2430910645-1001\...\Run: [BlueJeans.Detector] => C:\Users\joreu\AppData\Local\BlueJeans\BlueJeans.Detector.exe [203752 2021-02-23] (Blue Jeans Network, Inc. -> BlueJeans)
HKU\S-1-5-21-2195592823-2369997380-2430910645-1001\...\Run: [TimeCamp] => C:\Users\joreu\AppData\Local\TimeCamp\TimeCamp.exe [8482464 2021-05-20] (TimeCamp S.A. -> TimeCamp S.A.)
HKU\S-1-5-21-2195592823-2369997380-2430910645-1001\...\Run: [MicrosoftEdgeAutoLaunch_EB2908B38F97DE609F43BB4CA8957071] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window /prefetch:5
HKLM\...\Windows x64\Print Processors\Canon MG5500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBU.DLL [30208 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpfpp70w: C:\Windows\System32\spool\prtprocs\x64\hpfpp70w.dll [249856 2009-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5500 series: C:\WINDOWS\system32\CNMLMBU.DLL [391168 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\EPSON BX300F Series 64MonitorBE: C:\WINDOWS\system32\E_ILMEJE.DLL [108032 2007-12-07] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\hpf3l70w.dll: C:\WINDOWS\system32\hpf3l70w.dll [136704 2009-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-05] (Google LLC -> Google LLC)
Startup: C:\Users\joreu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2019-09-09]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2A96F84E-BABB-48CA-ADF6-9BEF356BA8A6} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
Task: {35ABED79-AEFA-47F2-9398-9CC44486C2B3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3953096 2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {4090C83C-8850-4B80-80AB-3DBFBF6A4E34} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-09-01] (Google Inc -> Google Inc.)
Task: {49CC364A-D2DE-45F5-ADCD-B10B2263F2FE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124872 2021-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {95DF32B3-CA94-42F9-99C8-4ABDAC1F9066} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118120 2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E59F4E4-D202-4F19-A353-6807FC3E21C2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124872 2021-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {A5A933AA-EEE0-4CC8-8365-B12D74D68DBC} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-07-28] (Mozilla Corporation -> Mozilla Foundation)
Task: {AFD2758F-C7DA-467C-9D6C-86E5C5CAEAEB} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1123208 2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {B73B019E-326A-43EE-B100-F950B3B0F589} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3953096 2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C936A16C-F953-4FFF-8E58-A7F6D6116DDC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {D7F24B77-0440-4755-9569-CF59041D2DDF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-09-01] (Google Inc -> Google Inc.)
Task: {D8A3DA3D-4C4A-4999-8626-082F018A85EB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118120 2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {D98FA9BE-91F0-4A33-930D-8F7FFCE6B97B} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {FC66F1EF-984C-450B-BFEA-F32B9F1368C8} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4063344 2021-06-03] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{a502da50-bdfd-41d4-9cec-8833e06e5ae1}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{d9323f71-7971-4e76-a0ba-06c653e6443a}: [NameServer] 10.10.101.3,10.10.101.8
Tcpip\..\Interfaces\{e0973a06-e637-42d9-86a7-029ed97cb714}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{e4ef264c-f229-43ae-b83b-0b3b0cbbc3cd}: [DhcpNameServer] 192.168.178.1

Edge: 
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\joreu\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-06]
Edge HomePage: Default -> hxxp://lenovo15.msn.com/?pc=LCTE
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\joreu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-07-28]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: 172kxwgn.default
FF ProfilePath: C:\Users\joreu\AppData\Roaming\Mozilla\Firefox\Profiles\172kxwgn.default [2021-08-03]
FF ProfilePath: C:\Users\joreu\AppData\Roaming\Mozilla\Firefox\Profiles\bvhd4f5v.default-release [2021-08-06]
FF Homepage: Mozilla\Firefox\Profiles\bvhd4f5v.default-release -> hxxps://www.google.com/
FF Extension: (Malwarebytes Browser Guard) - C:\Users\joreu\AppData\Roaming\Mozilla\Firefox\Profiles\bvhd4f5v.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-07-28]
