Danke fürs erneute öffnen. Anbei die Log-Dateien Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-06-2021
durchgeführt von genti (03-06-2021 21:14:37)
Gestartet von C:\Users\genti\Downloads
Windows 10 Home Version 20H2 19042.985 (X64) (2021-04-28 17:36:47)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-684867114-1305075736-370469100-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-684867114-1305075736-370469100-503 - Limited - Disabled)
Gast (S-1-5-21-684867114-1305075736-370469100-501 - Limited - Disabled)
genti (S-1-5-21-684867114-1305075736-370469100-1001 - Administrator - Enabled) => C:\Users\genti
WDAGUtilityAccount (S-1-5-21-684867114-1305075736-370469100-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: Kaspersky Total Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16.05 - Advanced Micro Devices, Inc.)
Avira Software Updater (HKLM-x32\...\{9F45C615-6D95-47B5-BB0C-D78F6D15DE21}) (Version: 2.0.6.42639 - Avira Operations GmbH & Co. KG) Hidden
Branding64 (HKLM\...\{E6D2F9D5-4122-4945-B145-1E791DE4C5CA}) (Version: 1.00.0003 - Advanced Micro Devices, Inc.) Hidden
Citavi 6 (HKLM-x32\...\{6A331045-8FF4-4BC9-9C56-E593ACAE28C2}) (Version: 6.8.0.0 - Swiss Academic Software)
EPSON XP-312 313 315 Series Printer Uninstall (HKLM\...\EPSON XP-312 313 315 Series) (Version: - SEIKO EPSON Corporation)
ESET Security (HKLM\...\{D7CFB911-B864-484F-9C88-D31AE0CC6FD5}) (Version: 14.1.20.0 - ESET, spol. s r.o.)
Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab)
Kaspersky Total Security (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky)
Lenovo Stifteinstellungen Service (HKLM\...\ISD Tablet Driver) (Version: 7.6.1.12 - Wacom Technology Corp.)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.7.19.0 - Lenovo Group Ltd.)
Malwarebytes version 4.4.0.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 - Malwarebytes)
MAXQDA 2020 (64 bit) (HKLM\...\{118999B6-EF32-4574-B44B-5233E260B63F}) (Version: 20.4.0 - VERBI Software. Consult. Sozialforschung)
Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.14026.20246 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.37 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 91.0.864.37 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-684867114-1305075736-370469100-1001\...\OneDriveSetup.exe) (Version: 21.083.0425.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-684867114-1305075736-370469100-1001\...\Teams) (Version: 1.4.00.11161 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mozilla Firefox 89.0 (x64 de) (HKLM\...\Mozilla Firefox 89.0 (x64 de)) (Version: 89.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 89.0 - Mozilla)
OEM Application Profile (HKLM-x32\...\{3DEE814D-F1DB-315D-E627-63B6B600643A}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Spotify (HKU\S-1-5-21-684867114-1305075736-370469100-1001\...\Spotify) (Version: 1.1.30.658.gf13cde74 - Spotify AB)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.2781 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-684867114-1305075736-370469100-1001\...\ZoomUMX) (Version: 5.4.2 (58740.1105) - Zoom Video Communications, Inc.)
Packages:
=========
AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.10006.0_x64__0a9344xs7nr4m [2021-04-28] (Advanced Micro Devices Inc.)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-18] (Canon Inc.)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20500.501.0_x64__rz1tebttyb220 [2020-04-21] (Dolby Laboratories)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-12] (HP Inc.)
