Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: W10: Firefox, automatischer Aufruf von craccoon.com

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Thema geschlossen
Alt 20.04.2021, 10:51   #16
Kio
 
W10: Firefox, automatischer Aufruf von craccoon.com - Standard

W10: Firefox, automatischer Aufruf von craccoon.com



Shortcut:
Code:
ATTFilter
Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 17-04-2021
durchgeführt von Hendrik (20-04-2021 11:45:51)
Gestartet von C:\Users\Hendrik\Downloads
Start-Modus: Normal

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascaron\Piraten\Ascaron Homepage besuchen.lnk -> hxxp://www.ascaron.com


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk -> C:\Program Files (x86)\Google\Google Earth Pro\client\googleearth.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk -> C:\Program Files (x86)\ImgBurn\ImgBurn.exe (LIGHTNING UK!)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs OBS.lnk -> C:\Program Files\Streamlabs OBS\Streamlabs OBS.exe (General Workings, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk -> C:\Program Files (x86)\WinSCP\WinSCP.exe (Martin Prikryl)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warships\World of Warships entfernen.lnk -> C:\Games\World_of_Warships\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wargaming.net\World of Warships ModStation\ModStation Diagnosis.lnk -> C:\Program Files\Wargaming.net\World of Warships ModStation\WorldOfWarships.ModStation.Diagnosis.exe (Wargaming.net)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wargaming.net\World of Warships ModStation\Uninstall ModStation.lnk -> C:\Program Files\Wargaming.net\World of Warships ModStation\unins000.exe (Wargaming.net                                               )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wargaming.net\World of Warships ModStation\World of Warships ModStation.lnk -> C:\Program Files\Wargaming.net\World of Warships ModStation\WorldOfWarships.ModStation.exe (Wargaming.net)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware\VMware Workstation 15 Player.lnk -> C:\Program Files (x86)\VMware\VMware Player\vmplayer.exe (VMware, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIVE Software\Vive Dashboard.lnk -> C:\Program Files (x86)\VIVE\Updater\App\Dashboard\win32\ViveDashboard.exe (HTC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIVE Software\VIVE Guide.lnk -> C:\Program Files (x86)\VIVE\Updater\App\ViveGuide\ViveGuide.exe (HTC Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIVE Software\VIVEPORT Feedback.lnk -> C:\Program Files (x86)\Common Files\HTC\Viveport\Diagnosis\ViveportDiagnosis.exe (HTC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIVE Software\VIVEPORT.lnk -> C:\Program Files (x86)\VIVE\PCClient\Vive.exe (HTC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS\VEGAS Pro 14.0\Vegas Pro 14.0 (64-bit).lnk -> M:\Vegas\vegas140.exe (MAGIX Computer Products Intl. Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS\VEGAS Pro 14.0\VEGAS Pro 14.0 Liesmich.lnk -> M:\Vegas\readme\Vegas_readme_deu.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS\DVD Architect\DVD Architect Liesmich.lnk -> M:\Vegas Architekt\readme\DVD_Architect_readme_deu.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS\DVD Architect\DVD Architect.lnk -> M:\Vegas Architekt\dvdarch70.exe (MAGIX Computer Products Intl. Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimaker Cura\Ultimaker Cura 3.5.1.lnk -> C:\Program Files\Ultimaker Cura 3.5\Cura.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimaker Cura\Uninstall.lnk -> C:\Program Files\Ultimaker Cura 3.5\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS Battlefront II\Kundendienst.lnk -> S:\Origin\STAR WARS Battlefront II\Support\EA Help\Kundendienst.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS Battlefront II\Nutzervereinbarung.lnk -> S:\Origin\STAR WARS Battlefront II\Support\Nutzervereinbarung\de_DE.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS Battlefront II\STAR WARS Battlefront II.lnk -> S:\Origin\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repetier-Host\Repetier-Host.lnk -> C:\Program Files\Repetier-Host\RepetierHost.exe (Hot-World GmbH & Co. KG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raise3D\ideaMaker\Uninstall ideaMaker.lnk -> C:\Program Files\Raise3D\ideaMaker\uninstall.exe (Raise3D)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Deinstallieren von Origin.lnk -> C:\Program Files (x86)\Origin\OriginUninstall.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin Fehlermelder.lnk -> C:\Program Files (x86)\Origin\OriginER.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (32bit).lnk -> C:\Program Files (x86)\obs-studio\bin\32bit\obs32.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (64bit).lnk -> C:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\Uninstall.lnk -> C:\Program Files (x86)\obs-studio\uninstall.exe (obsproject.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO don.h@free.fr)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Application Manager.lnk -> C:\Program Files\NewBlueFX\Common\ApplicationManager64.exe (NewBlue, Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Vegas Pro Complete\Uninstall Vegas Pro Complete.lnk -> C:\Program Files\NewBlueFX\uninstallers\Uninstall Vegas Pro Complete.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft.lnk -> C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe (Mojang)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\BeckerCAD 10 Pro Beispielprojekte.lnk -> M:\BeckerCAD 10 Pro\Program\Bin\BeckerEx.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\BeckerCAD 10 Pro deinstallieren.lnk -> M:\BeckerCAD 10 Pro\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\BeckerCAD 10 Pro Hilfe.lnk -> M:\BeckerCAD 10 Pro\Program\Bin\Becker.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\BeckerCAD 10 Pro.lnk -> M:\BeckerCAD 10 Pro\Program\Bin\BeckerCAD.exe (DATA BECKER GmbH & Co.KG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Python - Standard Python Console Interface.lnk -> M:\BeckerCAD 10 Pro\Program\Python\python.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\PythonWin - Advanced Python Graphical User Interface.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Lib\site-packages\pythonwin\Pythonwin.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\wxFormBuilder - a wxPython Gui Designer.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Tools\wxFormBuilder\wxFormBuilder.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\CADdy++ Python Documentation.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Doc\CADdy\html\index.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\PyScripter Documentation.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Tools\PyScripter\PyScripter.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\Python COM Documentation.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Lib\site-packages\win32com\HTML\docindex.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\Python COM Help.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Doc\PyWin32.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\Python Standard Documentation.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Doc\python275.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\wxPython\wxGlade GUI Designer Documentation.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Tools\wxGlade\docs\index.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\wxPython\wxGlade GUI Designer Tutorial.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Tools\wxGlade\docs\tutorial.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\wxPython\wxPython Documentation.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Doc\wxPython\docs\wx.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\wxPython\wxPython Package Documentation.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Doc\wxPython\docs\wxPackage.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\wxPython\wxPython Py Manual.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Doc\wxPython\docs\PyManual.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\wxPython\wxPython Samples.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Doc\wxPython\samples ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\wxPython\wxPython Starter Guide.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Doc\wxPython\docs\wxPythonManual.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Launch Gaming Software Profiler.lnk -> C:\Windows\Installer\{1444D2EE-C7AD-44A8-844F-2634B49353D1}\NewShortcut1_7E69263C626D4C569CA13522D79FEB7F.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Capture.lnk -> C:\Program Files\Logitech\LogiCapture\bin\LogiCapture.exe (Logitech)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Gaming Software 8.74.lnk -> C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility\Intel(R) Driver Update Utility 2.7.lnk -> C:\Program Files (x86)\Intel Driver Update Utility\DSADesktopUI.exe (Intel)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn\ImgBurn Read Me.lnk -> C:\Program Files (x86)\ImgBurn\ReadMe.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn\ImgBurn.lnk -> C:\Program Files (x86)\ImgBurn\ImgBurn.exe (LIGHTNING UK!)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn\Uninstall.lnk -> C:\Program Files (x86)\ImgBurn\uninstall.exe (LIGHTNING UK!)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro\GoPro Studio.lnk -> C:\Program Files (x86)\GoPro\Tools\GoPro Studio.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro\Quik.lnk -> C:\Program Files\GoPro\GoPro Desktop App\Quik.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript\Ghostscript Readme 9.53.3.LNK -> C:\Program Files\gs\gs9.53.3\doc\Readme.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript\Uninstall Ghostscript 9.53.3.LNK -> C:\Program Files\gs\gs9.53.3\uninstgs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Assassin's Creed Rogue.lnk -> [LF6"pH,R GFSI/jX@2p%,WHAT MATTERS IS THAT I FOLLOWED MY OWN CREED(1SPSXFL8C&m]
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Battlefield 3™.lnk -> [LF6"pH,R GFSIKՏD@,pBattlefield 3"!(1SPSXFL8C&m]
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Command & Conquer™ Alarmstufe Rot 3 Der Aufstand.lnk -> [LF6"pH,R GFSIK`F1)sɰ0Command & Conquer"! Alarmstufe Rot 3 Der Aufstand(1SPSXFL8C&m]
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\FileZilla.lnk -> C:\Program Files\FileZilla FTP Client\filezilla.exe (FileZilla Project)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\Uninstall.lnk -> C:\Program Files\FileZilla FTP Client\uninstall.exe (Tim Kosse)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elgato\Stream Deck\Stream Deck.lnk -> C:\Program Files\Elgato\StreamDeck\StreamDeck.exe (Corsair Memory, Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes\VirtualCloneDrive\Uninstall.lnk -> C:\Program Files (x86)\VirtualCloneDrive\Vcd-uninst.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\AVIFix.lnk -> C:\Program Files (x86)\ExKode\Dxtory2.0\AVIFix.exe (ExKode Co. Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\AVIMux.lnk -> C:\Program Files (x86)\ExKode\Dxtory2.0\AVIMux.exe (ExKode Co. Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\Dxtory Video Setting.lnk -> C:\Program Files (x86)\ExKode\Dxtory2.0\DxtoryVideoSetting.exe (ExKode Co. Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\Dxtory.lnk -> C:\Program Files (x86)\ExKode\Dxtory2.0\Dxtory.exe (ExKode Co. Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\EULA.txt.lnk -> C:\Program Files (x86)\ExKode\Dxtory2.0\EULA_en.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\License Register.lnk -> C:\Program Files (x86)\ExKode\Dxtory2.0\LicReg.exe (ExKode Co. Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\RawCapConv.lnk -> C:\Program Files (x86)\ExKode\Dxtory2.0\RawCapConv.exe (ExKode Co. Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\readme.txt.lnk -> C:\Program Files (x86)\ExKode\Dxtory2.0\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\DVDVideoSoft Free Studio.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\FreeStudioManager.exe (Digital Wave Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free Video To MP3 Converter.lnk -> C:\Program Files (x86)\DVDVideoSoft\Free Video to MP3 Converter\FreeVideoToMP3Converter.exe (Digital Wave Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free YouTube Download.lnk -> C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe (Digital Wave Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Log Report.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVSSysReport.exe (DVDVideoSoft Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Premium Membership.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\PremiumMembershipOffer.exe (DVDVideoSoft Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Uninstall.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion Uninstall.lnk -> C:\Program Files (x86)\DisplayFusion\unins000.exe (Binary Fortress Software                                    )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion.lnk -> C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DayZLauncher\DayZLauncher.lnk -> C:\Program Files (x86)\DayZLauncher\DayZLauncher.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF Writer\Readme.lnk -> C:\Program Files (x86)\CutePDF Writer\CuteEdit.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF Writer\Try Free CutePDF Editor.lnk -> C:\Program Files (x86)\CutePDF Writer\CuteEdit.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corsair LINK 4\Corsair LINK 4.lnk -> C:\Windows\Installer\{D97F4B31-5A7D-4A07-AC85-16D64FAB93E1}\Icon.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Boot Setting\ASUS Boot Setting 1.00.22.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{7AAE9187-C24F-4073-A951-36C370E7A3A5}\Setup.exe (InstallShield Software Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AI Suite 3\AI Suite 3.lnk -> C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe (ASUSTeK Computer Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility\ASRock eXtreme Tuner\ASRock eXtreme Tuner.lnk -> C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility\ASRock eXtreme Tuner\Uninstall ASRock eXtreme Tuner.lnk -> C:\Program Files (x86)\ASRock Utility\AXTU\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascaron\Piraten\Auf Update prüfen.lnk -> C:\Program Files (x86)\Piraten\Updater.exe (Ascaron Entertainment GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascaron\Piraten\Piraten deinstallieren.lnk -> C:\Program Files (x86)\Piraten\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascaron\Piraten\Piraten starten.lnk -> C:\Program Files (x86)\Piraten\piraten.exe (Ascaron Entertainment GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascaron\Piraten\Readme lesen.lnk -> C:\Program Files (x86)\Piraten\liesmich.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 1.1 Configuration.lnk -> C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorcfg.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 1.1 Wizards.lnk -> C:\Windows\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe ( )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Hendrik\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Hendrik\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\Links\Desktop.lnk -> C:\Users\Hendrik\Desktop ()
Shortcut: C:\Users\Hendrik\Links\Downloads.lnk -> C:\Users\Hendrik\Downloads ()
Shortcut: C:\Users\Hendrik\Links\RecentPlaces.lnk -> [::{22877A6D-37A1-461A-91B0-DBDA5AAEBC99}]
Shortcut: C:\Users\Hendrik\Documents\MAGIX\Music Maker\_Demos.LNK -> C:\ProgramData\Magix\Music Maker\25\_Demos (Keine Datei)
Shortcut: C:\Users\Hendrik\Desktop\Grand Theft Auto V.lnk -> E:\GTA V\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games)
Shortcut: C:\Users\Hendrik\Desktop\Minecraft.lnk -> C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe (Mojang)
Shortcut: C:\Users\Hendrik\Desktop\PBOManager v.1.4 beta.lnk -> C:\Users\Hendrik\AppData\Roaming\Microsoft\Installer\{0E3A79BF-E860-4371-8ABC-7AAEDD68DA0A}\_874CC01FA1E56E43D66A67.exe ()
Shortcut: C:\Users\Hendrik\Desktop\Piraten starten.lnk -> C:\Program Files (x86)\Piraten\piraten.exe (Ascaron Entertainment GmbH)
Shortcut: C:\Users\Hendrik\Desktop\Sea of Thieves.lnk -> [LF4BEM84VAPPS1SPSMԆi<D*TFFF9Resources\Logo.pngAResources\SmallLogo.png1Sea of Thieves-1SPSwlE[([8װM1SPS0%G`1Sea of ThievesE1SPSU(Ly9K-]%Microsoft.SeaofThieves_8wekyb3d8bbwe:Microsoft.SeaofThieves_8wekyb3d8bbwe!AthenaClientShippingSC:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.74.9691.2_x64__8wekyb3d8bbwe}6Microsoft.SeaofThieves_2.74.9691.2_x64__8wekyb3d8bbwe11SPSmDpHH@.=xd'1SPSC@:s-yd4Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy] (Keine Datei)
Shortcut: C:\Users\Hendrik\Desktop\Spotify.lnk -> C:\Users\Hendrik\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\Hendrik\Desktop\WarThunder.lnk -> D:\WarThunder\launcher.exe (Gaijin)
Shortcut: C:\Users\Hendrik\Desktop\Programme\balenaEtcher.lnk -> C:\Users\Hendrik\AppData\Local\Programs\balena-etcher\balenaEtcher.exe (Balena Inc.)
Shortcut: C:\Users\Hendrik\Desktop\Programme\BeckerCAD 10 Pro.lnk -> M:\BeckerCAD 10 Pro\Program\Bin\BeckerCAD.exe (DATA BECKER GmbH & Co.KG)
Shortcut: C:\Users\Hendrik\Desktop\Programme\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.)
Shortcut: C:\Users\Hendrik\Desktop\Programme\FileZilla.lnk -> C:\Program Files\FileZilla FTP Client\filezilla.exe (FileZilla Project)
Shortcut: C:\Users\Hendrik\Desktop\Programme\Foxit Reader.lnk -> C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe (Keine Datei)
Shortcut: C:\Users\Hendrik\Desktop\Programme\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation)
Shortcut: C:\Users\Hendrik\Desktop\Programme\GIMP 2.10.8.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.10.exe (Keine Datei)
Shortcut: C:\Users\Hendrik\Desktop\Programme\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Keine Datei)
Shortcut: C:\Users\Hendrik\Desktop\Programme\GoPro Studio.lnk -> C:\Program Files (x86)\GoPro\Tools\GoPro Studio.exe ()
Shortcut: C:\Users\Hendrik\Desktop\Programme\ImgBurn.lnk -> C:\Program Files (x86)\ImgBurn\ImgBurn.exe (LIGHTNING UK!)
Shortcut: C:\Users\Hendrik\Desktop\Programme\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\Desktop\Programme\Notepad++.lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO don.h@free.fr)
Shortcut: C:\Users\Hendrik\Desktop\Programme\OBS Studio.lnk -> C:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe ()
Shortcut: C:\Users\Hendrik\Desktop\Programme\OpenOffice 4.1.1.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Keine Datei)
Shortcut: C:\Users\Hendrik\Desktop\Programme\Repetier-Host.lnk -> C:\Program Files\Repetier-Host\RepetierHost.exe (Hot-World GmbH & Co. KG)
Shortcut: C:\Users\Hendrik\Desktop\Programme\Spotify.lnk -> C:\Users\Hendrik\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\Hendrik\Desktop\Programme\Stream Deck.lnk -> C:\Program Files\Elgato\StreamDeck\StreamDeck.exe (Corsair Memory, Inc)
Shortcut: C:\Users\Hendrik\Desktop\Programme\Streamlabs OBS.lnk -> C:\Program Files\Streamlabs OBS\Streamlabs OBS.exe (General Workings, Inc.)
Shortcut: C:\Users\Hendrik\Desktop\Programme\TeamViewer 14.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH)
Shortcut: C:\Users\Hendrik\Desktop\Programme\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\Users\Hendrik\Desktop\Programme\VMware Workstation 15 Player.lnk -> C:\Program Files (x86)\VMware\VMware Player\vmplayer.exe (VMware, Inc.)
Shortcut: C:\Users\Hendrik\Desktop\Programme\Voicemod.lnk -> C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Keine Datei)
Shortcut: C:\Users\Hendrik\Desktop\Programme\WinSCP.lnk -> C:\Program Files (x86)\WinSCP\WinSCP.exe (Martin Prikryl)
Shortcut: C:\Users\Hendrik\Desktop\Programme\Tor Browser\Start Tor Browser.lnk -> C:\Users\Hendrik\Desktop\Tor Browser\Browser\firefox.exe (Keine Datei)