FF HKLM\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi => nicht gefunden
FF Plugin-x32: @alipay.com/NPComBrg701,version=1.0.2011.701 -> C:\WINDOWS\system32\itruscert\NPComBrg701.dll [Keine Datei]
FF Plugin-x32: @cmbchina.com/npcmbedit -> C:\WINDOWS\system32\NPCMBEdit.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2195592823-2369997380-2430910645-1001: @alibaba.com/npAliSSOLogin;version=1.0 -> C:\Program Files (x86)\AliWangWang\8.60.03C\npAliSSOLogin.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2195592823-2369997380-2430910645-1001: @alibaba.com/npwangwang;version=1.0 -> C:\Program Files (x86)\AliWangWang\8.60.03C\npwangwang.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2195592823-2369997380-2430910645-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\joreu\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2195592823-2369997380-2430910645-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\joreu\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\joreu\AppData\Local\Google\Chrome\User Data\Default [2021-08-06]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://ecosia.org/"
CHR Extension: (Präsentationen) - C:\Users\joreu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Docs) - C:\Users\joreu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\joreu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\joreu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-01]
CHR Extension: (Tabellen) - C:\Users\joreu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Google Docs Offline) - C:\Users\joreu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-25]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\joreu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-07-27]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\joreu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Google Mail) - C:\Users\joreu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\joreu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-23]
CHR Profile: C:\Users\joreu\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-08-03]
CHR Profile: C:\Users\joreu\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-08-03]
CHR Extension: (Präsentationen) - C:\Users\joreu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-01]
CHR Extension: (Kaspersky Protection) - C:\Users\joreu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-07-01]
CHR Extension: (Docs) - C:\Users\joreu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-07-01]
CHR Extension: (YouTube) - C:\Users\joreu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-07-01]
CHR Extension: (Tabellen) - C:\Users\joreu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-01]
CHR Extension: (Google Docs Offline) - C:\Users\joreu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-01]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\joreu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-01]
CHR Extension: (Google Mail) - C:\Users\joreu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-07-01]
CHR Extension: (Chrome Media Router) - C:\Users\joreu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-01]
CHR Profile: C:\Users\joreu\AppData\Local\Google\Chrome\User Data\System Profile [2021-08-03]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279784 2021-07-02] (Microsoft Corporation -> Microsoft Corporation)
R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [176640 2015-09-15] () [Datei ist nicht signiert]
S4 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (LENOVO -> Lenovo)
R2 INODE_SVR_SERVICE; C:\Program Files (x86)\iNode\iNode Client\iNodeMon.exe [85344 2019-11-01] (New H3C Technologies Co., Ltd. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-07-27] (Malwarebytes Inc -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
S4 OpenVPNService; C:\Program Files (x86)\PureVPN\bin\openvpnserv.exe [31872 2016-05-19] (GZ Systems Limited -> The OpenVPN Project)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 RealSenseDCM; C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe [3663512 2015-10-15] (Intel(R) Software Development Products -> Intel(R) Corporation)
S2 SpSvc; C:\MobileEmuMaster\Utils\SpSvc.dll [430592 2019-03-04] (Beijing Qihu Technology Co., Ltd. -> )
R2 SunloginService; C:\Program Files (x86)\Oray\SunLogin\SunloginClient\SunloginClient.exe [7466440 2020-03-23] (SHANGHAI BEST ORAY INFORMATION TECHNOLOGY CO., LTD. -> Shanghai Best Oray Information Technology Co., Ltd.)
