Code:
Alles auswählen Aufklappen ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 26.02.2024 01
durchgeführt von josch (Administrator) auf LAPTOP-3GFCL20G (LENOVO 21B3000LGE) (27-02-2024 15:20:36)
Gestartet von C:\Users\josch\OneDrive\Dokumente\FRST_160224\FRST64.exe
Geladene Profile: josch
Plattform: Microsoft Windows 11 Pro Version 23H2 22631.3155 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Acrobat DC\Acrobat\Adobe Crash Processor.exe
(C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe <8>
(C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe <2>
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.170.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe <6>
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco Secure Client\UI\csc_ui.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_e75a3d1c39bebe3f\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(DriverStore\FileRepository\fn.inf_amd64_341d0836121cf573\driver\tphkload.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\FNF910~1.INF\driver\shtctky.exe
(DriverStore\FileRepository\fn.inf_amd64_341d0836121cf573\driver\tphkload.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\FNF910~1.INF\driver\tposd.exe
(DriverStore\FileRepository\icst_service.inf_amd64_d30bd471ed01a230\intel_cst_service_standalone.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\icst_service.inf_amd64_d30bd471ed01a230\intel_cst_helper_service.exe
(DriverStore\FileRepository\ipf_cpu.inf_amd64_a232fd65d8604eb5\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_a232fd65d8604eb5\ipf_helper.exe
(EPDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\EPDCtrl.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <15>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(explorer.exe ->) (ownCloud GmbH -> ) C:\Program Files\sciebo\sciebo.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco Secure Client\vpnagent.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_e75a3d1c39bebe3f\DAX3API.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\fusion_swc_aposvc.inf_amd64_98e9a381707712c6\FusionAPI.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\EPDService.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_3befaa646f991169\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_fe21a1d446afa67d\ipfsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\icst_service.inf_amd64_d30bd471ed01a230\intel_cst_service_standalone.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_a232fd65d8604eb5\ipf_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_f3c201b4c28c14d0\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\TbtP2pShortcutService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_341d0836121cf573\driver\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_7b52940a5893ba07\x64\ibmpmsvc.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lnvvsndmft.inf_amd64_a1a974b0994de01d\LenovoVisionService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\smartstandbycomponent.inf_amd64_1a7a38fb4d407c19\SmartStandby.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\DriverStore\FileRepository\litsdrv.inf_amd64_4eda545e0ed970d1\LITSSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_4e93878658043b21\OneApp.IGCC.WinService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a35f9c28ba2a1841\IntelCpHDCPSvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_2a86f979b6e5b8bf\RtkAudUService64.exe <3>
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated.) C:\Windows\System32\DriverStore\FileRepository\synawudfbiousbuwp.inf_amd64_b4553f061288fdeb\SynRpcServer.exe
(Slack Technologies, LLC -> Slack Technologies Inc.) C:\Users\josch\AppData\Local\slack\app-4.36.140\slack.exe <6>
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.170.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => "C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_47c1cbb90ce0f6e7\RtkAudUService64.exe" -background (Keine Datei)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [142222176 2023-04-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Cisco Secure Client] => C:\Program Files (x86)\Cisco\Cisco Secure Client\UI\csc_ui.exe [3051104 2023-04-10] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3505320915-1573090934-3906154687-1001\...\Run: [MicrosoftEdgeAutoLaunch_3CA18125895636413B6CE81FB2B3AFDF] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4067896 2024-02-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3505320915-1573090934-3906154687-1001\...\Run: [sciebo] => C:\Program Files\sciebo\sciebo.exe [2092272 2024-01-09] (ownCloud GmbH -> )
HKU\S-1-5-21-3505320915-1573090934-3906154687-1001\...\Run: [Grammarly] => C:\Users\josch\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.Desktop.exe [293984 2024-02-16] (Grammarly, Inc. -> Grammarly)
HKU\S-1-5-21-3505320915-1573090934-3906154687-1001\...\Run: [] => [X]