Shortcut: C:\Users\Hendrik\Desktop\Desktop\PW_Banken - Verknüpfung.lnk -> C:\Users\Hendrik\Documents\PW_Banken ()
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\balenaEtcher.lnk -> C:\Users\Hendrik\AppData\Local\Programs\balena-etcher\balenaEtcher.exe (Balena Inc.)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Hendrik\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk -> C:\Windows\System32\fodhelper.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Users\Hendrik\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk -> C:\Users\Hendrik\Desktop\Tor Browser\Browser\firefox.exe (Keine Datei)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Zoom.lnk -> C:\Users\Hendrik\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\War Thunder entfernen.lnk -> D:\WarThunder\unins000.exe ()
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> D:\WarThunder\launcher.exe (Gaijin)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\UbisoftConnect\Ubisoft Connect.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftConnect.exe (Ubisoft)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\UbisoftConnect\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> C:\Users\Hendrik\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Grand Theft Auto V.lnk -> E:\GTA V\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Rockstar Games Launcher.lnk -> E:\RockStarLauncher\LauncherPatcher.exe (Rockstar Games)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PBO Manager\controls.lnk -> C:\Users\Hendrik\AppData\Roaming\Microsoft\Installer\{0E3A79BF-E860-4371-8ABC-7AAEDD68DA0A}\_CD563CB94BF2458756A232.exe ()
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PBO Manager\PBOConsole v.1.4 beta.lnk -> C:\Users\Hendrik\AppData\Roaming\Microsoft\Installer\{0E3A79BF-E860-4371-8ABC-7AAEDD68DA0A}\_73590F9A25763F4F8565BA.exe ()
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PBO Manager\PBOManager v.1.4 beta.lnk -> C:\Users\Hendrik\AppData\Roaming\Microsoft\Installer\{0E3A79BF-E860-4371-8ABC-7AAEDD68DA0A}\_57A4D983D541EBF67B2A77.exe ()
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PBO Manager\version.lnk -> C:\Users\Hendrik\AppData\Roaming\Microsoft\Installer\{0E3A79BF-E860-4371-8ABC-7AAEDD68DA0A}\_CA64E588BACC80D7DC796F.exe ()
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Far Cry 3.lnk -> [LF6"pH,R GFSITkjEK3lÚ^Fernab jeglicher Zivilisation liegt eine von Gewalt beherrschte Insel. Hier bist du gestrandet, mitten in einem blutigen Krieg zwischen wahnsinnigen Warlords und eingeborenen Rebellen, und die Mndung deiner Waffe stellt deine einzige berlebenschance dar. Entdecke die dunklen Geheimnisse der Insel und trage den Kampf zu deinen Feinden. Improvisiere, nutze deine Umgebung zu deinem Vorteil und sei vor allem schlauer als der Haufen skrupelloser Ausbeuter um dich herum. Lass dich von der Schnheit dieser Insel des Wahnsinns nicht tuschen & Glck allein wird nicht reichen, um hier lebend rauszukommen.(1SPSXFL8C&m]
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Hitman™ 2 Silent Assassin.lnk -> [LF6"pH,R GFSIS;FmoM'Hitman"! 2: Silent Assassin(1SPSXFL8C&m]
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Pinball.lnk -> C:\Program Files (x86)\Microsoft Games\Pinball\pinball.exe (Cinematronics)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive\ArmA 2\BattlEye\Uninstall BattlEye.lnk -> M:\SteamLibrary\steamapps\common\Arma 2\BattlEye\UnInstallBE.exe ()
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Games\Space_Cadet_Table.lnk -> C:\Program Files\Plus!\Pinball\PINBALL.EXE (Cinematronics)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GIMP 2.10.8.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.10.exe (Keine Datei)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Keine Datei)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TeamSpeak 3 Client.lnk -> C:\Users\Hendrik\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\DayZLauncher.lnk -> C:\Program Files (x86)\DayZLauncher\DayZLauncher.exe (Keine Datei)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\TeamSpeak 3 Client.lnk -> C:\Users\Hendrik\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft)
Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\26c8e4b9a90483d\Rockstar Games Launcher.lnk -> E:\RockStarLauncher\Launcher.exe (Rockstar Games)
Shortcut: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Hendrik\AppData\Local\Microsoft\GFWLive\Logs\InstallLog.lnk -> C:\Users\Hendrik\AppData\Local\Microsoft\GFWLive\Install\Logs ()
Shortcut: C:\Users\Hendrik\AppData\Local\Microsoft\GFWLive\Install\Logs\ClientLog.lnk -> C:\Users\Hendrik\AppData\Local\Microsoft\GFWLive\Logs ()
Shortcut: C:\Users\Public\Desktop\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation)
Shortcut: C:\Users\Public\Desktop\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\Users\Public\Desktop\STAR WARS Battlefront II.lnk -> S:\Origin\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts Inc.)
Shortcut: C:\Users\Public\Desktop\Stream Deck.lnk -> C:\Program Files\Elgato\StreamDeck\StreamDeck.exe (Corsair Memory, Inc)
Shortcut: C:\Users\Public\Desktop\VIVEPORT.lnk -> C:\Program Files (x86)\VIVE\PCClient\Vive.exe (HTC)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIVE Software\Uninstall.lnk -> C:\Program Files (x86)\VIVE\Updater\Updater.exe (HTC Corp.) -> -uninstall "VIVE Software" "C:\Program Files (x86)\VIVE" "VIVE_SOFTWARE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raise3D\ideaMaker\ideaMaker.lnk -> C:\Program Files\Raise3D\ideaMaker\ideaMaker.exe (Raise3D) -> C:\Program Files\Raise3D\ideaMaker\ideaMaker.exe
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\CADdy++ AddIn Code Wizard.lnk -> M:\BeckerCAD 10 Pro\Program\Python\pythonw.exe () -> M:\BeckerCAD 10 Pro\Program\Python\Tools\Wizard\AddInGenerator.py
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\IDLE - Standard Python Graphical User Interface.lnk -> M:\BeckerCAD 10 Pro\Program\Python\pythonw.exe () -> M:\BeckerCAD 10 Pro\Program\Python\lib\idlelib\idle.pyw
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\IPython - Advanced Python Console Interface.lnk -> M:\BeckerCAD 10 Pro\Program\Python\python.exe () -> M:\BeckerCAD 10 Pro\Program\Python\scripts\ipython-script.py
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\PyScripter - Integrated Development Environment.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Tools\PyScripter\PyScripter.exe () -> --PYTHON27
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\PySlices - wxPython Advanced Python Shell.lnk -> M:\BeckerCAD 10 Pro\Program\Python\pythonw.exe () -> M:\BeckerCAD 10 Pro\Program\Python\Doc\wxPython\scripts\pyslices.pyw
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Python Module Documentation Browser.lnk -> M:\BeckerCAD 10 Pro\Program\Python\pythonw.exe () -> M:\BeckerCAD 10 Pro\Program\Python\lib\pydoc.py -g
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\winPDB - a Python Debugger.lnk -> M:\BeckerCAD 10 Pro\Program\Python\pythonw.exe () -> M:\BeckerCAD 10 Pro\Program\Python\Lib\site-packages\winpdb.py
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\wxGlade - a wxPython Gui Designer.lnk -> M:\BeckerCAD 10 Pro\Program\Python\pythonw.exe () -> M:\BeckerCAD 10 Pro\Program\Python\Tools\wxGlade\wxglade.pyw
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\wxPython XRC Resource Editor.lnk -> M:\BeckerCAD 10 Pro\Program\Python\pythonw.exe () -> M:\BeckerCAD 10 Pro\Program\Python\Doc\wxPython\scripts\xrced.pyw
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\wxPython\wxPython Demo Program.lnk -> M:\BeckerCAD 10 Pro\Program\Python\pythonw.exe () -> "M:\BeckerCAD 10 Pro\Program\Python\Doc\wxPython\demo\demo.pyw"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript\Ghostscript 9.53.3.LNK -> C:\Program Files\gs\gs9.53.3\bin\gswin64.exe () -> "-IC:\Program Files\gs\gs9.53.3\lib;C:\Program Files\gs\gs9.53.3\..\fonts"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elgato\Stream Deck\Deinstallieren.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {6144D800-5056-408B-954C-B066622BE490}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\RawCapConv NoPreview.lnk -> C:\Program Files (x86)\ExKode\Dxtory2.0\RawCapConv.exe (ExKode Co. Ltd.) -> /nopv
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion Desktop Wallpaper.lnk -> C:\Program Files (x86)\DisplayFusion\DisplayFusionCommand.exe (Binary Fortress Software) -> -windowwallpaper
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion Monitor Configuration.lnk -> C:\Program Files (x86)\DisplayFusion\DisplayFusionCommand.exe (Binary Fortress Software) -> -windowmonitorconfig
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion Settings.lnk -> C:\Program Files (x86)\DisplayFusion\DisplayFusionCommand.exe (Binary Fortress Software) -> -windowsettings
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AI Suite 3\Uninstall AI Suite 3.lnk -> C:\ProgramData\ASUS\AI Suite III\Setup.exe () -> -u
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology\ASM106x SATA Driver\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {61942EF5-2CD8-47D4-869C-2E9A8BB085F1} 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascaron\Piraten\Piraten mit Standard-Cursor starten.lnk -> C:\Program Files (x86)\Piraten\piraten.exe (Ascaron Entertainment GmbH) -> /defaultcursor
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Hendrik\Desktop\Microsoft Teams.lnk -> C:\Users\Hendrik\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe"
ShortcutWithArgument: C:\Users\Hendrik\Desktop\Programme\Discord.lnk -> C:\Users\Hendrik\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\Hendrik\Desktop\Programme\DisplayFusion.lnk -> C:\Program Files (x86)\DisplayFusion\DisplayFusionCommand.exe (Binary Fortress Software) -> -windowsettings
ShortcutWithArgument: C:\Users\Hendrik\Desktop\Programme\ideaMaker.lnk -> C:\Program Files\Raise3D\ideaMaker\ideaMaker.exe (Raise3D) -> C:\Program Files\Raise3D\ideaMaker\ideaMaker.exe
ShortcutWithArgument: C:\Users\Hendrik\Desktop\Programme\Microsoft Teams.lnk -> C:\Users\Hendrik\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe"
ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk -> C:\Users\Hendrik\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe"
ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\Hendrik\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Video Communications, Inc.) -> /uninstall
ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\Logs and errors.lnk -> D:\WarThunder\.game_logs () -> cd 
ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\Replays.lnk -> D:\WarThunder\Replays () -> cd 
ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\Screenshots.lnk -> D:\WarThunder\Screenshots () -> cd 
ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net\Wargaming.net Game Center.lnk -> C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming.net) -> '
ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net\World_of_Warships_Eu\World_of_Warships_Eu deinstallieren.lnk -> M:\World_of_Warships\wgc_api.exe (Wargaming) -> --uninstall
ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net\World_of_Warships_Eu\World_of_Warships_Eu.lnk -> M:\World_of_Warships\wgc_api.exe (Wargaming) -> --open
ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc\Discord.lnk -> C:\Users\Hendrik\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto
ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\SendTo\WinSCP (zum hochladen).lnk -> C:\Program Files (x86)\WinSCP\WinSCP.exe (Martin Prikryl) -> /upload
ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Discord.lnk -> C:\Users\Hendrik\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimaker Cura\Development Resources.url -> URL: hxxps://github.com/ultimaker/cura
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimaker Cura\Online Documentation.url -> URL: hxxps://ultimaker.com/en/support/software
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\Markt+Technik im Internet.url -> URL: hxxp://www.mut.de
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion on the Web.url -> URL: hxxps://www.displayfusion.com
InternetURL: C:\Users\Hendrik\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Hendrik\Favorites\Windows Live\Windows Live Gallery.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\Hendrik\Favorites\Windows Live\Windows Live Ideas.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72700
InternetURL: C:\Users\Hendrik\Favorites\Windows Live\Windows Live Mail.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72681
InternetURL: C:\Users\Hendrik\Favorites\Windows Live\Windows Live Spaces.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72682
InternetURL: C:\Users\Hendrik\Favorites\MSN-Websites\MSN Auto.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72680
InternetURL: C:\Users\Hendrik\Favorites\MSN-Websites\MSN Fernsehen.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72659
InternetURL: C:\Users\Hendrik\Favorites\MSN-Websites\MSN Money.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72640
InternetURL: C:\Users\Hendrik\Favorites\MSN-Websites\MSN Nachrichten.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72636
InternetURL: C:\Users\Hendrik\Favorites\MSN-Websites\MSN Sport.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72635
InternetURL: C:\Users\Hendrik\Favorites\MSN-Websites\MSN.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72630
InternetURL: C:\Users\Hendrik\Favorites\Microsoft-Websites\IE-Site auf Microsoft.com.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72186
InternetURL: C:\Users\Hendrik\Favorites\Microsoft-Websites\Microsoft Deutschland GmbH.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72520
InternetURL: C:\Users\Hendrik\Favorites\Microsoft-Websites\Microsoft Store.url -> URL: hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\Hendrik\Favorites\Microsoft-Websites\Microsoft Windows - Start.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72629
InternetURL: C:\Users\Hendrik\Favorites\Microsoft-Websites\Microsoft zu Hause.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72406
InternetURL: C:\Users\Hendrik\Favorites\Microsoft-Websites\Microsoft.com durchsuchen.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72893
InternetURL: C:\Users\Hendrik\Favorites\Microsoft-Websites\Site für IE Add-Ons.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Hendrik\Favorites\Links\Vorgeschlagene Sites.url -> URL: hxxps://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\Hendrik\Favorites\Links\Web Slice-Katalog.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Hendrik\Desktop\Age of Empires II (2013).url -> URL: steam://rungameid/221380
InternetURL: C:\Users\Hendrik\Desktop\Among Us.url -> URL: steam://rungameid/945360
InternetURL: C:\Users\Hendrik\Desktop\ARK Survival Evolved.url -> URL: steam://rungameid/346110
InternetURL: C:\Users\Hendrik\Desktop\Arma 3 Tools.url -> URL: steam://rungameid/233800
InternetURL: C:\Users\Hendrik\Desktop\Arma 3.url -> URL: steam://rungameid/107410
InternetURL: C:\Users\Hendrik\Desktop\Assassin's Creed Valhalla.url -> URL: uplay://launch/13504/0
InternetURL: C:\Users\Hendrik\Desktop\Counter-Strike Global Offensive.url -> URL: steam://rungameid/730
InternetURL: C:\Users\Hendrik\Desktop\Crusader Kings III.url -> URL: steam://rungameid/1158310
InternetURL: C:\Users\Hendrik\Desktop\Fall Guys.url -> URL: steam://rungameid/1097150
InternetURL: C:\Users\Hendrik\Desktop\Farming Simulator 19.url -> URL: steam://rungameid/787860
InternetURL: C:\Users\Hendrik\Desktop\Golf With Your Friends.url -> URL: steam://rungameid/431240
InternetURL: C:\Users\Hendrik\Desktop\Minion Masters.url -> URL: steam://rungameid/489520
InternetURL: C:\Users\Hendrik\Desktop\PAYDAY 2.url -> URL: steam://rungameid/218620
InternetURL: C:\Users\Hendrik\Desktop\Raft.url -> URL: steam://rungameid/648800
InternetURL: C:\Users\Hendrik\Desktop\Sid Meier's Civilization VI.url -> URL: com.epicgames.launcher://apps/Kinglet?action=launch&silent=true
InternetURL: C:\Users\Hendrik\Desktop\STAR WARS™ Jedi Knight Jedi Academy™.url -> URL: steam://rungameid/6020
InternetURL: C:\Users\Hendrik\Desktop\Stardew Valley.url -> URL: steam://rungameid/413150
InternetURL: C:\Users\Hendrik\Desktop\SteamVR.url -> URL: steam://rungameid/250820
InternetURL: C:\Users\Hendrik\Desktop\The Forest.url -> URL: steam://rungameid/242760
InternetURL: C:\Users\Hendrik\Desktop\The Settlers 2 - History Edition.url -> URL: uplay://launch/11783/0
InternetURL: C:\Users\Hendrik\Desktop\Valheim.url -> URL: steam://rungameid/892970
InternetURL: C:\Users\Hendrik\Desktop\World War 3.url -> URL: steam://rungameid/674020
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Settlers 2 - History Edition.url -> URL: uplay://launch/11783/0
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TSHE2 -  Map Editor (english).url -> URL: uplay://launch/11783/1
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TSHE2 -  Map Editor (french).url -> URL: uplay://launch/11783/2
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TSHE2 -  Map Editor (german).url -> URL: uplay://launch/11783/4
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TSHE2 - Config.url -> URL: uplay://launch/11783/3
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\Internet Game Website.url -> URL: hxxp://www.warthunder.com
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Age of Empires II (2013).url -> URL: steam://rungameid/221380
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Age of Empires II HD Edition.url -> URL: steam://rungameid/221380
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Among Us.url -> URL: steam://rungameid/945360
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\ARK Survival Evolved.url -> URL: steam://rungameid/346110
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Arma 3 Tools.url -> URL: steam://rungameid/233800
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Arma 3.url -> URL: steam://rungameid/107410
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Counter-Strike Global Offensive.url -> URL: steam://rungameid/730
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Crusader Kings III.url -> URL: steam://rungameid/1158310
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\DisplayFusion.url -> URL: steam://rungameid/227260
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Fall Guys.url -> URL: steam://rungameid/1097150
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Farming Simulator 19.url -> URL: steam://rungameid/787860
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Golf With Your Friends.url -> URL: steam://rungameid/431240
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Minion Masters.url -> URL: steam://rungameid/489520
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\PAYDAY 2.url -> URL: steam://rungameid/218620
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\PLAYERUNKNOWN'S BATTLEGROUNDS (Beta).url -> URL: steam://rungameid/459430
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Raft.url -> URL: steam://rungameid/648800
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\STAR WARS™ Jedi Knight Jedi Academy™.url -> URL: steam://rungameid/6020
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Stardew Valley.url -> URL: steam://rungameid/413150
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\SteamVR.url -> URL: steam://rungameid/250820
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\The Forest.url -> URL: steam://rungameid/242760
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\theHunter Call of the Wild.url -> URL: steam://rungameid/518790
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Tom Clancy's Splinter Cell.url -> URL: steam://rungameid/13560
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Valheim.url -> URL: steam://rungameid/892970
InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\World War 3.url -> URL: steam://rungameid/674020

