|
Plagegeister aller Art und deren Bekämpfung: Eset zeigt Trojanerfund an.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
03.08.2021, 13:43 | #1 |
| Eset zeigt Trojanerfund an. Hallo, ich habe heute eine Website angesurft. Dabei erschien eine Meldung, dass mein Firefox nicht aktuell sei anstatt der Seite. Zugleich erhielt ich eine Downloadanfrage für ein FF Update. Das habe ich aber nicht bestätigt. Nun habe ich mit Eset Online meinen Rechner mal gescannt und 12 Trojanerfunde angezeigt bekommen. Log hab ich angehängt. Was soll ich denn nun tun? viele Grüße, steaf Die Seite war überigen: https://www.genesispub.org/restoration-of-gabaa-receptor-function-after-benzodiazepine-use-a-meta-analysis Geändert von steaf (03.08.2021 um 13:52 Uhr) |
03.08.2021, 13:53 | #2 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Eset zeigt Trojanerfund an.Zitat:
__________________ |
03.08.2021, 13:57 | #3 |
| Eset zeigt Trojanerfund an. Alright.
__________________FRST Logs kommen hier. |
03.08.2021, 14:04 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Eset zeigt Trojanerfund an. Die Logs bitte NICHT in den Anhang!!! Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
03.08.2021, 21:01 | #5 |
| Eset zeigt Trojanerfund an. Okay, sorry, wohl überlesen. FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 03-08-2021 durchgeführt von quart (Administrator) auf CORTEX (LENOVO 82DS) (03-08-2021 14:56:12) Gestartet von C:\Users\quart\Downloads Geladene Profile: quart Platform: Windows 10 Pro Version 21H1 19043.1151 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: FF Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\quart\AppData\Local\WebEx\ciscowebexstart.exe (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\quart\AppData\Local\WebEx\WebEx\Meetings\atmgr.exe (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~4.INF\DAX3API.exe (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_d59c8b8a329853e4\DAX3API.exe (ESET, spol. s r.o. -> ESET) C:\Users\quart\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe (Google LLC -> ) C:\Program Files\Google\Drive File Stream\49.0.11.0\crashpad_handler.exe <4> (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\49.0.11.0\GoogleDriveFS.exe <7> (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\IGCC.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_69d915519e0a2ac8\aesm_service.exe (Intel Thunderbolt(TM) Technology -> ) C:\Windows\TbtP2pShortcutService.exe (Intel Thunderbolt(TM) Technology -> Intel Corporation) C:\Windows\ThunderboltService.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_9ea30e7f88626f47\igfxCUIService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_9ea30e7f88626f47\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_caa7639078e34732\OneApp.IGCC.WinService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1d8c0a4a248c0ba9\IntelCpHDCPSvc.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1d8c0a4a248c0ba9\IntelCpHeciSvc.exe (Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\quart\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\Lenovo.Vantage.AddinHost.exe <2> (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\Lenovo.Vantage.AddinHost.x86.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\LenovoVantageService.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe <2> (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <2> (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\DriverStore\FileRepository\lnvsst.inf_amd64_4e633fced20b4d0e\SmartSense.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\DriverStore\FileRepository\lnvsst.inf_amd64_4e633fced20b4d0e\UserSSCtrl.exe (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_2fcf64020e032ea8\LenovoUtilityService.exe (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe (LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.0.44.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12105.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13> (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_c6fc6328fcbac4e0\Display.NvContainer\NVDisplay.Container.exe <2> (Open Source Developer, Dominik Reichl -> Dominik Reichl) C:\Program Files\KeePass Password Safe 2\KeePass.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3e0257ced434aaba\RtkAudUService64.exe <2> (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\IAS\IntelAudioService.exe (TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe (Texas Instruments Inc. -> Texas Instuments) C:\Windows\System32\TISmartAmpService.exe <2> ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3e0257ced434aaba\RtkAudUService64.exe [1179440 2020-09-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3160256 2021-05-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.) HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1668000 2021-06-09] (Logitech Inc -> Logitech, Inc.) HKLM-x32\...\Run: [XPE] => C:\Program Files (x86)\XPE Windows 10 DPI Fix\XPEWindows10_DPI.exe [28672 2015-08-21] (XPExplorer.com - 2015) [Datei ist nicht signiert] HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1706224 2021-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.) HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\49.0.11.0\GoogleDriveFS.exe [58875224 2021-07-27] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\49.0.11.0\GoogleDriveFS.exe [58875224 2021-07-27] (Google LLC -> Google, Inc.) HKU\S-1-5-21-2739222987-1785499675-3330318582-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\49.0.11.0\GoogleDriveFS.exe [58875224 2021-07-27] (Google LLC -> Google, Inc.) HKU\S-1-5-21-2739222987-1785499675-3330318582-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5550304 2021-07-24] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-2739222987-1785499675-3330318582-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4110568 2021-07-21] (Valve -> Valve Corporation) HKU\S-1-5-21-2739222987-1785499675-3330318582-1001\...\Run: [EEDSpeedLauncher] => C:\Windows\system32\eed_ec.dll [1848320 2015-06-26] (Microsoft Windows Hardware Compatibility Publisher -> ) HKU\S-1-5-21-2739222987-1785499675-3330318582-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\quart\AppData\Local\WebEx\ciscowebexstart.exe [4524368 2021-07-09] (Cisco WebEx LLC -> Cisco Webex LLC) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\49.0.11.0\GoogleDriveFS.exe [58875224 2021-07-27] (Google LLC -> Google, Inc.) HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => C:\Windows\system32\eed_ec.dll [1848320 2015-06-26] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Windows x64\Print Processors\ssi5mPC: C:\Windows\System32\spool\prtprocs\x64\ssi5mpc.dll [43520 2015-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider) HKLM\...\Print\Monitors\ssi5m Langmon: C:\Windows\system32\ssi5mlm.dll [22528 2015-06-26] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Print\Monitors\us008 Langmon: C:\Windows\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> ) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NIHardwareAccessibilityHelper.exe.lnk [2021-07-16] ShortcutTarget: NIHardwareAccessibilityHelper.exe.lnk -> C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareAccessibilityHelper.exe (Native Instruments GmbH -> Native Instruments GmbH) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NTKDaemon.lnk [2021-07-16] ShortcutTarget: NTKDaemon.lnk -> C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe (Native Instruments GmbH -> Native Instruments GmbH) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {01FC1C3A-7C16-42EA-AF50-60BFAECEF9F1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {085EDFB1-A316-421A-BAEE-4D8AE0D32787} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139136 2021-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {19C1BE6B-8F28-42C0-BDB9-4A3EA543EC5B} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2739222987-1785499675-3330318582-1001 => C:\Users\quart\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [87896 2021-06-09] (Lenovo (Beijing) Limited -> Lenovo Group Limited) Task: {1B33304C-7E21-41F4-ACFC-65815C2140CB} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [434608 2021-05-19] (Lenovo -> Lenovo Group Ltd.) Task: {213480E3-0A81-496D-985E-109230350713} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253376 2021-07-23] (Microsoft Corporation -> Microsoft Corporation) Task: {280C14AC-0FD2-4777-89C4-477A91841245} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2C6CDAE3-7CEA-47BD-B036-76999D4A2151} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2F224B3B-081A-421E-A529-86B06CEBF60E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {3232FF40-1007-4A01-BEE5-3E84EAE3891C} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {36E6A1CF-C594-49C5-A707-986A34CCD2D2} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService Task: {3A1A289F-BDF9-4AC3-91FC-0CC91AF0E8CE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {3F881523-2E6D-4DAE-BF3E-B8B61C6D7BF3} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-07-22] (Mozilla Corporation -> Mozilla Foundation) Task: {41323A69-C8C2-41D5-B218-068CF46044A1} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {44363754-EA0B-4C8A-AD9F-D5D73F88D3CA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139136 2021-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {49715FCC-7CF0-440F-BF40-AFE300BC4A3A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\74bece52-562f-4cd5-80ba-6f1d4d820082 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81912 2021-06-17] (Lenovo -> Lenovo Group Ltd.) Task: {4D4D2D81-A445-4141-9212-6503D2465137} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2836352 2021-07-26] (Microsoft Corporation -> Microsoft Corporation) Task: {4F213363-A1C9-464C-A735-66D3AC025BC9} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {54A220EF-2EDC-4523-A848-D27B652FA919} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\ScheduleEventAction.exe [23968 2021-05-17] (Lenovo -> Lenovo Group Ltd.) Task: {5533BA7B-BBBA-41F2-9214-8B52D7248D33} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5796E5D7-7980-4049-A698-5083B7058983} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7A79BAD0-289D-404D-9E84-B068138FC7FA} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1c83c79c-77b4-4fd6-a2f4-dd2cc065ffc4 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81912 2021-06-17] (Lenovo -> Lenovo Group Ltd.) Task: {81C8A2B4-8ABA-4814-8AAB-046ED8563C0D} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144456 2021-05-19] (Lenovo -> Lenovo Group Ltd.) Task: {88A9F983-35ED-4F82-9236-C11F5D3C1CC1} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService Task: {93AEBF6E-D436-47EA-807C-F2120401D82E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {95877F0C-1A4B-4707-B92F-517C9D8EE099} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2021-05-08] (Google Inc -> Google Inc.) Task: {9CAAC0D1-7FA7-4E9D-921A-691A9FC5AC6B} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {A2F861EB-77B9-47C5-959E-EA3DC2DF5285} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253376 2021-07-23] (Microsoft Corporation -> Microsoft Corporation) Task: {B46BCD6A-9961-4324-A6A3-CC8AD16F1A44} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1546128 2021-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {BC1E77FA-2E11-4DD9-9422-9270E79F4594} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {BFDDF61D-21E8-4C9B-BD3D-FB8A77C0065F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b8853ced-8207-435c-87ae-a94bb6a87be2 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81912 2021-06-17] (Lenovo -> Lenovo Group Ltd.) Task: {DFB1EFF2-31C9-4A62-AB28-33156C14FD54} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\971b6bf1-7b98-4932-9ca0-081b5dd5eff8 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81912 2021-06-17] (Lenovo -> Lenovo Group Ltd.) Task: {E0A38BE2-8387-4622-A832-F4314CFF3258} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\Windows\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [192928 2021-05-19] (Lenovo -> Lenovo Group Ltd.) Task: {E5BA1320-D163-47A6-98A4-3DC5EFBFEE5C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2021-05-08] (Google Inc -> Google Inc.) Task: {E9FE5A3B-70AB-421B-95EC-08D57E921589} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility:// Task: {EBC40DAD-EC56-4F97-B773-3D3285D12C12} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {ECCBA3BE-A91F-4074-8055-5A8BF467A6C1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.) Task: {F232B66B-8C18-41AE-B0B5-303B1E4DD4E9} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\Windows\system32\ImController.InfInstaller.exe [62448 2021-06-17] (Lenovo -> Lenovo Group Ltd.) Task: {F3F54D11-226E-4A84-84FF-823620F99B5A} - System32\Tasks\MATLAB R2021a Startup Accelerator => C:\Program Files\MATLAB\R2021a\bin\win64\MATLABStartupAccelerator.exe [51200 2020-11-15] () [Datei ist nicht signiert] Task: {FF8A2467-32C8-479F-A5F2-289CA6FCAED2} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\MATLAB R2021a Startup Accelerator.job => C:\Program Files\MATLAB\R2021a\bin\win64\MATLABStartupAccelerator.