HKU\S-1-5-21-3505320915-1573090934-3906154687-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\josch\AppData\Local\slack\slack.exe [310576 2024-02-05] (Slack Technologies, LLC -> Slack Technologies Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\122.0.6261.70\Installer\chrmstp.exe [2024-02-27] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {E6A69B59-ADA3-4D09-8E62-446F32FD1731} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {6A6EAF1C-2FED-4FEE-802B-0EE5109EAFC6} - System32\Tasks\ArcGIS Pro Indexing (MicrosoftAccount_joscha.reiners@outlook.de) => C:\Program Files\ArcGIS\Pro\bin\ArcGISIndexingServer.exe [747096 2023-10-16] (Environmental Systems Research Institute, Inc. -> Esri)
Task: {75872278-44A0-488E-9C32-7FC4A1932D11} - System32\Tasks\GoogleUpdateTaskMachineCore{3CD978E8-E034-4861-91E1-B762F48B85BD} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-17] (Google LLC -> Google LLC)
Task: {9ABA66D5-F89A-49F8-8AA3-F11EF5434C44} - System32\Tasks\GoogleUpdateTaskMachineUA{EE0C899A-1FC2-4A61-954C-23E510D3A277} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-17] (Google LLC -> Google LLC)
Task: {3CFF953B-85D7-46D5-89E3-756095D04925} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {E1B46997-8519-4968-BAE6-35FBDE083E53} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {611EE837-3638-4AAA-B945-B9A379C2D266} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [102400 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {B5B98E4F-1CF5-40AE-A229-4FDC7C679483} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4c6b3dbb-60db-44a0-8110-78893b1f2813 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {2C5A323A-751A-4C62-B789-E02E74D61F9D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\691ffe14-9b1c-48bc-a19e-e5d0dc8d861a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {221D7E10-C4D8-4EC5-BB06-113DDF57C092} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\74be29b0-2a61-4ff1-97c0-5269b5ae17be => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {6675F258-DF5E-4220-9207-59B545EB9DF1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f7521769-2830-4d61-9243-8f2d5512bb0b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {366BC365-B367-4374-9934-A97AF296217B} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [129016 2022-12-04] (Lenovo -> Lenovo)
Task: {02B5A4D0-16E4-498D-BEB8-23EB0BE46C33} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [65016 2022-12-04] (Lenovo -> )
Task: {8AD46732-86FE-44B7-8AC0-99E3B8E8F4EF} - System32\Tasks\Lenovo\SmartStandby\Daily analysis => C:\WINDOWS\System32\DriverStore\FileRepository\smartstandbycomponent.inf_amd64_1a7a38fb4d407c19\AutonomicMgr.exe [74232 2023-02-03] (Lenovo -> )
Task: {466F7A73-F037-4A49-A0D7-A01986310003} - System32\Tasks\Lenovo\SmartStandby\Uninstall Monitor => C:\WINDOWS\system32\SmartStandbyInst.exe [43512 2023-02-03] (Lenovo -> )
Task: {F57C57FB-8841-4553-8DAE-12BB23347418} - System32\Tasks\Lenovo\UDC\Lenovo UDC Diagnostic Scan => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 210
Task: {366DC617-031A-48E5-9CCC-49403DB41BAD} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [90600 2023-11-02] (Lenovo -> Lenovo Group Ltd.)
Task: {7D7F3AA3-2E0A-4587-8DB4-725A8CD88919} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [185312 2023-11-02] (Lenovo -> Lenovo Group Ltd.)
Task: {9761EB1D-F455-4D4D-96DB-D535E6AEE5C8} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {FC8E0E7B-8376-4C85-90FE-822D23BDCFE9} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {9FD60B6B-5825-4666-B69B-A728B6C31000} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {91C68E03-8202-4067-8E4A-7912186A0E87} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {90F0DFC2-F27C-4674-BB67-C8660F349874} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425296 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {3B590472-1DE9-4CF0-BC8F-EB61767414EF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425296 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {773757BF-E47E-49BB-9FD9-D9EAD9AAFDD5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305712 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {E464131A-92AA-45BB-8C5F-DB0123F44493} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305712 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {03D8AC20-9504-4D6B-AED9-32C83CF456B0} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170048 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC858B43-2E42-4357-8343-B620303FAD13} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4434624 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Keine Datei)
Task: {11F25AFF-E469-4D13-AC1E-BB6063662A42} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (Keine Datei)
Task: {4F15A5F3-8249-4F8F-9063-268B44F1BBF2} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (Keine Datei)