==================== Ende vom Shortcut.txt =============================
         

Alt 20.04.2021, 10:52   #17
Kio
 
W10: Firefox, automatischer Aufruf von craccoon.com - Standard

W10: Firefox, automatischer Aufruf von craccoon.com



Addition:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-04-2021
durchgeführt von Hendrik (20-04-2021 11:44:46)
Gestartet von C:\Users\Hendrik\Downloads
Windows 10 Pro Version 20H2 19042.928 (X64) (2020-08-29 10:49:43)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-256580667-2295068177-2157506718-500 - Administrator - Disabled)
ASPNET (S-1-5-21-256580667-2295068177-2157506718-1004 - Limited - Enabled)
DefaultAccount (S-1-5-21-256580667-2295068177-2157506718-503 - Limited - Disabled)
Gast (S-1-5-21-256580667-2295068177-2157506718-501 - Limited - Disabled)
Hendrik (S-1-5-21-256580667-2295068177-2157506718-1000 - Administrator - Enabled) => C:\Users\Hendrik
HomeGroupUser$ (S-1-5-21-256580667-2295068177-2157506718-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-256580667-2295068177-2157506718-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

. . . (HKLM\...\{F1EF6C33-1EAF-489E-A344-2838ECC22D47}) (Version: 2.1.28.3 - Intel) Hidden
. . . (HKLM-x32\...\{73A43153-E77E-45E6-A18F-E549F8EB5664}) (Version: 2.7.1.1 - Intel) Hidden
3D Pinball from Plus! for Windows 95 (HKLM-x32\...\Pinball) (Version:  - )
A3Launcher version 0.1.6.3 (HKLM-x32\...\{1E29A86E-9AE2-4CD8-74C8-6B170ED3C4D2}_is1) (Version: 0.1.6.3 - Maca134)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 3.00.13 - ASUSTeK Computer Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology)
Assassin's Creed Valhalla (HKLM-x32\...\Uplay Install 13504) (Version:  - Ubisoft)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.22 - ASUSTeK Computer Inc.)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
balenaEtcher 1.5.19 (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.19 - Balena Inc.)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.5.1 - Broadcom Corporation)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version:  - ) Hidden
Cisco Webex Meetings (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\ActiveTouchMeetingClient) (Version:  - Cisco Webex LLC)
Connect (HKLM-x32\...\MAGIX_connector_is1) (Version: 2.6.1.117 - MAGIX Software GmbH)
Corel Graphics - Windows Shell Extension (HKLM\...\_{340C451C-F2FD-4309-B259-580FD5E44025}) (Version: 18.1.0.661 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{340C451C-F2FD-4309-B259-580FD5E44025}) (Version: 18.1.661 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{B86D7255-2418-45F1-A36F-7E1FF617550C}) (Version: 18.1.661 - Corel Corporation) Hidden
Corsair LINK 4 (HKLM-x32\...\{40036d0c-634b-4fc0-be89-13343b4bea96}) (Version: 4.9.7.35 - Corsair Components, Inc.)
Corsair LINK 4 (HKLM-x32\...\{D97F4B31-5A7D-4A07-AC85-16D64FAB93E1}) (Version: 4.9.7.35 - Corsair Components, Inc.) Hidden
CutePDF Writer (HKLM\...\CutePDF Writer Installation) (Version:  4.0 - Acro Software Inc.)
Dassault Systemes Software VC9 Prerequisites x86-x64 (HKLM\...\{F2F2DEA7-36AB-4E13-907C-D8BDE775EF97}) (Version: 9.1.2 - Dassault Systemes)
Discord (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\Discord) (Version: 0.0.309 - Discord Inc.)
DisplayFusion 9.7.1 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 9.7.1.0 - Binary Fortress Software)
DVD Architect (HKLM-x32\...\{AE5673AE-051A-11E8-B441-525400FA7F17}) (Version: 7.0.84 - VEGAS)
Dxtory version 2.0.142 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.142 - ExKode Co. Ltd.)
Elgato Stream Deck (HKLM\...\{6144D800-5056-408B-954C-B066622BE490}) (Version: 4.9.3.13222 - Elgato Systems GmbH)
Epic Games Launcher (HKLM-x32\...\{A5A6A747-393C-4B28-AB7B-2DE2BA7F7D73}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPSON BX305 Plus Series Printer Uninstall (HKLM\...\EPSON BX305 Plus Series) (Version:  - SEIKO EPSON Corporation)
FileZilla Client 3.52.2 (HKLM-x32\...\FileZilla Client) (Version: 3.52.2 - Tim Kosse)
GameInput Redistributable (HKLM-x32\...\{6710BAE4-C559-9D3C-DADB-464879F18148}) (Version: 10.1.19041.3225 - Microsoft Corporation)
Google Earth Pro (HKLM-x32\...\{59F21DFB-6977-434B-9CB9-67783D6E7B6B}) (Version: 7.3.3.7786 - Google)
GoPro Studio (HKLM-x32\...\{15FAF1DC-3F11-40B6-9B2D-7051BD51DD87}) (Version: 5.10.4643 - GoPro, Inc.) Hidden
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.16.0.19598 (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\GoToMeeting) (Version: 10.16.0.19598 - LogMeIn, Inc.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.53.3) (Version: 9.53.3 - Artifex Software Inc.)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2245.0 - Rockstar Games)
ideaMaker 4.0.1.4802 (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\ideaMaker) (Version: 4.0.1.4802 - Raise3D)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 27.20.100.7989 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Driver Update Utility (HKLM-x32\...\{29539bc2-b48e-4b56-93e8-420e38a6d551}) (Version: 2.7.1.1 - Intel)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Capture (HKLM\...\Capture) (Version: 2.04.13 - Logitech)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.74 (HKLM\...\Logitech Gaming Software) (Version: 8.74.80 - Logitech Inc.)
Magnet Engine (x86) (HKLM-x32\...\{E67D365E-54A2-4319-A7BB-849BE8FD8970}) (Version: 1.4.10.7 - HTC Corp.) Hidden
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Markt+Technik BeckerCAD 10 Pro (HKLM-x32\...\{350FD117-23A9-4872-8B4E-3D91B854E1CF}_is1) (Version: 10.0.0.0 - Markt+Technik Verlag GmbH)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.77 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 89.0.774.77 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\Teams) (Version: 1.4.00.2879 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 87.0 (x64 de) (HKLM\...\Mozilla Firefox 87.0 (x64 de)) (Version: 87.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 87.0.0.7747 - Mozilla)
Mozilla Thunderbird 78.8.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 78.8.1 (x86 de)) (Version: 78.8.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NewBlue Vegas Pro Complete (HKLM-x32\...\NewBlue Vegas Pro Complete) (Version: 1.0 - NewBlue)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Grafiktreiber 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.90.45798 - Electronic Arts, Inc.)
Paradox Launcher v2 (HKLM\...\{A8D4AE16-519B-409D-B5B4-2647C06805AD}) (Version: 2.0.3.0 - Paradox Interactive)
PBO Manager v.1.4 beta (HKLM-x32\...\{0E3A79BF-E860-4371-8ABC-7AAEDD68DA0A}) (Version: 1.4.0 -  )
Piraten (HKLM-x32\...\Piraten_is1) (Version:  - )
proDAD Mercalli NLE 4.0 (64bit) (HKLM\...\proDAD-MercalliPlugins-4.0) (Version: 4.0.471.1 - proDAD GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Quik (HKLM\...\{DA17DAC7-5559-46CF-BF8F-737BC4B7ED14}) (Version: 0.1.4643 - GoPro, Inc.) Hidden
Quik (HKLM-x32\...\{71fc4e33-8ac1-4b21-8cb5-040ce8986c4e}) (Version: 2.0.0.4643 - GoPro, Inc.)
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - Sector3 Studios)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Repetier-Host Version 1.0.5 (HKLM\...\{1143F758-929B-4EEB-8784-46CCB622F037}_is1) (Version: 1.0.5 - repetier)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.37.349 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.1 - Rockstar Games)
Sennheiser Audio (HKLM\...\Sennheiser Game Dongle) (Version: 1.31.35.10 - Sennheiser)
Sennheiser Audio (HKLM-x32\...\{1CAB4BF9-BDFF-4FDA-9633-F22EEB518488}) (Version: 1.0.15.0 - Sennheiser)
Spotify (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\Spotify) (Version: 1.1.56.595.g2d2da0de - Spotify AB)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.8.16162 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.16.3 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.16.3 - General Workings, Inc.)
TeamSpeak 3 Client (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
thesettlers2 (HKLM-x32\...\Uplay Install 11783) (Version:  - Ubisoft)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 38.2 - Ubisoft)
Ultimaker Cura 3.5 (HKLM-x32\...\Ultimaker Cura 3.5) (Version: 3.5.1 - Ultimaker)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VEGAS Pro 14.0 (64-bit) (HKLM\...\{8C4D3D00-4FB0-11E7-8E8D-A9EF5249FCEF}) (Version: 14.0.270 - VEGAS)
VFW_Codec32 (HKLM-x32\...\{3F85CA55-7192-40E6-9EF1-60228D45DED3}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (HKLM\...\{1D540D0B-A42E-4C6F-9B55-EEC232F080C1}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VIVE Software (HKLM-x32\...\VIVE Software) (Version: 1.0.8.161 - HTC)
VIVEPORT (HKLM-x32\...\VIVEPORT) (Version: 1.0.9.202 - HTC)
VIVEPORT Desktop (HKLM-x32\...\{def76cd7-cdbd-4919-8912-6d70b7fafdcd}) (Version: 1.4.10.7 - HTC Corp.) Hidden
VIVEPORT Desktop (x86) (HKLM-x32\...\{DEF64A82-DD6A-4199-A874-93E8ABAB51C9}) (Version: 1.4.10.7 - HTC Corp.) Hidden
VIVEPORT Diagnosis (HKLM-x32\...\{80fb4b44-f420-4ad8-9854-703b730bc391}) (Version: 1.2.3.2 - HTC Corp.)
VIVEPORT Diagnosis (x86) (HKLM-x32\...\{882E4EC7-5D28-4D46-AE09-20FB485645BB}) (Version: 1.2.3.2 - HTC Corp.) Hidden
VIVEPORT DirectX 9.0 (HKLM-x32\...\{4b01ac5b-340e-4644-828b-0882c8255a4e}) (Version: 1.2.0.3 - HTC Corp.) Hidden
VIVEPORT DirectX 9.0 (x86/x64) (HKLM-x32\...\{9D42F21E-7CFA-4C87-99FD-C81CFFCB12E5}) (Version: 1.2.0.3 - HTC Corp.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
War Thunder Launcher 1.0.3.251 (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Wargaming.net Game Center (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\Wargaming.net Game Center) (Version: 21.1.1.4281 - Wargaming.net)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
Windows-Treiberpaket - Adafruit Industries LLC (usbser) Ports  (02/25/2016 6.2.2600.0) (HKLM\...\1245A5961AC9D2C18ADF9EEC931D77E059B7F74E) (Version: 02/25/2016 6.2.2600.0 - Adafruit Industries LLC)
Windows-Treiberpaket - Arduino LLC (www.arduino.cc) Arduino USB Driver (11/24/2015 1.2.3.0) (HKLM\...\8B585560B248755A6C5A24D5C0F50FA998310883) (Version: 11/24/2015 1.2.3.0 - Arduino LLC (www.arduino.cc))
Windows-Treiberpaket - Arduino LLC (www.arduino.cc) Genuino USB Driver (01/07/2016 1.0.3.0) (HKLM\...\EC414D98E2986DCA1628FAED2163CD1C9A4ED7EC) (Version: 01/07/2016 1.0.3.0 - Arduino LLC (www.arduino.cc))
Windows-Treiberpaket - Arduino Srl (www.arduino.org) Arduino USB Driver (03/19/2015 1.1.1.0) (HKLM\...\69E507459B453D69A453EFC9E461FAE1E073408A) (Version: 03/19/2015 1.1.1.0 - Arduino Srl (www.arduino.org))
Windows-Treiberpaket - Corsair Components, Inc. (SIUSBXP) USB  (07/14/2010 3.3) (HKLM\...\9D216BBD7DABB6A9E6F4F1D85E06CDFF9EA816FE) (Version: 07/14/2010 3.3 - Corsair Components, Inc.)
Windows-Treiberpaket - Corsair Components, Inc. (SIUSBXP) USB  (07/14/2017 3.3) (HKLM\...\A2206C09905C467F30CB24DCBB49F056D7F0A290) (Version: 07/14/2017 3.3 - Corsair Components, Inc.)
Windows-Treiberpaket - libusb-win32 (libusb0) libusb-win32 devices  (04/21/2015 1.0.0.0) (HKLM\...\28E91B69CA377EB48D6E1B92C37F897036E8A818) (Version: 04/21/2015 1.0.0.0 - libusb-win32)
Windows-Treiberpaket - Linino (usbser) Ports  (01/13/2014 1.0.0.0) (HKLM\...\A2C084AD4515675961A87E71B10E80E4FDCF7FAA) (Version: 01/13/2014 1.0.0.0 - Linino)
World of Warships ModStation (HKLM\...\{A8151413-D738-4556-BAC3-6344FA961EF2}_is1) (Version: 2.1.0.2 - Wargaming.net)
World_of_Warships_Eu (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\WOWS.EU.PRODUCTION) (Version:  - Wargaming.net)
Zoom (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.)