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{809a1dd4-0ac2-435d-9d60-64a7536766e6}: [DhcpNameServer] 192.168.179.1 Tcpip\..\Interfaces\{bf86e6e2-3ba6-42da-b9ce-83c15e0c80fc}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{d25beaa8-4a23-4686-8e4c-3581b5a5528a}: [DhcpNameServer] 13.5.0.88 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\quart\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-02] Edge Extension: (Citavi Picker) - C:\Users\quart\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mielbhbkcliienpdicphhecpodcaeefg [2021-05-16] Edge HKLM-x32\...\Edge\Extension: [mielbhbkcliienpdicphhecpodcaeefg] FireFox: ======== FF DefaultProfile: l681x6di.default FF ProfilePath: C:\Users\quart\AppData\Roaming\Mozilla\Firefox\Profiles\l681x6di.default [2021-05-08] FF ProfilePath: C:\Users\quart\AppData\Roaming\Mozilla\Firefox\Profiles\xovb33ti.default-release [2021-08-03] FF Homepage: Mozilla\Firefox\Profiles\xovb33ti.default-release -> hxxps://www.google.com/ FF Notifications: Mozilla\Firefox\Profiles\xovb33ti.default-release -> hxxps://web.threema.ch FF Extension: (Facebook Container) - C:\Users\quart\AppData\Roaming\Mozilla\Firefox\Profiles\xovb33ti.default-release\Extensions\@contain-facebook.xpi [2021-08-03] FF Extension: (Dark Reader) - C:\Users\quart\AppData\Roaming\Mozilla\Firefox\Profiles\xovb33ti.default-release\Extensions\addon@darkreader.org.xpi [2021-07-08] FF Extension: (Google Scholar-Schaltfläche) - C:\Users\quart\AppData\Roaming\Mozilla\Firefox\Profiles\xovb33ti.default-release\Extensions\button@scholar.google.com.xpi [2021-05-08] FF Extension: (Clear Cache) - C:\Users\quart\AppData\Roaming\Mozilla\Firefox\Profiles\xovb33ti.default-release\Extensions\clearcache@michel.de.almeida.xpi [2021-05-08] FF Extension: (Cookie AutoDelete) - C:\Users\quart\AppData\Roaming\Mozilla\Firefox\Profiles\xovb33ti.default-release\Extensions\CookieAutoDelete@kennydo.com.xpi [2021-05-08] FF Extension: (HTTPS Everywhere) - C:\Users\quart\AppData\Roaming\Mozilla\Firefox\Profiles\xovb33ti.default-release\Extensions\https-everywhere@eff.org.xpi [2021-07-15] FF Extension: (VT4Browsers) - C:\Users\quart\AppData\Roaming\Mozilla\Firefox\Profiles\xovb33ti.default-release\Extensions\info@virustotal.com.xpi [2021-05-08] FF Extension: (I don't care about cookies) - C:\Users\quart\AppData\Roaming\Mozilla\Firefox\Profiles\xovb33ti.default-release\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2021-06-29] FF Extension: (uBlock Origin) - C:\Users\quart\AppData\Roaming\Mozilla\Firefox\Profiles\xovb33ti.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-07-31] FF Extension: (NoScript) - C:\Users\quart\AppData\Roaming\Mozilla\Firefox\Profiles\xovb33ti.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-07-28] FF Extension: (Citavi Picker) - C:\Users\quart\AppData\Roaming\Mozilla\Firefox\Profiles\xovb33ti.default-release\Extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2021-05-08] FF Extension: (Borderless dark) - C:\Users\quart\AppData\Roaming\Mozilla\Firefox\Profiles\xovb33ti.default-release\Extensions\{c4cb2b36-3932-4fac-ad9e-a723f81a04d3}.xpi [2021-05-08] FF Extension: (Talkie: text-to-speech, many languages!) - C:\Users\quart\AppData\Roaming\Mozilla\Firefox\Profiles\xovb33ti.default-release\Extensions\{d83c8fb0-e51b-4d74-9c10-90e9610f16ca}.xpi [2021-05-08] FF Extension: (Kein Name) - C:\Users\quart\AppData\Roaming\Mozilla\Firefox\Profiles\xovb33ti.default-release\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2021-07-23] FF Extension: (Citavi Picker) - C:\Program Files\Mozilla Firefox\distribution\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2021-01-11] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9141648 2021-07-21] (Microsoft Corporation -> Microsoft Corporation) R2 DolbyDAXAPI; C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_d59c8b8a329853e4\DAX3API.exe [1906648 2020-09-23] (Dolby Laboratories, Inc. -> Dolby Laboratories) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.) S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.129.0627.0002\FileSyncHelper.exe [2378112 2021-07-26] (Microsoft Corporation -> Microsoft Corporation) R2 FMAPOService; C:\Windows\System32\FMService64.exe [343928 2020-09-04] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81912 2021-06-17] (Lenovo -> Lenovo Group Ltd.) R2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_2fcf64020e032ea8\LenovoUtilityService.exe [531360 2021-02-23] (Lenovo -> Lenovo(beijing) Limited) R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\LenovoVantageService.exe [28576 2021-05-17] (Lenovo -> Lenovo Group Ltd.) R2 LITSSVC; C:\Windows\System32\LNBITSSvc.exe [1820080 2021-02-06] (Lenovo -> Lenovo(beijing) Limited) R2 NIHostIntegrationAgent; C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe [18849168 2021-06-21] (Native Instruments GmbH -> Native Instruments GmbH) R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [277688 2021-06-09] (TEFINCOM S.A. -> TEFINCOM S.A.) S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\21.129.0627.0002\OneDriveUpdaterService.exe [2734464 2021-07-26] (Microsoft Corporation -> Microsoft Corporation) S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1848624 2021-08-02] (Rockstar Games, Inc. -> Rockstar Games) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-07-30] (Microsoft Windows Publisher -> Microsoft Corporation) R2 SmartSense; C:\Windows\System32\DriverStore\FileRepository\lnvsst.inf_amd64_4e633fced20b4d0e\SmartSense.exe [155848 2020-08-30] (Lenovo -> Lenovo Group Ltd.) R2 TbtP2pShortcutService; C:\Windows\TbtP2pShortcutService.exe [252296 2021-03-17] (Intel Thunderbolt(TM) Technology -> ) R2 TISmartAmpService; C:\Windows\System32\TISmartAmpService.exe [537072 2020-06-18] (Texas Instruments Inc. -> Texas Instuments) R2 UDCService; C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe [107952 2021-05-19] (Lenovo -> Lenovo Group Ltd.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_c6fc6328fcbac4e0\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_c6fc6328fcbac4e0\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 a8djavs; C:\Windows\System32\Drivers\a8djavs.sys [359784 2012-12-18] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) S3 a8djusb_svc; C:\Windows\System32\Drivers\a8djusb.sys [100712 2012-12-18] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) R3 bomebus; C:\Windows\System32\drivers\bomebus.sys [56376 2018-05-16] (Bome Software GmbH & Co.KG -> Bome Software GmbH & Co. KG) R1 googledrivefs3514; C:\Windows\System32\DRIVERS\googledrivefs3514.sys [389144 2021-06-25] (Google LLC -> Google, Inc.) R2 NDivert; C:\Windows\System32\drivers\NDivert.sys [105184 2021-03-28] (TEFINCOM S.A. -> ) S3 nikz1audio; C:\Windows\System32\Drivers\nikz1audio.sys [383928 2015-09-09] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) S3 nikz1usb; C:\Windows\system32\DRIVERS\nikz1usb.sys [100200 2015-09-09] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) S3 nita2audio; C:\Windows\System32\Drivers\nita2audio.sys [371096 2015-09-28] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) S3 nita2usb; C:\Windows\system32\DRIVERS\nita2usb.sys [99200 2015-09-28] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) R3 nlwt; C:\Windows\system32\DRIVERS\nlwt.sys [39360 2021-05-08] (TEFINCOM S.A. -> WireGuard LLC) R1 nordlwf; C:\Windows\system32\DRIVERS\nordlwf.sys [38608 2020-12-14] (TEFINCOM S.A. -> TEFINCOM S.A.) S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [26368 2020-08-21] (Daniel Terhell -> Resplendence Software Projects Sp.) R1 steamxbox; C:\Windows\System32\drivers\steamxbox.sys [232792 2021-03-08] (Valve Corp. -> Valve Corporation) R3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project) R3 VBAudioVMVAIOMME; C:\Windows\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2021-05-14] (Vincent Burel -> Windows (R) Win 7 DDK provider) S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [74048 2021-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49560 2021-07-11] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [425192 2021-07-11] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-11] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2021-08-03 14:56 - 2021-08-03 14:56 - 000034509 _____ C:\Users\quart\Downloads\FRST.txt 2021-08-03 14:55 - 2021-08-03 14:56 - 000000000 ____D C:\FRST 2021-08-03 14:54 - 2021-08-03 14:54 - 002300416 _____ (Farbar) C:\Users\quart\Downloads\FRST64.exe 2021-08-03 12:13 - 2021-08-03 12:13 - 011697056 _____ (ESET) C:\Users\quart\Downloads\esetonline356scanner.exe 2021-08-03 12:13 - 2021-08-03 12:13 - 000001393 _____ C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2021-08-03 12:13 - 2021-08-03 12:13 - 000000000 ____D C:\Users\quart\AppData\Local\ESET 2021-08-03 12:12 - 2021-08-03 12:12 - 000000000 _____ C:\Users\quart\Downloads\ESETOnlineScanner_DEU.exe 2021-08-02 22:24 - 2021-08-02 22:29 - 000000000 ____D C:\Users\quart\OneDrive\Dokumente\Rockstar Games 2021-08-02 22:24 - 2021-08-02 22:29 - 000000000 ____D C:\Users\quart\AppData\Local\Rockstar Games 2021-08-02 22:23 - 2021-08-02 22:23 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer 2021-08-02 22:23 - 2021-08-02 22:23 - 000000000 ____D C:\Program Files\Reference Assemblies 2021-08-02 22:23 - 2021-08-02 22:23 - 000000000 ____D C:\Program Files\MSBuild 2021-08-02 22:23 - 2021-08-02 22:23 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2021-08-02 22:23 - 2021-08-02 22:23 - 000000000 ____D C:\Program Files (x86)\MSBuild 2021-08-02 22:22 - 2021-08-02 22:22 - 000000000 ____D C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2021-08-02 22:22 - 2021-08-02 22:22 - 000000000 ____D C:\ProgramData\Rockstar Games 2021-08-02 22:21 - 2021-08-02 22:24 - 000000000 ____D C:\Program Files\Rockstar Games 2021-08-02 22:21 - 2021-08-02 22:24 - 000000000 ____D C:\Program Files (x86)\Rockstar Games 2021-08-01 22:28 - 2021-08-01 22:28 - 000000000 ____D C:\Users\quart\OneDrive\Dokumente\WB Games 2021-07-30 14:45 - 2021-07-30 14:45 - 001823280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2021-07-30 14:45 - 2021-07-30 14:45 - 001393480 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2021-07-30 14:45 - 2021-07-30 14:45 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll 2021-07-30 14:45 - 2021-07-30 14:45 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll 2021-07-30 14:45 - 2021-07-30 14:45 - 000011461 _____ C:\Windows\system32\DrtmAuthTxt.wim 2021-07-28 17:42 - 2021-07-28 17:51 - 000000000 ____D C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Super Mario Bros. X 2021-07-27 23:24 - 2021-03-17 06:05 - 000252296 _____ C:\Windows\TbtP2pShortcutService.exe 2021-07-27 23:24 - 2021-03-17 06:05 - 000162168 _____ (Intel Corporation) C:\Windows\ThunderboltService.exe 2021-07-27 23:24 - 2021-03-17 06:05 - 000047992 _____ (Intel Corporation) C:\Windows\TbtControlCenterToastLauncher.exe 2021-07-22 17:27 - 2021-07-22 17:27 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2021-07-22 17:26 - 2021-07-30 14:57 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-07-21 13:55 - 2021-07-21 13:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2021-07-21 13:54 - 2021-07-21 13:54 - 000000000 ____D C:\Program Files\Logitech 2021-07-20 23:41 - 2021-07-13 19:07 - 001858664 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2021-07-20 23:41 - 2021-07-13 19:07 - 001858664 _____ C:\Windows\system32\vulkaninfo.exe 2021-07-20 23:41 - 2021-07-13 19:07 - 001438824 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2021-07-20 23:41 - 2021-07-13 19:07 - 001438824 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2021-07-20 23:41 - 2021-07-13 19:07 - 001097856 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2021-07-20 23:41 - 2021-07-13 19:07 - 001097856 _____ C:\Windows\system32\vulkan-1.dll 2021-07-20 23:41 - 2021-07-13 19:07 - 000951936 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2021-07-20 23:41 - 2021-07-13 19:07 - 000951936 _____ C:\Windows\SysWOW64\vulkan-1.dll 2021-07-20 23:41 - 2021-07-13 19:06 - 001474704 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2021-07-20 23:41 - 2021-07-13 19:06 - 