Lenovo Pen Settings -> C:\Program Files\WindowsApps\WacomTechnologyCorp.157535B83C264_7.7.29.0_neutral__ss941bf8mfs8a [2021-04-28] (Wacom Technology Corp.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2103.17.0_x64__k1h2ywk1493x8 [2021-04-07] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4 [2021-01-20] (LENOVO INC) [Startup Task]
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-26] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-28] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5170.0_x64__8wekyb3d8bbwe [2021-05-23] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_21.10405.5658.0_x64__8wekyb3d8bbwe [2021-05-12] (Microsoft Corporation)
MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-02-14] (Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-684867114-1305075736-370469100-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0
CustomCLSID: HKU\S-1-5-21-684867114-1305075736-370469100-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\genti\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21063.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-684867114-1305075736-370469100-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\genti\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll => Keine Datei
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-05-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2021-04-20] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-05-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2021-04-20] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-27] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2021-04-20] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-05-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2021-04-20] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-27] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\genti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (Miniconda3).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\genti\Miniconda3\Scripts\activate.bat C:\Users\genti\Miniconda3
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2020-12-21 10:43 - 2020-05-30 15:58 - 001280000 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2021-05-31 14:49 - 2020-11-03 05:08 - 000954864 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKU\S-1-5-21-684867114-1305075736-370469100-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-684867114-1305075736-370469100-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-684867114-1305075736-370469100-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-684867114-1305075736-370469100-1001 -> DefaultScope {03A04B01-A443-42E2-AFF4-0D9660394ADA} URL =
SearchScopes: HKU\S-1-5-21-684867114-1305075736-370469100-1001 -> {03A04B01-A443-42E2-AFF4-0D9660394ADA} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:/Program Files (x86)/Internet Explorer/Citavi Picker/x64/SwissAcademic.Citavi.IEPicker.DLL => Keine Datei
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:/Program Files (x86)/Internet Explorer/Citavi Picker/SwissAcademic.Citavi.IEPicker.DLL => Keine Datei
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-684867114-1305075736-370469100-1001\...\sharepoint.com -> hxxps://bwedu-files.sharepoint.com
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-684867114-1305075736-370469100-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\genti\Desktop\color-1229859_1920-740x414.jpg
DNS Servers: 80.69.96.12 - 81.210.129.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{7DF68A30-44AF-442C-A4A1-9ACCEE77A392}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5D4A168E-15EC-4EF6-B788-2A5A4B4DE8C1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A31DA97D-B9B9-4DF4-8731-8A1CF36F5A8A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AD22028F-B5AF-4F2C-882C-B79C842120F9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{70B4A652-51EF-48AE-BEF8-00D40451660B}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe => Keine Datei
FirewallRules: [TCP Query User{30FC9EE4-61BB-41D1-A66D-0160F116B198}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe => Keine Datei
FirewallRules: [{2238F6CD-BA6C-4639-878F-4792351A8E69}] => (Allow) C:\Users\genti\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{21F65BD5-837D-4548-B20D-A6533115E0BF}] => (Allow) C:\Users\genti\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{F73D09ED-588E-44CF-8260-E5648C2D04F9}] => (Allow) C:\Users\genti\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{0186F3E0-4D95-4989-8FE4-0ABDDAD7FA77}] => (Allow) C:\Users\genti\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{3FA4EF9E-ABF9-425E-B5E5-AF44DF38291B}C:\users\genti\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\genti\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{652BC395-A080-4143-9C8D-A54F165939CD}C:\users\genti\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\genti\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{CA855A14-CEF9-42A9-BAB4-2B3C376B5258}C:\users\genti\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\genti\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{B9A197DB-534A-40F3-8EB9-472B4A7AAF53}C:\users\genti\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\genti\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0EC7E5BE-9249-4123-A1D7-CEE0FA3C39E3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1ACDA01D-798A-44AC-B34D-0BC9A6E33B62}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => Keine Datei
FirewallRules: [{E70B63A2-91B5-4711-AA5F-7881C6DD1A0C}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => Keine Datei
FirewallRules: [{75357321-2107-4BA9-BF81-7F400DC60EEA}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{C32BDE42-E397-4FB4-9651-FE4AE795A5D5}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{6C23681C-512E-4211-A15B-22702A60AFFB}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{38060602-CEDA-4A4A-839F-627780DEC0C2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2C634214-038F-43DB-9D35-EBC72142C5C9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{144FA1E0-C5BC-407C-AABD-0C5F0E85C497}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\91.0.864.37\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3DF480EF-BC44-4363-8FD2-48D9DDBA53CF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1941EB7D-1E0A-48FA-BF49-B45E1AFB57F9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2D609DED-CAAA-4513-94E5-868A06B245EB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
23-05-2021 17:55:40 Geplanter Prüfpunkt
26-05-2021 18:52:28 MAXQDA 2020 (64 bit) wird installiert
27-05-2021 22:44:51 Removed Adobe Acrobat Reader DC - Deutsch.
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (06/02/2021 04:55:00 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Product: Avira Software Updater -- Please install Avira Connect then run this installer again.
Error: (06/02/2021 12:54:37 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Product: Avira Software Updater -- Please install Avira Connect then run this installer again.
Error: (05/31/2021 11:05:22 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Product: Avira Software Updater -- Please install Avira Connect then run this installer again.
Error: (05/31/2021 04:18:12 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Product: Avira Software Updater -- Please install Avira Connect then run this installer again.
Error: (05/31/2021 02:54:00 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (05/31/2021 02:54:00 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (05/31/2021 02:54:00 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (05/30/2021 03:50:36 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Product: Avira Software Updater -- Please install Avira Connect then run this installer again.