R2 SvpnService; C:\SSLVPN CLIENT\SvpnService.exe [71168 2019-04-19] () [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13206544 2020-03-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 CCSDK; "C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe" [X]
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
S3 WemeetUpdateSvc; "C:\Program Files (x86)\Tencent\UpdateSvr\WemeetUpdateSvc.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-07-27] (Malwarebytes Inc -> Malwarebytes)
R3 IXCamera; C:\WINDOWS\system32\DRIVERS\RealSenseDCM.sys [72704 2015-10-14] (Intel(R) Software Development Products -> Intel(R) Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-07-27] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-07-27] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-08-05] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69016 2021-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-07-27] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-08-05] (Malwarebytes Inc -> Malwarebytes)
R3 NetVMini; C:\WINDOWS\System32\drivers\inodevnic.sys [24768 2019-10-15] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 PCASp50; C:\WINDOWS\System32\Drivers\PCASp50.sys [48616 2019-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Printing Communications Assoc., Inc. (PCAUSA))
R1 SpDrv; C:\MobileEmuMaster\Utils\SpDrv_amd64.sys [1313344 2020-03-30] (Chengdu Qilu Technology Co. Ltd. -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39040 2016-05-19] (GZ Systems Limited -> The OpenVPN Project)
S3 tpflhlp; C:\DRIVERS\FLASH\gduj22us\tpflhlp.sys [18128 2015-04-17] (LENOVO -> Lenovo Group Limited)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2015-12-23] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S3 vwhid; C:\WINDOWS\System32\drivers\vwhid.sys [27264 2015-11-23] (Benzle, Inc. -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2021-08-05] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [434424 2021-08-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-05] (Microsoft Windows -> Microsoft Corporation)
S3 AppleKmdfFilter; \SystemRoot\System32\drivers\AppleKmdfFilter.sys [X]
S3 AppleLowerFilter; \SystemRoot\System32\drivers\AppleLowerFilter.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-08-05 12:47 - 2021-08-05 12:47 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-08-05 12:47 - 2021-08-05 12:47 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-08-05 12:47 - 2021-08-05 12:47 - 000069016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-08-03 13:07 - 2021-08-03 13:09 - 000008498 _____ C:\Users\joreu\Downloads\Fixlog.txt
2021-08-03 00:54 - 2021-08-03 00:54 - 000048031 _____ C:\Users\joreu\Downloads\FRST (3).txt
2021-08-03 00:27 - 2021-08-03 13:07 - 000000000 ____D C:\Users\joreu\Downloads\FRST-OlderVersion
2021-08-02 23:43 - 2021-08-02 23:43 - 000001422 _____ C:\Users\joreu\Desktop\MBAM.txt
2021-07-29 23:36 - 2021-07-29 23:36 - 000147251 _____ C:\Users\joreu\Downloads\Jo_Reu_CV (5).pdf
2021-07-28 11:51 - 2021-07-28 11:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-07-27 22:33 - 2021-07-27 22:34 - 000000000 ____D C:\Users\joreu\AppData\Roaming\WhatsApp
2021-07-27 22:33 - 2021-07-27 22:33 - 000002208 _____ C:\Users\joreu\Desktop\WhatsApp.lnk
2021-07-27 22:33 - 2021-07-27 22:33 - 000000000 ____D C:\Users\joreu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2021-07-27 22:32 - 2021-07-27 22:33 - 000000000 ____D C:\Users\joreu\AppData\Local\WhatsApp
2021-07-27 22:32 - 2021-07-27 22:32 - 000000000 ____D C:\Users\joreu\AppData\Local\Tencent
2021-07-27 22:31 - 2021-07-27 22:31 - 000001185 _____ C:\Users\Public\Desktop\WeChat.lnk
2021-07-27 22:30 - 2021-07-28 11:14 - 000000000 ____D C:\Users\joreu\AppData\Roaming\Tencent
2021-07-27 22:29 - 2021-07-27 22:31 - 000000000 ____D C:\Program Files (x86)\Tencent
2021-07-27 21:47 - 2021-07-27 21:47 - 000001529 _____ C:\Users\joreu\Downloads\MBAM (3).txt
2021-07-27 21:20 - 2021-07-27 21:20 - 000001529 _____ C:\Users\joreu\Downloads\MBAM (2).txt
2021-07-27 21:19 - 2021-07-27 21:19 - 000006533 _____ C:\Users\joreu\Downloads\MBAM (1).txt
2021-07-27 21:17 - 2021-07-27 21:17 - 000006533 _____ C:\Users\joreu\Downloads\MBAM.txt
2021-07-27 20:42 - 2021-08-06 00:55 - 000000000 ____D C:\Users\joreu\AppData\LocalLow\IGDump