001212560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2021-07-20 23:41 - 2021-07-13 19:02 - 001520776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2021-07-20 23:41 - 2021-07-13 19:02 - 000716912 _____ C:\Windows\system32\nvofapi64.dll 2021-07-20 23:41 - 2021-07-13 19:02 - 000676480 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2021-07-20 23:41 - 2021-07-13 19:02 - 000645232 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll 2021-07-20 23:41 - 2021-07-13 19:02 - 000577152 _____ C:\Windows\SysWOW64\nvofapi.dll 2021-07-20 23:41 - 2021-07-13 19:02 - 000564352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2021-07-20 23:41 - 2021-07-13 19:01 - 002112128 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2021-07-20 23:41 - 2021-07-13 19:01 - 001595520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2021-07-20 23:41 - 2021-07-13 19:01 - 001171072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2021-07-20 23:41 - 2021-07-13 19:01 - 000919168 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2021-07-20 23:41 - 2021-07-13 19:01 - 000750208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2021-07-20 23:41 - 2021-07-13 19:01 - 000706176 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe 2021-07-20 23:41 - 2021-07-13 19:00 - 005680760 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2021-07-20 23:41 - 2021-07-12 13:32 - 000083062 _____ C:\Windows\system32\nvinfo.pb 2021-07-20 23:40 - 2021-07-13 19:00 - 008854144 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2021-07-20 23:40 - 2021-07-13 19:00 - 007920768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2021-07-20 23:40 - 2021-07-13 19:00 - 004987520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2021-07-20 23:40 - 2021-07-13 19:00 - 002925696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2021-07-20 23:40 - 2021-07-13 19:00 - 000447104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe 2021-07-20 23:40 - 2021-07-13 18:59 - 000849008 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe 2021-07-20 23:40 - 2021-07-13 18:57 - 006215792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2021-07-17 15:56 - 2021-07-17 15:56 - 000000000 ____D C:\Users\quart\.spss 2021-07-17 15:51 - 2021-07-17 15:51 - 000002131 _____ C:\Users\Public\Desktop\IBM SPSS Statistics.lnk 2021-07-17 15:51 - 2021-07-17 15:51 - 000000000 ____D C:\Users\quart\AppData\Roaming\IBM 2021-07-17 15:51 - 2021-07-17 15:51 - 000000000 ____D C:\Users\quart\AppData\Local\renv 2021-07-17 15:51 - 2021-07-17 15:51 - 000000000 ____D C:\Users\quart\AppData\Local\javasharedresources 2021-07-17 15:51 - 2021-07-17 15:51 - 000000000 ____D C:\Users\quart\.IBM 2021-07-17 15:51 - 2021-07-17 15:51 - 000000000 ____D C:\ProgramData\SafeNet Sentinel 2021-07-17 15:51 - 2021-07-17 15:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics 2021-07-17 15:50 - 2021-07-17 15:50 - 000000000 ____D C:\Program Files\IBM 2021-07-17 15:50 - 2021-07-17 15:50 - 000000000 ____D C:\Program Files\Common Files\IBM 2021-07-17 15:47 - 2021-07-17 15:49 - 880796040 _____ (IBM Corp) C:\Users\quart\Downloads\SPSS_Statistics_28_Win64.exe 2021-07-16 19:51 - 2021-07-16 19:51 - 000000000 __HDC C:\ProgramData\{D55C37DA-371C-462E-A490-FC7B49AD6DCD} 2021-07-16 19:51 - 2021-07-16 19:51 - 000000000 ____D C:\Users\quart\AppData\Local\Transient Master 2021-07-16 19:51 - 2021-07-16 19:51 - 000000000 ____D C:\Users\quart\AppData\Local\Supercharger 2021-07-16 19:51 - 2021-07-16 19:51 - 000000000 ____D C:\Users\quart\AppData\Local\Solid EQ 2021-07-16 19:51 - 2021-07-16 19:51 - 000000000 ____D C:\Users\quart\AppData\Local\Solid Dynamics 2021-07-16 19:51 - 2021-07-16 19:51 - 000000000 ____D C:\Users\quart\AppData\Local\Solid Bus Comp 2021-07-16 19:51 - 2021-07-16 19:51 - 000000000 ____D C:\Users\quart\AppData\Local\Driver 2021-07-16 19:50 - 2021-07-16 19:50 - 000000000 __HDC C:\ProgramData\{F6163904-56FE-4C32-883E-511A630BB208} 2021-07-16 19:50 - 2021-07-16 19:50 - 000000000 __HDC C:\ProgramData\{5984682A-6801-493C-AE8E-BA179880D6C4} 2021-07-16 19:50 - 2021-07-16 19:50 - 000000000 __HDC C:\ProgramData\{529CCDB2-B7A5-45FD-8225-FD139995DB68} 2021-07-16 19:50 - 2021-07-16 19:50 - 000000000 __HDC C:\ProgramData\{4F5A8AF7-548F-455D-8324-4BF6E080EFE3} 2021-07-16 19:49 - 2021-07-16 19:49 - 000000000 __HDC C:\ProgramData\{EAD96DF2-4553-4D47-A0E7-87DC4641E5C8} 2021-07-16 19:49 - 2021-07-16 19:49 - 000000000 __HDC C:\ProgramData\{A5D15E37-A244-4BED-9E32-7E918C60A4FE} 2021-07-16 19:49 - 2021-07-16 19:49 - 000000000 __HDC C:\ProgramData\{270C8424-1755-40B9-B7B4-E3E9E48C33D1} 2021-07-16 19:38 - 2021-07-16 19:38 - 000000000 __HDC C:\ProgramData\{DFA03E80-206A-47CA-85A8-C8A8AA63A778} 2021-07-16 19:38 - 2021-07-16 19:38 - 000000000 __HDC C:\ProgramData\{6945C421-BC7D-4621-AED5-084E11AE3726} 2021-07-16 19:37 - 2021-07-16 19:37 - 000001138 _____ C:\Users\Public\Desktop\Controller Editor.lnk 2021-07-16 19:37 - 2021-07-16 19:37 - 000000000 __HDC C:\ProgramData\{E07620DE-8970-4567-9242-0C4C6ADE146F} 2021-07-16 19:37 - 2021-07-16 19:37 - 000000000 __HDC C:\ProgramData\{4938857D-54DB-4BDA-8E99-5E6238E20FC7} 2021-07-16 19:37 - 2021-07-16 19:37 - 000000000 ____D C:\Program Files\Common Files\Steinberg 2021-07-16 19:36 - 2021-07-16 19:36 - 000000000 __HDC C:\ProgramData\{1A8DFBC8-5979-44D5-AA1E-3C9289A90407} 2021-07-16 19:35 - 2021-07-16 19:35 - 000000000 __HDC C:\ProgramData\{415AFD15-76E3-4CE7-A07C-FBD191A08472} 2021-07-16 19:34 - 2021-07-16 19:50 - 000000000 ____D C:\Program Files\Common Files\VST3 2021-07-16 15:18 - 2021-07-29 15:38 - 000001859 _____ C:\Users\Public\Desktop\Ledger Live.lnk 2021-07-16 15:18 - 2021-07-29 15:38 - 000000000 ____D C:\Program Files\Ledger Live 2021-07-16 15:18 - 2021-07-16 15:18 - 117651336 _____ (Ledger Live Team) C:\Users\quart\Downloads\ledger-live-desktop-2.30.0-win.exe 2021-07-16 15:18 - 2021-07-16 15:18 - 000001871 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ledger Live.lnk 2021-07-15 18:34 - 2021-07-15 18:34 - 001328376 _____ C:\Windows\system32\FaceTrackerInternal.dll 2021-07-15 18:34 - 2021-07-15 18:34 - 001324032 _____ C:\Windows\system32\FaceProcessor.dll 2021-07-15 18:34 - 2021-07-15 18:34 - 000512864 _____ C:\Windows\system32\FaceProcessorCore.dll 2021-07-15 18:34 - 2021-07-15 18:34 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb 2021-07-15 18:34 - 2021-07-15 18:34 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb 2021-07-15 18:34 - 2021-07-15 18:34 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rendezvousSession.tlb 2021-07-15 18:34 - 2021-07-15 18:34 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\rendezvousSession.tlb 2021-07-14 10:29 - 2021-07-14 10:29 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2021-07-14 09:00 - 2021-07-14 09:00 - 000000000 ____D C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cisco Webex Meetings Desktop-App 2021-07-13 17:01 - 2021-07-13 17:01 - 000000000 __HDC C:\ProgramData\{DB2B4DA2-022F-4A27-A450-A6EB6677CA43} 2021-07-13 17:01 - 2021-07-13 17:01 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_nita2usb_01011.Wdf 2021-07-13 17:00 - 2021-07-13 17:00 - 026150802 _____ C:\Users\quart\Downloads\Traktor_Audio_2_MK1_420_PC_p.zip 2021-07-08 14:55 - 2021-08-01 07:55 - 000000000 ____D C:\Users\quart\AppData\LocalLow\WebEx 2021-07-08 14:55 - 2021-08-01 07:55 - 000000000 ____D C:\Users\quart\AppData\Local\WebEx 2021-07-08 14:55 - 2021-07-13 16:10 - 000000000 ____D C:\Users\quart\AppData\Roaming\webex 2021-07-07 20:38 - 2021-06-25 08:02 - 000389144 _____ (Google, Inc.) C:\Windows\system32\Drivers\googledrivefs3514.sys 2021-07-06 16:35 - 2021-07-06 16:35 - 003222040 _____ (Lenovo ) C:\Users\quart\Downloads\LSBSetup.exe 2021-07-06 16:35 - 2021-07-06 16:35 - 000000000 ____D C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2021-08-03 14:49 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-08-03 14:36 - 2020-05-06 20:33 - 000000000 ____D C:\Windows\system32\SleepStudy 2021-08-03 14:21 - 2021-05-08 20:15 - 000000000 ____D C:\Program Files (x86)\Google 2021-08-03 12:31 - 2021-05-10 09:34 - 000000000 ____D C:\Program Files (x86)\Steam 2021-08-03 12:25 - 2020-12-20 16:44 - 000000000 ____D C:\ProgramData\NVIDIA 2021-08-03 09:52 - 2021-05-10 09:39 - 000000000 ____D C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2021-08-03 09:51 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase 2021-08-03 09:21 - 2021-05-12 00:00 - 000000000 ____D C:\Users\quart\AppData\Local\CrashDumps 2021-08-02 22:24 - 2021-05-10 07:45 - 000000000 ____D C:\Users\quart\AppData\Local\D3DSCache 2021-08-02 22:23 - 2020-12-21 01:20 - 000746678 _____ C:\Windows\system32\perfh007.dat 2021-08-02 22:23 - 2020-12-21 01:20 - 000151048 _____ C:\Windows\system32\perfc007.dat 2021-08-02 22:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\MUI 2021-08-02 22:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\MUI 2021-08-02 22:23 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2021-08-02 22:23 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2021-08-02 22:22 - 2020-12-20 16:44 - 000000000 ____D C:\ProgramData\Package Cache 2021-08-02 11:15 - 2021-05-15 11:38 - 000000000 ____D C:\Users\quart\OneDrive\Dokumente\Citavi 6 2021-08-02 08:21 - 2020-12-20 16:30 - 000003700 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-08-02 08:21 - 2020-12-20 16:30 - 000003576 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-08-01 22:24 - 2021-05-10 08:11 - 000000000 ____D C:\Users\quart\AppData\Roaming\Ledger Live 2021-08-01 22:13 - 2021-05-30 15:22 - 000000000 ____D C:\Users\quart\AppData\Local\Ubisoft Game Launcher 2021-08-01 11:56 - 2021-05-11 19:52 - 000000000 ____D C:\ProgramData\boost_interprocess 2021-08-01 10:00 - 2021-05-08 20:07 - 000000000 ____D C:\ProgramData\Mozilla 2021-08-01 09:59 - 2021-05-10 07:41 - 000000000 ____D C:\Users\quart\AppData\Roaming\Exodus 2021-08-01 09:59 - 2021-05-08 20:07 - 000000000 ____D C:\Users\quart\AppData\LocalLow\Mozilla 2021-08-01 09:53 - 2020-05-06 20:41 - 001632024 _____ C:\Windows\system32\PerfStringBackup.INI 2021-08-01 09:52 - 2021-05-10 07:41 - 000000000 ____D C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Exodus Movement Inc 2021-08-01 09:52 - 2021-05-10 07:41 - 000000000 ____D C:\Users\quart\AppData\Local\exodus 2021-08-01 09:45 - 2021-05-08 19:31 - 000000000 __SHD C:\Users\quart\IntelGraphicsProfiles 2021-08-01 09:45 - 2021-05-08 19:27 - 000000000 ____D C:\Users\quart 2021-08-01 09:45 - 2020-12-20 16:43 - 000000000 ___HD C:\Intel 2021-08-01 09:45 - 2020-05-06 20:33 - 000008192 ___SH C:\DumpStack.log.tmp 2021-08-01 09:45 - 2020-05-06 20:33 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-08-01 09:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState 2021-07-31 19:13 - 2020-12-20 16:30 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-07-31 19:13 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-07-31 19:13 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2021-07-31 18:21 - 2021-05-10 07:37 - 000001607 _____ C:\Windows\system32\config\VSMIDK 2021-07-31 18:21 - 2021-05-08 20:22 - 000000000 ____D C:\Users\quart\AppData\Roaming\KeePass 2021-07-31 18:21 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI 2021-07-31 13:33 - 2021-05-10 19:39 - 000001115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk 2021-07-31 13:33 - 2021-05-10 19:39 - 000000000 ____D C:\Users\quart\AppData\Roaming\Notepad++ 2021-07-31 11:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports 2021-07-31 09:26 - 2020-12-20 16:38 - 000000000 ____D C:\Program Files\Microsoft Office 2021-07-31 09:26 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2021-07-30 14:58 - 2020-05-06 20:33 - 000439216 _____ C:\Windows\system32\FNTCACHE.DAT 2021-07-30 14:57 - 2021-05-09 08:24 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive 2021-07-30 14:57 - 2021-05-08 20:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-07-30 14:57 - 2020-12-21 01:19 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-07-30 14:57 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP 2021-07-30 14:57 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2021-07-30 14:57 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2021-07-30 14:57 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources 2021-07-30 14:57 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe 2021-07-30 14:57 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism 2021-07-30 14:57 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents 2021-07-30 14:57 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2021-07-30 14:57 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr 2021-07-30 14:57 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing 2021-07-30 14:09 - 2021-05-10 09:17 - 000002147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-07-29 15:37 - 2021-05-10 08:08 - 000000000 ____D C:\Users\quart\AppData\Local\ledger-live-desktop-updater 2021-07-28 22:03 - 2021-05-08 20:15 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2021-07-27 13:51 - 2021-06-01 15:43 - 000000000 ____D C:\Users\quart\AppData\Roaming\gnupg 2021-07-26 10:54 - 2021-06-19 11:17 - 000000000 ____D C:\Users\quart\AppData\Roaming\Evernote 2021-07-26 09:23 - 2021-05-09 08:24 - 000003206 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2021-07-26 09:23 - 2021-05-09 08:24 - 000002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-07-26 09:23 - 2021-05-08 19:32 - 000000000 ___RD C:\Users\quart\OneDrive 2021-07-25 10:44 - 2021-06-19 11:17 - 000000000 ____D C:\Users\quart\AppData\Local\evernote-client-updater 2021-07-23 17:46 - 2021-05-15 11:38 - 000000000 ____D C:\ProgramData\Swiss Academic Software 2021-07-23 17:45 - 2021-05-15 11:38 - 000002119 _____ C:\Users\Public\Desktop\Citavi 6.lnk 2021-07-23 17:45 - 2021-05-15 11:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 6 2021-07-23 17:45 - 2021-05-15 11:37 - 000000000 ____D C:\Users\quart\AppData\Local\Downloaded Installations 2021-07-23 09:21 - 2021-05-08 19:31 - 000000000 ____D C:\Users\quart\AppData\Local\Packages 2021-07-22 17:27 - 2021-05-08 20:07 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-07-21 14:29 - 2021-05-09 09:21 - 000000578 ____H C:\Windows\Tasks\MATLAB R2021a Startup Accelerator.job 2021-07-21 13:54 - 2021-05-12 15:02 - 000000000 ____D C:\Users\quart\AppData\Local\Deployment 2021-07-20 23:43 - 2021-05-11 19:51 - 000000000 ____D C:\Users\quart\AppData\Local\NVIDIA 2021-07-20 23:41 - 2020-12-20 16:44 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2021-07-20 21:17 - 2021-05-23 20:37 - 000000000 ____D C:\Users\quart\AppData\Roaming\MusicBee 2021-07-20 06:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2021-07-17 22:16 - 2021-06-06 15:10 - 000000000 ____D C:\Users\quart\AppData\Local\ElevatedDiagnostics 2021-07-16 19:51 - 2021-05-13 16:34 - 000000000 ____D C:\Users\quart\OneDrive\Dokumente\Native Instruments 2021-07-16 19:51 - 2021-05-13 16:34 - 000000000 ____D C:\Users\quart\AppData\Local\Native Instruments 2021-07-16 19:50 - 2021-05-13 16:34 - 000000000 ____D C:\Program Files\Common Files\Native Instruments 2021-07-16 19:50 - 2021-05-09 08:26 - 000000000 ____D C:\Program Files\Native Instruments 2021-07-16 19:49 - 2021-05-14 00:27 - 000001058 _____ C:\Users\Public\Desktop\Reaktor 6.lnk 2021-07-16 19:49 - 2021-05-09 08:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments 2021-07-16 19:38 - 2021-05-13 23:49 - 000001068 _____ C:\Users\Public\Desktop\Maschine 2.lnk 2021-07-16 19:36 - 2021-05-13 23:45 - 000001128 _____ C:\Users\Public\Desktop\Komplete Kontrol.lnk 2021-07-16 15:16 - 2021-05-08 20:15 - 000003630 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2021-07-16 15:16 - 2021-05-08 20:15 - 000003506 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2021-07-15 18:36 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System 2021-07-15 18:31 - 2021-05-08 19:35 - 000000000 ____D C:\Windows\system32\MRT 2021-07-15 18:29 - 2021-05-08 19:35 - 133422552 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2021-07-14 12:37 - 2021-05-10 19:39 - 000000000 ____D C:\Program Files (x86)\Notepad++ 2021-07-14 10:29 - 2021-05-17 13:37 - 000001026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2021-07-14 08:57 - 2021-05-08 19:32 - 000000000 ____D C:\Users\quart\AppData\Local\PlaceholderTileLogoFolder 2021-07-13 18:57 - 2020-12-20 09:12 - 007280312 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2021-07-11 07:42 - 2020-05-06 20:33 - 000000000 ____D C:\Windows\system32\Drivers\wd 2021-07-08 09:22 - 2021-05-08 19:57 - 000000000 ____D C:\Windows\Firmware 2021-07-06 16:35 - 2020-12-20 16:31 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2021-05-14 18:04 - 2021-05-15 22:59 - 000006074 _____ () C:\Users\quart\AppData\Roaming\VoiceMeeterDefault.xml 2021-06-01 16:12 - 2021-06-01 16:12 - 000001275 _____ () C:\Users\quart\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== Addition FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 03-08-2021 durchgeführt von quart (03-08-2021 14:57:14) Gestartet von C:\Users\quart\Downloads Windows 10 Pro Version 21H1 19043.1151 (X64) (2021-05-09 00:24:14) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-2739222987-1785499675-3330318582-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2739222987-1785499675-3330318582-503 - Limited - Disabled) Gast (S-1-5-21-2739222987-1785499675-3330318582-501 - Limited - Disabled) quart (S-1-5-21-2739222987-1785499675-3330318582-1001 - Administrator - Enabled) => C:\Users\quart WDAGUtilityAccount (S-1-5-21-2739222987-1785499675-3330318582-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated) Bome Virtual MIDI 2.1.0.44 (HKLM\...\BMIDI_Driver1.0.0.11_is1) (Version: - Bome Software GmbH & Co. KG) Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.10.01075 - Cisco Systems, Inc.) Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{F4C97B53-97C8-43B6-A6A1-97CE0286BAE0}) (Version: 4.10.01075 - Cisco Systems, Inc.) Hidden Cisco Webex Meetings (HKU\S-1-5-21-2739222987-1785499675-3330318582-1001\...\ActiveTouchMeetingClient) (Version: 41.7.3 - Cisco Webex LLC) Citavi 6 (HKLM-x32\...\{6A331045-8FF4-4BC9-9C56-E593ACAE28C2}) (Version: 6.10.0.0 - Swiss Academic Software) Epic Games Launcher (HKLM-x32\...\{2A27CA16-E158-4B0A-A502-3E6364B1F03E}) (Version: 1.2.17.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{0B736177-814A-4ADE-81D1-66A0FDD55BB4}) (Version: 1.1.11.0 - Epic Games, Inc.) Evernote 10.17.8 (HKU\S-1-5-21-2739222987-1785499675-3330318582-1001\...\e4251011-875e-51f3-a464-121adaff5aaa) (Version: 10.17.8 - Evernote Corporation) Exodus (HKU\S-1-5-21-2739222987-1785499675-3330318582-1001\...\exodus) (Version: 21.7.30 - Exodus Movement Inc) GNU Privacy Guard (HKLM-x32\...\GnuPG) (Version: 2.2.27 - The GnuPG Project) Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 49.0.11.0 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden Gpg4win (3.1.15) (HKLM-x32\...\Gpg4win) (Version: 3.1.15 - The Gpg4win Project) GStreamer 1.0 (HKLM-x32\...\{7F7BD56B-25F2-41F6-9282-7FF75C53914E}) (Version: 1.18.1 - GStreamer Project) IBM SPSS Statistics (HKLM\...\{DC8AD675-36E2-44AD-8FB9-FA069BEAC190}) (Version: 28.0.0.0 - Ihr Firmenname) KeePass Password Safe 2.48.1 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.48.1 - Dominik Reichl) LatencyMon 7.00 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Ledger Live 2.31.1 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.31.1 - Ledger Live Team) Lenovo Service Bridge (HKU\S-1-5-21-2739222987-1785499675-3330318582-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.4 - Lenovo) Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.7.19.0 - Lenovo Group Ltd.) Logitech Options (HKLM\...\LogiOptions) (Version: 8.54.161 - Logitech) MATLAB R2021a (HKLM\...\Matlab R2021a) (Version: 9.10 - MathWorks) Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.14228.20204 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.62 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 92.0.902.62 - Microsoft Corporation) Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.129.0627.0002 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29914 (HKLM-x32\...\{43d1ce82-6f55-4860-a938-20e5deb28b98}) (Version: 14.28.29914.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation) Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 90.0.2 (x64 de)) (Version: 90.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.10.1 - Mozilla) Mozilla Thunderbird 78.12.0 (x64 de) (HKLM\...\Mozilla Thunderbird 78.12.0 (x64 de)) (Version: 78.12.0 - Mozilla) MusicBee 3.4.7805 (HKLM-x32\...\MusicBee) (Version: 3.4.7805 - Steven Mayall) Native Instruments Absynth 5 (HKLM-x32\...\Native Instruments Absynth 5) (Version: 5.3.4.59 - Native Instruments) Native Instruments Audio 8 DJ Driver (HKLM-x32\...\Native Instruments Audio 8 DJ Driver) (Version: - Native Instruments) Native Instruments Battery 4 (HKLM-x32\...\Native Instruments Battery 4) (Version: 4.1.6.27 - Native Instruments) Native Instruments Battery 4 Factory Library (HKLM-x32\...\Native Instruments Battery 4 Factory Library) (Version: 1.1.0.2 - Native Instruments) Native Instruments Chromatic Fire (HKLM-x32\...\Native Instruments Chromatic Fire) (Version: 1.0.1.1 - Native Instruments) Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 2.6.2.547 - Native Instruments) Native Instruments Driver (HKLM-x32\...\Native Instruments Driver) (Version: 1.4.0.73 - Native Instruments) Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version: 1.4.4.104 - Native Instruments) Native Instruments Komplete Kontrol (HKLM-x32\...\Native Instruments Komplete Kontrol) (Version: 2.6.2.211 - Native Instruments) Native Instruments Komplete Kontrol Driver (HKLM-x32\...\Native Instruments Komplete Kontrol Driver) (Version: - Native Instruments) Native Instruments Komplete Kontrol MK2 Driver (HKLM-x32\...\Native Instruments Komplete Kontrol MK2 Driver) (Version: - Native Instruments) Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.8.1.43 - Native Instruments) Native Instruments Kontour (HKLM-x32\...\Native Instruments Kontour) (Version: 1.0.0.6 - Native Instruments) Native Instruments Maschine 2 (HKLM-x32\...\Native Instruments Maschine 2) (Version: 2.14.1.891 - Native Instruments) Native Instruments Maschine 2 Factory Library (HKLM-x32\...\Native Instruments Maschine 2 Factory Library) (Version: 1.3.8.3 - Native Instruments) Native Instruments Maschine Controller MK2 Driver (HKLM-x32\...\Native Instruments Maschine Controller MK2 Driver) (Version: - Native Instruments) Native Instruments Maschine Jam Driver (HKLM-x32\...\Native Instruments Maschine Jam Driver) (Version: - Native Instruments) Native Instruments Maschine Mikro Driver (HKLM-x32\...\Native Instruments Maschine Mikro Driver) (Version: - Native Instruments) Native Instruments Maschine Mikro MK2 Driver (HKLM-x32\...\Native Instruments Maschine Mikro MK2 Driver) (Version: - Native Instruments) Native Instruments Maschine MK3 Driver (HKLM-x32\...\Native Instruments Maschine MK3 Driver) (Version: - Native Instruments) Native Instruments Maschine Studio Driver (HKLM-x32\...\Native Instruments Maschine Studio Driver) (Version: - Native Instruments) Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.5.8.64 - Native Instruments) Native Instruments Mikro Prism (HKLM-x32\...\Native Instruments Mikro Prism) (Version: 1.1.0.14 - Native Instruments) Native Instruments Monark (HKLM-x32\...\Native Instruments Monark) (Version: 1.3.1.4 - Native Instruments) Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.13.3.136 - Native Instruments) Native Instruments NIHostIntegrationAgent (HKLM-x32\...\Native Instruments NIHostIntegrationAgent) (Version: 1.10.4.222 - Native Instruments) Native Instruments NTKDaemon (HKLM-x32\...\Native Instruments NTKDaemon) (Version: 1.1.0.96 - Native Instruments) Native Instruments Polyplex (HKLM-x32\...\Native Instruments Polyplex) (Version: 1.1.0.3 - Native Instruments) Native Instruments Rammfire (HKLM-x32\...\Native Instruments Rammfire) (Version: 2.0.0.5 - Native Instruments) Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: 5.9.4.1512 - Native Instruments) Native Instruments Reaktor 6 (HKLM-x32\...\Native Instruments Reaktor 6) (Version: 6.4.2.4 - Native Instruments) Native Instruments Reaktor Blocks Wired (HKLM-x32\...\Native Instruments Reaktor Blocks Wired) (Version: 1.0.2.1 - Native Instruments) Native Instruments Reaktor Factory Selection R2 (HKLM-x32\...\Native Instruments Reaktor Factory Selection R2) (Version: 1.0.1.7 - Native Instruments) Native Instruments Reaktor Prism (HKLM-x32\...\Native Instruments Reaktor Prism) (Version: 1.6.1.1 - Native Instruments) Native Instruments Reaktor Spark R2 (HKLM-x32\...\Native Instruments Reaktor Spark R2) (Version: 1.4.0.4 - Native Instruments) Native Instruments Reflektor (HKLM-x32\...\Native Instruments Reflektor) (Version: 2.0.0.8 - Native Instruments) Native Instruments Replika (HKLM-x32\...\Native Instruments Replika) (Version: 1.4.0.47 - Native Instruments) Native Instruments Rounds (HKLM-x32\...\Native Instruments Rounds) (Version: 1.2.0.3 - Native Instruments) Native Instruments Solid Bus Comp FX (HKLM-x32\...\Native Instruments Solid Bus Comp FX) (Version: 1.4.0.73 - Native Instruments) Native Instruments Solid Dynamics FX (HKLM-x32\...