Systemfehler:
=============
Error: (06/03/2021 09:10:01 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-L752MVH)
Description: Der Server "Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/03/2021 08:54:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-L752MVH)
Description: Der Server "Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/03/2021 08:19:57 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-L752MVH)
Description: Der Server "Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/03/2021 06:16:19 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-L752MVH)
Description: Der Server "Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/03/2021 05:10:02 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-L752MVH)
Description: Der Server "Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/03/2021 04:10:02 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-L752MVH)
Description: Der Server "Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/03/2021 03:40:37 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-L752MVH)
Description: Der Server "Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/02/2021 08:33:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-L752MVH)
Description: Der Server "Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===============
Date: 2021-06-03 21:10:44
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\ebehmoni.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-06-03 15:38:25
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-06-03 15:38:25
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2021-06-03 15:24:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
BIOS: LENOVO AGCN24WW(V1.07) 09/16/2019
Hauptplatine: LENOVO LNVNB161216
Prozessor: AMD Ryzen 5 3500U with Radeon Vega Mobile Gfx
Prozentuale Nutzung des RAM: 73%
Installierter physikalischer RAM: 6082.54 MB
Verfügbarer physikalischer RAM: 1603.71 MB
Summe virtueller Speicher: 12226.54 MB
Verfügbarer virtueller Speicher: 4917.38 MB
==================== Laufwerke ================================
Drive c: (Windows-SSD) (Fixed) (Total:237.23 GB) (Free:19.57 GB) NTFS
\\?\Volume{0f169a36-f304-41bc-862d-53aef6c9b489}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.51 GB) NTFS
\\?\Volume{6d846671-add2-4f2d-ae04-5cb745f6d8ef}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: C9A9F960)
Partition: GPT.
==================== Ende von Addition.txt =======================
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-06-2021
durchgeführt von genti (Administrator) auf DESKTOP-L752MVH (LENOVO 81N6) (03-06-2021 21:12:45)
Gestartet von C:\Users\genti\Downloads
Geladene Profile: genti
Platform: Windows 10 Home Version 20H2 19042.985 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0344110.inf_amd64_73212948657b175c\B343946\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0344110.inf_amd64_73212948657b175c\B343946\atiesrxx.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Windows\CxSvc\CxUtilSvc.exe
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avpui.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\Lenovo.VantageService.InstallerHelper.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\YMC.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\genti\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.621.4222.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.621.4222.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\IESettingSync.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILFE.EXE
(Synaptics Incorporated -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Synaptics Incorporated -> Conexant Systems LLC.) C:\Windows\CxSvc\CxAudioSvc.exe
(Synaptics Incorporated -> Conexant Systems, Inc.) C:\Windows\System32\CxUIUSvc64.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Windows\System32\DriverStore\FileRepository\wtabletserviceisd.inf_amd64_9177e4957c708bc4\WTabletServiceISD.exe <2>
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [164808 2021-05-04] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-21-684867114-1305075736-370469100-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.EXE [297024 2013-01-24] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-684867114-1305075736-370469100-1001\...\Run: [Spotify] => C:\Users\genti\AppData\Roaming\Spotify\Spotify.exe [22932200 2020-04-14] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-684867114-1305075736-370469100-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\genti\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-684867114-1305075736-370469100-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\genti\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-684867114-1305075736-370469100-1001\...\RunOnce: [Uninstall 21.073.0411.0002\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\genti\AppData\Local\Microsoft\OneDrive\21.073.0411.0002\amd64"
HKU\S-1-5-21-684867114-1305075736-370469100-1001\...\RunOnce: [Uninstall 21.073.0411.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\genti\AppData\Local\Microsoft\OneDrive\21.073.0411.0002"
HKLM\...\Windows x64\Print Processors\Canon TS3100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDR.DLL [482816 2017-03-13] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS3100 series: C:\WINDOWS\system32\CNMLMDR.DLL [1302016 2017-03-13] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\EPSON XP-312 313 315 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMBLFE.DLL [179712 2013-10-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01A5F3CF-EFB4-415D-AD8F-11FD891C2CC6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2d5ba74b-304c-45b7-9708-eb57eb5f4355 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {039242A8-C301-4C03-868B-0585AABFF182} - System32\Tasks\EPSON XP-312 313 315 Series Update {B36BAA7D-691A-4DAD-8FC4-1C1EA5132B86} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {08EEC04C-8B85-4B6D-8597-81BDA379659D} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {B36BAA7D-691A-4DAD-8FC4-1C1EA5132B86} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {0D0435A3-BF7D-4DF9-83D0-6BE8FC6322A5} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62392 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {0DC86A84-4F5D-4CCC-91E7-A725AE91C04F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c7e76790-dd95-4d40-884c-d62246060625 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {2214DEBC-48DC-463C-B4B0-0F6337BABA4F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {22554F9A-399C-406B-84F6-74455F770E22} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {3DE068F7-DEBF-4C7B-8843-A2E70187C334} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {50D28C9B-0B0E-40E6-9477-ABC02D4CDA16} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147288 2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {64FC18D8-8815-48E7-BA95-2DD23BCCCDF5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {67F6EEC7-52FB-4632-898C-9369BFE98112} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {69FC5AEC-4566-4DB0-B073-C5B9B4EDFCFC} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.SScan => C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\ScheduleEventAction.exe [23968 2021-05-17] (Lenovo -> Lenovo Group Ltd.)