Task: {FC55E2E5-1084-406B-BBCF-E0C02738ADB5} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (Keine Datei)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei)
Task: {85A42BD6-F609-4490-AB00-CC598D6E9719} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C5E81A28-3FE7-46B4-A3F8-05C7DB0EAA83} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0BB83CD2-E17A-4816-BF99-0EF4DFE7C9B3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {33E42B6C-DC58-47F0-BC10-0261E612EEB0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {398C2DBB-868F-48EA-A9CE-07B5B208D122} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-3505320915-1573090934-3906154687-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [65536 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {88D3075C-FDB1-48C2-890D-1FDEF30B8D7D} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_2a86f979b6e5b8bf\RtkAudUService64.exe [1659744 2023-06-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 134.95.127.1 134.95.9.74
Tcpip\..\Interfaces\{9838313c-715d-4267-b16a-c49cd66d196b}: [DhcpNameServer] 134.95.127.3 134.95.9.74
Tcpip\..\Interfaces\{9838313c-715d-4267-b16a-c49cd66d196b}: [DhcpDomain] wiso.ad.uni-koeln.de
Tcpip\..\Interfaces\{f5919d8c-e05b-4148-81c4-d31e444e2d3b}: [DhcpNameServer] 134.95.127.1 134.95.9.74
Tcpip\..\Interfaces\{f5919d8c-e05b-4148-81c4-d31e444e2d3b}: [DhcpDomain] wlan.uni-koeln.de
Tcpip\..\Interfaces\{f5919d8c-e05b-4148-81c4-d31e444e2d3b}\64259445A51224F687027353330302D455: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{f5919d8c-e05b-4148-81c4-d31e444e2d3b}\64259445A51224F687027353330302D455: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{f5919d8c-e05b-4148-81c4-d31e444e2d3b}\64259445A51224F687027353930302F424: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{f5919d8c-e05b-4148-81c4-d31e444e2d3b}\64259445A51224F687027353930302F424: [DhcpDomain] fritz.box
Edge:
=======
Edge Profile: C:\Users\josch\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-27]
Edge Extension: (Avira Password Manager) - C:\Users\josch\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2024-02-26]
Edge Extension: (Google Docs Offline) - C:\Users\josch\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-24]
Edge Extension: (Edge relevant text changes) - C:\Users\josch\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (Citavi Picker) - C:\Users\josch\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mielbhbkcliienpdicphhecpodcaeefg [2023-11-24]
Edge Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\josch\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2024-02-25]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
Edge HKLM-x32\...\Edge\Extension: [mielbhbkcliienpdicphhecpodcaeefg]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-01-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-02-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-01-26] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\josch\AppData\Local\Google\Chrome\User Data\Default [2024-02-27]
CHR Notifications: Default -> hxxps://pomofocus.io
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Avira Password Manager) - C:\Users\josch\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2024-02-26]
CHR Extension: (Avira Safe Shopping) - C:\Users\josch\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2024-02-26]
CHR Extension: (Adobe Acrobat: Tools zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\josch\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-23]
CHR Extension: (Google Docs Offline) - C:\Users\josch\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-27]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\josch\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-02-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\josch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-17]
CHR Extension: (Citavi Picker) - C:\Users\josch\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2023-11-24]
CHR Extension: (Sci-Hub X Now!) - C:\Users\josch\Downloads\sci-hub-now-master\sci-hub-now-master [2023-08-28]
CHR HKU\S-1-5-21-3505320915-1573090934-3906154687-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13779968 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
R2 csc_vpnagent; C:\Program Files (x86)\Cisco\Cisco Secure Client\vpnagent.exe [1224288 2023-06-06] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_e75a3d1c39bebe3f\DAX3API.exe [2363432 2023-05-18] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 DolbyFusionAPI; C:\WINDOWS\System32\DriverStore\FileRepository\fusion_swc_aposvc.inf_amd64_98e9a381707712c6\FusionAPI.exe [815608 2023-03-23] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 dptftcs; C:\WINDOWS\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_fe21a1d446afa67d\ipfsvc.exe [548528 2023-04-14] (Intel Corporation -> Intel Corporation)
R2 EPDService; C:\WINDOWS\System32\EPDService.exe [211528 2022-11-01] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.)