Packages:
=========
Intel® Grafik-Kontrollraum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt [2020-12-31] (INTEL CORP) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Sea of Thieves -> C:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.100.2734.2_x64__8wekyb3d8bbwe [2021-04-16] (ms-resource:PublisherDisplayName)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-07-25] (Microsoft Corporation)
Xbox Insider Hub -> C:\Program Files\WindowsApps\Microsoft.FlightDashboard_477.2102.26001.0_x64__8wekyb3d8bbwe [2021-03-03] (Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-256580667-2295068177-2157506718-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Hendrik\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-256580667-2295068177-2157506718-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Hendrik\AppData\Local\GoToMeeting\17359\G2MOutlookAddin64.dll => Keine Datei
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-11-27] (Notepad++ -> )
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Player\vmdkShellExt.dll [2019-11-04] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Player\x64\vmdkShellExt64.dll [2019-11-04] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-20] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-20] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\system32\CFHD.dll [1334784 2016-12-02] (CineForm Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.xtor] => C:\WINDOWS\system32\DxtoryCodec.dll [2606144 2015-08-10] (ExKode Co.Ltd. -> ExKode Co. Ltd.)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\SysWOW64\CFHD.dll [1119744 2016-12-02] (CineForm Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.xtor] => C:\WINDOWS\System32\DxtoryCodec.dll [2606144 2015-08-10] (ExKode Co.Ltd. -> ExKode Co. Ltd.)

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2018-05-31 12:29 - 2017-10-29 19:15 - 000147456 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2018-05-31 12:29 - 2017-11-24 08:48 - 000961536 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccToolHelper.dll
2018-05-31 12:29 - 2017-11-24 08:48 - 000743424 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2018-05-31 12:16 - 2017-12-26 15:26 - 000053248 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AXSP\4.00.01\cpuutil.dll
2018-05-31 12:29 - 2017-11-27 11:57 - 000062464 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\VGA COM\2.00.03\Exeio.dll
2018-05-31 12:29 - 2017-11-27 11:57 - 001772544 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\VGA COM\2.00.03\Vender.dll
2020-06-30 10:55 - 2019-08-15 18:13 - 001265664 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\DisplayFusion\runtimes\win-x64\native\e_sqlite3.dll
2020-09-24 18:21 - 2020-09-24 18:21 - 000038400 _____ () [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\giflib5.dll
2020-09-24 18:21 - 2020-09-24 18:21 - 000098816 _____ () [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\QtZeroConf.dll
2020-09-24 18:21 - 2020-09-24 18:21 - 000720384 _____ () [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\turbojpeg.dll
2018-05-31 12:29 - 2017-10-29 19:15 - 000108544 _____ (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsAcpi.dll
2018-05-31 12:29 - 2017-10-29 19:15 - 000108544 _____ (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\asacpi.dll
2018-05-31 12:29 - 2017-11-24 08:47 - 000108544 _____ (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpi.dll
2018-05-31 12:16 - 2021-04-20 07:21 - 000038696 _____ (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AXSP\4.00.01\PEbiosinterface32.dll
2018-05-31 12:29 - 2017-10-29 19:15 - 000676864 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\asacpiEx.dll
2018-05-31 12:29 - 2017-10-29 19:15 - 000221184 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsMultiLang.dll
2018-05-31 12:29 - 2017-10-29 19:15 - 000676864 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\asacpiEx.dll
2018-05-31 12:29 - 2017-11-24 08:47 - 000221184 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\AsMultiLang.dll
2018-05-31 12:29 - 2017-11-24 08:47 - 000676864 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpiEx.dll
2018-05-31 12:29 - 2017-05-03 02:17 - 000106496 _____ (ASUSTek Computer Inc.,) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\VGA COM\2.00.03\EIO.DLL
2018-03-29 17:56 - 2018-03-29 17:56 - 001272832 _____ (CPUID) [Datei ist nicht signiert] C:\Program Files (x86)\CorsairLink4\cpuidsdk.dll
2020-08-29 12:40 - 2020-08-29 12:40 - 001654784 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2020-08-29 12:41 - 2020-08-29 12:41 - 000054272 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\MFC80DEU.DLL
2018-02-26 13:56 - 2018-02-26 13:56 - 000090112 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\CorsairLink4\SiUSBXp.dll
2020-09-24 18:21 - 2020-09-24 18:21 - 001742848 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\sqlite3.dll
2020-09-24 18:21 - 2020-09-24 18:21 - 002696704 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\libcrypto-1_1-x64.dll
2020-09-24 18:21 - 2020-09-24 18:21 - 000642560 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\libssl-1_1-x64.dll
2018-05-31 12:29 - 2017-10-29 19:15 - 000076288 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qgifd.dll
2018-05-31 12:29 - 2017-10-29 19:15 - 000097280 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qicnsd.dll
2018-05-31 12:29 - 2017-10-29 19:15 - 000077312 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qicod.dll
2018-05-31 12:29 - 2017-10-29 19:15 - 000432640 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qjpegd.dll
2018-05-31 12:29 - 2017-10-29 19:15 - 000058880 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qsvgd.dll
2018-05-31 12:29 - 2017-10-29 19:15 - 000058880 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qtgad.dll
2018-05-31 12:29 - 2017-10-29 19:15 - 000574976 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qtiffd.dll
2018-05-31 12:29 - 2017-10-29 19:15 - 000058368 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qwbmpd.dll
2018-05-31 12:29 - 2017-10-29 19:15 - 000844800 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qwebpd.dll
2018-05-31 12:29 - 2017-10-29 19:15 - 002932736 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\platforms\qwindowsd.dll
2018-05-31 12:29 - 2017-10-29 19:15 - 009541632 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Cored.dll
2018-05-31 12:29 - 2017-10-29 19:15 - 010430464 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Guid.dll
2018-05-31 12:29 - 2017-10-29 19:15 - 000557056 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Svgd.dll
2018-05-31 12:29 - 2017-10-29 19:15 - 008565248 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Widgetsd.dll
2018-05-31 12:29 - 2017-10-29 19:15 - 000299520 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Xmld.dll
2018-05-31 12:29 - 2017-12-20 05:01 - 000193536 _____ (TODO: <Company name>) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\ASUS\VGA COM\2.00.03\AsusGpuTweak.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

SearchScopes: HKU\S-1-5-21-256580667-2295068177-2157506718-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms}
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Program Files (x86)\Avira\Browser Safety\Avira Browser Safety.dll [2015-03-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Program Files (x86)\Avira\Browser Safety\Avira Browser Safety.dll [2015-03-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\localhost -> localhost

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-09-29 15:46 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-256580667-2295068177-2157506718-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Hendrik\AppData\Local\DisplayFusion\Wallpaper_1.png
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei)
 ist aktiviert.