Task: {6C922245-5F10-41E9-B5B1-AAD53D715D19} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [143888 2021-03-02] (Lenovo -> Lenovo Group Ltd.)
Task: {7974C839-0782-46D7-AFCC-3846CBF19BCA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-05-27] (Mozilla Corporation -> Mozilla Foundation)
Task: {8417CD2A-FE29-4C99-96D9-174FA2679423} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9f20f421-fb0c-45ce-9ed9-38cef9aeb7e0 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {85B1AA81-7BC3-49AC-A049-505D3DB9FAAB} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\ScheduleEventAction.exe [23968 2021-05-17] (Lenovo -> Lenovo Group Ltd.)
Task: {87D32B9D-C23F-4938-A05D-4900D10A7346} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4063344 2021-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {98C4E5AC-812A-42DE-AD7C-275BC89CB48C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\01f5c135-63aa-44da-afbd-61e90374206a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {AA575244-50D2-4241-A80C-7D8171E06744} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {B3452ED1-CD9D-40E8-AE15-0B6683768FAC} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {C46A7687-8ADB-407A-8842-D9D1210FD2A0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147288 2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9BFE00E-84AB-45FA-97EB-70E296C2F83D} - System32\Tasks\AviraSystemSpeedupRemoval => %comspec% [Argument = /C rmdir "C:\Program Files (x86)\Avira\System Speedup" /S /Q & schtasks /Delete /F /TN AviraSystemSpeedupRemoval] -> /C rmdir "C:\Program Files (x86)\Avira\System Speedup" /S /Q & schtasks /Delete /F /TN AviraSystemSpeedupRemoval
Task: {DB3658BC-8D39-4085-A4E3-B67503BCAD03} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {FB26F073-BE2D-4822-8D47-D65D8D3954FA} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Invitation {B36BAA7D-691A-4DAD-8FC4-1C1EA5132B86}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Update {B36BAA7D-691A-4DAD-8FC4-1C1EA5132B86}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE:/EXE:{B36BAA7D-691A-4DAD-8FC4-1C1EA5132B86} /F:UpdateWORKGROUP\DESKTOP-L752MVH$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 80.69.96.12 81.210.129.4
Tcpip\..\Interfaces\{219a06fc-89fc-496c-ac9b-507bef3ea11d}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{c143154f-e03e-4ca2-b256-b818e4b92403}: [DhcpNameServer] 80.69.96.12 81.210.129.4
Edge:
=======
DownloadDir: C:\Users\genti\Downloads
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\genti\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-03]
Edge DownloadDir: Default -> C:\Users\genti\Downloads
Edge Extension: (Kaspersky Protection) - C:\Users\genti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-05-19]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\genti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-03]
Edge Extension: (Citavi Picker) - C:\Users\genti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mielbhbkcliienpdicphhecpodcaeefg [2021-04-19]
Edge HKU\S-1-5-21-684867114-1305075736-370469100-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Edge HKLM-x32\...\Edge\Extension: [mielbhbkcliienpdicphhecpodcaeefg]
FireFox:
========
FF DefaultProfile: s8j7zd2i.default
FF ProfilePath: C:\Users\genti\AppData\Roaming\Mozilla\Firefox\Profiles\s8j7zd2i.default [2021-01-04]
FF ProfilePath: C:\Users\genti\AppData\Roaming\Mozilla\Firefox\Profiles\2iupa6j8.default-release-1622575679206 [2021-06-03]
FF Extension: (uBlock Origin) - C:\Users\genti\AppData\Roaming\Mozilla\Firefox\Profiles\2iupa6j8.default-release-1622575679206\Extensions\uBlock0@raymondhill.net.xpi [2021-06-01]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\genti\AppData\Roaming\Mozilla\Firefox\Profiles\2iupa6j8.default-release-1622575679206\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-06-01]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => nicht gefunden
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-06-03]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2021-01-04] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2021-01-04] <==== ACHTUNG
Chrome:
=======
CHR Profile: C:\Users\genti\AppData\Local\Google\Chrome\User Data\Default [2021-05-15]
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Präsentationen) - C:\Users\genti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-02-07]
CHR Extension: (Docs) - C:\Users\genti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-02-07]
CHR Extension: (Google Drive) - C:\Users\genti\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-02-07]
CHR Extension: (Avira Password Manager) - C:\Users\genti\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2020-02-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\genti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-02-07]
CHR Extension: (Chrome Media Router) - C:\Users\genti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-07]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\genti\AppData\Roaming\Opera Software\Opera Stable [2021-05-15]
OPR Extension: (Rich Hints Agent) - C:\Users\genti\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-12-04]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161072 2020-12-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe [384280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [93456 2020-12-06] (Synaptics Incorporated -> Conexant Systems LLC.)