2021-07-27 20:37 - 2021-07-27 20:37 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-07-27 20:37 - 2021-07-27 20:37 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-07-27 20:37 - 2021-07-27 20:37 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-07-27 20:37 - 2021-07-27 20:37 - 000002028 _____ C:\Users\joreu\Desktop\Malwarebytes.lnk
2021-07-27 20:37 - 2021-07-27 20:37 - 000000000 ____D C:\Users\joreu\AppData\Local\mbam
2021-07-27 20:36 - 2021-07-27 20:36 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-07-27 20:36 - 2021-07-27 20:36 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-07-27 20:36 - 2021-07-27 20:36 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-07-27 20:34 - 2021-07-27 20:34 - 000000000 ____D C:\Program Files\Malwarebytes
2021-07-27 20:33 - 2021-07-27 20:33 - 002092128 _____ (Malwarebytes) C:\Users\joreu\Downloads\MBSetup.exe
2021-07-27 20:12 - 2021-07-27 20:17 - 000000000 ____D C:\AdwCleaner
2021-07-27 20:11 - 2021-07-27 20:12 - 008553680 _____ (Malwarebytes) C:\Users\joreu\Downloads\adwcleaner_8.3.0.exe
2021-07-27 12:05 - 2021-07-29 11:40 - 000010700 _____ C:\Users\joreu\Desktop\(1).xlsx
2021-07-24 23:27 - 2021-07-24 23:27 - 000053499 _____ C:\Users\joreu\Downloads\FRST (2).txt
2021-07-24 23:22 - 2021-07-24 23:27 - 000053499 _____ C:\Users\joreu\Downloads\FRST (1).txt
2021-07-24 23:19 - 2021-07-24 23:19 - 000054715 _____ C:\Users\joreu\Downloads\Addition (1).txt
2021-07-24 15:25 - 2021-07-24 15:25 - 000270863 _____ C:\Users\joreu\Downloads\Shortcut.txt
2021-07-24 15:22 - 2021-08-03 00:31 - 000051717 _____ C:\Users\joreu\Downloads\Addition.txt
2021-07-24 15:18 - 2021-08-06 01:12 - 000030054 _____ C:\Users\joreu\Downloads\FRST.txt
2021-07-24 15:16 - 2021-08-06 01:12 - 000000000 ____D C:\FRST
2021-07-24 15:16 - 2021-08-03 13:07 - 002300416 _____ (Farbar) C:\Users\joreu\Downloads\FRST64.exe
2021-07-22 14:32 - 2021-07-22 14:32 - 000070657 _____ C:\Users\joreu\Downloads\fragebogen-zum-kapitalanlagebetrug072021-0f8.pdf
2021-07-19 09:34 - 2021-07-19 09:34 - 001328376 _____ C:\WINDOWS\system32\FaceTrackerInternal.dll
2021-07-19 09:34 - 2021-07-19 09:34 - 001324032 _____ C:\WINDOWS\system32\FaceProcessor.dll
2021-07-19 09:34 - 2021-07-19 09:34 - 000512864 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2021-07-19 09:34 - 2021-07-19 09:34 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-19 09:34 - 2021-07-19 09:34 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-19 09:34 - 2021-07-19 09:34 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-19 09:34 - 2021-07-19 09:34 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-19 09:34 - 2021-07-19 09:34 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-19 09:33 - 2021-07-19 09:33 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-12 12:16 - 2021-07-12 12:16 - 000147279 _____ C:\Users\joreu\Downloads\Jo_Reu_CV (2).pdf
2021-07-12 12:16 - 2021-07-12 12:16 - 000147279 _____ C:\Users\joreu\Downloads\Jo_Reu_CV (1).pdf
2021-07-12 12:16 - 2021-07-12 12:16 - 000147266 _____ C:\Users\joreu\Downloads\Jo_Reu_CV (4).pdf
2021-07-12 12:16 - 2021-07-12 12:16 - 000147266 _____ C:\Users\joreu\Downloads\Jo_Reu_CV (3).pdf
2021-07-12 12:15 - 2021-07-12 12:15 - 000147279 _____ C:\Users\joreu\Downloads\Jo_Reu_CV.pdf
2021-07-07 14:32 - 2021-07-07 14:32 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-07 14:32 - 2021-07-07 14:32 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-07 14:32 - 2021-07-07 14:32 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-07 14:32 - 2021-07-07 14:32 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-07 14:31 - 2021-07-07 14:31 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-07 14:31 - 2021-07-07 14:31 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-07 14:31 - 2021-07-07 14:31 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-07 14:31 - 2021-07-07 14:31 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-07 14:31 - 2021-07-07 14:31 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-07 14:31 - 2021-07-07 14:31 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-08-06 01:13 - 2021-06-23 15:08 - 000000000 ____D C:\Users\joreu\AppData\Local\TimeCamp
2021-08-06 01:11 - 2021-06-25 10:55 - 000000000 ____D C:\Users\joreu\AppData\LocalLow\Mozilla
2021-08-06 01:11 - 2021-06-25 10:55 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-06 00:45 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-06 00:37 - 2021-03-15 23:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-06 00:28 - 2016-09-01 14:20 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-05 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-08-05 17:14 - 2020-03-27 09:57 - 000000000 ____D C:\Users\joreu\Documents\WeChat Files
2021-08-05 13:37 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-05 13:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-05 12:54 - 2021-03-15 23:53 - 003204668 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-05 12:54 - 2021-03-15 23:14 - 000776986 _____ C:\WINDOWS\system32\perfh00A.dat
2021-08-05 12:54 - 2021-03-15 23:14 - 000155116 _____ C:\WINDOWS\system32\perfc00A.dat
2021-08-05 12:54 - 2021-03-15 23:12 - 000416872 _____ C:\WINDOWS\system32\prfh0804.dat
2021-08-05 12:54 - 2021-03-15 23:12 - 000132580 _____ C:\WINDOWS\system32\prfc0804.dat
2021-08-05 12:54 - 2019-12-07 16:50 - 000744794 _____ C:\WINDOWS\system32\perfh007.dat
2021-08-05 12:54 - 2019-12-07 16:50 - 000150180 _____ C:\WINDOWS\system32\perfc007.dat
2021-08-05 12:54 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-05 12:49 - 2018-06-05 23:19 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-05 12:47 - 2021-03-15 23:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-05 12:47 - 2021-03-15 23:41 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-05 12:47 - 2020-03-20 11:20 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-08-05 12:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-08-05 12:47 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-05 12:47 - 2016-09-01 12:13 - 000000000 __SHD C:\Users\joreu\IntelGraphicsProfiles
2021-08-05 11:12 - 2016-09-01 14:21 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-05 11:12 - 2016-09-01 14:21 - 000002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-08-05 11:11 - 2018-11-21 18:09 - 000000000 ____D C:\Users\joreu\AppData\Roaming\Foxmail7
2021-08-05 11:11 - 2016-09-01 14:12 - 000000000 ____D C:\Users\joreu\Desktop\Jo
2021-08-04 22:23 - 2021-03-15 23:57 - 000003632 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-04 22:23 - 2021-03-15 23:57 - 000003508 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-04 21:58 - 2017-06-19 21:54 - 000000000 ____D C:\Users\joreu\AppData\LocalLow\MSLiveStickerWhiteList
2021-08-04 20:03 - 2020-03-27 09:58 - 000000000 ____D C:\Users\joreu\AppData\Local\xwalk
2021-08-03 13:08 - 2016-09-02 09:53 - 000000000 ____D C:\Users\joreu\AppData\LocalLow\Temp
2021-08-02 12:49 - 2020-03-24 14:44 - 000000000 ____D C:\Users\joreu\iNodeClient
2021-08-02 11:27 - 2021-04-26 21:10 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d719e4f1bff616
2021-08-02 11:27 - 2021-03-15 23:57 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-31 20:44 - 2020-08-14 10:41 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-31 20:44 - 2020-08-14 10:41 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-07-30 00:03 - 2019-03-04 20:55 - 000000000 ____D C:\Users\joreu\Desktop\CA
2021-07-29 12:00 - 2021-06-25 10:55 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-07-29 12:00 - 2021-06-25 10:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-07-28 13:52 - 2017-12-11 20:55 - 000000000 ____D C:\Users\joreu\AppData\Local\Packages
2021-07-28 11:51 - 2021-06-25 10:55 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-07-27 22:33 - 2019-08-06 17:51 - 000000000 ____D C:\Users\joreu\AppData\Local\SquirrelTemp
2021-07-27 22:30 - 2020-04-22 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
2021-07-27 21:14 - 2017-05-05 17:10 - 000000000 ____D C:\Program Files (x86)\ScreenShot
2021-07-27 20:37 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-07-27 20:17 - 2021-03-15 23:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-07-27 20:17 - 2020-03-13 20:01 - 000000000 ____D C:\WINDOWS\Lenovo
2021-07-27 20:17 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-07-27 20:17 - 2016-09-01 12:14 - 000000000 ____D C:\Users\joreu\AppData\Local\Lenovo
2021-07-27 20:17 - 2016-04-19 14:06 - 000000000 ____D C:\ProgramData\Lenovo
2021-07-27 20:17 - 2016-04-19 14:02 - 000000000 ____D C:\Program Files (x86)\Lenovo
2021-07-27 20:08 - 2017-07-13 13:54 - 000000000 ____D C:\Program Files (x86)\HP
2021-07-27 20:08 - 2017-07-07 13:19 - 000000000 ____D C:\ProgramData\HP
2021-07-27 20:00 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-07-27 20:00 - 2016-10-04 11:19 - 000000000 ____D C:\Program Files\Common Files\AV
2021-07-26 21:48 - 2021-03-15 23:41 - 000473336 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-26 21:47 - 2016-11-16 16:36 - 000524110 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-07-26 21:46 - 2016-04-19 14:03 - 000000000 ____D C:\Program Files\Lenovo
2021-07-26 21:45 - 2016-09-06 16:12 - 000000000 ____D C:\Users\joreu\AppData\Roaming\CyberLink
2021-07-26 21:45 - 2016-04-19 14:04 - 000000000 ____D C:\ProgramData\CyberLink
2021-07-26 21:45 - 2016-04-19 14:03 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-07-26 21:45 - 2016-04-19 14:02 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2021-07-26 21:44 - 2021-03-15 23:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\CyberLink
2021-07-26 21:44 - 2017-01-29 14:25 - 000000000 ____D C:\ProgramData\install_backup
2021-07-26 21:44 - 2016-04-19 14:03 - 000000000 ____D C:\ProgramData\SUPPORTDIR
2021-07-26 13:02 - 2016-09-20 16:17 - 000000000 ____D C:\ProgramData\purevpn
2021-07-26 11:50 - 2021-03-15 23:57 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2195592823-2369997380-2430910645-1001
2021-07-26 11:50 - 2021-03-15 23:43 - 000002406 _____ C:\Users\joreu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-26 11:50 - 2016-09-01 12:15 - 000000000 ___RD C:\Users\joreu\OneDrive
2021-07-19 11:23 - 2016-04-19 14:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-07-19 09:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-19 09:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-19 09:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-19 09:37 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-19 09:36 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-19 09:24 - 2021-03-14 16:21 - 000000000 ___HD C:\$WinREAgent
2021-07-14 15:21 - 2017-02-07 15:42 - 000000000 ____D C:\Users\joreu\Documents\Outlook-Dateien
2021-07-14 14:58 - 2016-09-01 14:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-14 14:54 - 2016-09-01 14:31 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-07 23:41 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-07 23:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-07 23:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-07 23:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-07 23:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-07 23:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-07 23:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-07 23:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2018-05-31 14:55 - 2018-11-05 14:30 - 000000130 _____ () C:\Users\joreu\AppData\Roaming\WB.CFG
2020-03-27 09:58 - 2020-03-27 09:58 - 000045056 _____ () C:\Users\joreu\AppData\Roaming\Web Data
2020-03-27 09:58 - 2020-03-27 09:58 - 000000000 _____ () C:\Users\joreu\AppData\Roaming\Web Data-journal
2018-09-12 07:58 - 2018-09-12 07:58 - 000000000 _____ () C:\Users\joreu\AppData\Local\BIT69F0.tmp
2018-09-12 07:58 - 2018-09-12 07:58 - 000000000 _____ () C:\Users\joreu\AppData\Local\BIT6A10.tmp
2019-05-29 23:43 - 2019-05-29 23:43 - 000000458 _____ () C:\Users\joreu\AppData\Local\Tempcheckcoverage_cookie.txt
2018-07-13 19:13 - 2018-07-13 19:13 - 000000000 _____ () C:\Users\joreu\AppData\Local\{6D12048C-2559-4955-9D77-69DD31716E30}
2018-09-02 14:14 - 2018-09-02 14:14 - 000000000 _____ () C:\Users\joreu\AppData\Local\{9E3DE8AD-FA96-4916-A27A-24430EABDDC1}
2018-10-13 16:02 - 2018-10-13 16:02 - 000000000 _____ () C:\Users\joreu\AppData\Local\{B30C506F-2A34-4307-8C65-C7F9524315F5}
2017-03-16 18:12 - 2017-03-16 18:12 - 000000000 _____ () C:\Users\joreu\AppData\Local\{FE3D43CE-EF8A-4E6E-894D-DF1BDCE0FFB3}

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

Nach OpenOffice Update Start des Google Chrome Browsers mit www.1online/?w=RD1919 und about:blank

Plagegeister aller Art und deren Bekämpfung: Nach OpenOffice Update Start des Google Chrome Browsers mit www.1online/?w=RD1919 und about:blank

Nach OpenOffice Update Start des Google Chrome Browsers mit www.1online/?w=RD1919 und about:blank

Ähnliche Themen: Nach OpenOffice Update Start des Google Chrome Browsers mit www.1online/?w=RD1919 und about:blank