Network Binding:
=============
VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled) 
Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled) 
VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled) 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\Run: => "GoPro Tray App"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "Opera Browser Assistant"
HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\StartupApproved\StartupFolder: => "Voicemeeter Potato.LNK"
HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\StartupApproved\Run: => "World of Warships"
HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\StartupApproved\Run: => "World of Warships (1)"
HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\StartupApproved\Run: => "Gaijin.Net Updater"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{27BB23D1-DCDA-4018-A043-BE589AA655BE}] => (Allow) S:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{14C47663-AD11-41F7-AA58-85F45EB3D440}] => (Allow) S:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{43486453-B4EA-4E77-BB45-B5878F7648C0}] => (Allow) M:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => Keine Datei
FirewallRules: [{B236D2E1-D79B-4D72-AA35-595B25BE23F2}] => (Allow) M:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => Keine Datei
FirewallRules: [UDP Query User{2A236745-C4FB-4A9E-A4C9-77F264F5FE41}M:\steamlibrary\steamapps\common\hideandshriek\hideandshriek\binaries\win64\hideandshriek-win64-shipping.exe] => (Allow) M:\steamlibrary\steamapps\common\hideandshriek\hideandshriek\binaries\win64\hideandshriek-win64-shipping.exe => Keine Datei
FirewallRules: [TCP Query User{6A04FB53-A78B-4FD3-B3E3-4CDB1B8A1608}M:\steamlibrary\steamapps\common\hideandshriek\hideandshriek\binaries\win64\hideandshriek-win64-shipping.exe] => (Allow) M:\steamlibrary\steamapps\common\hideandshriek\hideandshriek\binaries\win64\hideandshriek-win64-shipping.exe => Keine Datei
FirewallRules: [{9C4ABF41-D23A-4EFE-9AD4-D5E39308ED52}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8A4763D6-B1F8-472C-A22C-D4609C31401B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{18740AF9-7069-408B-826C-8AA4EEE9CDE5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4A3CBC89-9C1B-47F8-BDE3-8213C7EBBE53}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [UDP Query User{C3C4098C-7393-4746-9F19-21231DFFFE14}E:\rsi\starcitizen\live\bin64\starcitizen.exe] => (Allow) E:\rsi\starcitizen\live\bin64\starcitizen.exe => Keine Datei
FirewallRules: [TCP Query User{0EAB5ACA-CA1D-4BB7-B9C8-FE1B2970CA82}E:\rsi\starcitizen\live\bin64\starcitizen.exe] => (Allow) E:\rsi\starcitizen\live\bin64\starcitizen.exe => Keine Datei
FirewallRules: [UDP Query User{EB776F69-C589-4E2C-B8C7-5A2A45E52B46}C:\users\hendrik\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hendrik\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{6977A6DE-59AF-467E-BF59-94620A7EDF49}C:\users\hendrik\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hendrik\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0210B1C7-8068-4EC1-A5CA-1E0BC86094E4}] => (Allow) M:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [{792F8ABD-38EF-4878-9876-CABF5BEFA3BB}] => (Allow) M:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{7CF02A12-8C31-47E5-AA72-13BB20EE9604}E:\gta v\grand theft auto v\gta5.exe] => (Allow) E:\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{AE8019D4-F690-4C19-BB83-58F0F82C7D44}E:\gta v\grand theft auto v\gta5.exe] => (Allow) E:\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{24BDE374-A5F8-41CA-98CD-F2BDEB687E20}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [TCP Query User{EF04B406-EDE4-459B-8E7E-A4C4BA2DFC9C}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [UDP Query User{0BF00B15-C4C0-4A63-AD4B-F737AC3340DE}M:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe] => (Allow) M:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe => Keine Datei
FirewallRules: [TCP Query User{9B09C0C4-344D-4B7E-9465-5BBFECD6B67E}M:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe] => (Allow) M:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe => Keine Datei
FirewallRules: [{21C7CAF0-20A1-4736-9B06-2DEDBFED1933}] => (Allow) M:\SteamLibrary\steamapps\common\theHunter\launcher\launcher.exe => Keine Datei
FirewallRules: [{C68CD40B-31E2-4F73-BF2E-D85E0A01EDCF}] => (Allow) M:\SteamLibrary\steamapps\common\theHunter\launcher\launcher.exe => Keine Datei
FirewallRules: [UDP Query User{D981039B-C829-4BAC-B4BC-B36FFFD4BE5E}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{FAF1D954-BFA5-42B6-BE0A-1A8459D5EEFA}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{C36927CD-B758-4997-B539-714714F10BB9}S:\origin\battlefield 4\bf4.exe] => (Allow) S:\origin\battlefield 4\bf4.exe => Keine Datei
FirewallRules: [TCP Query User{9D51B42F-7A70-48D8-B495-FE5F0C995E4E}S:\origin\battlefield 4\bf4.exe] => (Allow) S:\origin\battlefield 4\bf4.exe => Keine Datei
FirewallRules: [{1889F816-3DF4-4AFF-84A3-6B16BF730E18}] => (Allow) M:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => Keine Datei
FirewallRules: [{945A1E54-4C0C-43DE-993D-94710CF8CA45}] => (Allow) M:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => Keine Datei
FirewallRules: [{4A4E810A-03A1-4E13-87DE-DABEE97F3516}] => (Allow) M:\SteamLibrary\steamapps\common\raceroom racing experience\Game\RRRE.exe => Keine Datei
FirewallRules: [{D041CDBB-8A84-49B6-95F4-72D4AE0599B7}] => (Allow) M:\SteamLibrary\steamapps\common\raceroom racing experience\Game\RRRE.exe => Keine Datei
FirewallRules: [{3177D3AC-B63E-4ADB-977F-6D0ADCEE1FFA}] => (Allow) M:\SteamLibrary\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe => Keine Datei
FirewallRules: [{34C0EB25-9676-40E7-A398-B5020B1C086D}] => (Allow) M:\SteamLibrary\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe => Keine Datei
FirewallRules: [UDP Query User{6316FFD2-B818-4724-A243-B2CBEC2B616B}M:\spiele\warthunder\win64\aces.exe] => (Allow) M:\spiele\warthunder\win64\aces.exe => Keine Datei
FirewallRules: [TCP Query User{A4DAB5EC-1A81-46EF-81C8-ECA8AEFF7D38}M:\spiele\warthunder\win64\aces.exe] => (Allow) M:\spiele\warthunder\win64\aces.exe => Keine Datei
FirewallRules: [UDP Query User{8103BEE3-E6A8-4635-84F3-7F16E0D77A50}M:\spiele\warthunder\launcher.exe] => (Allow) M:\spiele\warthunder\launcher.exe => Keine Datei
FirewallRules: [TCP Query User{C73394FD-73DC-4695-A67A-64083E18C49E}M:\spiele\warthunder\launcher.exe] => (Allow) M:\spiele\warthunder\launcher.exe => Keine Datei
FirewallRules: [{15206087-C6DB-410F-9B3D-AA324C7142E2}] => (Allow) M:\SteamLibrary\steamapps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe => Keine Datei
FirewallRules: [{D9135EAA-F7E6-4F2E-8E77-19FF05DD7837}] => (Allow) M:\SteamLibrary\steamapps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe => Keine Datei
FirewallRules: [{111DBC9F-8C46-499C-AAFE-DAA241292458}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{A9C12DE4-9B64-4C72-A790-1CB057E945A8}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{7889F503-4DAB-431C-AE9B-19AB8BCB5539}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F604F1A1-8551-48DC-966D-C917C03F9562}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C13CC647-0E9F-4C0F-A8DD-DA219B14E548}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{37B29676-5A06-4542-B484-4B028112E477}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [UDP Query User{FB09B3BC-2D71-48FE-9BF3-3A761FE77636}E:\rsi\starcitizen\live\bin64\starcitizen.exe] => (Allow) E:\rsi\starcitizen\live\bin64\starcitizen.exe => Keine Datei
FirewallRules: [TCP Query User{D88FD2FB-A35A-482E-BE5B-56C78DB3619C}E:\rsi\starcitizen\live\bin64\starcitizen.exe] => (Allow) E:\rsi\starcitizen\live\bin64\starcitizen.exe => Keine Datei
FirewallRules: [UDP Query User{D4EB636E-071E-4374-8FF4-0BD65BCD6505}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{B2FEEB23-23E6-424A-8CB5-5BC037740C92}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{D48D0ADC-5BA5-4043-8DD3-719D9531D99D}] => (Allow) M:\SteamLibrary\steamapps\common\Company of Heroes Relaunch\EF_Bin\CoHEF.exe => Keine Datei
FirewallRules: [{F7E84052-329A-49FE-A761-E44F3B519F16}] => (Allow) M:\SteamLibrary\steamapps\common\Company of Heroes Relaunch\EF_Bin\CoHEF.exe => Keine Datei
FirewallRules: [{0D2753ED-E8FF-45FF-9861-4B8176008206}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B9C00E33-D883-4148-97FC-803E8C2BE666}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{CBEA5FAF-721E-4D08-8436-7A345636E26D}S:\bethesdagames\fallout76.exe] => (Allow) S:\bethesdagames\fallout76.exe => Keine Datei
FirewallRules: [TCP Query User{DB8F984E-33AB-4CE5-AECC-3D0A7CF9127F}S:\bethesdagames\fallout76.exe] => (Allow) S:\bethesdagames\fallout76.exe => Keine Datei
FirewallRules: [UDP Query User{BBC8DE49-1EEC-4A50-B813-4D935A0E28E7}C:\program files\ultimaker cura 3.5\cura.exe] => (Allow) C:\program files\ultimaker cura 3.5\cura.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{2464E2FA-62C7-4BA8-AA23-AF02A4DEC194}C:\program files\ultimaker cura 3.5\cura.exe] => (Allow) C:\program files\ultimaker cura 3.5\cura.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{D6F1231C-6A9F-4795-94A1-27D2EC737840}D:\steamlibrary\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty-win32-debuggame.exe] => (Allow) D:\steamlibrary\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty-win32-debuggame.exe => Keine Datei
FirewallRules: [TCP Query User{230B3C83-13A2-44E4-8BFE-467C78BE5C4F}D:\steamlibrary\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty-win32-debuggame.exe] => (Allow) D:\steamlibrary\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty-win32-debuggame.exe => Keine Datei
FirewallRules: [{193885E4-6EC2-4A9B-9D52-4390EE9398AB}] => (Allow) S:\SteamLibrary\steamapps\common\SCUM\SCUM\Binaries\Win64\SCUM.exe => Keine Datei
FirewallRules: [{428C2A33-61BA-48B2-AA64-30F3A3263EB4}] => (Allow) S:\SteamLibrary\steamapps\common\SCUM\SCUM\Binaries\Win64\SCUM.exe => Keine Datei
FirewallRules: [{AF533971-A2A7-4D34-B18E-B3B44374EF4D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8892E867-F1C6-4CFD-9171-6E0F5559E47E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{03DA40B6-9C93-4D99-B611-7312F27C1695}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro, Inc. -> )
FirewallRules: [{AC78BA10-46D7-4238-BAC2-2F85B62F4F52}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro, Inc. -> )
FirewallRules: [{67AD132B-6B86-4E6F-9E14-8F7B7BF28B93}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe (GoPro, Inc. -> )
FirewallRules: [{0E4FDDEE-AF5B-47E1-A651-42698FE86E1A}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\Quik.exe (GoPro, Inc. -> )
FirewallRules: [{D09E6F72-2A1B-429A-B5BF-06C601FBA5FC}] => (Allow) M:\World_of_Warships\worldofwarships.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{234CF90F-A380-4571-BCBE-23C5F1AE5DE1}] => (Allow) M:\World_of_Warships\worldofwarships.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{C49A4F24-DEAD-42CB-BE5B-39916FFAFFB2}] => (Allow) M:\World_of_Warships\WoWSLauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [{8C442ECB-6EDB-416F-B6FE-DF23E8D123C4}] => (Allow) M:\World_of_Warships\WoWSLauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [UDP Query User{2D19B552-0CA5-463D-85F0-59559CBEC988}M:\steam\steamapps\common\life is feudal your own\server\cm_yo_server.exe] => (Allow) M:\steam\steamapps\common\life is feudal your own\server\cm_yo_server.exe => Keine Datei
FirewallRules: [TCP Query User{48CC9ABB-C2D1-4A61-8C8D-7F821CCEDF04}M:\steam\steamapps\common\life is feudal your own\server\cm_yo_server.exe] => (Allow) M:\steam\steamapps\common\life is feudal your own\server\cm_yo_server.exe => Keine Datei
FirewallRules: [UDP Query User{F52ED504-4DD9-4C54-9944-5B0DC914DD91}M:\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe] => (Allow) M:\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe => Keine Datei
FirewallRules: [TCP Query User{F0A061B4-4107-41A4-88D1-213A04F0E40E}M:\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe] => (Allow) M:\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{CDAA40DB-E2D5-45C8-8F0B-F8473EEEDE95}D:\origin\star wars battlefront\starwarsbattlefront.exe] => (Allow) D:\origin\star wars battlefront\starwarsbattlefront.exe => Keine Datei
FirewallRules: [TCP Query User{7D6EDDA3-6A4F-49C4-92DE-A011A2D856D5}D:\origin\star wars battlefront\starwarsbattlefront.exe] => (Allow) D:\origin\star wars battlefront\starwarsbattlefront.exe => Keine Datei
FirewallRules: [{DA8FB935-05C8-4861-ABB1-634472A54A1D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{9E41DAB3-6011-40AB-89F4-A7DBF97D81B2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [UDP Query User{7AFE5D71-6491-4F3A-B50A-644A0913CD2E}F:\ea games\battlefield 2\bf2.exe] => (Block) F:\ea games\battlefield 2\bf2.exe => Keine Datei
FirewallRules: [TCP Query User{C4100931-8AE9-41AF-ABF4-D52B9E6630C9}F:\ea games\battlefield 2\bf2.exe] => (Block) F:\ea games\battlefield 2\bf2.exe => Keine Datei
FirewallRules: [{77884DFF-706B-4721-8183-3D4EEB8A556C}] => (Allow) F:\Origin\EA\Battlefield 1\bf1.exe => Keine Datei
FirewallRules: [{74E17742-B074-43BF-9B92-4A589AA126BC}] => (Allow) F:\Origin\EA\Battlefield 1\bf1.exe => Keine Datei
FirewallRules: [{49094569-9EB6-464A-8AB4-3322E95CF0AD}] => (Allow) F:\Origin\EA\Battlefield 1\bf1Trial.exe => Keine Datei
FirewallRules: [{51A26BD4-3074-4998-A460-4411439B3CD6}] => (Allow) F:\Origin\EA\Battlefield 1\bf1Trial.exe => Keine Datei
FirewallRules: [UDP Query User{4287286A-B37C-41E9-AB9A-021B158F57B0}F:\origin\ea\fifa 16\fifa16.exe] => (Block) F:\origin\ea\fifa 16\fifa16.exe => Keine Datei
FirewallRules: [TCP Query User{E2818EB2-6B60-4CFF-81AF-CDD13EA71BC5}F:\origin\ea\fifa 16\fifa16.exe] => (Block) F:\origin\ea\fifa 16\fifa16.exe => Keine Datei
FirewallRules: [UDP Query User{B91901C8-4475-4D42-8622-B15F844117B1}C:\program files (x86)\minecraft2\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft2\runtime\jre-x64\1.8.0_25\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{9AF03FC2-3404-4346-AB39-1334F0F4934E}C:\program files (x86)\minecraft2\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft2\runtime\jre-x64\1.8.0_25\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{BD7AE3BD-98AB-4815-A8DC-34EC968D080E}C:\program files\java\jre1.8.0_102\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_102\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{2D1017E2-8DEE-4C7D-B959-D94B5BF66F4C}C:\program files\java\jre1.8.0_102\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_102\bin\javaw.exe => Keine Datei
FirewallRules: [{4E809419-B880-4F3D-B945-33E746287B55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C50917AF-B1D4-4B64-949E-3D9EE1287CB7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{683D2ADC-9E53-4921-8D6C-046D670FDD92}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FDEE0316-B4B9-4F58-A646-E362DAD2BA4A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C2843090-7EF3-48D2-8DA8-F90E816A6435}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => Keine Datei
FirewallRules: [{77E281C3-31B6-4143-8B98-C26DA2C2A7FB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => Keine Datei
FirewallRules: [TCP Query User{1E404DD6-C606-4705-87EC-F53868C14729}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{7AF38E78-0CF0-4526-BABC-343323E110A3}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{A93EAE5D-9BC1-4F55-B09F-E04967F715BB}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{D6B26A43-F9C7-4293-A7CE-82534F76F355}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{159D9602-1BC6-4E95-A23F-D6B3EF98F800}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe => Keine Datei
FirewallRules: [{8AAF13F5-3688-4939-BB0A-9DE84AFF5596}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe => Keine Datei
FirewallRules: [{C49044F2-F28B-49BF-A16B-611519AB9903}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{40461913-7967-47CA-BD7F-6A2F189B831B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{473B5E0A-993B-465A-B4A7-C4FBF34D2F28}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe => Keine Datei
FirewallRules: [UDP Query User{B104E232-AE64-4232-A8CF-97EFB0448641}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe => Keine Datei
FirewallRules: [TCP Query User{E2C7C270-8CA2-4912-A973-2DCED2CF655A}C:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) C:\program files (x86)\dayzlauncher\dayzlauncher.exe => Keine Datei
FirewallRules: [UDP Query User{667A61DF-D900-4A1A-99F7-86A4447AE072}C:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) C:\program files (x86)\dayzlauncher\dayzlauncher.exe => Keine Datei
FirewallRules: [{A5B21EB4-5B17-4E3E-8FED-1EABD368E1D4}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe => Keine Datei
FirewallRules: [{B9BBFE11-3616-4F9B-A72F-CF1F8850789E}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe => Keine Datei
FirewallRules: [{A53173FC-C952-4684-B74D-7AF2A79CD94B}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe => Keine Datei
FirewallRules: [{9DE46B40-904D-4983-9506-68ADAA7313C8}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe => Keine Datei
FirewallRules: [{7E42E560-3CBB-4333-B0F6-0EA9AF1E7841}] => (Allow) D:\SteamLibrary\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe => Keine Datei
FirewallRules: [{17AFDCE2-3BA4-449A-A8F1-F248802C5DA3}] => (Allow) D:\SteamLibrary\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe => Keine Datei
FirewallRules: [TCP Query User{4911EACF-4CCA-4925-B006-30FFA7B2CF70}C:\program files\plentymarkets\plentymarkets.exe] => (Allow) C:\program files\plentymarkets\plentymarkets.exe => Keine Datei
FirewallRules: [UDP Query User{DF66AE31-34D3-4A77-BB42-47DFEF7C5F8F}C:\program files\plentymarkets\plentymarkets.exe] => (Allow) C:\program files\plentymarkets\plentymarkets.exe => Keine Datei
FirewallRules: [TCP Query User{CFD5359D-B6A8-4773-B19B-46B69665116A}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{50E57783-EEC7-48D0-950E-0C44F8F7CC2F}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{FED7DCD0-3CBE-4FF9-B27B-5EBC1AFAFB2F}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe => Keine Datei
FirewallRules: [UDP Query User{302D78D5-F094-456A-B2B2-7A32ABDE83F0}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe => Keine Datei
FirewallRules: [TCP Query User{7A1B68AB-52C7-4CB3-A6F4-E1E31DFBAED9}F:\uplay\far cry 3\bin\farcry3_d3d11.exe] => (Allow) F:\uplay\far cry 3\bin\farcry3_d3d11.exe => Keine Datei
FirewallRules: [UDP Query User{FA24577C-9F44-40B9-8243-2EB02F9F5643}F:\uplay\far cry 3\bin\farcry3_d3d11.exe] => (Allow) F:\uplay\far cry 3\bin\farcry3_d3d11.exe => Keine Datei
FirewallRules: [{83F4E413-6124-4199-829E-64B21973960C}] => (Allow) D:\SteamLibrary\steamapps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe => Keine Datei
FirewallRules: [{353EEEC1-5273-462F-9E20-37B5DE3F66D9}] => (Allow) D:\SteamLibrary\steamapps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe => Keine Datei
FirewallRules: [{A8B6606C-23A2-499C-BF27-F6B374F0214E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [Datei ist nicht signiert]
FirewallRules: [{2F1525E3-D1A5-465B-9648-8B5F51EE426F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{F73ABA9C-0552-4AC3-93A0-4556FF6D1F27}D:\steamlibrary\steamapps\common\battlegrounds_cbt\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\battlegrounds_cbt\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [UDP Query User{17D4F3EE-FEEF-405C-857C-396578BFB79A}D:\steamlibrary\steamapps\common\battlegrounds_cbt\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\battlegrounds_cbt\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [{7E1905B9-7DEA-4AC7-8CF6-E0B36A92E9E1}] => (Allow) C:\Users\Hendrik\Downloads\various\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe => Keine Datei
FirewallRules: [{1FAA0EA7-DDF5-4B48-A158-33675F38D6D5}] => (Allow) C:\Users\Hendrik\Downloads\various\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe => Keine Datei
FirewallRules: [{A9472850-BF43-4A31-98A5-BC4ED830C50E}] => (Allow) C:\Users\Hendrik\Downloads\various\World of Warcraft\Wow.exe => Keine Datei
FirewallRules: [{16E11875-258C-4FC1-A6B8-2DC6893A7AD8}] => (Allow) C:\Users\Hendrik\Downloads\various\World of Warcraft\Wow.exe => Keine Datei
FirewallRules: [{A6AE43CA-DCB1-479C-96EB-40DA3563118E}] => (Allow) C:\Users\Hendrik\Downloads\various\World of Warcraft\Wow.exe => Keine Datei
FirewallRules: [{0A07D15E-AAC1-4068-89CE-7CD5279E3921}] => (Allow) C:\Users\Hendrik\Downloads\various\World of Warcraft\Wow.exe => Keine Datei