R2 CxAudMsg; C:\WINDOWS\System32\CxAudMsg64.exe [243472 2020-12-06] (Synaptics Incorporated -> Conexant Systems Inc.)
R2 CxUIUSvc; C:\WINDOWS\System32\CxUIUSvc64.exe [122104 2020-12-06] (Synaptics Incorporated -> Conexant Systems, Inc.)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-02] (Dolby Laboratories, Inc. -> )
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2954416 2021-05-04] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2954416 2021-05-04] (ESET, spol. s r.o. -> ESET)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [351424 2021-01-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [646520 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\LenovoVantageService.exe [28576 2021-05-17] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\WINDOWS\System32\LNBITSSvc.exe [1643688 2019-05-06] (Lenovo -> Lenovo(beijing) Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-27] (Malwarebytes Inc -> Malwarebytes)
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-04-28] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 YMC; C:\WINDOWS\System32\YMC.exe [856960 2019-05-26] (Lenovo -> Lenovo Group Ltd.)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [174768 2018-10-29] (BayHub Technology Inc. -> BayHubTech/O2Micro)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 CnxtHdAudService; C:\WINDOWS\system32\drivers\CHDRT64HDA.sys [2231080 2020-06-17] (Synaptics Incorporated -> Conexant Systems Inc.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [169400 2021-05-04] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [112576 2021-05-04] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-05-04] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [192624 2021-05-04] (ESET, spol. s r.o. -> ESET)
S2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43832 2021-05-04] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70160 2021-05-04] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107400 2021-05-04] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-05-27] (Malwarebytes Inc -> Malwarebytes)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [657696 2021-05-08] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1439456 2021-05-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [253736 2021-05-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [96008 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [263888 2021-04-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [309104 2021-04-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [115744 2021-04-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [224880 2021-04-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-05-27] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-05-27] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-05-27] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-27] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-05-27] (Malwarebytes Inc -> Malwarebytes)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 phantomtap; \SystemRoot\System32\drivers\phantomtap.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-06-03 21:12 - 2021-06-03 21:12 - 002300416 _____ (Farbar) C:\Users\genti\Downloads\FRST64(1).exe
2021-06-03 18:32 - 2021-06-03 18:32 - 000001424 _____ C:\Users\genti\Desktop\scan 03.06.txt
2021-06-01 21:27 - 2021-06-01 21:27 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-06-01 21:27 - 2021-06-01 21:27 - 000001004 _____ C:\Users\Public\Desktop\Firefox.lnk
2021-06-01 21:27 - 2021-06-01 21:27 - 000001004 _____ C:\ProgramData\Desktop\Firefox.lnk
2021-06-01 21:27 - 2021-06-01 21:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-06-01 21:27 - 2021-06-01 21:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-06-01 21:26 - 2021-06-01 21:27 - 000333168 _____ (Mozilla) C:\Users\genti\Downloads\Firefox Installer.exe
2021-05-31 23:16 - 2021-05-31 23:16 - 001147708 _____ C:\Users\genti\Downloads\Daniel Müller Bachelorthesis - Mobilitätskonzepte für den Handel - WiSe 19 20 .pdf
2021-05-28 13:02 - 2021-05-28 13:02 - 000002027 _____ C:\Users\Public\Desktop\ESET Sicheres Online-Banking und Bezahlen.lnk
2021-05-28 13:02 - 2021-05-28 13:02 - 000002027 _____ C:\ProgramData\Desktop\ESET Sicheres Online-Banking und Bezahlen.lnk
2021-05-28 13:02 - 2021-05-28 13:02 - 000000000 ____D C:\Users\genti\AppData\Local\ESET
2021-05-28 13:00 - 2021-05-28 13:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2021-05-28 13:00 - 2021-05-28 13:00 - 000000000 ____D C:\ProgramData\ESET
2021-05-28 13:00 - 2021-05-28 13:00 - 000000000 ____D C:\Program Files\ESET
2021-05-28 12:59 - 2021-05-28 12:59 - 008703024 _____ (ESET) C:\Users\genti\Downloads\eset_smart_security_premium_live_installer.exe
2021-05-27 22:58 - 2021-05-27 22:59 - 000028773 _____ C:\Users\genti\Downloads\Addition.txt