R2 IBMPMSVC; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_7b52940a5893ba07\x64\ibmpmsvc.exe [1031024 2023-06-20] (Lenovo -> Lenovo)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
S2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_5f98233769cf65a5\AS\IAS\IntelAudioService.exe [539992 2023-06-02] (Intel Corporation -> Intel)
R2 IntelCstService; C:\WINDOWS\System32\DriverStore\FileRepository\icst_service.inf_amd64_d30bd471ed01a230\intel_cst_service_standalone.exe [36019464 2022-07-14] (Intel Corporation -> Intel Corporation)
R2 ipfsvc; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_a232fd65d8604eb5\ipf_uf.exe [2785952 2023-04-13] (Intel Corporation -> Intel Corporation)
R2 LenovoSmartStandby; C:\WINDOWS\System32\DriverStore\FileRepository\smartstandbycomponent.inf_amd64_1a7a38fb4d407c19\SmartStandby.exe [332792 2023-02-03] (Lenovo -> Lenovo)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe [34176 2023-07-14] (Lenovo -> Lenovo)
R2 LenovoVisionService; C:\WINDOWS\System32\DriverStore\FileRepository\lnvvsndmft.inf_amd64_a1a974b0994de01d\LenovoVisionService.exe [565616 2023-10-10] (Lenovo -> Lenovo)
S3 LenovoVisionSetupService; C:\WINDOWS\System32\DriverStore\FileRepository\lnvvsndmft.inf_amd64_a1a974b0994de01d\LvfSetupService.exe [36720 2023-10-10] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\WINDOWS\System32\DriverStore\FileRepository\litsdrv.inf_amd64_4eda545e0ed970d1\LITSSvc.exe [1083864 2023-10-02] (Lenovo -> Lenovo.)
S2 LPlatSvc; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_7b52940a5893ba07\x64\LPlatSvc.exe [915824 2023-06-20] (Lenovo -> Lenovo)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534592 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SynHsaService; C:\WINDOWS\System32\DriverStore\FileRepository\synawudfbiousbuwp.inf_amd64_b4553f061288fdeb\SynRpcServer.exe [188352 2023-12-13] (Synaptics Incorporated -> Synaptics Incorporated.)
R2 TbtP2pShortcutService; C:\WINDOWS\TbtP2pShortcutService.exe [254088 2021-10-11] (Intel Corporation -> Intel Corporation)
R2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_341d0836121cf573\driver\TPHKLOAD.exe [197496 2024-01-09] (Lenovo -> Lenovo)
R2 UDCService; C:\WINDOWS\system32\DRIVERS\Lenovo\udc\Service\UDClientService.exe [72160 2023-11-02] (Lenovo -> Lenovo Group Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [304088 2023-06-06] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.)
R3 AKCCID; C:\WINDOWS\System32\drivers\AKCCID.sys [115064 2021-07-06] (Alcorlink Corp. -> Generic)
S3 CYUSB3; C:\WINDOWS\System32\Drivers\CYUSB3.sys [57912 2021-12-23] (WDKTestCert FlyX,132817871662226341 -> Cypress Semiconductor)
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 EPD; C:\WINDOWS\System32\drivers\EPD.sys [162368 2022-11-01] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.)
R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_302e75596cffa74a\iaLPSS2_GPIO2_ADL.sys [150616 2022-10-18] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_e736c048ca307ed2\iaLPSS2_I2C_ADL.sys [220224 2022-10-18] (Intel Corporation -> Intel Corporation)
R3 IBMPMDRV; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_7b52940a5893ba07\x64\ibmpmdrv.sys [56128 2023-06-20] (Lenovo -> Lenovo)
R3 IntcUSB; C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_5d49b801c1e48609\IntcUSB.sys [941976 2023-06-02] (Intel Corporation -> Intel(R) Corporation)
R3 ipf_acpi; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_3e77ea8ce8c01463\ipf_acpi.sys [88784 2023-04-13] (Intel Corporation -> Intel Corporation)
R3 ipf_cpu; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_a232fd65d8604eb5\ipf_cpu.sys [82080 2023-04-13] (Intel Corporation -> Intel Corporation)
R3 ipf_lf; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_a232fd65d8604eb5\ipf_lf.sys [446112 2023-04-13] (Intel Corporation -> Intel Corporation)