\Native Instruments Solid Dynamics FX) (Version: 1.4.0.73 - Native Instruments) Native Instruments Solid EQ FX (HKLM-x32\...\Native Instruments Solid EQ FX) (Version: 1.4.0.73 - Native Instruments) Native Instruments Supercharger (HKLM-x32\...\Native Instruments Supercharger) (Version: 1.4.0.73 - Native Instruments) Native Instruments The Finger R2 (HKLM-x32\...\Native Instruments The Finger R2) (Version: 1.3.0.3 - Native Instruments) Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.11.3.17 - Native Instruments) Native Instruments Traktor Audio 2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol Z1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z1 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol Z2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z2 Driver) (Version: - Native Instruments) Native Instruments Traktors 12 (HKLM-x32\...\Native Instruments Traktors 12) (Version: 2.0.0.8 - Native Instruments) Native Instruments Transient Master FX (HKLM-x32\...\Native Instruments Transient Master FX) (Version: 1.4.0.73 - Native Instruments) Native Instruments West Africa (HKLM-x32\...\Native Instruments West Africa) (Version: 1.4.1.4 - Native Instruments) NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.37.3.0 - TEFINCOM S.A.) NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN) NordVPN network TUN (HKLM\...\{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 - NordVPN) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 8.1.2 - Notepad++ Team) NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation) NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation) NVIDIA Grafiktreiber 471.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.41 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20204 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20204 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.14228.20204 - Microsoft Corporation) Hidden Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.44.403 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.9 - Rockstar Games) Samsung Drucker-Diagnose (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.) Samsung M332x 382x 402x Series (HKLM-x32\...\Samsung M332x 382x 402x Series) (Version: 1.29 (16.07.2015) - Samsung Electronics Co., Ltd.) Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) SoulseekQt Version 2019.7.22 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2019.7.22 - Soulseek LLC) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 121.0.10451 - Ubisoft) Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version: - VB-Audio Software) WinRAR 6.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH) YubiKey Manager (HKLM-x32\...\yubikey-manager) (Version: 1.2.2 - Yubico AB) Packages: ========= Asphalt 8: Airborne -> C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_5.8.5.0_x86__0pp20fcewvvtj [2021-07-13] (GAMELOFT SA) Dolby Atmos Speaker System -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosSpeakerSystem_3.20602.609.0_x64__rz1tebttyb220 [2020-12-20] (Dolby Laboratories) Dolby Vision -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyVisionHDR_2.0.5589.0_x64__rz1tebttyb220 [2021-07-15] (Dolby Laboratories) Glance by Mirametrix -> C:\Program Files\WindowsApps\MirametrixInc.GlancebyMirametrix_8.14.1758.0_x64__17mer8kcn3j54 [2021-07-31] (Mirametrix Inc.) [Startup Task] Intel® Grafik-Kontrollraum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-07-25] (INTEL CORP) [Startup Task] Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.0.44.0_x64__5grkq8ppsgwt4 [2021-07-18] (LENOVO INC) [Startup Task] Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2105.16.0_x64__k1h2ywk1493x8 [2021-06-08] (LENOVO INC.) Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-05-10] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-05-08] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-05-08] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-21] (Microsoft Studios) [MS Ad] Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.49.41972.0_x64__8wekyb3d8bbwe [2021-07-28] (Microsoft Corporation) [Startup Task] MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-12-20] (Microsoft Corporation) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-07-20] (NVIDIA Corp.) One Calendar -> C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2021.524.4.0_x64__8kea50m9krsh2 [2021-06-08] (Code Spark) Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.41311.0_x64__8wekyb3d8bbwe [2021-07-13] (Microsoft Corporation) Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-05-10] (Adobe Systems Incorporated) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.17.231.0_x64__dt26b99r8h8gj [2021-05-10] (Realtek Semiconductor Corp) Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2021-05-10] (Samsung Electronics Co. Ltd.) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0 [2021-07-23] (Spotify AB) [Startup Task] Thunderbolt™ Control Center -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.32.0_x64__8j3eq9eme6ctt [2021-06-17] (INTEL CORP) XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2021-06-04] (New Work SE) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2739222987-1785499675-3330318582-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\quart\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.129.0627.0002\amd64\FileSyncShell64.dll [2021-07-26] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.129.0627.0002\amd64\FileSyncShell64.dll [2021-07-26] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.129.0627.0002\amd64\FileSyncShell64.dll [2021-07-26] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.129.0627.0002\amd64\FileSyncShell64.dll [2021-07-26] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.129.0627.0002\amd64\FileSyncShell64.dll [2021-07-26] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.129.0627.0002\amd64\FileSyncShell64.dll [2021-07-26] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.129.0627.0002\amd64\FileSyncShell64.dll [2021-07-26] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\49.0.11.0\drivefsext.dll [2021-07-27] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\49.0.11.0\drivefsext.dll [2021-07-27] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\49.0.11.0\drivefsext.dll [2021-07-27] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\49.0.11.0\drivefsext.dll [2021-07-27] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.129.0627.0002\amd64\FileSyncShell64.dll [2021-07-26] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.129.0627.0002\amd64\FileSyncShell64.dll [2021-07-26] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.129.0627.0002\amd64\FileSyncShell64.dll [2021-07-26] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.129.0627.0002\amd64\FileSyncShell64.dll [2021-07-26] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.129.0627.0002\amd64\FileSyncShell64.dll [2021-07-26] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.129.0627.0002\amd64\FileSyncShell64.dll [2021-07-26] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.129.0627.0002\amd64\FileSyncShell64.dll [2021-07-26] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.129.0627.0002\amd64\FileSyncShell64.dll [2021-07-26] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2021-07-01] (Notepad++ -> ) ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\49.0.11.0\drivefsext.dll [2021-07-27] (Google LLC -> Google, Inc.) ContextMenuHandlers1: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\Gpg4win\bin_64\gpgex.dll [2021-01-12] (g10 Code GmbH) [Datei ist nicht signiert] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.129.0627.0002\amd64\FileSyncShell64.dll [2021-07-26] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\49.0.11.0\drivefsext.dll [2021-07-27] (Google LLC -> Google, Inc.) ContextMenuHandlers4: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\Gpg4win\bin_64\gpgex.dll [2021-01-12] (g10 Code GmbH) [Datei ist nicht signiert] ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.129.0627.0002\amd64\FileSyncShell64.dll [2021-07-26] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\49.0.11.0\drivefsext.dll [2021-07-27] (Google LLC -> Google, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_c6fc6328fcbac4e0\nvshext.dll [2021-07-13] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== ==================== Verknüpfungen & WMI ======================== ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2015-12-28 04:58 - 2021-05-08 20:22 - 000225930 _____ () [Datei ist nicht signiert] C:\Program Files\KeePass Password Safe 2\64bit\libjson-c-2.dll 2015-12-28 04:58 - 2021-05-08 20:22 - 000386467 _____ () [Datei ist nicht signiert] C:\Program Files\KeePass Password Safe 2\64bit\libykpers-1-1.dll 2015-12-28 04:58 - 2021-05-08 20:22 - 000125597 _____ () [Datei ist nicht signiert] C:\Program Files\KeePass Password Safe 2\64bit\libyubikey-0.dll 2021-08-03 12:14 - 2021-08-03 12:14 - 001195008 _____ (ESET) [Datei ist nicht signiert] C:\Users\quart\AppData\Local\ESET\ESETOnlineScanner\esets_apiW_a.DLL 2021-07-22 10:43 - 2021-07-22 10:43 - 042803200 _____ (Intel Corporation) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\IGCC.dll 2021-07-20 23:50 - 2020-05-30 15:58 - 001280000 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll 2021-06-03 08:11 - 2020-05-30 16:03 - 001660416 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\ProgramData\Lenovo\iMController\Plugins\LenovoSystemUpdatePlugin\x64\x64\SQLite.Interop.dll 2021-05-31 20:58 - 2020-11-03 05:08 - 000954864 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== HKU\S-1-5-21-2739222987-1785499675-3330318582-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=LCTE HKU\S-1-5-21-2739222987-1785499675-3330318582-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=LCTE HKU\S-1-5-21-2739222987-1785499675-3330318582-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/ BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Program Files (x86)\Internet Explorer\Citavi Picker\x64\SwissAcademic.Citavi.IEPicker.DLL [2021-07-09] (Swiss Academic Software -> Swiss Academic Software) BHO: Kein Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Keine Datei BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Program Files (x86)\Internet Explorer\Citavi Picker\SwissAcademic.Citavi.IEPicker.DLL [2021-07-09] (Swiss Academic Software -> Swiss Academic Software) BHO-x32: Kein Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Keine Datei Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-2739222987-1785499675-3330318582-1001\...\sharepoint.com -> hxxps://studentsunimarburgde-files.sharepoint.com ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2739222987-1785499675-3330318582-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\quart\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) ist aktiviert. Network Binding: ============= Ethernet 3: NordVPN LightWeight Firewall -> NordLwf (enabled) WLAN: NordVPN LightWeight Firewall -> NordLwf (enabled) Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled) ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKLM\...\StartupApproved\StartupFolder: => "NIHardwareAccessibilityHelper.exe.lnk" HKLM\...\StartupApproved\StartupFolder: => "NTKDaemon.lnk" HKLM\...\StartupApproved\Run32: => "XPE" HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows" HKU\S-1-5-21-2739222987-1785499675-3330318582-1001\...\StartupApproved\Run: => "Adobe Reader Synchronizer" HKU\S-1-5-21-2739222987-1785499675-3330318582-1001\...\StartupApproved\Run: => "Steam" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{F3796D26-87C7-4B46-8150-D2796583C604}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{D5ABF9C4-EE34-48B9-B182-8C99D25307F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{86DBFD16-2646-4204-B573-8614773704B4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{D7B06209-8A81-406F-8F2B-084099562439}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{35ECB12C-0FB1-4712-865F-424EA6093E09}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{11FD5486-8815-4869-BD42-B3EF30472D29}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{9BA7255F-74D6-4857-9EE5-ABDC2BE1A0AA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{83F3B3FE-C9E6-4382-B2FE-94515F2C83B3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{689100E5-8183-454A-8D90-52A06A186AE2}] => (Allow) D:\Spielen\SteamLibrary\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (Rocksteady Studios Ltd.) [Datei ist nicht signiert] FirewallRules: [{497FA2FD-13E2-480C-BD01-D94D12DA1230}] => (Allow) D:\Spielen\SteamLibrary\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (Rocksteady Studios Ltd.) [Datei ist nicht signiert] FirewallRules: [TCP Query User{39EF9256-8BC4-415E-B419-63905225F723}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{93815F27-5A6D-4B2B-AFC2-A4C3D942A491}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{60E1709F-9BEF-4989-A799-54BDCF6D6211}] => (Allow) D:\Spielen\SteamLibrary\steamapps\common\Super Indie Karts\SuperIndieKarts.exe () [Datei ist nicht signiert] FirewallRules: [{1C519A35-84F3-4CE0-ACCE-1463A4B2CD94}] => (Allow) D:\Spielen\SteamLibrary\steamapps\common\Super Indie Karts\SuperIndieKarts.