2021-05-27 22:56 - 2021-06-03 21:13 - 000029922 _____ C:\Users\genti\Downloads\FRST.txt
2021-05-27 22:55 - 2021-05-27 22:55 - 002299904 _____ (Farbar) C:\Users\genti\Downloads\FRST64.exe
2021-05-27 22:46 - 2021-05-27 22:46 - 000003454 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupRemoval
2021-05-27 20:23 - 2021-06-03 21:13 - 000000000 ____D C:\FRST
2021-05-27 20:19 - 2021-05-27 20:19 - 000000000 ___HD C:\$SysReset
2021-05-27 20:08 - 2021-06-01 21:28 - 000000000 ____D C:\Users\genti\Desktop\Alte Firefox-Daten
2021-05-27 14:40 - 2021-05-27 14:40 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-05-27 14:40 - 2021-05-27 14:40 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-05-27 14:40 - 2021-05-27 14:40 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-05-27 14:38 - 2021-05-27 14:38 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-05-27 14:38 - 2021-05-27 14:38 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-05-27 14:38 - 2021-05-27 14:38 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-05-27 14:38 - 2021-05-27 14:38 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-05-27 14:38 - 2021-05-27 14:38 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-05-27 14:38 - 2021-05-27 14:38 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-05-27 14:38 - 2021-05-27 14:38 - 000002032 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-05-27 14:38 - 2021-05-27 14:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-05-27 14:36 - 2021-05-27 14:36 - 002080712 _____ (Malwarebytes) C:\Users\genti\Downloads\MBSetup(1).exe
2021-05-27 14:34 - 2021-05-27 14:34 - 000000000 ____D C:\Users\genti\AppData\Local\mbam
2021-05-27 14:02 - 2021-05-27 14:02 - 000000000 ____D C:\Program Files\Malwarebytes
2021-05-27 14:01 - 2021-05-27 14:01 - 002080712 _____ (Malwarebytes) C:\Users\genti\Downloads\MBSetup.exe
2021-05-27 12:09 - 2021-05-27 13:43 - 000000000 ____D C:\AdwCleaner
2021-05-27 12:09 - 2021-05-27 12:09 - 008534696 _____ (Malwarebytes) C:\Users\genti\Downloads\adwcleaner_8.2.exe
2021-05-26 18:54 - 2021-06-03 18:37 - 001359872 _____ C:\Users\genti\Desktop\Max QDA Thesis.mx20
2021-05-26 18:53 - 2021-06-03 18:37 - 000000000 ____D C:\Users\genti\AppData\Roaming\MAXQDA2020
2021-05-26 18:53 - 2021-05-26 18:53 - 000000000 ____D C:\Users\genti\Documents\MAXQDA2020
2021-05-26 18:53 - 2021-05-26 18:53 - 000000000 ____D C:\Users\genti\Documents\MAXQDA_Externals
2021-05-26 18:53 - 2021-05-26 18:53 - 000000000 ____D C:\Users\genti\AppData\Local\Verbi
2021-05-26 18:53 - 2021-05-26 18:53 - 000000000 ____D C:\Users\genti\AppData\Local\cache
2021-05-26 18:52 - 2021-06-02 12:02 - 000000000 ____D C:\ProgramData\MAXQDA2020
2021-05-26 18:52 - 2021-05-26 18:52 - 000001953 _____ C:\Users\Public\Desktop\MAXQDA 2020.lnk
2021-05-26 18:52 - 2021-05-26 18:52 - 000001953 _____ C:\ProgramData\Desktop\MAXQDA 2020.lnk
2021-05-26 18:52 - 2021-05-26 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXQDA 2020
2021-05-26 18:52 - 2021-05-26 18:52 - 000000000 ____D C:\Program Files\MAXQDA2020
2021-05-26 18:48 - 2021-05-26 18:49 - 290291712 _____ C:\Users\genti\Downloads\MAXQDA2020_Setup.msi
2021-05-24 11:31 - 2021-05-24 11:31 - 013415664 _____ C:\Users\genti\Downloads\2019_Book_AbläufeVerbessern-Betriebserfo.pdf
2021-05-20 15:43 - 2021-05-20 15:43 - 004494408 _____ C:\Users\genti\Downloads\IPMA_Level_D_Modul_4_SoSe2021.pdf
2021-05-20 15:43 - 2021-05-20 15:43 - 004374760 _____ C:\Users\genti\Downloads\IPMA_Level_D_Modul_5_SoSe2021.pdf
2021-05-20 15:43 - 2021-05-20 15:43 - 000574561 _____ C:\Users\genti\Downloads\Fragenkatalog_IPMA_Level_D_GPM_Modul_3_mAntw.pdf
2021-05-12 15:13 - 2021-05-12 15:13 - 000091732 _____ C:\Users\genti\Downloads\Qualitative_Inhaltsanalyse_BEGINN.pdf
2021-05-12 10:33 - 2021-05-12 10:33 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-12 10:33 - 2021-05-12 10:33 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-12 10:33 - 2021-05-12 10:33 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-12 10:33 - 2021-05-12 10:33 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-12 10:33 - 2021-05-12 10:33 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-12 10:33 - 2021-05-12 10:33 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-12 10:33 - 2021-05-12 10:33 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-12 10:32 - 2021-05-12 10:32 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-12 10:32 - 2021-05-12 10:32 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-12 10:32 - 2021-05-12 10:32 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-12 10:32 - 2021-05-12 10:32 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-12 10:32 - 2021-05-12 10:32 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-10 22:22 - 2021-05-10 22:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2021-05-10 22:20 - 2021-05-10 22:21 - 075607864 _____ (obsproject.com) C:\Users\genti\Downloads\OBS-Studio-26.1.1-Full-Installer-x64.exe