R3 MpKsl58936a82; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CD9033F8-D653-4521-B138-CB0373FC92DC}\MpKslDrv.sys [272664 2024-02-27] (Microsoft Windows -> Microsoft Corporation)
R1 PMDRVS; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_7b52940a5893ba07\x64\pmdrvs.sys [41792 2023-06-20] (Lenovo -> Lenovo)
R3 rtu53cx22x64; C:\WINDOWS\System32\DriverStore\FileRepository\rtu53cx22x64.inf_amd64_841b1dac10ff931f\rtu53cx22x64.sys [1083264 2023-08-02] (Realtek Semiconductor Corp. -> Realtek Corporation)
S3 rtump64x64; C:\WINDOWS\System32\drivers\rtump64x64.sys [1238416 2023-05-17] (Realtek Semiconductor Corp. -> Realtek Corporation)
R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [54176 2023-06-06] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-11] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-11] (Microsoft Windows -> Microsoft Corporation)
R3 WiManHu; C:\WINDOWS\System32\DriverStore\FileRepository\wiman.inf_amd64_f8dbb140e86553d1\WiManHu\WiManHu.sys [212032 2022-12-20] (Intel Corporation -> Intel Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-02-27 14:17 - 2024-02-27 14:17 - 000723674 _____ C:\WINDOWS\system32\perfh007.dat
2024-02-27 14:17 - 2024-02-27 14:17 - 000149714 _____ C:\WINDOWS\system32\perfc007.dat
2024-02-27 13:57 - 2024-02-27 13:57 - 000000448 __RSH C:\ProgramData\ntuser.pol
2024-02-27 12:00 - 2024-02-27 12:00 - 005331520 _____ (CHIP Digital GmbH) C:\Users\josch\Downloads\AdwCleaner - CHIP Installer _hQinp.exe
2024-02-27 10:50 - 2024-02-27 10:52 - 000000000 ____D C:\Users\josch\OneDrive\Dokumente\FRST_160224 (3)
2024-02-27 10:50 - 2024-02-27 10:50 - 003504843 _____ C:\Users\josch\OneDrive\Dokumente\FRST_160224 (3).zip
2024-02-27 10:49 - 2024-02-27 10:49 - 000000000 ____D C:\Users\josch\AppData\Local\Microsoft_Corporation
2024-02-27 10:45 - 2024-02-27 13:57 - 000164832 ____H C:\Users\josch\Desktop\.sync_journal.db-wal
2024-02-27 10:45 - 2024-02-27 13:57 - 000032768 ____H C:\Users\josch\Desktop\.sync_journal.db-shm
2024-02-27 10:34 - 2024-02-27 10:34 - 003504843 _____ C:\Users\josch\OneDrive\Dokumente\FRST_160224 (2).zip
2024-02-27 10:34 - 2024-02-27 10:34 - 000000000 ____D C:\Users\josch\OneDrive\Dokumente\FRST_160224 (2)
2024-02-27 10:27 - 2024-02-27 10:45 - 000000000 ____D C:\Program Files (x86)\Avira
2024-02-26 22:45 - 2024-02-27 13:29 - 000000000 ____D C:\Users\josch\AppData\Local\CrashDumps
2024-02-26 11:07 - 2024-02-27 15:20 - 000000000 ____D C:\FRST
2024-02-26 11:07 - 2024-02-27 13:56 - 000000000 ____D C:\Users\josch\OneDrive\Dokumente\FRST_160224
2024-02-26 11:05 - 2024-02-26 11:06 - 003504843 _____ C:\Users\josch\OneDrive\Dokumente\FRST_160224.zip
2024-02-26 11:05 - 2024-02-26 11:05 - 005331520 _____ (CHIP Digital GmbH) C:\Users\josch\Downloads\Farbar Recovery Scan Tool (HijackThis Alternative) - CHIP Installer _7Wdnp.exe
2024-02-26 10:54 - 2024-02-26 10:54 - 000000000 ____D C:\Users\josch\AppData\Local\mbam
2024-02-26 10:46 - 2024-02-26 10:48 - 000000000 ____D C:\AdwCleaner
2024-02-26 10:40 - 2024-02-26 10:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2024-02-26 10:13 - 2024-02-26 10:13 - 003611856 _____ (RCS LT) C:\Users\josch\Downloads\CCSetup.exe
2024-02-26 09:55 - 2024-02-26 09:55 - 000000000 ____D C:\Users\Public\Security Sessions
2024-02-26 09:51 - 2024-02-27 10:39 - 011540704 _____ C:\WINDOWS\system32\rtp.db
2024-02-26 09:51 - 2024-02-26 09:51 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2024-02-26 09:51 - 2024-02-26 09:51 - 000000000 ____D C:\Users\josch\AppData\Local\AviraWebView2Cache
2024-02-26 09:50 - 2024-02-26 09:55 - 000000000 ____D C:\Users\josch\AppData\Local\Avira
2024-02-26 09:49 - 2024-02-26 09:49 - 006768568 _____ (Avira Operations GmbH) C:\Users\josch\Downloads\avira_de_sptl1_841437658-1708937354__adwav.exe
2024-02-23 11:48 - 2024-02-23 11:48 - 000137460 _____ C:\Users\josch\Downloads\Things to Do in Yosemite Valley _ Yosemite Valley Attractions & Activities.jfif
2024-02-22 11:45 - 2024-02-22 11:45 - 002631335 _____ C:\Users\josch\Downloads\evaluierung-der-prioritaetsachse-4-nachhaltige-stadtentwicklung-zwischenbericht.pdf
2024-02-21 13:27 - 2024-02-21 13:27 - 000758253 _____ C:\Users\josch\Downloads\massnahmenuebersicht_stand_15-03-2023.pdf
2024-02-21 13:27 - 2024-02-21 13:27 - 000332043 _____ C:\Users\josch\Downloads\antragsformular-173baugb_stand_16-05-2023.pdf
2024-02-18 10:57 - 2024-02-18 10:57 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-02-15 10:18 - 2024-02-27 14:12 - 000142692 ____H C:\Users\josch\Desktop\~WRL0005.tmp
2024-02-14 20:08 - 2024-02-14 20:08 - 000106084 _____ C:\Users\josch\Downloads\175153-1670-MDL-CRP.webp
2024-02-14 10:42 - 2024-02-14 10:42 - 000019222 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-14 10:42 - 2024-02-14 10:42 - 000019222 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-02-12 18:03 - 2024-02-12 18:03 - 000000000 ____D C:\Users\josch\AppData\Roaming\Microsoft\MMC
2024-02-12 18:02 - 2024-02-12 18:02 - 000183255 _____ C:\Users\josch\Downloads\viewlabel.pdf
2024-02-09 10:15 - 2024-02-27 10:50 - 000000004 _____ C:\Users\josch\AppData\Local\rootCert_lock.pfx
2024-02-09 10:15 - 2024-02-09 10:15 - 021140204 _____ C:\Users\josch\AppData\Roaming\Microsoft\e67632589e090e4c2494326c50ab5c8c
2024-02-09 10:15 - 2024-02-09 10:15 - 000002536 _____ C:\Users\josch\AppData\Local\WindowsUpdateCertificate.pfx
2024-02-09 10:10 - 2024-02-09 10:10 - 000005808 _____ C:\Users\josch\Downloads\Update (1).js
2024-02-09 10:09 - 2024-02-09 10:09 - 000005808 _____ C:\Users\josch\Downloads\Update.js
2024-02-07 16:50 - 2024-02-14 15:33 - 000775691 _____ C:\Users\josch\Desktop\acrefore-9780190625979-e-829.pdf
2024-02-07 16:33 - 2024-02-07 16:33 - 000751940 _____ C:\Users\josch\Downloads\HousingPolicyAndAffordableHousing_preview.pdf
2024-02-07 15:47 - 2024-02-07 15:47 - 000581207 _____ C:\Users\josch\Downloads\10.2202_1935-1682.2613 (2).pdf
2024-02-07 15:47 - 2024-02-07 15:47 - 000172846 _____ C:\Users\josch\Downloads\395 (1).pdf
2024-02-07 15:46 - 2024-02-07 15:46 - 000581207 _____ C:\Users\josch\Downloads\10.2202_1935-1682.2613.pdf
2024-02-07 15:46 - 2024-02-07 15:46 - 000581207 _____ C:\Users\josch\Downloads\10.2202_1935-1682.2613 (1).pdf
2024-02-07 15:46 - 2024-02-07 15:46 - 000172846 _____ C:\Users\josch\Downloads\395.pdf
2024-02-07 11:35 - 2024-02-07 11:35 - 000183061 _____ C:\Users\josch\Downloads\uniqloeu_label_743592885001.pdf
2024-02-06 11:43 - 2023-10-16 14:05 - 002589851 _____ C:\Users\josch\Desktop\1 MPA.pdf
2024-02-06 11:29 - 2024-02-06 11:29 - 000478547 _____ C:\Users\josch\Desktop\condo conversion.pdf
2024-02-05 20:12 - 2024-02-05 20:11 - 000139885 _____ C:\Users\josch\Desktop\QSBT-2024-Call_for_Workshops.pdf
2024-02-05 20:11 - 2024-02-05 20:11 - 000139885 _____ C:\Users\josch\Downloads\QSBT-2024-Call_for_Workshops.pdf
2024-02-02 12:03 - 2024-02-02 12:03 - 000058648 _____ C:\Users\josch\Downloads\2023-12-netcologne-13861365-rgn-internet_telefon.pdf
2024-01-30 15:57 - 2024-02-27 10:42 - 000937984 ____H C:\Users\josch\Desktop\.sync_journal.db
2024-01-30 12:40 - 2024-01-30 12:40 - 000024817 _____ C:\Users\josch\Downloads\Rücksendezentrum.pdf
2024-01-30 11:57 - 2024-01-30 15:58 - 000000000 ___SD C:\Users\josch\sciebo - Reiners, Joscha (jreiner3@uni-koeln.de)@uni-koeln.sciebo.de (2)
2024-01-30 11:56 - 2024-01-30 11:57 - 000000000 ___SD C:\Users\josch\sciebo - Reiners, Joscha (jreiner3@uni-koeln.de)@uni-koeln.sciebo.de
2024-01-30 11:56 - 2024-01-30 11:56 - 000000000 ____D C:\Users\josch\AppData\Local\sciebo
2024-01-30 11:53 - 2024-02-27 13:57 - 000000000 ____D C:\Users\josch\AppData\Roaming\sciebo
2024-01-30 11:51 - 2024-01-30 11:51 - 021966848 _____ C:\Users\josch\Downloads\sciebo-5.2.1.13074.x64.msi
2024-01-30 11:51 - 2024-01-30 11:51 - 000001855 _____ C:\Users\Public\Desktop\sciebo.lnk
2024-01-30 11:51 - 2024-01-30 11:51 - 000001003 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\sciebo.lnk
2024-01-30 11:51 - 2024-01-30 11:51 - 000000000 ____D C:\Program Files\sciebo
2024-01-29 13:24 - 2024-01-29 13:24 - 001939483 _____ C:\Users\josch\Downloads\AnyScanner_01_29_2024.pdf
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-02-27 15:19 - 2023-08-17 13:10 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-27 15:19 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-27 15:09 - 2023-08-17 09:48 - 000000000 ____D C:\Users\josch\AppData\Roaming\Microsoft\Word
2024-02-27 14:57 - 2023-08-29 09:24 - 000000000 ____D C:\Users\josch\AppData\Roaming\Slack
2024-02-27 14:22 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-27 14:17 - 2023-09-28 16:22 - 001662892 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-27 14:17 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-02-27 14:15 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2024-02-27 13:57 - 2023-09-28 16:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-27 13:57 - 2023-09-28 16:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-27 13:57 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-02-27 13:57 - 2021-10-27 18:15 - 000012288 ___SH C:\DumpStack.log.tmp
2024-02-27 13:56 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-02-27 13:55 - 2023-10-04 14:10 - 000000000 ____D C:\Users\josch\AppData\LocalLow\Temp
2024-02-27 13:54 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2024-02-27 13:54 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2024-02-27 12:27 - 2023-11-06 18:55 - 000000000 ___HD C:\Users\josch\AppData\Local\ESRI_Licensing
2024-02-27 11:42 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-27 11:42 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-27 11:36 - 2023-08-17 09:47 - 000000000 ____D C:\Users\josch\AppData\Local\D3DSCache
2024-02-27 10:39 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-02-27 10:32 - 2023-08-17 13:10 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-02-27 10:32 - 2023-08-17 13:10 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-02-26 23:28 - 2023-09-28 16:17 - 000471496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-02-26 23:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2024-02-26 23:12 - 2023-08-30 16:30 - 000000000 ____D C:\Users\josch\AppData\Roaming\Microsoft\Excel
2024-02-26 14:15 - 2023-09-07 15:54 - 000000000 ____D C:\Users\josch\AppData\Roaming\RStudio
2024-02-26 14:15 - 2023-09-07 15:54 - 000000000 ____D C:\Users\josch\AppData\Local\RStudio
2024-02-26 14:13 - 2023-08-17 09:45 - 000000000 ____D C:\Users\josch\Desktop\Master Economic Research
2024-02-26 10:14 - 2023-08-18 19:37 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-02-26 09:49 - 2023-09-28 16:18 - 000000000 ____D C:\Users\josch
2024-02-26 09:24 - 2022-12-02 07:28 - 000000000 ____D C:\WINDOWS\TempInst
2024-02-25 21:32 - 2021-10-27 18:15 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-25 12:04 - 2023-11-29 16:46 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-02-25 12:04 - 2023-11-29 16:46 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-02-25 12:04 - 2023-11-29 16:46 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-02-24 02:00 - 2023-09-28 16:22 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-24 02:00 - 2023-09-28 16:22 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-21 16:22 - 2023-08-17 09:48 - 000000000 ____D C:\Users\josch\AppData\Roaming\Microsoft\Office
2024-02-20 16:42 - 2023-08-17 09:43 - 000000000 ____D C:\Users\josch\AppData\Local\Packages
2024-02-19 15:49 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\NDF
2024-02-19 11:33 - 2023-08-31 09:23 - 000001434 _____ C:\Users\josch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grammarly.lnk
2024-02-19 11:33 - 2023-08-31 09:23 - 000001426 _____ C:\Users\josch\Desktop\Grammarly.lnk
2024-02-19 11:33 - 2023-08-31 09:10 - 000000000 ____D C:\Users\josch\AppData\Local\Grammarly
2024-02-18 10:56 - 2023-08-17 10:29 - 000000000 ____D C:\Program Files\Microsoft Office
2024-02-15 10:17 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-02-14 19:40 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-02-14 16:15 - 2023-08-17 09:40 - 000000000 ___SD C:\Users\josch\AppData\Roaming\Microsoft\Credentials
2024-02-14 16:13 - 2023-09-28 16:17 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2024-02-14 16:11 - 2023-10-19 17:38 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-02-14 16:11 - 2022-05-07 11:39 - 000000000 ___SD C:\WINDOWS\system32\AppV
2024-02-14 16:11 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-02-14 16:11 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2024-02-14 16:11 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-02-14 16:11 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-02-14 16:11 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-14 16:11 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-02-14 16:11 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-02-14 16:11 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-02-14 16:11 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-02-14 16:11 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-02-14 16:11 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-02-14 16:11 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-02-14 16:11 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-02-14 16:11 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-02-14 16:11 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-02-14 16:11 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-14 10:48 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-14 10:47 - 2023-08-17 12:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-14 10:44 - 2023-08-17 12:06 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-14 10:42 - 2023-09-28 16:21 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-02-13 17:08 - 2024-01-24 17:25 - 000010001 _____ C:\Users\josch\Desktop\Expenses Vietnam.xlsx
2024-02-07 17:14 - 2023-10-23 16:36 - 000129342 ____H C:\Users\josch\Desktop\~WRL0004.tmp
2024-02-07 13:50 - 2023-10-23 16:36 - 000117163 ____H C:\Users\josch\Desktop\~WRL0003.tmp
2024-02-05 19:50 - 2023-08-29 09:24 - 000000000 ____D C:\Users\josch\AppData\Local\slack
2024-02-05 19:49 - 2023-08-29 09:24 - 000002214 _____ C:\Users\josch\Desktop\Slack.lnk
2024-02-05 19:49 - 2023-08-29 09:24 - 000000000 ____D C:\Users\josch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2024-02-02 18:34 - 2023-11-28 11:05 - 000755130 _____ C:\Users\josch\Desktop\chapple-et-al-2022-the-role-of-local-housing-policies-in-preventing-displacement-a-literature-review.pdf
2024-02-01 14:14 - 2023-09-28 16:22 - 000004002 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{EE0C899A-1FC2-4A61-954C-23E510D3A277}
2024-02-01 14:14 - 2023-09-28 16:22 - 000003878 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{3CD978E8-E034-4861-91E1-B762F48B85BD}
2024-01-30 21:07 - 2023-08-17 09:44 - 000002357 _____ C:\Users\josch\Desktop\Microsoft Edge.lnk
2024-01-30 16:05 - 2023-08-17 09:45 - 000000000 ____D C:\Users\josch\Desktop\Siegloch Masterarbeit
2024-01-30 16:04 - 2024-01-26 17:25 - 000000000 ____D C:\Users\josch\Desktop\Shapefiles Siegloch
2024-01-30 15:57 - 2023-10-16 14:03 - 000000000 ____D C:\Users\josch\Desktop\1 Literature
2024-01-30 14:34 - 2023-08-17 09:45 - 000000000 __RSD C:\Users\josch\Dokumente
2024-01-30 12:46 - 2023-09-06 15:02 - 000000000 ____D C:\Program Files\QGIS 3.32.2
2024-01-29 09:45 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2024-02-09 10:15 - 2024-02-09 10:15 - 021140204 _____ () C:\Users\josch\AppData\Roaming\Microsoft\e67632589e090e4c2494326c50ab5c8c
2024-02-09 10:15 - 2024-02-27 10:50 - 000000004 _____ () C:\Users\josch\AppData\Local\rootCert_lock.pfx
2024-02-09 10:15 - 2024-02-09 10:15 - 000002536 _____ () C:\Users\josch\AppData\Local\WindowsUpdateCertificate.pfx
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
27.02.2024, 15:25
Baum-Darstellung