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{2E5318C9-A876-4372-AF95-464C96C4630B}C:\program files\matlab\r2021a\bin\win64\update_installer.exe] => (Allow) C:\program files\matlab\r2021a\bin\win64\update_installer.exe (The MathWorks, Inc. -> The MathWorks, Inc) FirewallRules: [UDP Query User{34173ADF-7C2A-4235-9D07-2C7A0A182755}C:\program files\matlab\r2021a\bin\win64\update_installer.exe] => (Allow) C:\program files\matlab\r2021a\bin\win64\update_installer.exe (The MathWorks, Inc. -> The MathWorks, Inc) FirewallRules: [{2641785A-5220-429B-A1A9-6B531C1706A3}] => (Allow) E:\Steam\steamapps\common\Rayman Legends\Rayman Legends.exe => Keine Datei FirewallRules: [{07701113-F2BA-4D33-8F7F-DEB44245AC15}] => (Allow) E:\Steam\steamapps\common\Rayman Legends\Rayman Legends.exe => Keine Datei FirewallRules: [TCP Query User{8CD7A07F-447D-499C-B064-5EFB70ADABD1}E:\steam\steamapps\common\valvetestapp207490\rayman origins.exe] => (Allow) E:\steam\steamapps\common\valvetestapp207490\rayman origins.exe => Keine Datei FirewallRules: [UDP Query User{A00490F7-1E96-4BCE-83D1-AC886A700E03}E:\steam\steamapps\common\valvetestapp207490\rayman origins.exe] => (Allow) E:\steam\steamapps\common\valvetestapp207490\rayman origins.exe => Keine Datei FirewallRules: [{84F5211D-3EC1-451F-B8D4-C9375E2E6C19}] => (Block) E:\steam\steamapps\common\valvetestapp207490\rayman origins.exe => Keine Datei FirewallRules: [{82C4E0AA-0EA7-4FD2-9A21-45B86B714728}] => (Block) E:\steam\steamapps\common\valvetestapp207490\rayman origins.exe => Keine Datei FirewallRules: [TCP Query User{AA38FD97-0931-4668-85A4-67BC672918CD}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{DA916C94-79D2-4B20-8194-47E46CD83124}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [Datei ist nicht signiert] FirewallRules: [{36DCE6DB-22D2-44B3-9B60-4EF5C7293CAC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{3095ED18-F884-4E2F-A7C8-046D1AAA8DF6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{059ACF5B-BFDB-4627-966C-85BF25B4D9F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{2FAA84B3-D1BB-459E-8344-DF0C6FBE5994}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FC4D2024-1DC2-4133-9F54-1949693DCC23}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{B11D48D8-AC2A-4B25-A9EC-E52D78FC9347}C:\program files\matlab\r2021a\bin\win64\update_installer.exe] => (Allow) C:\program files\matlab\r2021a\bin\win64\update_installer.exe (The MathWorks, Inc. -> The MathWorks, Inc) FirewallRules: [UDP Query User{349DFA59-B1C7-4972-8B07-A26DC6E78B68}C:\program files\matlab\r2021a\bin\win64\update_installer.exe] => (Allow) C:\program files\matlab\r2021a\bin\win64\update_installer.exe (The MathWorks, Inc. -> The MathWorks, Inc) FirewallRules: [{5BB30A8B-65B6-4E9F-A5DD-EDE60F480272}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{BE530229-B664-4340-B883-61016430046C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{55D0D28E-773B-4935-862C-BDD3FD6AF9E7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{53F1ACF5-8E7E-4B21-AD5B-93316EAC725D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{F9B75665-81D1-4C08-824D-304D833DF2DA}C:\program files\ibm\spss statistics\stats.exe] => (Allow) C:\program files\ibm\spss statistics\stats.exe (International Business Machines Corporation -> IBM Corp.) FirewallRules: [UDP Query User{91B6D05B-E5DA-458D-A65F-1B2935963A65}C:\program files\ibm\spss statistics\stats.exe] => (Allow) C:\program files\ibm\spss statistics\stats.exe (International Business Machines Corporation -> IBM Corp.) FirewallRules: [{D1E6CA09-BF48-4134-B07F-DD2731E7ADEC}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.) FirewallRules: [{64AC98BA-FBB8-42CD-BBCB-56DD4EED18B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{4E8D2F59-58A8-4A92-A3EF-6655C463E494}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{5516B08F-94D7-4FFB-9768-4837D23353F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{1278C576-E04D-4BBE-9281-0A8945629832}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{59426BB8-2A96-497A-B954-E0FFAA2C6468}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{17C90356-7E1E-459D-8230-4918680AC2DC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{DE026201-DBFA-4559-BA0E-DF3D60890CE9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{2E8C9D3D-D56A-468E-93A2-186AFAB8BE47}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D0811100-E833-4B69-A43C-3FDBD4185968}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\92.0.902.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{456B79EB-1A82-44B0-B29A-4E98EDF41F90}D:\spielen\epic\gtav\gta5.exe] => (Allow) D:\spielen\epic\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{AC96FCCF-D9E7-4628-A03E-1367FE882C88}D:\spielen\epic\gtav\gta5.exe] => (Allow) D:\spielen\epic\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{79E03240-EEC1-404A-8891-506EC132CE2D}] => (Allow) D:\Spielen\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> ) FirewallRules: [{472ED08E-4AEF-496B-A1BC-6C5106DDA96A}] => (Allow) D:\Spielen\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> ) FirewallRules: [{406D50BF-BD9D-40BE-9399-779C0D470E8D}] => (Allow) D:\Spielen\SteamLibrary\steamapps\common\TEKKEN 7\TEKKEN 7.exe () [Datei ist nicht signiert] FirewallRules: [{4F8666C5-3455-4BDD-9208-A0604A6E3BCC}] => (Allow) D:\Spielen\SteamLibrary\steamapps\common\TEKKEN 7\TEKKEN 7.exe () [Datei ist nicht signiert] ==================== Wiederherstellungspunkte ========================= 30-07-2021 14:41:48 Windows Modules Installer 31-07-2021 18:02:48 Windows Modules Installer 01-08-2021 22:27:09 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 01-08-2021 22:27:17 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 ==================== Fehlerhafte Geräte im Gerätemanager ============ Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: vpnva Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (08/03/2021 09:21:00 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: AcrobatNotificationClient.exe, Version: 0.0.0.0, Zeitstempel: 0x5b98af46 Name des fehlerhaften Moduls: combase.dll, Version: 10.0.19041.1081, Zeitstempel: 0xbc34a44f Ausnahmecode: 0xc000027b Fehleroffset: 0x00206341 ID des fehlerhaften Prozesses: 0x2540 Startzeit der fehlerhaften Anwendung: 0x01d786a94c286333 Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe Pfad des fehlerhaften Moduls: C:\Windows\System32\combase.dll Berichtskennung: f61d79cf-c0e2-40df-8fca-13bd2e6bd0da Vollständiger Name des fehlerhaften Pakets: ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App Error: (08/02/2021 11:27:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: GameBar.exe, Version: 5.721.6282.0, Zeitstempel: 0x60da0a09 Name des fehlerhaften Moduls: combase.dll, Version: 10.0.19041.1081, Zeitstempel: 0x473ce9d1 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000083a65 ID des fehlerhaften Prozesses: 0x9a80 Startzeit der fehlerhaften Anwendung: 0x01d787e526c0e319 Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.6282.0_x64__8wekyb3d8bbwe\GameBar.exe Pfad des fehlerhaften Moduls: C:\Windows\System32\combase.dll Berichtskennung: 4ea14120-9257-4063-a8fa-c595c5d36f89 Vollständiger Name des fehlerhaften Pakets: Microsoft.XboxGamingOverlay_5.721.6282.0_x64__8wekyb3d8bbwe Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App Error: (07/31/2021 06:21:38 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren. ] Error: (07/31/2021 06:21:38 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren. . Error: (07/31/2021 06:21:38 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren. ] Error: (07/31/2021 06:21:38 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren. . Error: (07/31/2021 06:21:38 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren. ] Error: (07/30/2021 09:41:20 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Systemfehler: ============= Error: (08/03/2021 12:16:10 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\quart\AppData\Local\Temp\ehdrv.sys Error: (08/03/2021 12:16:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: Der Treiber konnte nicht geladen werden. Error: (08/03/2021 12:16:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: Der Treiber konnte nicht geladen werden. Error: (08/03/2021 12:16:09 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\quart\AppData\Local\Temp\ehdrv.sys Error: (08/03/2021 12:16:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: Der Treiber konnte nicht geladen werden. Error: (08/03/2021 12:16:09 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\quart\AppData\Local\Temp\ehdrv.sys Error: (08/03/2021 12:16:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: Der Treiber konnte nicht geladen werden. Error: (08/03/2021 12:16:09 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\quart\AppData\Local\Temp\ehdrv.sys Windows Defender: ================ Date: 2021-08-03 09:51:07 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {C09226FE-4F4E-463A-835E-68B362AF8A8B} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2021-08-02 22:19:49 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {A42E00AB-3150-4772-9C7E-7A3BCDCD1148} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2021-08-02 11:07:44 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {0BB32339-289B-4B52-9EE7-622296A56CD4} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2021-07-29 12:42:26 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {56690A22-717D-4C02-AC68-715D50E5DAD5} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2021-07-27 15:43:59 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {26DA6959-8D4F-4B06-AF5C-7B86783F5B1F} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM CodeIntegrity: =============== Date: 2021-06-08 08:20:40 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Drive File Stream\48.0.13.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements. Date: 2021-05-13 13:00:22 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Drive File Stream\47.0.19.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements. Date: 2021-05-10 08:13:16 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements. Date: 2021-05-10 08:10:26 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\McAfee.com\Agent\WSCLLCSectigo.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\McAfee\Platform\Core\vtploader.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== BIOS: LENOVO DNCN29WW 05/26/2021 Hauptplatine: LENOVO LNVNB161216 Prozessor: Intel(R) Core(TM) i7-10750H CPU @ 2.60GHz Prozentuale Nutzung des RAM: 61% Installierter physikalischer RAM: 16185.68 MB Verfügbarer physikalischer RAM: 6259.71 MB Summe virtueller Speicher: 18617.68 MB Verfügbarer virtueller Speicher: 5219.55 MB ==================== Laufwerke ================================ Drive c: (Windows-SSD) (Fixed) (Total:244.61 GB) (Free:106.57 GB) (Protected) NTFS Drive d: (Data) (Fixed) (Total:708.01 GB) (Free:187.65 GB) (Protected) NTFS Drive g: (Google Drive) (Fixed) (Total:100 GB) (Free:65.96 GB) FAT32 \\?\Volume{24b11b33-358e-4a30-a048-0b176beb3ef5}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS \\?\Volume{1e405a71-0353-4f16-bf3d-5fe2e6de788d}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Size: 953.9 GB) (Disk ID: 501BEFE8) Partition: GPT. ==================== Ende von Addition.txt ======================= |
03.08.2021, 21:02 | #6 |
| Eset zeigt Trojanerfund an. Shortcut Code:
ATTFilter Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 03-08-2021 durchgeführt von quart (03-08-2021 14:58:06) Gestartet von C:\Users\quart\Downloads Start-Modus: Normal ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics\Python 2.7 for IBM SPSS Statistics\Python3 for SPSS Statistics (CMD).lnk -> C:\Program Files\IBM\SPSS Statistics\statisticspython3.bat () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\49.0.11.0\GoogleDriveFS.exe (Google, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GPA.lnk -> C:\Program Files (x86)\Gpg4win\bin\gpa.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk -> C:\Program Files\KeePass Password Safe 2\KeePass.exe (Dominik Reichl) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kleopatra.lnk -> C:\Program Files (x86)\Gpg4win\bin\kleopatra.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ledger Live.lnk -> C:\Program Files\Ledger Live\Ledger Live.exe (Ledger Live Team) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO don.h@free.fr) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yubico\Yubikey Manager\Uninstall YubiKey Manager.lnk -> C:\Program Files\Yubico\YubiKey Manager\ykman-uninstall.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yubico\Yubikey Manager\YubiKey Manager.lnk -> C:\Program Files\Yubico\YubiKey Manager\ykman-gui.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio\Voicemeeter\15 Bands Graphic EQ.LNK -> C:\Program Files (x86)\VB\Voicemeeter\VoicemeeterBUSGEQ15.exe (Audio Mechanic & Sound Breeder) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio\Voicemeeter\8x8 Output Matrix.LNK -> C:\Program Files (x86)\VB\Voicemeeter\VoicemeeterBUSMatrix8.exe (Audio Mechanic & Sound Breeder) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio\Voicemeeter\Macro Buttons.LNK -> C:\Program Files (x86)\VB\Voicemeeter\VoicemeeterMacroButtons.exe (Audio Mechanic & Sound Breeder) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio\Voicemeeter\Readme.LNK -> C:\Program Files (x86)\VB\Voicemeeter\readme.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio\Voicemeeter\VBAN-2-MIDI.LNK -> C:\Program Files (x86)\VB\Voicemeeter\VBAN2MIDI.exe (Audio Mechanic & Sound Breeder) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio\Voicemeeter\Virtual IO Control Panel.LNK -> C:\Program Files (x86)\VB\Voicemeeter\VBCABLE_ControlPanel.exe (VB-AUDIO Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio\Voicemeeter\Voicemeeter.LNK -> C:\Program Files (x86)\VB\Voicemeeter\voicemeeter.exe (VB-AUDIO Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\NIHardwareAccessibilityHelper.exe.lnk -> C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareAccessibilityHelper.exe (Native Instruments GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\NTKDaemon.lnk -> C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe (Native Instruments GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoulseekQt\SoulseekQt.lnk -> C:\Program Files (x86)\SoulseekQt\SoulseekQt.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Samsung Drucker-Diagnose.lnk -> C:\Program Files (x86)\Samsung\Samsung Printer Diagnostics\SEInstall\SPD\ESM.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec\NordVPN Diagnostics.lnk -> C:\Program Files\NordVPN\6.37.3.0\Diagnostics.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec\NordVPN.lnk -> C:\Program Files\NordVPN\NordVPN.exe (TEFINCOM S.A.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Traktor Kontrol Z2\Traktor Kontrol Z2 Control Panel.lnk -> C:\Program Files\Native Instruments\Traktor Kontrol Z2 Driver\nikz2cpl.exe (Native Instruments GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Traktor Kontrol Z1\Traktor Kontrol Z1 Control Panel.lnk -> C:\Program Files\Native Instruments\Traktor Kontrol Z1 Driver\nikz1cpl.exe (Native Instruments GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Traktor Audio 2 MK1\Traktor Audio 2 MK1 Control Panel.lnk -> C:\Program Files\Native Instruments\Traktor Audio 2 Driver\nita2cpl.exe (Native Instruments GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Traktor 2\Traktor 2.lnk -> C:\Program Files\Native Instruments\Traktor Pro 2\Traktor.exe (Native Instruments GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Reaktor 6\Reaktor 6.lnk -> C:\Program Files\Native Instruments\Reaktor 6\Reaktor 6.exe (Native Instruments GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Reaktor 5\Reaktor 5.lnk -> C:\Program Files\Native Instruments\Reaktor 5\Reaktor5.exe (Native Instruments GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Native Access\Native Access.lnk -> C:\Program Files\Native Instruments\Native Access\Native Access.exe (Native Instruments GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Massive\Massive.lnk -> C:\Program Files\Native Instruments\Massive\Massive.exe (Native Instruments GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Maschine MK3\Maschine MK3 Control Panel.lnk -> C:\Program Files\Native Instruments\Maschine MK3 Driver\nimc3cpl.exe (Native Instruments GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Maschine 2\Maschine 2 (64-bit Mode).lnk -> C:\Program Files\Native Instruments\Maschine 2\Maschine 2.exe (Native Instruments GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Kontakt 5\Kontakt 5.lnk -> C:\Program Files\Native Instruments\Kontakt 5\Kontakt 5.exe (Native Instruments GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Komplete Kontrol\Komplete Kontrol (64-bit Mode).lnk -> C:\Program Files\Native Instruments\Komplete Kontrol\Komplete Kontrol.exe (Native Instruments GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\FM8\FM8.lnk -> C:\Program Files\Native Instruments\FM8\FM8.exe (Native Instruments GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Controller Editor\Controller Editor.lnk -> C:\Program Files\Native Instruments\Controller Editor\Controller Editor.exe (Native Instruments GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Battery 4\Battery 4.lnk -> C:\Program Files\Native Instruments\Battery 4\Battery 4.exe (Native Instruments GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Audio 8 DJ\Audio 8 DJ Control Panel.lnk -> C:\Program Files\Native Instruments\Audio 8 DJ Driver\a8djcpl.exe (Native Instruments GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Audio 8 DJ\Audio 8 DJ Settings.lnk -> C:\Program Files\Native Instruments\Audio 8 DJ Driver\Audio 8 DJ Settings.exe (Native Instruments GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Absynth 5\Absynth 5.lnk -> C:\Program Files\Native Instruments\Absynth 5\Absynth 5.exe (Native Instruments GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office-Spracheinstellungen.lnk -> C:\Program Files\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2021a\Activate MATLAB R2021a.lnk -> C:\Program Files\MATLAB\R2021a\bin\win64\activate_matlab.exe (The MathWorks, Inc) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2021a\Deactivate MATLAB R2021a.lnk -> C:\Program Files\MATLAB\R2021a\uninstall\bin\win64\deactivate_matlab.exe (The MathWorks, Inc) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2021a\MATLAB R2021a.lnk -> C:\Program Files\MATLAB\R2021a\bin\matlab.exe (The MathWorks Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Options.lnk -> C:\Program Files\Logitech\LogiOptions\LogiOptions.exe (Logitech, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon\LatencyMon.lnk -> C:\Program Files\LatencyMon\LatMon.exe (Resplendence Software Projects Sp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics\IBM SPSS Statistics.lnk -> C:\Program Files\IBM\SPSS Statistics\stats.exe (IBM Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 6\Citavi 6.lnk -> C:\Program Files (x86)\Citavi 6\bin\Citavi.exe (Swiss Academic Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco\Cisco AnyConnect Secure Mobility Client\Cisco AnyConnect Secure Mobility Client.lnk -> C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\Public\Desktop\Absynth 5.lnk -> C:\Program Files\Native Instruments\Absynth 5\Absynth 5.exe (Native Instruments GmbH) Shortcut: C:\Users\Public\Desktop\Battery 4.lnk -> C:\Program Files\Native Instruments\Battery 4\Battery 4.exe (Native Instruments GmbH) Shortcut: C:\Users\Public\Desktop\Citavi 6.lnk -> C:\Program Files (x86)\Citavi 6\bin\Citavi.exe (Swiss Academic Software) Shortcut: C:\Users\Public\Desktop\Controller Editor.lnk -> C:\Program Files\Native Instruments\Controller Editor\Controller Editor.exe (Native Instruments GmbH) Shortcut: C:\Users\Public\Desktop\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.) Shortcut: C:\Users\Public\Desktop\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Public\Desktop\FM8.lnk -> C:\Program Files\Native Instruments\FM8\FM8.exe (Native Instruments GmbH) Shortcut: C:\Users\Public\Desktop\GPA.lnk -> C:\Program Files (x86)\Gpg4win\bin\gpa.exe () Shortcut: C:\Users\Public\Desktop\IBM SPSS Statistics.lnk -> C:\Program Files\IBM\SPSS Statistics\stats.exe (IBM Corp.) Shortcut: C:\Users\Public\Desktop\Komplete Kontrol.lnk -> C:\Program Files\Native Instruments\Komplete Kontrol\Komplete Kontrol.exe (Native Instruments GmbH) Shortcut: C:\Users\Public\Desktop\Kontakt 5.lnk -> C:\Program Files\Native Instruments\Kontakt 5\Kontakt 5.exe (Native Instruments GmbH) Shortcut: C:\Users\Public\Desktop\Ledger Live.lnk -> C:\Program Files\Ledger Live\Ledger Live.exe (Ledger Live Team) Shortcut: C:\Users\Public\Desktop\Maschine 2.lnk -> C:\Program Files\Native Instruments\Maschine 2\Maschine 2.exe (Native Instruments GmbH) Shortcut: C:\Users\Public\Desktop\Massive.lnk -> C:\Program Files\Native Instruments\Massive\Massive.exe (Native Instruments GmbH) Shortcut: C:\Users\Public\Desktop\Mozilla Thunderbird.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) Shortcut: C:\Users\Public\Desktop\Native Access.lnk -> C:\Program Files\Native Instruments\Native Access\Native Access.exe (Native Instruments GmbH) Shortcut: C:\Users\Public\Desktop\Reaktor 5.lnk -> C:\Program Files\Native Instruments\Reaktor 5\Reaktor5.exe (Native Instruments GmbH) Shortcut: C:\Users\Public\Desktop\Reaktor 6.lnk -> C:\Program Files\Native Instruments\Reaktor 6\Reaktor 6.exe (Native Instruments GmbH) Shortcut: C:\Users\Public\Desktop\Samsung Drucker-Diagnose.lnk -> C:\Program Files (x86)\Samsung\Samsung Printer Diagnostics\SEInstall\SPD\ESM.exe () Shortcut: C:\Users\Public\Desktop\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) Shortcut: C:\Users\Public\Desktop\Traktor 2.lnk -> C:\Program Files\Native Instruments\Traktor Pro 2\Traktor.exe (Native Instruments GmbH) Shortcut: C:\Users\quart\Links\Desktop.lnk -> C:\Users\quart\OneDrive\Desktop () Shortcut: C:\Users\quart\Links\Downloads.lnk -> C:\Users\quart\Downloads () Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk -> C:\Users\quart\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe (ESET) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evernote.lnk -> C:\Users\quart\AppData\Local\Programs\Evernote\Evernote.exe (Evernote Corporation) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk -> C:\Users\quart\OneDrive\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt () Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm () Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt () Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio\Voicemeeter\15 Bands Graphic EQ.LNK -> C:\Program Files (x86)\VB\Voicemeeter\VoicemeeterBUSGEQ15.exe (Audio Mechanic & Sound Breeder) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio\Voicemeeter\8x8 Output Matrix.LNK -> C:\Program Files (x86)\VB\Voicemeeter\VoicemeeterBUSMatrix8.exe (Audio Mechanic & Sound Breeder) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio\Voicemeeter\Macro Buttons.LNK -> C:\Program Files (x86)\VB\Voicemeeter\VoicemeeterMacroButtons.exe (Audio Mechanic & Sound Breeder) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio\Voicemeeter\Readme.LNK -> C:\Program Files (x86)\VB\Voicemeeter\readme.txt () Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio\Voicemeeter\VBAN-2-MIDI.LNK -> C:\Program Files (x86)\VB\Voicemeeter\VBAN2MIDI.exe (Audio Mechanic & Sound Breeder) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio\Voicemeeter\Virtual IO Control Panel.LNK -> C:\Program Files (x86)\VB\Voicemeeter\VBCABLE_ControlPanel.exe (VB-AUDIO Software) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio\Voicemeeter\Voicemeeter.LNK -> C:\Program Files (x86)\VB\Voicemeeter\voicemeeter.exe (VB-AUDIO Software) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Ubisoft Connect\Ubisoft Connect.