2021-05-10 22:20 - 2021-05-10 22:20 - 000000000 ____D C:\Users\genti\Downloads\OBS-Studio-26.1.1
2021-05-10 22:08 - 2021-05-10 22:12 - 000000000 ____D C:\Users\genti\Documents\oCam
2021-05-10 22:08 - 2021-05-10 22:08 - 000000000 ____D C:\Users\genti\AppData\Roaming\oCam
2021-05-10 22:05 - 2021-05-10 22:05 - 009434192 _____ (hxxp://ohsoft.net/ ) C:\Users\genti\Downloads\oCam_v515.0.exe
2021-05-10 16:11 - 2021-05-10 16:11 - 000125168 _____ (Zoom Video Communications, Inc.) C:\Users\genti\Downloads\Zoom_cm_fo42mnktZ9vvrZo4_mS0JyF30mcWraPzgmMPfDOy+Ol2AlPe+5fAf8@B9jinS0FdIXlaA9T_k63c68f60566138f8_.exe
2021-05-08 14:56 - 2021-05-08 14:56 - 000009917 _____ C:\Users\genti\Downloads\B470661457_rech.pdf
2021-05-08 12:22 - 2021-05-08 12:22 - 000000000 ____D C:\Users\genti\Documents\ExpressScribe
2021-05-08 12:22 - 2021-05-08 12:22 - 000000000 ____D C:\ProgramData\NCH Software
2021-05-08 12:14 - 2021-05-08 12:14 - 000000000 ____D C:\Users\genti\Documents\Audacity
2021-05-08 12:11 - 2021-05-10 16:23 - 000000000 ____D C:\Users\genti\AppData\Roaming\audacity
2021-05-08 12:11 - 2021-05-08 12:11 - 000000000 ____D C:\Users\genti\AppData\Local\Audacity
2021-05-08 12:08 - 2021-05-08 12:09 - 029534144 _____ (Audacity Team ) C:\Users\genti\Downloads\audacity-win-3.0.2.exe
2021-05-06 16:39 - 2021-06-01 21:27 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-05-05 22:16 - 2021-05-05 22:16 - 000059471 _____ C:\Users\genti\Downloads\beleg-2021050201757.pdf
2021-05-04 22:29 - 2021-05-04 22:29 - 000028585 _____ C:\Users\genti\Downloads\143_R14300811144_5804164100.pdf
2021-05-04 13:13 - 2021-05-04 13:13 - 000192624 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2021-05-04 13:13 - 2021-05-04 13:13 - 000169400 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2021-05-04 13:13 - 2021-05-04 13:13 - 000112576 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2021-05-04 13:13 - 2021-05-04 13:13 - 000107400 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2021-05-04 13:13 - 2021-05-04 13:13 - 000070160 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2021-05-04 13:13 - 2021-05-04 13:13 - 000043832 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2021-05-04 09:56 - 2021-05-04 09:56 - 000015824 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-06-03 21:11 - 2020-02-07 12:00 - 000000000 ____D C:\ProgramData\Mozilla
2021-06-03 21:10 - 2020-02-07 12:00 - 000000000 ____D C:\Users\genti\AppData\LocalLow\Mozilla
2021-06-03 21:10 - 2019-12-07 16:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-06-03 21:10 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-03 20:19 - 2021-04-28 19:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-03 16:56 - 2019-12-07 11:03 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2021-06-03 15:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-02 11:57 - 2020-06-07 17:40 - 000010599 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-06-01 21:32 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-01 21:28 - 2020-02-07 18:47 - 000000000 ____D C:\Users\genti\AppData\Local\D3DSCache
2021-06-01 20:59 - 2019-11-19 05:56 - 000000000 ____D C:\Program Files\Microsoft Office
2021-06-01 20:58 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-05-29 12:13 - 2020-08-26 16:11 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-29 12:11 - 2021-04-28 19:36 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-684867114-1305075736-370469100-1001
2021-05-29 12:11 - 2021-04-28 19:31 - 000002390 _____ C:\Users\genti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-29 12:11 - 2020-02-07 11:48 - 000000000 ___RD C:\Users\genti\OneDrive
2021-05-28 13:00 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-05-28 13:00 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-27 23:22 - 2019-11-19 05:50 - 000000000 ____D C:\ProgramData\Lenovo
2021-05-27 22:46 - 2020-02-07 11:51 - 000000000 ____D C:\ProgramData\Avira
2021-05-27 22:46 - 2020-02-07 11:51 - 000000000 ____D C:\Program Files (x86)\Avira
2021-05-27 22:44 - 2020-12-06 20:36 - 000000000 ____D C:\Program Files\VideoLAN
2021-05-27 22:00 - 2020-05-22 16:38 - 000000000 ____D C:\Users\genti\Desktop\E Books
2021-05-27 14:32 - 2021-04-28 19:39 - 001632020 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-27 14:32 - 2019-12-07 16:50 - 000707136 _____ C:\WINDOWS\system32\perfh007.dat
2021-05-27 14:32 - 2019-12-07 16:50 - 000142394 _____ C:\WINDOWS\system32\perfc007.dat
2021-05-27 14:26 - 2021-04-28 19:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-27 14:26 - 2021-04-28 19:30 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-27 14:26 - 2020-04-02 10:32 - 000000000 ____D C:\Users\genti\AppData\Roaming\Spotify