FirewallRules: [TCP Query User{55CD356A-CE84-4FE2-9AD7-EB372F2423C2}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [UDP Query User{FF699FB0-3603-4140-9D16-9EF7A14CE050}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [TCP Query User{C53A0A73-3676-4367-96CC-4DA52D48D077}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{2EA9044D-E5FA-4CCE-BDB7-9E3A6595AD22}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe => Keine Datei
FirewallRules: [{26A46133-26D9-45EF-BA62-BC86FD4BF9BD}] => (Allow) F:\SteamLibrary\steamapps\common\theHunterCotW\theHunterCotW_F.exe => Keine Datei
FirewallRules: [{5D20871C-3CF7-4BD8-AC91-DCAF8516E523}] => (Allow) F:\SteamLibrary\steamapps\common\theHunterCotW\theHunterCotW_F.exe => Keine Datei
FirewallRules: [{CB2DE5D3-17BB-49BD-8B8F-C1A93D90C8C4}] => (Allow) F:\SteamLibrary\steamapps\common\Age2HD\Launcher.exe => Keine Datei
FirewallRules: [{4C902E71-47D1-42E3-90C3-505DEF69E785}] => (Allow) F:\SteamLibrary\steamapps\common\Age2HD\Launcher.exe => Keine Datei
FirewallRules: [{FA46D65E-DF47-46EF-8F1C-1E181F964376}] => (Allow) M:\Origin\Battlefield Bad Company 2\BFBC2Game.exe => Keine Datei
FirewallRules: [{B22A8619-1B90-4FFF-AC2B-CF665735EAE2}] => (Allow) M:\Origin\Battlefield Bad Company 2\BFBC2Game.exe => Keine Datei
FirewallRules: [TCP Query User{4A7CADB1-5246-4A1B-BF7B-75546F690419}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe => Keine Datei
FirewallRules: [UDP Query User{2B217A3F-5DCB-4061-BD81-5E0C58E8D3FF}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe => Keine Datei
FirewallRules: [{100456E6-4378-4459-8C01-BAF1D1EDBC3B}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => Keine Datei
FirewallRules: [{0BA6A285-A52D-4D0F-AE0C-8093097E41ED}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => Keine Datei
FirewallRules: [{1423DEDE-F177-41EA-95B9-5AA9C5BD86F2}] => (Allow) D:\Origin\Battlefield 1\bf1Trial.exe => Keine Datei
FirewallRules: [{A42F3BA9-5F59-495E-ADB8-0C42EA7D80F6}] => (Allow) D:\Origin\Battlefield 1\bf1Trial.exe => Keine Datei
FirewallRules: [{2D57C561-9B2E-44E8-A617-9F1AE5AE0A6C}] => (Allow) D:\Origin\Battlefield 1\bf1.exe => Keine Datei
FirewallRules: [{AB5E622F-F502-4EDB-95E4-AAF890B8F3CD}] => (Allow) D:\Origin\Battlefield 1\bf1.exe => Keine Datei
FirewallRules: [{EF905237-640E-458B-89BF-1612CFC47418}] => (Allow) M:\Origin\Battlefield 4\BFLauncher.exe => Keine Datei
FirewallRules: [{F13970A0-64A0-4543-B0E1-DD96ED76EE5E}] => (Allow) M:\Origin\Battlefield 4\BFLauncher.exe => Keine Datei
FirewallRules: [{FC5A8C50-BB31-4705-A56E-7B928D96A91C}] => (Allow) M:\Origin\Battlefield 4\BFLauncher_x86.exe => Keine Datei
FirewallRules: [{70F3B4A7-30C4-4413-96BA-4C4057405845}] => (Allow) M:\Origin\Battlefield 4\BFLauncher_x86.exe => Keine Datei
FirewallRules: [TCP Query User{73B5A2BE-D8CB-4442-A052-F54442251269}M:\origin\battlefield 4\bf4.exe] => (Allow) M:\origin\battlefield 4\bf4.exe => Keine Datei
FirewallRules: [UDP Query User{F4745EDC-E613-46CE-862A-9BA9FAD78E85}M:\origin\battlefield 4\bf4.exe] => (Allow) M:\origin\battlefield 4\bf4.exe => Keine Datei
FirewallRules: [TCP Query User{C9A5F1B8-8792-4F6D-A740-23ABDB56D0D9}S:\origin\battlefield 4\bf4.exe] => (Allow) S:\origin\battlefield 4\bf4.exe => Keine Datei
FirewallRules: [UDP Query User{E64A8B82-E60D-4B12-80DD-2E5B0710F63B}S:\origin\battlefield 4\bf4.exe] => (Allow) S:\origin\battlefield 4\bf4.exe => Keine Datei
FirewallRules: [TCP Query User{CAF23F79-803C-405C-84E9-6B07665D9473}M:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) M:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe => Keine Datei
FirewallRules: [UDP Query User{5FD8A056-DEF3-412A-8B64-7907736FECBF}M:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) M:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe => Keine Datei
FirewallRules: [{5E084DE0-DE2E-4E47-A8D0-1376FD9505D2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{3CC4D0F1-1BCF-4811-8B6E-F88C62011429}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{288C726B-24B5-4218-A1C1-9C8103505AD2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{B5AC7E53-547A-42DB-BE81-83C7730598A5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{C6F44B2A-2E55-45B2-A8FD-DD742AC16B7A}] => (Allow) S:\Origin\Battlefield 4\BFLauncher.exe => Keine Datei
FirewallRules: [{935834A3-342B-4012-B8A4-E6987884A745}] => (Allow) S:\Origin\Battlefield 4\BFLauncher.exe => Keine Datei
FirewallRules: [{36109203-2016-415F-876A-A6B40F5A7C12}] => (Allow) S:\Origin\Battlefield 4\BFLauncher_x86.exe => Keine Datei
FirewallRules: [{8CD4D21C-4B7B-4832-849F-C63C9A3885A5}] => (Allow) S:\Origin\Battlefield 4\BFLauncher_x86.exe => Keine Datei
FirewallRules: [{F7EAD8E1-F660-40E7-8E43-7F6EC778EEEB}] => (Block) C:\WINDOWS\systemapps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exeenable=yes => Keine Datei
FirewallRules: [TCP Query User{B2B6C613-2F74-4A97-8F2D-410EAA00712E}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_121\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{F21D55EF-9E23-4461-AB4C-A642E278523E}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_121\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{0F82EB1C-486D-4467-8D7A-652DA979E2EE}C:\program files (x86)\ubisoft\ubisoft game launcher\games\thesettlers3\siedler3r.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\thesettlers3\siedler3r.exe => Keine Datei
FirewallRules: [UDP Query User{2B9D025B-642C-4CF8-8500-F129B28ADC35}C:\program files (x86)\ubisoft\ubisoft game launcher\games\thesettlers3\siedler3r.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\thesettlers3\siedler3r.exe => Keine Datei
FirewallRules: [{CA34EA42-5583-42C0-9D3A-B14EEC3FD7FF}] => (Allow) S:\SteamLibrary\steamapps\common\World War 3\WW3_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{8200998E-8784-452F-B1FE-C50F563044BF}] => (Allow) S:\SteamLibrary\steamapps\common\World War 3\WW3_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{05CB348D-7A12-41B9-945C-4C758B15538F}S:\steamlibrary\steamapps\common\world war 3\ww3\binaries\win64\ww3-win64-shipping.exe] => (Allow) S:\steamlibrary\steamapps\common\world war 3\ww3\binaries\win64\ww3-win64-shipping.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{6CC6F17E-7E60-437D-8EA9-6DE79C7B79B6}S:\steamlibrary\steamapps\common\world war 3\ww3\binaries\win64\ww3-win64-shipping.exe] => (Allow) S:\steamlibrary\steamapps\common\world war 3\ww3\binaries\win64\ww3-win64-shipping.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{7F550CE8-6B8B-4B3D-8413-A93DCCDEBC07}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{02CC7DD2-8E4C-4FBD-94FC-2160EBA2EA22}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{363AB86B-2098-4A80-BCBD-4EF9AAFDF5F8}C:\users\hendrik\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hendrik\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{E633530E-7499-4528-BE45-A7D2C4366C0E}C:\users\hendrik\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hendrik\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9A708FE0-39E6-4718-AC81-79B86B0928F0}] => (Allow) S:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [{3B49BE41-F228-4FF4-BD29-D0FD78E0A1AE}] => (Allow) S:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [{E37B5554-056B-40D8-97E0-93FFEC2776D0}] => (Allow) S:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe () [Datei ist nicht signiert]
FirewallRules: [{9EE979CF-42BC-466C-BE36-304AD10AEA15}] => (Allow) S:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{C15ECFE9-19CA-4BC0-A42F-BA0A449BF786}S:\steamlibrary\steamapps\common\star wars squadrons\starwarssquadrons.exe] => (Allow) S:\steamlibrary\steamapps\common\star wars squadrons\starwarssquadrons.exe => Keine Datei
FirewallRules: [UDP Query User{02B27E23-C086-4546-ABC7-0DC867873BE9}S:\steamlibrary\steamapps\common\star wars squadrons\starwarssquadrons.exe] => (Allow) S:\steamlibrary\steamapps\common\star wars squadrons\starwarssquadrons.exe => Keine Datei
FirewallRules: [{020908ED-C4EB-41A5-92C0-F840C381CF93}] => (Allow) S:\SteamLibrary\steamapps\common\Jedi Academy\GameData\jasp.exe (Activision Inc) [Datei ist nicht signiert]
FirewallRules: [{1D80FCED-0748-46E2-8E88-D52906BBA032}] => (Allow) S:\SteamLibrary\steamapps\common\Jedi Academy\GameData\jasp.exe (Activision Inc) [Datei ist nicht signiert]
FirewallRules: [{1BB1AE1B-5048-4B4C-AD04-7853A26D7864}] => (Allow) S:\SteamLibrary\steamapps\common\Jedi Academy\GameData\jamp.exe (Activision Inc) [Datei ist nicht signiert]
FirewallRules: [{2CD860DC-BAF5-46A4-8A58-F408436E8229}] => (Allow) S:\SteamLibrary\steamapps\common\Jedi Academy\GameData\jamp.exe (Activision Inc) [Datei ist nicht signiert]
FirewallRules: [{0B5AD180-D777-4924-9F2D-14EAE604D54E}] => (Allow) E:\Ubisoft\Splinter Cell Conviction\src\system\Conviction_game.exe => Keine Datei
FirewallRules: [{B85533B6-5D86-403E-A73A-39FFB366AACB}] => (Allow) E:\Ubisoft\Splinter Cell Conviction\src\system\Conviction_game.exe => Keine Datei
FirewallRules: [TCP Query User{BA055DAD-03EB-4682-BC9B-FE44EB17AD4E}E:\ubisoft\anno 1503 - history edition\anno1503.exe] => (Block) E:\ubisoft\anno 1503 - history edition\anno1503.exe => Keine Datei
FirewallRules: [UDP Query User{7B7684EB-83CE-44E1-95F7-32A7D90893AE}E:\ubisoft\anno 1503 - history edition\anno1503.exe] => (Block) E:\ubisoft\anno 1503 - history edition\anno1503.exe => Keine Datei
FirewallRules: [TCP Query User{097DA836-2F24-474A-8322-47C1194E0E4D}E:\ubisoft\anno 1602 - history edition\anno1602.exe] => (Block) E:\ubisoft\anno 1602 - history edition\anno1602.exe => Keine Datei
FirewallRules: [UDP Query User{FE4B3FE3-EB3E-4DA6-B51A-9995FF036CA1}E:\ubisoft\anno 1602 - history edition\anno1602.exe] => (Block) E:\ubisoft\anno 1602 - history edition\anno1602.exe => Keine Datei
FirewallRules: [TCP Query User{7B27BB68-6080-4958-83FC-B50279CE542D}E:\ubisoft\anno 1404 - history edition\anno1404.exe] => (Block) E:\ubisoft\anno 1404 - history edition\anno1404.exe => Keine Datei
FirewallRules: [UDP Query User{DC61579F-3C10-44A0-94D7-77003FC2FCAC}E:\ubisoft\anno 1404 - history edition\anno1404.exe] => (Block) E:\ubisoft\anno 1404 - history edition\anno1404.exe => Keine Datei
FirewallRules: [{8D7321FE-4106-4656-9B7F-01400987C9D4}] => (Allow) S:\SteamLibrary\steamapps\common\Splinter Cell\system\splintercell.exe () [Datei ist nicht signiert]
FirewallRules: [{54A99D97-6769-456F-90EB-9D257AC96B54}] => (Allow) S:\SteamLibrary\steamapps\common\Splinter Cell\system\splintercell.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{6A591036-FA9B-449C-81E4-451903B554C0}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [UDP Query User{A5CEE8D5-3D65-4B56-980F-EBBC375CCF86}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [TCP Query User{83F7F6E0-33D3-48A7-A0EC-84A11E53AA7D}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{30BFC99A-E5C6-415C-BF91-F56025FB4CA1}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{16706714-A2CE-4AC9-A354-730FFDD76CD3}] => (Allow) S:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [Datei ist nicht signiert]
FirewallRules: [{6936D4EB-EEEC-4624-B96F-5538F6E53F55}] => (Allow) S:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [Datei ist nicht signiert]
FirewallRules: [{679DA04F-EE2A-4B74-8347-05AA6A8CDE8E}] => (Allow) S:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => Keine Datei
FirewallRules: [{E4F4F0B9-BEC4-493E-B281-C4A008F8A1D4}] => (Allow) S:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => Keine Datei
FirewallRules: [{9F2DE498-A6B5-4674-8B1F-AE5C27C709BA}] => (Allow) M:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{0061B80D-A3B6-4E3D-A7D7-EED60711B50A}] => (Allow) M:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{9956E162-359D-4454-A1A1-8CCA3112AFD7}] => (Allow) M:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{E9704EA4-4515-4EE9-ACEB-9385D15495B5}] => (Allow) M:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{4EE550BA-F4EA-4812-8CBB-AA0AA998746B}] => (Allow) M:\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{8615F1A6-E593-42A4-8450-F2DEBEB1181D}] => (Allow) M:\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{6D452EB6-B5BA-40DC-840B-185AADAB8FA5}] => (Allow) M:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe => Keine Datei
FirewallRules: [{F6B03899-94EB-45CC-8CC8-B3E9DEC984FF}] => (Allow) M:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe => Keine Datei
FirewallRules: [TCP Query User{202CA219-87FA-4FD0-B5EE-240C57C7AED8}C:\users\hendrik\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\hendrik\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{D7DA80C1-B099-4867-A6BF-5850410009FB}C:\users\hendrik\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\hendrik\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2C4E2A40-C6C7-4D4F-BC60-6025C2128C16}] => (Allow) S:\SteamLibrary\steamapps\common\Raft\Raft.exe () [Datei ist nicht signiert]
FirewallRules: [{D5042955-1C95-4DBB-9629-8314CF8683FD}] => (Allow) S:\SteamLibrary\steamapps\common\Raft\Raft.exe () [Datei ist nicht signiert]
FirewallRules: [{53196529-35B7-4C9A-A011-3CB755DCB917}] => (Allow) E:\Ubisoft\Assassin's Creed Valhalla\ACValhalla_Plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{C9981ECA-8F91-4D09-9955-D741DA861280}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{6FA15A52-14E1-45E3-AFEC-0EB6FC904F1A}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{E7BC7763-FA26-4234-A4CF-EF8CE5CFA11A}C:\program files\raise3d\ideamaker\ideamaker.exe] => (Block) C:\program files\raise3d\ideamaker\ideamaker.exe (RAISE 3D TECHNOLOGIES INC -> Raise3D)
FirewallRules: [UDP Query User{E0D2C5A0-A599-461C-94C2-C7A42893C7DD}C:\program files\raise3d\ideamaker\ideamaker.exe] => (Block) C:\program files\raise3d\ideamaker\ideamaker.exe (RAISE 3D TECHNOLOGIES INC -> Raise3D)
FirewallRules: [{F35E4C22-6474-4ACB-8ADD-EC29D59002A3}] => (Allow) C:\Users\Hendrik\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{352DF61B-D0F5-4A2C-8450-A5A40CBA2D18}] => (Allow) C:\Users\Hendrik\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{BBF0AD13-FA1C-455E-BA72-A1741707E71A}] => (Allow) C:\Users\Hendrik\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{35B65E9D-9933-48D5-BDCF-3C69CDE919DB}] => (Allow) S:\Origin\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{5AED16AE-69CD-4EAD-BECA-77D10263C1C1}] => (Allow) S:\Origin\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{E7DD3ED0-4DAD-44BB-9126-C8318F2C3218}] => (Allow) S:\Origin\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{2EA1B5BA-8E33-4F4C-885F-80797CB07EB0}] => (Allow) S:\Origin\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{4E19ECA0-7D56-4660-ADC6-E92E5DC6D7D0}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{3BB6DBC5-3CC9-4BA2-BC89-BA6A9796A008}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [TCP Query User{68EFF304-8222-4004-98BA-E0BA748148CB}E:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe] => (Allow) E:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [UDP Query User{5A45E3CE-93B8-4605-9D57-1AEE50278871}E:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe] => (Allow) E:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{F315BBAB-C9CF-43A2-ADD6-7337369F52FC}] => (Allow) LPort=9223
FirewallRules: [{AC93D3E9-D258-40A7-8981-C7F26FDABDEB}] => (Allow) LPort=9245
FirewallRules: [{F93B50A6-6BE8-4D7C-8447-DDC792ED50B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> Valve Corporation)
FirewallRules: [{59A468BE-F340-449F-9909-EA6B4D2AE476}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{71211C00-7E36-4769-8E2D-90F5E086688D}C:\program files (x86)\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [UDP Query User{85A8ADFB-CD98-4A7D-AB6D-427409285ACA}C:\program files (x86)\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [{E4FA4802-82A8-452F-83A6-DAD9F0DE8575}] => (Allow) C:\Program Files\Elgato\StreamDeck\StreamDeck.exe (Corsair Memory, Inc. -> Corsair Memory, Inc)
FirewallRules: [{94D7D0A7-7AE8-490E-A0C4-D6BD12822B99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{274BE37E-7792-4C76-8198-1BDC2ABCF97E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{955A4A2B-E516-4587-95EB-56AEBEB40346}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A34F9700-BE7D-401D-B26B-C8B798C2A6DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{8C89B2DD-3D73-461A-9957-EC71CB52F043}S:\steamlibrary\steamapps\common\world war 3\ww3\binaries\win64\ww3-win64-shipping.exe] => (Allow) S:\steamlibrary\steamapps\common\world war 3\ww3\binaries\win64\ww3-win64-shipping.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{C8A25AE2-A35A-4AAC-B184-54D34D517D67}S:\steamlibrary\steamapps\common\world war 3\ww3\binaries\win64\ww3-win64-shipping.exe] => (Allow) S:\steamlibrary\steamapps\common\world war 3\ww3\binaries\win64\ww3-win64-shipping.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{12D5CE99-E533-42B3-9DF3-9CB44E1FEB70}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3 Tools\Arma3Tools.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.)
FirewallRules: [{96F23621-F816-469F-97C0-4CF3B2DEC2D4}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3 Tools\Arma3Tools.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.)
FirewallRules: [{41DC50CE-7FAF-45FE-88BF-C7B56C8E8780}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3 Tools\starter.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.)
FirewallRules: [{22AA8014-8717-468F-B5D8-A6E5B89AD1F6}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3 Tools\starter.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.)
FirewallRules: [{88297049-B99B-4E16-883A-77FC8A438EA9}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3 Tools\AddonBuilder\AddonBuilder.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{BDB8C91C-F409-498C-9F56-11B8E8D10ED7}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3 Tools\AddonBuilder\AddonBuilder.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{FC9D6447-1959-4976-A41A-5CCB0A04953C}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3 Tools\Publisher\Publisher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{A53BFF93-EA3A-4BA2-AF56-6854835AFCEF}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3 Tools\Publisher\Publisher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{896C1362-F1E2-40ED-BA93-80B8A0864DCC}] => (Allow) S:\SteamLibrary\steamapps\common\Crusader Kings III\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{DD734F33-73EC-412B-B846-EA456956477F}] => (Allow) S:\SteamLibrary\steamapps\common\Crusader Kings III\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{EED79436-0EBD-47F3-9D54-DC6625ED3E67}] => (Allow) E:\SteamLibrary\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert]
FirewallRules: [{CBC71883-6213-4A16-8406-83313B06CBAE}] => (Allow) E:\SteamLibrary\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert]
FirewallRules: [{CE9ADBAA-8E20-47AC-9C8A-5B52D473D00D}] => (Allow) E:\SteamLibrary\steamapps\common\The Forest\TheForest.exe () [Datei ist nicht signiert]
FirewallRules: [{57F92FF3-5ACB-4AE5-A81E-C13D9A616F8D}] => (Allow) E:\SteamLibrary\steamapps\common\The Forest\TheForest.exe () [Datei ist nicht signiert]
FirewallRules: [{BC609385-3B0E-463D-AAFE-7FA71CAC5EC8}] => (Allow) E:\SteamLibrary\steamapps\common\The Forest\TheForestVR.exe () [Datei ist nicht signiert]
FirewallRules: [{3CF9AE0F-447E-4E56-8FAE-53795B2F8489}] => (Allow) E:\SteamLibrary\steamapps\common\The Forest\TheForestVR.exe () [Datei ist nicht signiert]
FirewallRules: [{5D20A1CB-3007-4B1D-B476-FA637537AAFB}] => (Allow) E:\SteamLibrary\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [{668A4211-A861-4EA6-88EC-2A9E48928436}] => (Allow) E:\SteamLibrary\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{36D22EAE-EACC-4677-A189-664377CBC0AE}C:\programdata\oracle\java\javapath_target_1142152750\javaw.exe] => (Allow) C:\programdata\oracle\java\javapath_target_1142152750\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{5B367EB3-E255-4626-AC3B-33D3C5D68075}C:\programdata\oracle\java\javapath_target_1142152750\javaw.exe] => (Allow) C:\programdata\oracle\java\javapath_target_1142152750\javaw.exe => Keine Datei
FirewallRules: [{9FDF967F-FC8E-42B6-BA21-89100642DFB5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\89.0.774.77\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ADCB7CCE-9D20-4F59-BEA5-595D46A98E67}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{3C08EBFA-11C0-4050-9539-34EFCFF80E32}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )

==================== Wiederherstellungspunkte =========================

10-04-2021 12:31:12 Geplanter Prüfpunkt
14-04-2021 09:25:51 Windows Modules Installer
18-04-2021 12:38:06 Removed Avira Browser Safety
20-04-2021 09:51:06 Removed Avira Browser Safety

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (04/20/2021 11:37:31 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf Mastermind (M:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)

Error: (04/20/2021 11:28:07 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf Mastermind (M:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)

Error: (04/20/2021 10:45:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sdzoomplugin.exe, Version: 0.0.0.0, Zeitstempel: 0x602c096a
Name des fehlerhaften Moduls: uiautomationcore.dll, Version: 7.2.19041.906, Zeitstempel: 0xae6be9d8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000023c11
ID des fehlerhaften Prozesses: 0x2ee0
Startzeit der fehlerhaften Anwendung: 0x01d735be5948b1ee
Pfad der fehlerhaften Anwendung: C:\Users\Hendrik\AppData\Roaming\Elgato\StreamDeck\Plugins\com.lostdomain.zoom.sdPlugin\sdzoomplugin.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\uiautomationcore.dll
Berichtskennung: fd3ee785-4afe-4f1a-bb53-2a5b78220c45
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/20/2021 10:22:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sdzoomplugin.exe, Version: 0.0.0.0, Zeitstempel: 0x602c096a
Name des fehlerhaften Moduls: uiautomationcore.dll, Version: 7.2.19041.906, Zeitstempel: 0xae6be9d8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000023c11
ID des fehlerhaften Prozesses: 0x1444
Startzeit der fehlerhaften Anwendung: 0x01d735be1f399f5e
Pfad der fehlerhaften Anwendung: C:\Users\Hendrik\AppData\Roaming\Elgato\StreamDeck\Plugins\com.lostdomain.zoom.sdPlugin\sdzoomplugin.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\uiautomationcore.dll
Berichtskennung: 24ad5601-6333-493e-a38b-dd35bc1bce85
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/20/2021 10:21:38 AM) (Source: MsiInstaller) (EventID: 10005) (User: Zeiträuber)
Description: Product: Avira Browser Safety -- OS version incompatibility

Error: (04/20/2021 10:21:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sdzoomplugin.exe, Version: 0.0.0.0, Zeitstempel: 0x602c096a
Name des fehlerhaften Moduls: uiautomationcore.dll, Version: 7.2.19041.906, Zeitstempel: 0xae6be9d8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000023c11
ID des fehlerhaften Prozesses: 0x37cc
Startzeit der fehlerhaften Anwendung: 0x01d735a50dd908f4
Pfad der fehlerhaften Anwendung: C:\Users\Hendrik\AppData\Roaming\Elgato\StreamDeck\Plugins\com.lostdomain.zoom.sdPlugin\sdzoomplugin.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\uiautomationcore.dll
Berichtskennung: 5555414a-87ee-42a0-9fe2-667ef1595568
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/20/2021 09:51:23 AM) (Source: MsiInstaller) (EventID: 10005) (User: Zeiträuber)
Description: Product: Avira Browser Safety -- OS version incompatibility

Error: (04/20/2021 07:20:40 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Der Zugriff auf Leistungsdaten wurde für den Benutzer "SYSTEM" (Wert von getbenutzername() für den ausgeführten Thread) verweigert, da er vom Modul "C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe" (Wert von GetModuleFileName() für die Binärdatei, die die Abfrage ausgegeben hat) versucht wurde.


Systemfehler:
=============
Error: (04/20/2021 07:21:15 AM) (Source: SNMP) (EventID: 1500) (User: )
Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten.

Error: (04/18/2021 01:23:01 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten.

Error: (04/18/2021 12:58:11 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten.

Error: (04/18/2021 12:57:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/18/2021 12:57:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Logi Facecam Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/18/2021 12:57:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Microsoft Update Health Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/18/2021 12:57:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "GoPro Device Detection Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/18/2021 12:57:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Security Assist" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Windows Defender:
================
Date: 2021-04-18 14:19:55
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {A09C37D1-E6FD-46ED-A0DF-D31849C34BA7}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-04-17 16:31:55
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {C5BD1AE5-439D-4A73-BBB1-80AA6CA6BFFB}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-04-16 23:17:03
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {8EA8C48E-D49C-4B55-BFC8-3866CFEDC665}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-04-15 14:23:00
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {2C096C7F-215C-4AA8-8799-B37EB79C01D0}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-04-14 14:13:53
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {32643AB2-1BFB-43F6-96FE-C35E794E5AED}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

CodeIntegrity:
===============
Date: 2021-04-18 12:50:49
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. 3016 12/27/2016
Hauptplatine: ASUSTeK COMPUTER INC. Z170 PRO GAMING
Prozessor: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 32634.81 MB
Verfügbarer physikalischer RAM: 24873.86 MB
Summe virtueller Speicher: 65402.81 MB
Verfügbarer virtueller Speicher: 56021.7 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:237.52 GB) (Free:62.16 GB) NTFS
Drive d: (Spiele) (Fixed) (Total:232.88 GB) (Free:177.63 GB) NTFS
Drive e: (Volume) (Fixed) (Total:465.75 GB) (Free:149.29 GB) NTFS
Drive m: (Mastermind) (Fixed) (Total:3725.9 GB) (Free:3193.12 GB) NTFS
Drive s: (Steam) (Fixed) (Total:465.63 GB) (Free:220.66 GB) NTFS

\\?\Volume{5b439334-728b-11e5-8795-806e6f6e6963}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{769568a4-0000-0000-0000-e0673b000000}\ () (Fixed) (Total:0.85 GB) (Free:0.4 GB) NTFS

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 769568A4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=871 MB) - (Type=27)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 9231999F)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 3 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 4 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================
         
__________________


Alt 20.04.2021, 12:31   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
W10: Firefox, automatischer Aufruf von craccoon.com - Standard

W10: Firefox, automatischer Aufruf von craccoon.com



Scripting/Repair mit FRST64
WARNUNG AN ALLE MITLESER !!!
Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System angewendet werden!
  • Kopiere den gesamten Inhalt der folgenden Code-Box:
    Code:
    ATTFilter
    Start::
    CloseProcesses:
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
    GroupPolicy: Beschränkung ? <==== ACHTUNG
    Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
    C:\Users\Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
    Task: {13DD2E0F-8F1D-4844-A353-1652E99A6F2A} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
    Task: {193D141E-04C3-44E8-8B90-C2DF0886C5D9} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
    Task: {1CFCC27F-17D9-4963-9A9A-53B391628E73} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
    Task: {36A13E3F-5BB3-4919-96E2-22AE6695455D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
    Task: {5B6777DE-8127-46FD-9342-AFF596DC9820} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
    Task: {606C8B4C-FC4B-4118-A888-D9A991DC1FAA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
    Task: {B22365E3-DD44-4F9D-B86F-6A0292865C26} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
    Task: {B52DBA18-9F13-43F0-8DBF-B47BE975645A} - \Microsoft\Windows\Setup\EOONotify -> Keine Datei <==== ACHTUNG
    Task: {E0EC010C-9185-4E57-B0FE-4DCA18103968} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
    Task: {E2BEF094-DC6D-4DAB-A837-17FB57AB50FF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
    Task: {E4A2BD13-0B03-423E-86BA-94C6867AA9BC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
    Task: {EE2C32F3-60ED-454C-9C67-A9B3897DF478} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
    Task: {F24EA26E-E48B-4F71-95FC-315193016752} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
    Task: {F7F5F5C9-EC9A-41C1-A847-80F83A7F4119} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
    Task: {F98535FE-B58A-4CF0-9A08-3F05355DDE68} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
    Task: {F9985183-E490-46AA-8E10-C0F9492A5396} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
    cmd: reg query "HKCU\Environment"
    cmd: reg query "HKCU\Software"
    cmd: netsh advfirewall reset
    emptytemp:
    End::
             
  • Starte nun FRST und klicke direkt den Reparieren Button.Wichtig: Du brauchst den Inhalt der Code-Box nirgends einfügen, da sich FRST den Code aus der Zwischenablage holt!
  • Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich FRST befindet.
  • Gegebenenfalls muss dein Rechner neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.
__________________
__________________

Alt 20.04.2021, 13:04   #19
Kio
 
W10: Firefox, automatischer Aufruf von craccoon.com - Standard

W10: Firefox, automatischer Aufruf von craccoon.com



Hi,

die Fixlog:
Code:
ATTFilter
Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-04-2021
durchgeführt von Hendrik (20-04-2021 13:55:07) Run:1
Gestartet von C:\Users\Hendrik\Downloads
Geladene Profile: Hendrik
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
C:\Users\Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
Task: {13DD2E0F-8F1D-4844-A353-1652E99A6F2A} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {193D141E-04C3-44E8-8B90-C2DF0886C5D9} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {1CFCC27F-17D9-4963-9A9A-53B391628E73} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {36A13E3F-5BB3-4919-96E2-22AE6695455D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {5B6777DE-8127-46FD-9342-AFF596DC9820} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {606C8B4C-FC4B-4118-A888-D9A991DC1FAA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {B22365E3-DD44-4F9D-B86F-6A0292865C26} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {B52DBA18-9F13-43F0-8DBF-B47BE975645A} - \Microsoft\Windows\Setup\EOONotify -> Keine Datei <==== ACHTUNG
Task: {E0EC010C-9185-4E57-B0FE-4DCA18103968} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {E2BEF094-DC6D-4DAB-A837-17FB57AB50FF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {E4A2BD13-0B03-423E-86BA-94C6867AA9BC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {EE2C32F3-60ED-454C-9C67-A9B3897DF478} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
Task: {F24EA26E-E48B-4F71-95FC-315193016752} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {F7F5F5C9-EC9A-41C1-A847-80F83A7F4119} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {F98535FE-B58A-4CF0-9A08-3F05355DDE68} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {F9985183-E490-46AA-8E10-C0F9492A5396} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
cmd: reg query "HKCU\Environment"
cmd: reg query "HKCU\Software"
cmd: netsh advfirewall reset
emptytemp:

*****************

Prozesse erfolgreich geschlossen.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => erfolgreich entfernt
C:\WINDOWS\system32\GroupPolicy\Machine => erfolgreich verschoben
C:\WINDOWS\system32\GroupPolicy\GPT.ini => erfolgreich verschoben
C:\ProgramData\NTUSER.pol => erfolgreich verschoben
C:\Users\Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{13DD2E0F-8F1D-4844-A353-1652E99A6F2A}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13DD2E0F-8F1D-4844-A353-1652E99A6F2A}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{193D141E-04C3-44E8-8B90-C2DF0886C5D9}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{193D141E-04C3-44E8-8B90-C2DF0886C5D9}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1CFCC27F-17D9-4963-9A9A-53B391628E73}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1CFCC27F-17D9-4963-9A9A-53B391628E73}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{36A13E3F-5BB3-4919-96E2-22AE6695455D}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36A13E3F-5BB3-4919-96E2-22AE6695455D}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5B6777DE-8127-46FD-9342-AFF596DC9820}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B6777DE-8127-46FD-9342-AFF596DC9820}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{606C8B4C-FC4B-4118-A888-D9A991DC1FAA}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{606C8B4C-FC4B-4118-A888-D9A991DC1FAA}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B22365E3-DD44-4F9D-B86F-6A0292865C26}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B22365E3-DD44-4F9D-B86F-6A0292865C26}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B52DBA18-9F13-43F0-8DBF-B47BE975645A}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B52DBA18-9F13-43F0-8DBF-B47BE975645A}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOONotify" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0EC010C-9185-4E57-B0FE-4DCA18103968}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0EC010C-9185-4E57-B0FE-4DCA18103968}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2BEF094-DC6D-4DAB-A837-17FB57AB50FF}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2BEF094-DC6D-4DAB-A837-17FB57AB50FF}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E4A2BD13-0B03-423E-86BA-94C6867AA9BC}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4A2BD13-0B03-423E-86BA-94C6867AA9BC}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE2C32F3-60ED-454C-9C67-A9B3897DF478}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE2C32F3-60ED-454C-9C67-A9B3897DF478}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F24EA26E-E48B-4F71-95FC-315193016752}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F24EA26E-E48B-4F71-95FC-315193016752}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F7F5F5C9-EC9A-41C1-A847-80F83A7F4119}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7F5F5C9-EC9A-41C1-A847-80F83A7F4119}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F98535FE-B58A-4CF0-9A08-3F05355DDE68}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F98535FE-B58A-4CF0-9A08-3F05355DDE68}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F9985183-E490-46AA-8E10-C0F9492A5396}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9985183-E490-46AA-8E10-C0F9492A5396}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => erfolgreich entfernt

========= reg query "HKCU\Environment" =========


HKEY_CURRENT_USER\Environment
    Path    REG_EXPAND_SZ    %USERPROFILE%\AppData\Local\Microsoft\WindowsApps;
    TEMP    REG_EXPAND_SZ    %USERPROFILE%\AppData\Local\Temp
    TMP    REG_EXPAND_SZ    %USERPROFILE%\AppData\Local\Temp
    MOZ_PLUGIN_PATH    REG_SZ    
    JD2_HOME    REG_SZ    M:\JDownloader\JDownloader
    OneDrive    REG_EXPAND_SZ    C:\Users\Hendrik\OneDrive
    OneDriveConsumer    REG_EXPAND_SZ    C:\Users\Hendrik\OneDrive


========= Ende von CMD: =========


========= reg query "HKCU\Software" =========


HKEY_CURRENT_USER\Software\7-Zip
HKEY_CURRENT_USER\Software\AppDataLow
HKEY_CURRENT_USER\Software\ASRock
HKEY_CURRENT_USER\Software\ASUS
HKEY_CURRENT_USER\Software\Avira
HKEY_CURRENT_USER\Software\Battlefield 1942
HKEY_CURRENT_USER\Software\Beam Team Games
HKEY_CURRENT_USER\Software\BetaDwarf ApS
HKEY_CURRENT_USER\Software\Bethesda Softworks
HKEY_CURRENT_USER\Software\Binary Fortress Software
HKEY_CURRENT_USER\Software\Blacklight Interactive
HKEY_CURRENT_USER\Software\Blizzard Entertainment
HKEY_CURRENT_USER\Software\Bohemia Interactive
HKEY_CURRENT_USER\Software\Bohemia Interactive Studio
HKEY_CURRENT_USER\Software\Brother
HKEY_CURRENT_USER\Software\BugSplat
HKEY_CURRENT_USER\Software\Buhl Data Service GmbH
HKEY_CURRENT_USER\Software\Chromium
HKEY_CURRENT_USER\Software\CineForm
HKEY_CURRENT_USER\Software\City Interactive
HKEY_CURRENT_USER\Software\Clients
HKEY_CURRENT_USER\Software\CodeHatch
HKEY_CURRENT_USER\Software\Corel
HKEY_CURRENT_USER\Software\Creepy Jar
HKEY_CURRENT_USER\Software\Cyberlore
HKEY_CURRENT_USER\Software\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b
HKEY_CURRENT_USER\Software\DirectShow
HKEY_CURRENT_USER\Software\Discord
HKEY_CURRENT_USER\Software\Dropbox
HKEY_CURRENT_USER\Software\DropboxUpdate
HKEY_CURRENT_USER\Software\DTP
HKEY_CURRENT_USER\Software\DVDVideoSoft
HKEY_CURRENT_USER\Software\ej-technologies
HKEY_CURRENT_USER\Software\Elaborate Bytes
HKEY_CURRENT_USER\Software\Electronic Arts
HKEY_CURRENT_USER\Software\Elgato Systems GmbH
HKEY_CURRENT_USER\Software\Epic Games
HKEY_CURRENT_USER\Software\EPSON
HKEY_CURRENT_USER\Software\Foxit Software
HKEY_CURRENT_USER\Software\Frontier Developments
HKEY_CURRENT_USER\Software\Gaijin
HKEY_CURRENT_USER\Software\GameSpy
HKEY_CURRENT_USER\Software\Google
HKEY_CURRENT_USER\Software\GoPro
HKEY_CURRENT_USER\Software\GPL Ghostscript
HKEY_CURRENT_USER\Software\Haali
HKEY_CURRENT_USER\Software\HmelyoffLabs
HKEY_CURRENT_USER\Software\HTC
HKEY_CURRENT_USER\Software\HtcVive
HKEY_CURRENT_USER\Software\IM Providers
HKEY_CURRENT_USER\Software\ImgBurn
HKEY_CURRENT_USER\Software\Innersloth
HKEY_CURRENT_USER\Software\Intel
HKEY_CURRENT_USER\Software\Invent4.com
HKEY_CURRENT_USER\Software\IO Interactive
HKEY_CURRENT_USER\Software\IronGate
HKEY_CURRENT_USER\Software\JavaSoft
HKEY_CURRENT_USER\Software\JEDI-VCL
HKEY_CURRENT_USER\Software\Khronos
HKEY_CURRENT_USER\Software\Lagarith
HKEY_CURRENT_USER\Software\LAV
HKEY_CURRENT_USER\Software\Lavasoft
HKEY_CURRENT_USER\Software\Licenses
HKEY_CURRENT_USER\Software\LinuxLive
HKEY_CURRENT_USER\Software\LogiShrd
HKEY_CURRENT_USER\Software\Logitech
HKEY_CURRENT_USER\Software\LogMeInInc
HKEY_CURRENT_USER\Software\Macromedia
HKEY_CURRENT_USER\Software\MAGIX
HKEY_CURRENT_USER\Software\Magix Low Latency 2016
HKEY_CURRENT_USER\Software\MainConcept
HKEY_CURRENT_USER\Software\Malwarebytes
HKEY_CURRENT_USER\Software\Martin Prikryl
HKEY_CURRENT_USER\Software\Mediatonic
HKEY_CURRENT_USER\Software\Microsoft
HKEY_CURRENT_USER\Software\Mojang
HKEY_CURRENT_USER\Software\Mozilla
HKEY_CURRENT_USER\Software\MozillaPlugins
HKEY_CURRENT_USER\Software\MPC-HC
HKEY_CURRENT_USER\Software\NewBlue
HKEY_CURRENT_USER\Software\NVIDIA Corporation
HKEY_CURRENT_USER\Software\O&O
HKEY_CURRENT_USER\Software\OCS
HKEY_CURRENT_USER\Software\ODBC
HKEY_CURRENT_USER\Software\OffworldIndustries
HKEY_CURRENT_USER\Software\OpenAutomate
HKEY_CURRENT_USER\Software\OpenVR
HKEY_CURRENT_USER\Software\Opera Software
HKEY_CURRENT_USER\Software\Paradox Interactive
HKEY_CURRENT_USER\Software\PDFPrint
HKEY_CURRENT_USER\Software\Policies
HKEY_CURRENT_USER\Software\QtProject
HKEY_CURRENT_USER\Software\Raise3D
HKEY_CURRENT_USER\Software\Realtek
HKEY_CURRENT_USER\Software\Redbeet Interactive
HKEY_CURRENT_USER\Software\RegisteredApplications
HKEY_CURRENT_USER\Software\Repetier
HKEY_CURRENT_USER\Software\Respawn Entertainment
HKEY_CURRENT_USER\Software\Rockstar Games
HKEY_CURRENT_USER\Software\SecuROM
HKEY_CURRENT_USER\Software\SimBin
HKEY_CURRENT_USER\Software\SimonTatham
HKEY_CURRENT_USER\Software\SKS
HKEY_CURRENT_USER\Software\Skype
HKEY_CURRENT_USER\Software\Sony Creative Software
HKEY_CURRENT_USER\Software\SplitmediaLabs
HKEY_CURRENT_USER\Software\Spotify
HKEY_CURRENT_USER\Software\SyncEngines
HKEY_CURRENT_USER\Software\Team17 Digital Ltd
HKEY_CURRENT_USER\Software\Team17SoftwareLTD
HKEY_CURRENT_USER\Software\TeamSpeak 3 Client
HKEY_CURRENT_USER\Software\TeamViewer
HKEY_CURRENT_USER\Software\The Creative Assembly
HKEY_CURRENT_USER\Software\The Silicon Realms Toolworks
HKEY_CURRENT_USER\Software\TheCreativeAssembly
HKEY_CURRENT_USER\Software\Thunderbird
HKEY_CURRENT_USER\Software\Trolltech
HKEY_CURRENT_USER\Software\Ubisoft
HKEY_CURRENT_USER\Software\UIUTask
HKEY_CURRENT_USER\Software\UniqueInt
HKEY_CURRENT_USER\Software\Unity
HKEY_CURRENT_USER\Software\Valve
HKEY_CURRENT_USER\Software\VMware, Inc.
HKEY_CURRENT_USER\Software\Wargaming.net
HKEY_CURRENT_USER\Software\WebEx
HKEY_CURRENT_USER\Software\WinRAR SFX
HKEY_CURRENT_USER\Software\Wintertree
HKEY_CURRENT_USER\Software\Wow6432Node
HKEY_CURRENT_USER\Software\Z-Software GmbH
HKEY_CURRENT_USER\Software\ZoomUMX
HKEY_CURRENT_USER\Software\{B2CB09FF-2453-4f85-9F40-21C05BE4CBA8}
HKEY_CURRENT_USER\Software\Classes

========= Ende von CMD: =========


========= netsh advfirewall reset =========

OK.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 770396534 B
Java, Flash, Steam htmlcache => 1053131839 B
Windows/system/drivers => 2846818 B
Edge => 1915880 B
Chrome => 23106056 B
Firefox => 1157109665 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 26740 B
NetworkService => 258090 B
Hendrik => 524723014 B
DefaultAppPool => 524723014 B

RecycleBin => 405462033 B
EmptyTemp: => 4.2 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 13:57:56 ====
         

Alt 20.04.2021, 13:32   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
W10: Firefox, automatischer Aufruf von craccoon.com - Standard

W10: Firefox, automatischer Aufruf von craccoon.com



Kontrollscans mit MBAM und RK

Wir sind fast fertig. Jetzt ist es an der Zeit für Kontrollscans mit
Poste nach Abschluss der beiden Scans die Logs in CODE-Tags.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 20.04.2021, 13:57   #21
Kio
 
W10: Firefox, automatischer Aufruf von craccoon.com - Standard

W10: Firefox, automatischer Aufruf von craccoon.com



Hi,

eiman MBAM:
Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 20.04.21
Scan-Zeit: 14:40
Protokolldatei: 9f7d02cc-a1d5-11eb-a244-704d7b645db9.json

-Softwaredaten-
Version: 4.3.0.98
Komponentenversion: 1.0.1251
Version des Aktualisierungspakets: 1.0.39621
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 19042.928)
CPU: x64
Dateisystem: NTFS
Benutzer: Zeiträuber\Hendrik

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 350734
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 2 Min., 37 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)
         

Und einmal RogueKiller:
Code:
ATTFilter
RogueKiller Anti-Malware V14.8.6.0 (x64) [Mar 24 2021] (Free) von Adlice Software
Mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Betriebssystem : Windows 10 (10.0.19042) 64 bits
Gestartet in : Normaler Modus
Benutzer : Hendrik [Administrator]
Gestartet von : C:\Users\Hendrik\Desktop\RogueKiller_portable64.exe
Signaturen : 20210419_123737, Treiber : Geladen
Modus : Standard-Scan, Löschen -- Datum : 2021/04/20 14:54:21 (Dauer : 00:06:59)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Löschen ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.Gen1 (Potenziell bösartig)] HKEY_USERS\.DEFAULT\Software\OCS --  -> Gelöscht
[PUP.Gen1 (Potenziell bösartig)] HKEY_USERS\S-1-5-21-256580667-2295068177-2157506718-1000\Software\OCS --  -> Gelöscht
[PUP.Gen1 (Potenziell bösartig)] HKEY_USERS\S-1-5-18\Software\OCS --  -> Gelöscht
[PUP.Gen1 (Potenziell bösartig)] simplitec -- %programdata%\simplitec -> Gelöscht
         

Alt 20.04.2021, 14:04   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
W10: Firefox, automatischer Aufruf von craccoon.com - Standard

W10: Firefox, automatischer Aufruf von craccoon.com



Dann wären wir durch!

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Abschließend bitte noch einen Cleanup mit unserem TB-Cleanup-Script durchführen und unbedingt die Sicherheitsmaßnahmen lesen und umsetzen - beides ist in folgendem Lesestoff verlinkt:

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 22.04.2021, 15:55   #23
M-K-D-B
/// TB-Ausbilder
 
W10: Firefox, automatischer Aufruf von craccoon.com - Standard

W10: Firefox, automatischer Aufruf von craccoon.com



Wir sind froh, dass wir helfen konnten

Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema.

Jeder andere bitte hier klicken und ein eigenes Thema erstellen.

Thema geschlossen

Themen zu W10: Firefox, automatischer Aufruf von craccoon.com
.com, adware, appdata, craccoon, download, explorer, failed, festgestellt, firefox, folge, forum, frage, google, internet, internet explorer, lösung, microsoft, recovery, registry, reset, secure, suche, surfen, system32, temp, update, weiterleitung, windows




Ähnliche Themen: W10: Firefox, automatischer Aufruf von craccoon.com


  1. craccoon.exe, reicht deinstallieren über die Systemsteuerung?
    Plagegeister aller Art und deren Bekämpfung - 18.04.2021 (4)
  2. Trojaner CRaccoon auf meinen Rechner
    Plagegeister aller Art und deren Bekämpfung - 03.01.2021 (24)
  3. Windows 8.1 + Firefox 38.0.1: Request an Malware-gelistete Seite bei Aufruf von beliebiger Website
    Log-Analyse und Auswertung - 31.05.2015 (3)
  4. f.txt - Automatischer download
    Log-Analyse und Auswertung - 08.05.2015 (3)
  5. Versendung automatischer Spam-Mails
    Log-Analyse und Auswertung - 26.03.2013 (15)
  6. Trojan.JS.Redirector bei Aufruf von Firefox
    Plagegeister aller Art und deren Bekämpfung - 10.01.2013 (14)
  7. Automatischer Text in Textfeldern bei Foren!
    Plagegeister aller Art und deren Bekämpfung - 22.06.2010 (1)
  8. PC-Freeze => automatischer Reboot // c.exe
    Plagegeister aller Art und deren Bekämpfung - 10.02.2010 (5)
  9. Automatischer Neustart
    Log-Analyse und Auswertung - 18.08.2008 (6)
  10. Automatischer login ...
    Log-Analyse und Auswertung - 29.02.2008 (1)
  11. Automatischer Neustart und Bluescreen
    Alles rund um Windows - 29.04.2007 (34)
  12. IExplorer und Firefox schliessen mit Fehlermeldung sofort nach erstem Aufruf
    Log-Analyse und Auswertung - 21.12.2006 (1)
  13. Automatischer Neustart bei Benutzeranmeldung
    Log-Analyse und Auswertung - 14.09.2006 (4)
  14. IE ... ungewollter automatischer Seitenaufruf
    Plagegeister aller Art und deren Bekämpfung - 31.01.2006 (11)
  15. Automatischer Start von Internet Explorer
    Plagegeister aller Art und deren Bekämpfung - 05.06.2005 (6)
  16. Automatischer start vom IE
    Plagegeister aller Art und deren Bekämpfung - 13.03.2005 (8)
  17. Automatischer Aufruf von Teen Sex Baby??
    Plagegeister aller Art und deren Bekämpfung - 04.03.2005 (4)

Zum Thema W10: Firefox, automatischer Aufruf von craccoon.com - Shortcut: Code: Alles auswählen Aufklappen ATTFilter Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 17-04-2021 durchgeführt von Hendrik (20-04-2021 11:45:51) Gestartet von C:\Users\Hendrik\Downloads Start-Modus: Normal ==================== Verknüpfungen ============================= (Die Einträge können - W10: Firefox, automatischer Aufruf von craccoon.com...
Archiv
Du betrachtest: W10: Firefox, automatischer Aufruf von craccoon.com auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.