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftConnect.exe (Ubisoft) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Ubisoft Connect\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Super Mario Bros. X\SuperMarioBrosX.org.lnk -> C:\Program Files (x86)\SMBX\SuperMarioBrosX.org.url (Keine Datei) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Rockstar Games Launcher.lnk -> C:\Program Files\Rockstar Games\Launcher\LauncherPatcher.exe (Rockstar Games) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee\MusicBee.lnk -> C:\Program Files (x86)\MusicBee\MusicBee.exe (Steven Mayall) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge entfernen.lnk -> C:\Users\quart\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\unins000.exe () Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.lnk -> C:\Users\quart\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe (Lenovo Group Limited) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Exodus Movement Inc\Exodus.lnk -> C:\Users\quart\AppData\Local\exodus\Exodus.exe (Exodus Movement Inc) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cisco Webex Meetings Desktop-App\Cisco Webex Meetings.lnk -> C:\Users\quart\AppData\Local\WebEx\WebEx\Applications\ptoneclk.exe (Cisco Webex LLC) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\KeePass 2.lnk -> C:\Program Files\KeePass Password Safe 2\KeePass.exe (Dominik Reichl) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\KeePass 2.lnk -> C:\Program Files\KeePass Password Safe 2\KeePass.exe (Dominik Reichl) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\MATLAB R2021a.lnk -> C:\Program Files\MATLAB\R2021a\bin\matlab.exe (The MathWorks Inc.) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Thunderbird.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\NordVPN.lnk -> C:\Program Files\NordVPN\NordVPN.exe (TEFINCOM S.A.) Shortcut: C:\Users\quart\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\quart\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe.lnk -> C:\L\LSB\LSB\bin\Release\LSB.exe (Keine Datei) Shortcut: C:\Users\quart\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\quart\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\quart\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\quart\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\quart\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\quart\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\quart\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\quart\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\quart\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Uninstall Samsung Printer Software.lnk -> C:\Program Files (x86)\Samsung\TotalUninstaller\TotalUninstaller.exe () -> /N"Samsung" /REMOVE_ALL ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics\R for SPSS Statistics (GUI).lnk -> C:\Program Files\IBM\SPSS Statistics\statisticsr.bat () -> /g --cd-to-userdocs ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics\Python 2.7 for IBM SPSS Statistics\Python3 for SPSS Statistics (GUI).lnk -> C:\Program Files\IBM\SPSS Statistics\statisticspython3w.bat () -> /i ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX ShortcutWithArgument: C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\HideBatteryGauge.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\LenovoBatteryGaugePackage.dll,HideBatteryGauge ShortcutWithArgument: C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\LaunchPinVantageToolbarToast.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\LenovoBatteryGaugePackage.dll,LaunchPinVantageToolbarToast ShortcutWithArgument: C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\SetMenuItemNameofBatteryGauge.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\LenovoBatteryGaugePackage.dll,SetMenuItemNameofBatteryGauge ShortcutWithArgument: C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\ShowBatteryGauge.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\LenovoBatteryGaugePackage.dll,ShowBatteryGauge ShortcutWithArgument: C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\UnloadBatteryGaugeFromExplorer.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\LenovoBatteryGaugePackage.dll,UnloadBatteryGaugeFromExplorer ShortcutWithArgument: C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\UnpinFromTaskbar.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\LenovoBatteryGaugePackage.dll,UnpinFromTaskbar ShortcutWithArgument: C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\UpdateBatteryGaugeToastInfo.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\LenovoBatteryGaugePackage.dll,UpdateBatteryGaugeToastInfo ShortcutWithArgument: C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\HideBatteryGauge.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\LenovoBatteryGaugePackage.dll,HideBatteryGauge ShortcutWithArgument: C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\LaunchPinVantageToolbarToast.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\LenovoBatteryGaugePackage.dll,LaunchPinVantageToolbarToast ShortcutWithArgument: C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\SetMenuItemNameofBatteryGauge.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\LenovoBatteryGaugePackage.dll,SetMenuItemNameofBatteryGauge ShortcutWithArgument: C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\ShowBatteryGauge.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\LenovoBatteryGaugePackage.dll,ShowBatteryGauge ShortcutWithArgument: C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\UnloadBatteryGaugeFromExplorer.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\LenovoBatteryGaugePackage.dll,UnloadBatteryGaugeFromExplorer ShortcutWithArgument: C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\UnpinFromTaskbar.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\LenovoBatteryGaugePackage.dll,UnpinFromTaskbar ShortcutWithArgument: C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\UpdateBatteryGaugeToastInfo.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\LenovoBatteryGaugePackage.dll,UpdateBatteryGaugeToastInfo ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\quart\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\quart\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\quart\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\quart\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\quart\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\quart\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\quart\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\quart\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\quart\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\quart\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\quart\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\quart\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/ InternetURL: C:\ProgramData\Bome Software\Bome Virtual MIDI\BMIDI Driver on the web.url -> URL: hxxp://www.bome.com/ InternetURL: C:\Users\quart\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142 InternetURL: C:\Users\quart\Favorites\Lenovo\Lenovo Support.url -> URL: hxxp://support.lenovo.com/ InternetURL: C:\Users\quart\Favorites\Lenovo\Lenovo.url -> URL: hxxp://www.lenovo.com/ InternetURL: C:\Users\quart\AppData\Roaming\Microsoft\Word\Bachelor%20Thesis%2010309021524050783901\Bachelor%20Thesis%2010.docx.url -> InternetURL: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Batman™ Arkham Knight.url -> URL: steam://rungameid/208650 InternetURL: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Path of Exile.url -> URL: steam://rungameid/238960 InternetURL: C:\Users\quart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\TEKKEN 7.url -> URL: steam://rungameid/389730 ==================== Ende vom Shortcut.txt ============================= Code:
ATTFilter 03.08.2021 14:37:06 Geprüfte Dateien: 1299018 Erkannte Dateien: 12 Gesäuberte Dateien: 12 Prüfdauer gesamt 02:15:00 Prüfstatus: Abgeschlossen C:\Users\quart\AppData\Local\Mozilla\Firefox\Profiles\xovb33ti.default-release\cache2\entries\5097F0ECF60A7419883502495EA007116B7F4AFD JS/Agent.PDO Trojaner durch Löschen gesäubert C:\Users\quart\AppData\Local\Mozilla\Firefox\Profiles\xovb33ti.default-release\cache2\entries\63AF69E49BE8776C846DA134C8A7F69E4F4428C9 JS/Agent.PDO Trojaner durch Löschen gesäubert C:\Users\quart\AppData\Local\Mozilla\Firefox\Profiles\xovb33ti.default-release\cache2\entries\666B24824BF7327C784D5F09E803DDDB839A235B JS/Agent.PDO Trojaner durch Löschen gesäubert C:\Users\quart\AppData\Local\Mozilla\Firefox\Profiles\xovb33ti.default-release\cache2\entries\79C6B2D63B3678222D5C1704CD187D6F241E0EED JS/Agent.PDO Trojaner durch Löschen gesäubert C:\Users\quart\AppData\Local\Mozilla\Firefox\Profiles\xovb33ti.default-release\cache2\entries\7EFD4B93001CC44E28B04CE5F6BD46555D4ED5B6 JS/Agent.PDO Trojaner durch Löschen gesäubert C:\Users\quart\AppData\Local\Mozilla\Firefox\Profiles\xovb33ti.default-release\cache2\entries\8B8E40E0E4911E80BD12EE5598F513FC20508FC2 JS/Agent.PDO Trojaner durch Löschen gesäubert C:\Users\quart\AppData\Local\Mozilla\Firefox\Profiles\xovb33ti.default-release\cache2\entries\8FF310DE11B1BA9C61D5E58E89AA39F4C4399B4D JS/Agent.PDO Trojaner durch Löschen gesäubert C:\Users\quart\AppData\Local\Mozilla\Firefox\Profiles\xovb33ti.default-release\cache2\entries\9494A33B997203A495CD5C089E83A605F72BB15F JS/Agent.PDO Trojaner durch Löschen gesäubert C:\Users\quart\AppData\Local\Mozilla\Firefox\Profiles\xovb33ti.default-release\cache2\entries\9F75F3B89AB8EC80981C3C0EB3DD0E99FCF63278 JS/Agent.PDO Trojaner durch Löschen gesäubert C:\Users\quart\AppData\Local\Mozilla\Firefox\Profiles\xovb33ti.default-release\cache2\entries\C93DD134E67BEB5419361DB4B9545078F6C43475 JS/Agent.PDO Trojaner durch Löschen gesäubert C:\Users\quart\AppData\Local\Mozilla\Firefox\Profiles\xovb33ti.default-release\cache2\entries\DB6767E2E69FEAE687C22B8AB0D50E53708D893E JS/Agent.PDO Trojaner durch Löschen gesäubert C:\Users\quart\AppData\Local\Mozilla\Firefox\Profiles\xovb33ti.default-release\cache2\entries\FD25CC7CC16086449C19ABBDBAF36528D6AB2C81 JS/Agent.PDO Trojaner durch Löschen gesäubert |
03.08.2021, 23:02 | #7 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Eset zeigt Trojanerfund an.Zitat:
Ansonsten denke ich, dass du nur was im Browserchache hattest. adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. adwcleaner zwecks Kontrolle bitte wiederholen, falls es Funde gab. Dann jetzt bitte mit Malwarebytes weitermachen.
__________________ Logfiles bitte immer in CODE-Tags posten |
04.08.2021, 08:20 | #8 | |
| Eset zeigt Trojanerfund an. ADW Log Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 8.3.0.0 # ------------------------------- # Build: 06-29-2021 # Database: 2021-06-29.1 (Local) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 08-04-2021 # Duration: 00:00:06 # OS: Windows 10 Pro # Scanned: 31954 # Detected: 7 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER Preinstalled.LenovoIMController Folder C:\Users\quart\AppData\Local\LENOVO\IMCONTROLLER Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1 Preinstalled.LenovoServiceBridge Folder C:\Users\quart\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE Preinstalled.LenovoServiceBridge Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1 ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ########## Code:
ATTFilter Malwarebytes www.malwarebytes.com -Protokolldetails- Scan-Datum: 04.08.21 Scan-Zeit: 09:04 Protokolldatei: 3119b9d6-f4f2-11eb-bbdb-d8f883b12172.json -Softwaredaten- Version: 4.4.4.126 Komponentenversion: 1.0.1413 Version des Aktualisierungspakets: 1.0.43852 Lizenz: Testversion -Systemdaten- Betriebssystem: Windows 10 (Build 19043.1151) CPU: x64 Dateisystem: NTFS Benutzer: Cortex\quart -Scan-Übersicht- Scan-Typ: Bedrohungs-Scan Scan gestartet von: Manuell Ergebnis: Abgeschlossen Gescannte Objekte: 416221 Erkannte Bedrohungen: 0 In die Quarantäne verschobene Bedrohungen: 0 Abgelaufene Zeit: 3 Min., 43 Sek. -Scan-Optionen- Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Erkennung PUM: Erkennung -Scan-Details- Prozess: 0 (keine bösartigen Elemente erkannt) Modul: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswert: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Datei: 0 (keine bösartigen Elemente erkannt) Physischer Sektor: 0 (keine bösartigen Elemente erkannt) WMI: 0 (keine bösartigen Elemente erkannt) (end) Zitat:
|
04.08.2021, 08:21 | #9 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Eset zeigt Trojanerfund an. Dann wären wir durch! Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen. Abschließend bitte noch einen Cleanup mit unserem TB-Cleanup-Script durchführen und unbedingt die Sicherheitsmaßnahmen lesen und umsetzen - beides ist in folgendem Lesestoff verlinkt:
__________________ Logfiles bitte immer in CODE-Tags posten |
04.08.2021, 08:26 | #10 |
| Eset zeigt Trojanerfund an. Hey, vielen Dank für Deine schnelle und unbürokratische Hilfe ! |
05.08.2021, 10:54 | #11 |
/// TB-Ausbilder | Eset zeigt Trojanerfund an. Wir sind froh, dass wir helfen konnten Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Jeder andere bitte hier klicken und ein eigenes Thema erstellen. |
Themen zu Eset zeigt Trojanerfund an. |
aktuell, angezeigt, eset, firefox, frage, gescannt, heute, log, meldung, nicht, online, rechner, troja, trojanerfund, website, zugleich |