2021-05-27 14:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-05-27 14:25 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-05-27 11:38 - 2021-04-28 19:31 - 000000000 ____D C:\Users\genti
2021-05-27 11:38 - 2020-02-07 18:47 - 000000000 ____D C:\Users\genti\AppData\Local\Packages
2021-05-23 15:08 - 2020-12-06 20:38 - 000000000 ____D C:\Users\genti\AppData\Roaming\vlc
2021-05-21 11:29 - 2021-03-22 20:21 - 000002552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-05-21 11:29 - 2021-03-22 20:21 - 000002548 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-05-21 11:29 - 2021-03-22 20:21 - 000002527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-05-21 11:29 - 2021-03-22 20:21 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2021-05-21 11:29 - 2021-03-22 20:21 - 000002502 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-05-21 11:29 - 2021-03-22 20:21 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-05-21 11:29 - 2021-03-22 20:21 - 000002466 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-05-21 11:29 - 2021-03-22 20:21 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-05-21 11:29 - 2021-03-22 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-05-15 13:33 - 2021-04-22 11:02 - 000000000 ___DC C:\WINDOWS\Panther
2021-05-14 10:24 - 2020-02-13 00:20 - 000002375 _____ C:\Users\genti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-05-14 10:24 - 2020-02-13 00:20 - 000002367 _____ C:\Users\genti\Desktop\Microsoft Teams.lnk
2021-05-13 00:09 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-13 00:07 - 2021-04-28 19:30 - 000436432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-13 00:06 - 2019-12-07 16:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-13 00:06 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-13 00:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-13 00:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-13 00:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-13 00:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-13 00:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-13 00:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-13 00:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-13 00:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-13 00:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-13 00:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-13 00:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-13 00:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-13 00:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-13 00:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-13 00:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-13 00:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-12 10:36 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-12 10:35 - 2019-12-07 16:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-12 10:35 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-05-12 10:25 - 2021-02-12 16:02 - 000000000 ___HD C:\$WinREAgent
2021-05-12 10:22 - 2020-02-12 22:47 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-12 10:19 - 2020-02-12 22:47 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-10 22:49 - 2020-02-07 13:11 - 000000000 ____D C:\Users\genti\Desktop\Computer
2021-05-10 22:31 - 2020-11-04 12:19 - 000000000 ____D C:\Users\genti\Documents\Captura
2021-05-08 18:05 - 2020-10-22 00:12 - 001439456 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2021-05-08 18:05 - 2020-10-22 00:12 - 000657696 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klgse.sys
2021-05-08 12:22 - 2020-02-07 18:39 - 000000000 ____D C:\ProgramData\Packages
2021-05-08 12:22 - 2020-02-07 11:50 - 000000000 ____D C:\Users\genti\AppData\Local\PlaceholderTileLogoFolder
2021-05-07 11:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-04-26 23:26 - 2020-04-26 23:26 - 000002148 _____ () C:\Users\genti\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Habe zuvor auch Malwarebytes durchlaufen lassen. Mache ich seit dem Vorfall fast täglich. Ich hänge sie einfach mal an. Code:
Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 03.06.21
Scan-Zeit: 18:30
Protokolldatei: fddb361a-c488-11eb-92e3-1063c8f43c2e.json
-Softwaredaten-
Version: 4.4.0.117
Komponentenversion: 1.0.1308
Version des Aktualisierungspakets: 1.0.41267
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 19042.985)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-L752MVH\genti
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 292734
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 1 Min., 44 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
|
Lesestoff: