|
Log-Analyse und Auswertung: W10: Firefox, automatischer Aufruf von craccoon.comWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
20.04.2021, 10:51 | #16 |
| W10: Firefox, automatischer Aufruf von craccoon.com Shortcut: Code:
ATTFilter Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 17-04-2021 durchgeführt von Hendrik (20-04-2021 11:45:51) Gestartet von C:\Users\Hendrik\Downloads Start-Modus: Normal ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascaron\Piraten\Ascaron Homepage besuchen.lnk -> hxxp://www.ascaron.com Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk -> C:\Program Files (x86)\Google\Google Earth Pro\client\googleearth.exe (Google) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk -> C:\Program Files (x86)\ImgBurn\ImgBurn.exe (LIGHTNING UK!) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs OBS.lnk -> C:\Program Files\Streamlabs OBS\Streamlabs OBS.exe (General Workings, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk -> C:\Program Files (x86)\WinSCP\WinSCP.exe (Martin Prikryl) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warships\World of Warships entfernen.lnk -> C:\Games\World_of_Warships\unins000.exe (Keine Datei) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wargaming.net\World of Warships ModStation\ModStation Diagnosis.lnk -> C:\Program Files\Wargaming.net\World of Warships ModStation\WorldOfWarships.ModStation.Diagnosis.exe (Wargaming.net) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wargaming.net\World of Warships ModStation\Uninstall ModStation.lnk -> C:\Program Files\Wargaming.net\World of Warships ModStation\unins000.exe (Wargaming.net ) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wargaming.net\World of Warships ModStation\World of Warships ModStation.lnk -> C:\Program Files\Wargaming.net\World of Warships ModStation\WorldOfWarships.ModStation.exe (Wargaming.net) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware\VMware Workstation 15 Player.lnk -> C:\Program Files (x86)\VMware\VMware Player\vmplayer.exe (VMware, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIVE Software\Vive Dashboard.lnk -> C:\Program Files (x86)\VIVE\Updater\App\Dashboard\win32\ViveDashboard.exe (HTC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIVE Software\VIVE Guide.lnk -> C:\Program Files (x86)\VIVE\Updater\App\ViveGuide\ViveGuide.exe (HTC Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIVE Software\VIVEPORT Feedback.lnk -> C:\Program Files (x86)\Common Files\HTC\Viveport\Diagnosis\ViveportDiagnosis.exe (HTC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIVE Software\VIVEPORT.lnk -> C:\Program Files (x86)\VIVE\PCClient\Vive.exe (HTC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files\VideoLAN\VLC\Documentation.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files\VideoLAN\VLC\NEWS.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files\VideoLAN\VLC\VideoLAN Website.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS\VEGAS Pro 14.0\Vegas Pro 14.0 (64-bit).lnk -> M:\Vegas\vegas140.exe (MAGIX Computer Products Intl. Co.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS\VEGAS Pro 14.0\VEGAS Pro 14.0 Liesmich.lnk -> M:\Vegas\readme\Vegas_readme_deu.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS\DVD Architect\DVD Architect Liesmich.lnk -> M:\Vegas Architekt\readme\DVD_Architect_readme_deu.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS\DVD Architect\DVD Architect.lnk -> M:\Vegas Architekt\dvdarch70.exe (MAGIX Computer Products Intl. Co.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimaker Cura\Ultimaker Cura 3.5.1.lnk -> C:\Program Files\Ultimaker Cura 3.5\Cura.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimaker Cura\Uninstall.lnk -> C:\Program Files\Ultimaker Cura 3.5\Uninstall.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS Battlefront II\Kundendienst.lnk -> S:\Origin\STAR WARS Battlefront II\Support\EA Help\Kundendienst.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS Battlefront II\Nutzervereinbarung.lnk -> S:\Origin\STAR WARS Battlefront II\Support\Nutzervereinbarung\de_DE.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS Battlefront II\STAR WARS Battlefront II.lnk -> S:\Origin\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repetier-Host\Repetier-Host.lnk -> C:\Program Files\Repetier-Host\RepetierHost.exe (Hot-World GmbH & Co. KG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raise3D\ideaMaker\Uninstall ideaMaker.lnk -> C:\Program Files\Raise3D\ideaMaker\uninstall.exe (Raise3D) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Deinstallieren von Origin.lnk -> C:\Program Files (x86)\Origin\OriginUninstall.exe (Electronic Arts) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin Fehlermelder.lnk -> C:\Program Files (x86)\Origin\OriginER.exe (Electronic Arts) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (32bit).lnk -> C:\Program Files (x86)\obs-studio\bin\32bit\obs32.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (64bit).lnk -> C:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\Uninstall.lnk -> C:\Program Files (x86)\obs-studio\uninstall.exe (obsproject.com) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO don.h@free.fr) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Application Manager.lnk -> C:\Program Files\NewBlueFX\Common\ApplicationManager64.exe (NewBlue, Inc) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Vegas Pro Complete\Uninstall Vegas Pro Complete.lnk -> C:\Program Files\NewBlueFX\uninstallers\Uninstall Vegas Pro Complete.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft.lnk -> C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe (Mojang) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\BeckerCAD 10 Pro Beispielprojekte.lnk -> M:\BeckerCAD 10 Pro\Program\Bin\BeckerEx.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\BeckerCAD 10 Pro deinstallieren.lnk -> M:\BeckerCAD 10 Pro\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\BeckerCAD 10 Pro Hilfe.lnk -> M:\BeckerCAD 10 Pro\Program\Bin\Becker.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\BeckerCAD 10 Pro.lnk -> M:\BeckerCAD 10 Pro\Program\Bin\BeckerCAD.exe (DATA BECKER GmbH & Co.KG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Python - Standard Python Console Interface.lnk -> M:\BeckerCAD 10 Pro\Program\Python\python.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\PythonWin - Advanced Python Graphical User Interface.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Lib\site-packages\pythonwin\Pythonwin.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\wxFormBuilder - a wxPython Gui Designer.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Tools\wxFormBuilder\wxFormBuilder.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\CADdy++ Python Documentation.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Doc\CADdy\html\index.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\PyScripter Documentation.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Tools\PyScripter\PyScripter.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\Python COM Documentation.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Lib\site-packages\win32com\HTML\docindex.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\Python COM Help.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Doc\PyWin32.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\Python Standard Documentation.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Doc\python275.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\wxPython\wxGlade GUI Designer Documentation.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Tools\wxGlade\docs\index.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\wxPython\wxGlade GUI Designer Tutorial.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Tools\wxGlade\docs\tutorial.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\wxPython\wxPython Documentation.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Doc\wxPython\docs\wx.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\wxPython\wxPython Package Documentation.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Doc\wxPython\docs\wxPackage.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\wxPython\wxPython Py Manual.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Doc\wxPython\docs\PyManual.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\wxPython\wxPython Samples.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Doc\wxPython\samples () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\wxPython\wxPython Starter Guide.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Doc\wxPython\docs\wxPythonManual.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Launch Gaming Software Profiler.lnk -> C:\Windows\Installer\{1444D2EE-C7AD-44A8-844F-2634B49353D1}\NewShortcut1_7E69263C626D4C569CA13522D79FEB7F.exe (Acresso Software Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Capture.lnk -> C:\Program Files\Logitech\LogiCapture\bin\LogiCapture.exe (Logitech) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Gaming Software 8.74.lnk -> C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility\Intel(R) Driver Update Utility 2.7.lnk -> C:\Program Files (x86)\Intel Driver Update Utility\DSADesktopUI.exe (Intel) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn\ImgBurn Read Me.lnk -> C:\Program Files (x86)\ImgBurn\ReadMe.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn\ImgBurn.lnk -> C:\Program Files (x86)\ImgBurn\ImgBurn.exe (LIGHTNING UK!) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn\Uninstall.lnk -> C:\Program Files (x86)\ImgBurn\uninstall.exe (LIGHTNING UK!) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro\GoPro Studio.lnk -> C:\Program Files (x86)\GoPro\Tools\GoPro Studio.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro\Quik.lnk -> C:\Program Files\GoPro\GoPro Desktop App\Quik.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript\Ghostscript Readme 9.53.3.LNK -> C:\Program Files\gs\gs9.53.3\doc\Readme.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript\Uninstall Ghostscript 9.53.3.LNK -> C:\Program Files\gs\gs9.53.3\uninstgs.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Assassin's Creed Rogue.lnk -> [LF6"pH,R GFSI/jX@2p%,WHAT MATTERS IS THAT I FOLLOWED MY OWN CREED(1SPSXFL8C&m] Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Battlefield 3™.lnk -> [LF6"pH,R GFSIKՏD@,pBattlefield 3"!(1SPSXFL8C&m] Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Command & Conquer™ Alarmstufe Rot 3 Der Aufstand.lnk -> [LF6"pH,R GFSIK`F1)sɰ0Command & Conquer"! Alarmstufe Rot 3 Der Aufstand(1SPSXFL8C&m] Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\FileZilla.lnk -> C:\Program Files\FileZilla FTP Client\filezilla.exe (FileZilla Project) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\Uninstall.lnk -> C:\Program Files\FileZilla FTP Client\uninstall.exe (Tim Kosse) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elgato\Stream Deck\Stream Deck.lnk -> C:\Program Files\Elgato\StreamDeck\StreamDeck.exe (Corsair Memory, Inc) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes\VirtualCloneDrive\Uninstall.lnk -> C:\Program Files (x86)\VirtualCloneDrive\Vcd-uninst.exe (Keine Datei) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\AVIFix.lnk -> C:\Program Files (x86)\ExKode\Dxtory2.0\AVIFix.exe (ExKode Co. Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\AVIMux.lnk -> C:\Program Files (x86)\ExKode\Dxtory2.0\AVIMux.exe (ExKode Co. Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\Dxtory Video Setting.lnk -> C:\Program Files (x86)\ExKode\Dxtory2.0\DxtoryVideoSetting.exe (ExKode Co. Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\Dxtory.lnk -> C:\Program Files (x86)\ExKode\Dxtory2.0\Dxtory.exe (ExKode Co. Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\EULA.txt.lnk -> C:\Program Files (x86)\ExKode\Dxtory2.0\EULA_en.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\License Register.lnk -> C:\Program Files (x86)\ExKode\Dxtory2.0\LicReg.exe (ExKode Co. Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\RawCapConv.lnk -> C:\Program Files (x86)\ExKode\Dxtory2.0\RawCapConv.exe (ExKode Co. Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\readme.txt.lnk -> C:\Program Files (x86)\ExKode\Dxtory2.0\readme.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\DVDVideoSoft Free Studio.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\FreeStudioManager.exe (Digital Wave Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free Video To MP3 Converter.lnk -> C:\Program Files (x86)\DVDVideoSoft\Free Video to MP3 Converter\FreeVideoToMP3Converter.exe (Digital Wave Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free YouTube Download.lnk -> C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe (Digital Wave Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Log Report.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVSSysReport.exe (DVDVideoSoft Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Premium Membership.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\PremiumMembershipOffer.exe (DVDVideoSoft Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Uninstall.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion Uninstall.lnk -> C:\Program Files (x86)\DisplayFusion\unins000.exe (Binary Fortress Software ) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion.lnk -> C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DayZLauncher\DayZLauncher.lnk -> C:\Program Files (x86)\DayZLauncher\DayZLauncher.exe (Keine Datei) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF Writer\Readme.lnk -> C:\Program Files (x86)\CutePDF Writer\CuteEdit.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF Writer\Try Free CutePDF Editor.lnk -> C:\Program Files (x86)\CutePDF Writer\CuteEdit.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corsair LINK 4\Corsair LINK 4.lnk -> C:\Windows\Installer\{D97F4B31-5A7D-4A07-AC85-16D64FAB93E1}\Icon.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Boot Setting\ASUS Boot Setting 1.00.22.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{7AAE9187-C24F-4073-A951-36C370E7A3A5}\Setup.exe (InstallShield Software Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AI Suite 3\AI Suite 3.lnk -> C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe (ASUSTeK Computer Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility\ASRock eXtreme Tuner\ASRock eXtreme Tuner.lnk -> C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility\ASRock eXtreme Tuner\Uninstall ASRock eXtreme Tuner.lnk -> C:\Program Files (x86)\ASRock Utility\AXTU\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascaron\Piraten\Auf Update prüfen.lnk -> C:\Program Files (x86)\Piraten\Updater.exe (Ascaron Entertainment GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascaron\Piraten\Piraten deinstallieren.lnk -> C:\Program Files (x86)\Piraten\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascaron\Piraten\Piraten starten.lnk -> C:\Program Files (x86)\Piraten\piraten.exe (Ascaron Entertainment GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascaron\Piraten\Readme lesen.lnk -> C:\Program Files (x86)\Piraten\liesmich.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 1.1 Configuration.lnk -> C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorcfg.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 1.1 Wizards.lnk -> C:\Windows\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe ( ) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Hendrik\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Hendrik\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\Links\Desktop.lnk -> C:\Users\Hendrik\Desktop () Shortcut: C:\Users\Hendrik\Links\Downloads.lnk -> C:\Users\Hendrik\Downloads () Shortcut: C:\Users\Hendrik\Links\RecentPlaces.lnk -> [::{22877A6D-37A1-461A-91B0-DBDA5AAEBC99}] Shortcut: C:\Users\Hendrik\Documents\MAGIX\Music Maker\_Demos.LNK -> C:\ProgramData\Magix\Music Maker\25\_Demos (Keine Datei) Shortcut: C:\Users\Hendrik\Desktop\Grand Theft Auto V.lnk -> E:\GTA V\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games) Shortcut: C:\Users\Hendrik\Desktop\Minecraft.lnk -> C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe (Mojang) Shortcut: C:\Users\Hendrik\Desktop\PBOManager v.1.4 beta.lnk -> C:\Users\Hendrik\AppData\Roaming\Microsoft\Installer\{0E3A79BF-E860-4371-8ABC-7AAEDD68DA0A}\_874CC01FA1E56E43D66A67.exe () Shortcut: C:\Users\Hendrik\Desktop\Piraten starten.lnk -> C:\Program Files (x86)\Piraten\piraten.exe (Ascaron Entertainment GmbH) Shortcut: C:\Users\Hendrik\Desktop\Sea of Thieves.lnk -> [LF4BEM84VAPPS1SPSMԆi<D*TFFF9Resources\Logo.pngAResources\SmallLogo.png1Sea of Thieves-1SPSwlE[([8װM1SPS0%G`1Sea of ThievesE1SPSU(Ly9K-]%Microsoft.SeaofThieves_8wekyb3d8bbwe:Microsoft.SeaofThieves_8wekyb3d8bbwe!AthenaClientShippingSC:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.74.9691.2_x64__8wekyb3d8bbwe}6Microsoft.SeaofThieves_2.74.9691.2_x64__8wekyb3d8bbwe11SPSmDpHH@.=xd'1SPSC@:s-yd4Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy] (Keine Datei) Shortcut: C:\Users\Hendrik\Desktop\Spotify.lnk -> C:\Users\Hendrik\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) Shortcut: C:\Users\Hendrik\Desktop\WarThunder.lnk -> D:\WarThunder\launcher.exe (Gaijin) Shortcut: C:\Users\Hendrik\Desktop\Programme\balenaEtcher.lnk -> C:\Users\Hendrik\AppData\Local\Programs\balena-etcher\balenaEtcher.exe (Balena Inc.) Shortcut: C:\Users\Hendrik\Desktop\Programme\BeckerCAD 10 Pro.lnk -> M:\BeckerCAD 10 Pro\Program\Bin\BeckerCAD.exe (DATA BECKER GmbH & Co.KG) Shortcut: C:\Users\Hendrik\Desktop\Programme\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.) Shortcut: C:\Users\Hendrik\Desktop\Programme\FileZilla.lnk -> C:\Program Files\FileZilla FTP Client\filezilla.exe (FileZilla Project) Shortcut: C:\Users\Hendrik\Desktop\Programme\Foxit Reader.lnk -> C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe (Keine Datei) Shortcut: C:\Users\Hendrik\Desktop\Programme\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation) Shortcut: C:\Users\Hendrik\Desktop\Programme\GIMP 2.10.8.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.10.exe (Keine Datei) Shortcut: C:\Users\Hendrik\Desktop\Programme\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Keine Datei) Shortcut: C:\Users\Hendrik\Desktop\Programme\GoPro Studio.lnk -> C:\Program Files (x86)\GoPro\Tools\GoPro Studio.exe () Shortcut: C:\Users\Hendrik\Desktop\Programme\ImgBurn.lnk -> C:\Program Files (x86)\ImgBurn\ImgBurn.exe (LIGHTNING UK!) Shortcut: C:\Users\Hendrik\Desktop\Programme\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\Desktop\Programme\Notepad++.lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO don.h@free.fr) Shortcut: C:\Users\Hendrik\Desktop\Programme\OBS Studio.lnk -> C:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe () Shortcut: C:\Users\Hendrik\Desktop\Programme\OpenOffice 4.1.1.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Keine Datei) Shortcut: C:\Users\Hendrik\Desktop\Programme\Repetier-Host.lnk -> C:\Program Files\Repetier-Host\RepetierHost.exe (Hot-World GmbH & Co. KG) Shortcut: C:\Users\Hendrik\Desktop\Programme\Spotify.lnk -> C:\Users\Hendrik\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) Shortcut: C:\Users\Hendrik\Desktop\Programme\Stream Deck.lnk -> C:\Program Files\Elgato\StreamDeck\StreamDeck.exe (Corsair Memory, Inc) Shortcut: C:\Users\Hendrik\Desktop\Programme\Streamlabs OBS.lnk -> C:\Program Files\Streamlabs OBS\Streamlabs OBS.exe (General Workings, Inc.) Shortcut: C:\Users\Hendrik\Desktop\Programme\TeamViewer 14.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) Shortcut: C:\Users\Hendrik\Desktop\Programme\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) Shortcut: C:\Users\Hendrik\Desktop\Programme\VMware Workstation 15 Player.lnk -> C:\Program Files (x86)\VMware\VMware Player\vmplayer.exe (VMware, Inc.) Shortcut: C:\Users\Hendrik\Desktop\Programme\Voicemod.lnk -> C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Keine Datei) Shortcut: C:\Users\Hendrik\Desktop\Programme\WinSCP.lnk -> C:\Program Files (x86)\WinSCP\WinSCP.exe (Martin Prikryl) Shortcut: C:\Users\Hendrik\Desktop\Programme\Tor Browser\Start Tor Browser.lnk -> C:\Users\Hendrik\Desktop\Tor Browser\Browser\firefox.exe (Keine Datei) Shortcut: C:\Users\Hendrik\Desktop\Desktop\PW_Banken - Verknüpfung.lnk -> C:\Users\Hendrik\Documents\PW_Banken () Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\balenaEtcher.lnk -> C:\Users\Hendrik\AppData\Local\Programs\balena-etcher\balenaEtcher.exe (Balena Inc.) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Hendrik\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk -> C:\Windows\System32\fodhelper.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Users\Hendrik\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk -> C:\Users\Hendrik\Desktop\Tor Browser\Browser\firefox.exe (Keine Datei) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Zoom.lnk -> C:\Users\Hendrik\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\War Thunder entfernen.lnk -> D:\WarThunder\unins000.exe () Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> D:\WarThunder\launcher.exe (Gaijin) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\UbisoftConnect\Ubisoft Connect.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftConnect.exe (Ubisoft) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\UbisoftConnect\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> C:\Users\Hendrik\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Grand Theft Auto V.lnk -> E:\GTA V\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Rockstar Games Launcher.lnk -> E:\RockStarLauncher\LauncherPatcher.exe (Rockstar Games) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PBO Manager\controls.lnk -> C:\Users\Hendrik\AppData\Roaming\Microsoft\Installer\{0E3A79BF-E860-4371-8ABC-7AAEDD68DA0A}\_CD563CB94BF2458756A232.exe () Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PBO Manager\PBOConsole v.1.4 beta.lnk -> C:\Users\Hendrik\AppData\Roaming\Microsoft\Installer\{0E3A79BF-E860-4371-8ABC-7AAEDD68DA0A}\_73590F9A25763F4F8565BA.exe () Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PBO Manager\PBOManager v.1.4 beta.lnk -> C:\Users\Hendrik\AppData\Roaming\Microsoft\Installer\{0E3A79BF-E860-4371-8ABC-7AAEDD68DA0A}\_57A4D983D541EBF67B2A77.exe () Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PBO Manager\version.lnk -> C:\Users\Hendrik\AppData\Roaming\Microsoft\Installer\{0E3A79BF-E860-4371-8ABC-7AAEDD68DA0A}\_CA64E588BACC80D7DC796F.exe () Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Far Cry 3.lnk -> [LF6"pH,R GFSITkjEK3lÚ^Fernab jeglicher Zivilisation liegt eine von Gewalt beherrschte Insel. Hier bist du gestrandet, mitten in einem blutigen Krieg zwischen wahnsinnigen Warlords und eingeborenen Rebellen, und die Mndung deiner Waffe stellt deine einzige berlebenschance dar. Entdecke die dunklen Geheimnisse der Insel und trage den Kampf zu deinen Feinden. Improvisiere, nutze deine Umgebung zu deinem Vorteil und sei vor allem schlauer als der Haufen skrupelloser Ausbeuter um dich herum. Lass dich von der Schnheit dieser Insel des Wahnsinns nicht tuschen & Glck allein wird nicht reichen, um hier lebend rauszukommen.(1SPSXFL8C&m] Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Hitman™ 2 Silent Assassin.lnk -> [LF6"pH,R GFSIS;FmoM'Hitman"! 2: Silent Assassin(1SPSXFL8C&m] Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Pinball.lnk -> C:\Program Files (x86)\Microsoft Games\Pinball\pinball.exe (Cinematronics) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive\ArmA 2\BattlEye\Uninstall BattlEye.lnk -> M:\SteamLibrary\steamapps\common\Arma 2\BattlEye\UnInstallBE.exe () Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Games\Space_Cadet_Table.lnk -> C:\Program Files\Plus!\Pinball\PINBALL.EXE (Cinematronics) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GIMP 2.10.8.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.10.exe (Keine Datei) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Keine Datei) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TeamSpeak 3 Client.lnk -> C:\Users\Hendrik\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\DayZLauncher.lnk -> C:\Program Files (x86)\DayZLauncher\DayZLauncher.exe (Keine Datei) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\TeamSpeak 3 Client.lnk -> C:\Users\Hendrik\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft) Shortcut: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\26c8e4b9a90483d\Rockstar Games Launcher.lnk -> E:\RockStarLauncher\Launcher.exe (Rockstar Games) Shortcut: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\Hendrik\AppData\Local\Microsoft\GFWLive\Logs\InstallLog.lnk -> C:\Users\Hendrik\AppData\Local\Microsoft\GFWLive\Install\Logs () Shortcut: C:\Users\Hendrik\AppData\Local\Microsoft\GFWLive\Install\Logs\ClientLog.lnk -> C:\Users\Hendrik\AppData\Local\Microsoft\GFWLive\Logs () Shortcut: C:\Users\Public\Desktop\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation) Shortcut: C:\Users\Public\Desktop\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes) Shortcut: C:\Users\Public\Desktop\STAR WARS Battlefront II.lnk -> S:\Origin\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts Inc.) Shortcut: C:\Users\Public\Desktop\Stream Deck.lnk -> C:\Program Files\Elgato\StreamDeck\StreamDeck.exe (Corsair Memory, Inc) Shortcut: C:\Users\Public\Desktop\VIVEPORT.lnk -> C:\Program Files (x86)\VIVE\PCClient\Vive.exe (HTC) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIVE Software\Uninstall.lnk -> C:\Program Files (x86)\VIVE\Updater\Updater.exe (HTC Corp.) -> -uninstall "VIVE Software" "C:\Program Files (x86)\VIVE" "VIVE_SOFTWARE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raise3D\ideaMaker\ideaMaker.lnk -> C:\Program Files\Raise3D\ideaMaker\ideaMaker.exe (Raise3D) -> C:\Program Files\Raise3D\ideaMaker\ideaMaker.exe ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\CADdy++ AddIn Code Wizard.lnk -> M:\BeckerCAD 10 Pro\Program\Python\pythonw.exe () -> M:\BeckerCAD 10 Pro\Program\Python\Tools\Wizard\AddInGenerator.py ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\IDLE - Standard Python Graphical User Interface.lnk -> M:\BeckerCAD 10 Pro\Program\Python\pythonw.exe () -> M:\BeckerCAD 10 Pro\Program\Python\lib\idlelib\idle.pyw ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\IPython - Advanced Python Console Interface.lnk -> M:\BeckerCAD 10 Pro\Program\Python\python.exe () -> M:\BeckerCAD 10 Pro\Program\Python\scripts\ipython-script.py ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\PyScripter - Integrated Development Environment.lnk -> M:\BeckerCAD 10 Pro\Program\Python\Tools\PyScripter\PyScripter.exe () -> --PYTHON27 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\PySlices - wxPython Advanced Python Shell.lnk -> M:\BeckerCAD 10 Pro\Program\Python\pythonw.exe () -> M:\BeckerCAD 10 Pro\Program\Python\Doc\wxPython\scripts\pyslices.pyw ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Python Module Documentation Browser.lnk -> M:\BeckerCAD 10 Pro\Program\Python\pythonw.exe () -> M:\BeckerCAD 10 Pro\Program\Python\lib\pydoc.py -g ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\winPDB - a Python Debugger.lnk -> M:\BeckerCAD 10 Pro\Program\Python\pythonw.exe () -> M:\BeckerCAD 10 Pro\Program\Python\Lib\site-packages\winpdb.py ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\wxGlade - a wxPython Gui Designer.lnk -> M:\BeckerCAD 10 Pro\Program\Python\pythonw.exe () -> M:\BeckerCAD 10 Pro\Program\Python\Tools\wxGlade\wxglade.pyw ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\wxPython XRC Resource Editor.lnk -> M:\BeckerCAD 10 Pro\Program\Python\pythonw.exe () -> M:\BeckerCAD 10 Pro\Program\Python\Doc\wxPython\scripts\xrced.pyw ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\CADdyPython\Documentation\wxPython\wxPython Demo Program.lnk -> M:\BeckerCAD 10 Pro\Program\Python\pythonw.exe () -> "M:\BeckerCAD 10 Pro\Program\Python\Doc\wxPython\demo\demo.pyw" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript\Ghostscript 9.53.3.LNK -> C:\Program Files\gs\gs9.53.3\bin\gswin64.exe () -> "-IC:\Program Files\gs\gs9.53.3\lib;C:\Program Files\gs\gs9.53.3\..\fonts" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elgato\Stream Deck\Deinstallieren.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {6144D800-5056-408B-954C-B066622BE490} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\RawCapConv NoPreview.lnk -> C:\Program Files (x86)\ExKode\Dxtory2.0\RawCapConv.exe (ExKode Co. Ltd.) -> /nopv ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion Desktop Wallpaper.lnk -> C:\Program Files (x86)\DisplayFusion\DisplayFusionCommand.exe (Binary Fortress Software) -> -windowwallpaper ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion Monitor Configuration.lnk -> C:\Program Files (x86)\DisplayFusion\DisplayFusionCommand.exe (Binary Fortress Software) -> -windowmonitorconfig ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion Settings.lnk -> C:\Program Files (x86)\DisplayFusion\DisplayFusionCommand.exe (Binary Fortress Software) -> -windowsettings ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AI Suite 3\Uninstall AI Suite 3.lnk -> C:\ProgramData\ASUS\AI Suite III\Setup.exe () -> -u ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology\ASM106x SATA Driver\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {61942EF5-2CD8-47D4-869C-2E9A8BB085F1} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascaron\Piraten\Piraten mit Standard-Cursor starten.lnk -> C:\Program Files (x86)\Piraten\piraten.exe (Ascaron Entertainment GmbH) -> /defaultcursor ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E} ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\Hendrik\Desktop\Microsoft Teams.lnk -> C:\Users\Hendrik\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe" ShortcutWithArgument: C:\Users\Hendrik\Desktop\Programme\Discord.lnk -> C:\Users\Hendrik\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe ShortcutWithArgument: C:\Users\Hendrik\Desktop\Programme\DisplayFusion.lnk -> C:\Program Files (x86)\DisplayFusion\DisplayFusionCommand.exe (Binary Fortress Software) -> -windowsettings ShortcutWithArgument: C:\Users\Hendrik\Desktop\Programme\ideaMaker.lnk -> C:\Program Files\Raise3D\ideaMaker\ideaMaker.exe (Raise3D) -> C:\Program Files\Raise3D\ideaMaker\ideaMaker.exe ShortcutWithArgument: C:\Users\Hendrik\Desktop\Programme\Microsoft Teams.lnk -> C:\Users\Hendrik\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe" ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk -> C:\Users\Hendrik\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe" ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\Hendrik\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Video Communications, Inc.) -> /uninstall ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\Logs and errors.lnk -> D:\WarThunder\.game_logs () -> cd ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\Replays.lnk -> D:\WarThunder\Replays () -> cd ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\Screenshots.lnk -> D:\WarThunder\Screenshots () -> cd ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net\Wargaming.net Game Center.lnk -> C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming.net) -> ' ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net\World_of_Warships_Eu\World_of_Warships_Eu deinstallieren.lnk -> M:\World_of_Warships\wgc_api.exe (Wargaming) -> --uninstall ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net\World_of_Warships_Eu\World_of_Warships_Eu.lnk -> M:\World_of_Warships\wgc_api.exe (Wargaming) -> --open ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc\Discord.lnk -> C:\Users\Hendrik\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\SendTo\WinSCP (zum hochladen).lnk -> C:\Program Files (x86)\WinSCP\WinSCP.exe (Martin Prikryl) -> /upload ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Discord.lnk -> C:\Users\Hendrik\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe ShortcutWithArgument: C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E} ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Hendrik\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimaker Cura\Development Resources.url -> URL: hxxps://github.com/ultimaker/cura InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimaker Cura\Online Documentation.url -> URL: hxxps://ultimaker.com/en/support/software InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Markt+Technik\BeckerCAD 10 Pro\Markt+Technik im Internet.url -> URL: hxxp://www.mut.de InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion on the Web.url -> URL: hxxps://www.displayfusion.com InternetURL: C:\Users\Hendrik\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142 InternetURL: C:\Users\Hendrik\Favorites\Windows Live\Windows Live Gallery.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=70742 InternetURL: C:\Users\Hendrik\Favorites\Windows Live\Windows Live Ideas.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72700 InternetURL: C:\Users\Hendrik\Favorites\Windows Live\Windows Live Mail.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72681 InternetURL: C:\Users\Hendrik\Favorites\Windows Live\Windows Live Spaces.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72682 InternetURL: C:\Users\Hendrik\Favorites\MSN-Websites\MSN Auto.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72680 InternetURL: C:\Users\Hendrik\Favorites\MSN-Websites\MSN Fernsehen.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72659 InternetURL: C:\Users\Hendrik\Favorites\MSN-Websites\MSN Money.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72640 InternetURL: C:\Users\Hendrik\Favorites\MSN-Websites\MSN Nachrichten.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72636 InternetURL: C:\Users\Hendrik\Favorites\MSN-Websites\MSN Sport.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72635 InternetURL: C:\Users\Hendrik\Favorites\MSN-Websites\MSN.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72630 InternetURL: C:\Users\Hendrik\Favorites\Microsoft-Websites\IE-Site auf Microsoft.com.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72186 InternetURL: C:\Users\Hendrik\Favorites\Microsoft-Websites\Microsoft Deutschland GmbH.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72520 InternetURL: C:\Users\Hendrik\Favorites\Microsoft-Websites\Microsoft Store.url -> URL: hxxp://go.microsoft.com/fwlink/?linkid=140813 InternetURL: C:\Users\Hendrik\Favorites\Microsoft-Websites\Microsoft Windows - Start.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72629 InternetURL: C:\Users\Hendrik\Favorites\Microsoft-Websites\Microsoft zu Hause.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72406 InternetURL: C:\Users\Hendrik\Favorites\Microsoft-Websites\Microsoft.com durchsuchen.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72893 InternetURL: C:\Users\Hendrik\Favorites\Microsoft-Websites\Site für IE Add-Ons.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=50893 InternetURL: C:\Users\Hendrik\Favorites\Links\Vorgeschlagene Sites.url -> URL: hxxps://ieonline.microsoft.com/#ieslice InternetURL: C:\Users\Hendrik\Favorites\Links\Web Slice-Katalog.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=121315 InternetURL: C:\Users\Hendrik\Desktop\Age of Empires II (2013).url -> URL: steam://rungameid/221380 InternetURL: C:\Users\Hendrik\Desktop\Among Us.url -> URL: steam://rungameid/945360 InternetURL: C:\Users\Hendrik\Desktop\ARK Survival Evolved.url -> URL: steam://rungameid/346110 InternetURL: C:\Users\Hendrik\Desktop\Arma 3 Tools.url -> URL: steam://rungameid/233800 InternetURL: C:\Users\Hendrik\Desktop\Arma 3.url -> URL: steam://rungameid/107410 InternetURL: C:\Users\Hendrik\Desktop\Assassin's Creed Valhalla.url -> URL: uplay://launch/13504/0 InternetURL: C:\Users\Hendrik\Desktop\Counter-Strike Global Offensive.url -> URL: steam://rungameid/730 InternetURL: C:\Users\Hendrik\Desktop\Crusader Kings III.url -> URL: steam://rungameid/1158310 InternetURL: C:\Users\Hendrik\Desktop\Fall Guys.url -> URL: steam://rungameid/1097150 InternetURL: C:\Users\Hendrik\Desktop\Farming Simulator 19.url -> URL: steam://rungameid/787860 InternetURL: C:\Users\Hendrik\Desktop\Golf With Your Friends.url -> URL: steam://rungameid/431240 InternetURL: C:\Users\Hendrik\Desktop\Minion Masters.url -> URL: steam://rungameid/489520 InternetURL: C:\Users\Hendrik\Desktop\PAYDAY 2.url -> URL: steam://rungameid/218620 InternetURL: C:\Users\Hendrik\Desktop\Raft.url -> URL: steam://rungameid/648800 InternetURL: C:\Users\Hendrik\Desktop\Sid Meier's Civilization VI.url -> URL: com.epicgames.launcher://apps/Kinglet?action=launch&silent=true InternetURL: C:\Users\Hendrik\Desktop\STAR WARS™ Jedi Knight Jedi Academy™.url -> URL: steam://rungameid/6020 InternetURL: C:\Users\Hendrik\Desktop\Stardew Valley.url -> URL: steam://rungameid/413150 InternetURL: C:\Users\Hendrik\Desktop\SteamVR.url -> URL: steam://rungameid/250820 InternetURL: C:\Users\Hendrik\Desktop\The Forest.url -> URL: steam://rungameid/242760 InternetURL: C:\Users\Hendrik\Desktop\The Settlers 2 - History Edition.url -> URL: uplay://launch/11783/0 InternetURL: C:\Users\Hendrik\Desktop\Valheim.url -> URL: steam://rungameid/892970 InternetURL: C:\Users\Hendrik\Desktop\World War 3.url -> URL: steam://rungameid/674020 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Settlers 2 - History Edition.url -> URL: uplay://launch/11783/0 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TSHE2 - Map Editor (english).url -> URL: uplay://launch/11783/1 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TSHE2 - Map Editor (french).url -> URL: uplay://launch/11783/2 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TSHE2 - Map Editor (german).url -> URL: uplay://launch/11783/4 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TSHE2 - Config.url -> URL: uplay://launch/11783/3 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\Internet Game Website.url -> URL: hxxp://www.warthunder.com InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Age of Empires II (2013).url -> URL: steam://rungameid/221380 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Age of Empires II HD Edition.url -> URL: steam://rungameid/221380 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Among Us.url -> URL: steam://rungameid/945360 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\ARK Survival Evolved.url -> URL: steam://rungameid/346110 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Arma 3 Tools.url -> URL: steam://rungameid/233800 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Arma 3.url -> URL: steam://rungameid/107410 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Counter-Strike Global Offensive.url -> URL: steam://rungameid/730 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Crusader Kings III.url -> URL: steam://rungameid/1158310 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\DisplayFusion.url -> URL: steam://rungameid/227260 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Fall Guys.url -> URL: steam://rungameid/1097150 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Farming Simulator 19.url -> URL: steam://rungameid/787860 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Golf With Your Friends.url -> URL: steam://rungameid/431240 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Minion Masters.url -> URL: steam://rungameid/489520 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\PAYDAY 2.url -> URL: steam://rungameid/218620 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\PLAYERUNKNOWN'S BATTLEGROUNDS (Beta).url -> URL: steam://rungameid/459430 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Raft.url -> URL: steam://rungameid/648800 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\STAR WARS™ Jedi Knight Jedi Academy™.url -> URL: steam://rungameid/6020 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Stardew Valley.url -> URL: steam://rungameid/413150 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\SteamVR.url -> URL: steam://rungameid/250820 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\The Forest.url -> URL: steam://rungameid/242760 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\theHunter Call of the Wild.url -> URL: steam://rungameid/518790 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Tom Clancy's Splinter Cell.url -> URL: steam://rungameid/13560 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Valheim.url -> URL: steam://rungameid/892970 InternetURL: C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\World War 3.url -> URL: steam://rungameid/674020 ==================== Ende vom Shortcut.txt ============================= |
20.04.2021, 10:52 | #17 |
| W10: Firefox, automatischer Aufruf von craccoon.com Addition:
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-04-2021 durchgeführt von Hendrik (20-04-2021 11:44:46) Gestartet von C:\Users\Hendrik\Downloads Windows 10 Pro Version 20H2 19042.928 (X64) (2020-08-29 10:49:43) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-256580667-2295068177-2157506718-500 - Administrator - Disabled) ASPNET (S-1-5-21-256580667-2295068177-2157506718-1004 - Limited - Enabled) DefaultAccount (S-1-5-21-256580667-2295068177-2157506718-503 - Limited - Disabled) Gast (S-1-5-21-256580667-2295068177-2157506718-501 - Limited - Disabled) Hendrik (S-1-5-21-256580667-2295068177-2157506718-1000 - Administrator - Enabled) => C:\Users\Hendrik HomeGroupUser$ (S-1-5-21-256580667-2295068177-2157506718-1002 - Limited - Enabled) WDAGUtilityAccount (S-1-5-21-256580667-2295068177-2157506718-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) . . . (HKLM\...\{F1EF6C33-1EAF-489E-A344-2838ECC22D47}) (Version: 2.1.28.3 - Intel) Hidden . . . (HKLM-x32\...\{73A43153-E77E-45E6-A18F-E549F8EB5664}) (Version: 2.7.1.1 - Intel) Hidden 3D Pinball from Plus! for Windows 95 (HKLM-x32\...\Pinball) (Version: - ) A3Launcher version 0.1.6.3 (HKLM-x32\...\{1E29A86E-9AE2-4CD8-74C8-6B170ED3C4D2}_is1) (Version: 0.1.6.3 - Maca134) AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 3.00.13 - ASUSTeK Computer Inc.) Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology) Assassin's Creed Valhalla (HKLM-x32\...\Uplay Install 13504) (Version: - Ubisoft) ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.22 - ASUSTeK Computer Inc.) Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG) balenaEtcher 1.5.19 (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.19 - Balena Inc.) BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - ) BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - ) Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.5.1 - Broadcom Corporation) Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: - ) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: - ) Hidden Cisco Webex Meetings (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\ActiveTouchMeetingClient) (Version: - Cisco Webex LLC) Connect (HKLM-x32\...\MAGIX_connector_is1) (Version: 2.6.1.117 - MAGIX Software GmbH) Corel Graphics - Windows Shell Extension (HKLM\...\_{340C451C-F2FD-4309-B259-580FD5E44025}) (Version: 18.1.0.661 - Corel Corporation) Corel Graphics - Windows Shell Extension (HKLM\...\{340C451C-F2FD-4309-B259-580FD5E44025}) (Version: 18.1.661 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{B86D7255-2418-45F1-A36F-7E1FF617550C}) (Version: 18.1.661 - Corel Corporation) Hidden Corsair LINK 4 (HKLM-x32\...\{40036d0c-634b-4fc0-be89-13343b4bea96}) (Version: 4.9.7.35 - Corsair Components, Inc.) Corsair LINK 4 (HKLM-x32\...\{D97F4B31-5A7D-4A07-AC85-16D64FAB93E1}) (Version: 4.9.7.35 - Corsair Components, Inc.) Hidden CutePDF Writer (HKLM\...\CutePDF Writer Installation) (Version: 4.0 - Acro Software Inc.) Dassault Systemes Software VC9 Prerequisites x86-x64 (HKLM\...\{F2F2DEA7-36AB-4E13-907C-D8BDE775EF97}) (Version: 9.1.2 - Dassault Systemes) Discord (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\Discord) (Version: 0.0.309 - Discord Inc.) DisplayFusion 9.7.1 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 9.7.1.0 - Binary Fortress Software) DVD Architect (HKLM-x32\...\{AE5673AE-051A-11E8-B441-525400FA7F17}) (Version: 7.0.84 - VEGAS) Dxtory version 2.0.142 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.142 - ExKode Co. Ltd.) Elgato Stream Deck (HKLM\...\{6144D800-5056-408B-954C-B066622BE490}) (Version: 4.9.3.13222 - Elgato Systems GmbH) Epic Games Launcher (HKLM-x32\...\{A5A6A747-393C-4B28-AB7B-2DE2BA7F7D73}) (Version: 1.1.267.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden EPSON BX305 Plus Series Printer Uninstall (HKLM\...\EPSON BX305 Plus Series) (Version: - SEIKO EPSON Corporation) FileZilla Client 3.52.2 (HKLM-x32\...\FileZilla Client) (Version: 3.52.2 - Tim Kosse) GameInput Redistributable (HKLM-x32\...\{6710BAE4-C559-9D3C-DADB-464879F18148}) (Version: 10.1.19041.3225 - Microsoft Corporation) Google Earth Pro (HKLM-x32\...\{59F21DFB-6977-434B-9CB9-67783D6E7B6B}) (Version: 7.3.3.7786 - Google) GoPro Studio (HKLM-x32\...\{15FAF1DC-3F11-40B6-9B2D-7051BD51DD87}) (Version: 5.10.4643 - GoPro, Inc.) Hidden GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.) GoToMeeting 10.16.0.19598 (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\GoToMeeting) (Version: 10.16.0.19598 - LogMeIn, Inc.) GPL Ghostscript (HKLM\...\GPL Ghostscript 9.53.3) (Version: 9.53.3 - Artifex Software Inc.) Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2245.0 - Rockstar Games) ideaMaker 4.0.1.4802 (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\ideaMaker) (Version: 4.0.1.4802 - Raise3D) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation) Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 27.20.100.7989 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation) Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden Intel® Driver Update Utility (HKLM-x32\...\{29539bc2-b48e-4b56-93e8-420e38a6d551}) (Version: 2.7.1.1 - Intel) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - ) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Logitech Capture (HKLM\...\Capture) (Version: 2.04.13 - Logitech) Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech) Logitech Gaming Software 8.74 (HKLM\...\Logitech Gaming Software) (Version: 8.74.80 - Logitech Inc.) Magnet Engine (x86) (HKLM-x32\...\{E67D365E-54A2-4319-A7BB-849BE8FD8970}) (Version: 1.4.10.7 - HTC Corp.) Hidden Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes) Markt+Technik BeckerCAD 10 Pro (HKLM-x32\...\{350FD117-23A9-4872-8B4E-3D91B854E1CF}_is1) (Version: 10.0.0.0 - Markt+Technik Verlag GmbH) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.77 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 89.0.774.77 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\Teams) (Version: 1.4.00.2879 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Mozilla Firefox 87.0 (x64 de) (HKLM\...\Mozilla Firefox 87.0 (x64 de)) (Version: 87.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 87.0.0.7747 - Mozilla) Mozilla Thunderbird 78.8.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 78.8.1 (x86 de)) (Version: 78.8.1 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) NewBlue Vegas Pro Complete (HKLM-x32\...\NewBlue Vegas Pro Complete) (Version: 1.0 - NewBlue) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team) NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation) NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation) NVIDIA Grafiktreiber 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation) NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 10.5.90.45798 - Electronic Arts, Inc.) Paradox Launcher v2 (HKLM\...\{A8D4AE16-519B-409D-B5B4-2647C06805AD}) (Version: 2.0.3.0 - Paradox Interactive) PBO Manager v.1.4 beta (HKLM-x32\...\{0E3A79BF-E860-4371-8ABC-7AAEDD68DA0A}) (Version: 1.4.0 - ) Piraten (HKLM-x32\...\Piraten_is1) (Version: - ) proDAD Mercalli NLE 4.0 (64bit) (HKLM\...\proDAD-MercalliPlugins-4.0) (Version: 4.0.471.1 - proDAD GmbH) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Quik (HKLM\...\{DA17DAC7-5559-46CF-BF8F-737BC4B7ED14}) (Version: 0.1.4643 - GoPro, Inc.) Hidden Quik (HKLM-x32\...\{71fc4e33-8ac1-4b21-8cb5-040ce8986c4e}) (Version: 2.0.0.4643 - GoPro, Inc.) RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - Sector3 Studios) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.) Repetier-Host Version 1.0.5 (HKLM\...\{1143F758-929B-4EEB-8784-46CCB622F037}_is1) (Version: 1.0.5 - repetier) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.37.349 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.1 - Rockstar Games) Sennheiser Audio (HKLM\...\Sennheiser Game Dongle) (Version: 1.31.35.10 - Sennheiser) Sennheiser Audio (HKLM-x32\...\{1CAB4BF9-BDFF-4FDA-9633-F22EEB518488}) (Version: 1.0.15.0 - Sennheiser) Spotify (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\Spotify) (Version: 1.1.56.595.g2d2da0de - Spotify AB) STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.8.16162 - Electronic Arts) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Streamlabs OBS 0.16.3 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.16.3 - General Workings, Inc.) TeamSpeak 3 Client (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer) thesettlers2 (HKLM-x32\...\Uplay Install 11783) (Version: - Ubisoft) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 38.2 - Ubisoft) Ultimaker Cura 3.5 (HKLM-x32\...\Ultimaker Cura 3.5) (Version: 3.5.1 - Ultimaker) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden VEGAS Pro 14.0 (64-bit) (HKLM\...\{8C4D3D00-4FB0-11E7-8E8D-A9EF5249FCEF}) (Version: 14.0.270 - VEGAS) VFW_Codec32 (HKLM-x32\...\{3F85CA55-7192-40E6-9EF1-60228D45DED3}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden VFW_Codec64 (HKLM\...\{1D540D0B-A42E-4C6F-9B55-EEC232F080C1}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden VIVE Software (HKLM-x32\...\VIVE Software) (Version: 1.0.8.161 - HTC) VIVEPORT (HKLM-x32\...\VIVEPORT) (Version: 1.0.9.202 - HTC) VIVEPORT Desktop (HKLM-x32\...\{def76cd7-cdbd-4919-8912-6d70b7fafdcd}) (Version: 1.4.10.7 - HTC Corp.) Hidden VIVEPORT Desktop (x86) (HKLM-x32\...\{DEF64A82-DD6A-4199-A874-93E8ABAB51C9}) (Version: 1.4.10.7 - HTC Corp.) Hidden VIVEPORT Diagnosis (HKLM-x32\...\{80fb4b44-f420-4ad8-9854-703b730bc391}) (Version: 1.2.3.2 - HTC Corp.) VIVEPORT Diagnosis (x86) (HKLM-x32\...\{882E4EC7-5D28-4D46-AE09-20FB485645BB}) (Version: 1.2.3.2 - HTC Corp.) Hidden VIVEPORT DirectX 9.0 (HKLM-x32\...\{4b01ac5b-340e-4644-828b-0882c8255a4e}) (Version: 1.2.0.3 - HTC Corp.) Hidden VIVEPORT DirectX 9.0 (x86/x64) (HKLM-x32\...\{9D42F21E-7CFA-4C87-99FD-C81CFFCB12E5}) (Version: 1.2.0.3 - HTC Corp.) Hidden VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN) Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden War Thunder Launcher 1.0.3.251 (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment) Wargaming.net Game Center (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\Wargaming.net Game Center) (Version: 21.1.1.4281 - Wargaming.net) Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation) Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) Windows-Treiberpaket - Adafruit Industries LLC (usbser) Ports (02/25/2016 6.2.2600.0) (HKLM\...\1245A5961AC9D2C18ADF9EEC931D77E059B7F74E) (Version: 02/25/2016 6.2.2600.0 - Adafruit Industries LLC) Windows-Treiberpaket - Arduino LLC (www.arduino.cc) Arduino USB Driver (11/24/2015 1.2.3.0) (HKLM\...\8B585560B248755A6C5A24D5C0F50FA998310883) (Version: 11/24/2015 1.2.3.0 - Arduino LLC (www.arduino.cc)) Windows-Treiberpaket - Arduino LLC (www.arduino.cc) Genuino USB Driver (01/07/2016 1.0.3.0) (HKLM\...\EC414D98E2986DCA1628FAED2163CD1C9A4ED7EC) (Version: 01/07/2016 1.0.3.0 - Arduino LLC (www.arduino.cc)) Windows-Treiberpaket - Arduino Srl (www.arduino.org) Arduino USB Driver (03/19/2015 1.1.1.0) (HKLM\...\69E507459B453D69A453EFC9E461FAE1E073408A) (Version: 03/19/2015 1.1.1.0 - Arduino Srl (www.arduino.org)) Windows-Treiberpaket - Corsair Components, Inc. (SIUSBXP) USB (07/14/2010 3.3) (HKLM\...\9D216BBD7DABB6A9E6F4F1D85E06CDFF9EA816FE) (Version: 07/14/2010 3.3 - Corsair Components, Inc.) Windows-Treiberpaket - Corsair Components, Inc. (SIUSBXP) USB (07/14/2017 3.3) (HKLM\...\A2206C09905C467F30CB24DCBB49F056D7F0A290) (Version: 07/14/2017 3.3 - Corsair Components, Inc.) Windows-Treiberpaket - libusb-win32 (libusb0) libusb-win32 devices (04/21/2015 1.0.0.0) (HKLM\...\28E91B69CA377EB48D6E1B92C37F897036E8A818) (Version: 04/21/2015 1.0.0.0 - libusb-win32) Windows-Treiberpaket - Linino (usbser) Ports (01/13/2014 1.0.0.0) (HKLM\...\A2C084AD4515675961A87E71B10E80E4FDCF7FAA) (Version: 01/13/2014 1.0.0.0 - Linino) World of Warships ModStation (HKLM\...\{A8151413-D738-4556-BAC3-6344FA961EF2}_is1) (Version: 2.1.0.2 - Wargaming.net) World_of_Warships_Eu (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\WOWS.EU.PRODUCTION) (Version: - Wargaming.net) Zoom (HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.) Packages: ========= Intel® Grafik-Kontrollraum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt [2020-12-31] (INTEL CORP) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad] Sea of Thieves -> C:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.100.2734.2_x64__8wekyb3d8bbwe [2021-04-16] (ms-resource:PublisherDisplayName) WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-07-25] (Microsoft Corporation) Xbox Insider Hub -> C:\Program Files\WindowsApps\Microsoft.FlightDashboard_477.2102.26001.0_x64__8wekyb3d8bbwe [2021-03-03] (Microsoft Corporation) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-256580667-2295068177-2157506718-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Hendrik\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-256580667-2295068177-2157506718-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Hendrik\AppData\Local\GoToMeeting\17359\G2MOutlookAddin64.dll => Keine Datei ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-11-27] (Notepad++ -> ) ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Player\vmdkShellExt.dll [2019-11-04] (VMware, Inc. -> VMware, Inc.) ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Player\x64\vmdkShellExt64.dll [2019-11-04] (VMware, Inc. -> VMware, Inc.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-20] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Keine Datei ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-20] (Malwarebytes Corporation -> Malwarebytes) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [Datei ist nicht signiert] HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\system32\CFHD.dll [1334784 2016-12-02] (CineForm Inc.) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.xtor] => C:\WINDOWS\system32\DxtoryCodec.dll [2606144 2015-08-10] (ExKode Co.Ltd. -> ExKode Co. Ltd.) HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [Datei ist nicht signiert] HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\SysWOW64\CFHD.dll [1119744 2016-12-02] (CineForm Inc.) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.xtor] => C:\WINDOWS\System32\DxtoryCodec.dll [2606144 2015-08-10] (ExKode Co.Ltd. -> ExKode Co. Ltd.) ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2018-05-31 12:29 - 2017-10-29 19:15 - 000147456 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll 2018-05-31 12:29 - 2017-11-24 08:48 - 000961536 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccToolHelper.dll 2018-05-31 12:29 - 2017-11-24 08:48 - 000743424 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll 2018-05-31 12:16 - 2017-12-26 15:26 - 000053248 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AXSP\4.00.01\cpuutil.dll 2018-05-31 12:29 - 2017-11-27 11:57 - 000062464 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\VGA COM\2.00.03\Exeio.dll 2018-05-31 12:29 - 2017-11-27 11:57 - 001772544 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\VGA COM\2.00.03\Vender.dll 2020-06-30 10:55 - 2019-08-15 18:13 - 001265664 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\DisplayFusion\runtimes\win-x64\native\e_sqlite3.dll 2020-09-24 18:21 - 2020-09-24 18:21 - 000038400 _____ () [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\giflib5.dll 2020-09-24 18:21 - 2020-09-24 18:21 - 000098816 _____ () [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\QtZeroConf.dll 2020-09-24 18:21 - 2020-09-24 18:21 - 000720384 _____ () [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\turbojpeg.dll 2018-05-31 12:29 - 2017-10-29 19:15 - 000108544 _____ (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsAcpi.dll 2018-05-31 12:29 - 2017-10-29 19:15 - 000108544 _____ (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\asacpi.dll 2018-05-31 12:29 - 2017-11-24 08:47 - 000108544 _____ (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpi.dll 2018-05-31 12:16 - 2021-04-20 07:21 - 000038696 _____ (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AXSP\4.00.01\PEbiosinterface32.dll 2018-05-31 12:29 - 2017-10-29 19:15 - 000676864 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\asacpiEx.dll 2018-05-31 12:29 - 2017-10-29 19:15 - 000221184 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsMultiLang.dll 2018-05-31 12:29 - 2017-10-29 19:15 - 000676864 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\asacpiEx.dll 2018-05-31 12:29 - 2017-11-24 08:47 - 000221184 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\AsMultiLang.dll 2018-05-31 12:29 - 2017-11-24 08:47 - 000676864 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpiEx.dll 2018-05-31 12:29 - 2017-05-03 02:17 - 000106496 _____ (ASUSTek Computer Inc.,) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\VGA COM\2.00.03\EIO.DLL 2018-03-29 17:56 - 2018-03-29 17:56 - 001272832 _____ (CPUID) [Datei ist nicht signiert] C:\Program Files (x86)\CorsairLink4\cpuidsdk.dll 2020-08-29 12:40 - 2020-08-29 12:40 - 001654784 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL 2020-08-29 12:41 - 2020-08-29 12:41 - 000054272 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\MFC80DEU.DLL 2018-02-26 13:56 - 2018-02-26 13:56 - 000090112 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\CorsairLink4\SiUSBXp.dll 2020-09-24 18:21 - 2020-09-24 18:21 - 001742848 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\sqlite3.dll 2020-09-24 18:21 - 2020-09-24 18:21 - 002696704 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\libcrypto-1_1-x64.dll 2020-09-24 18:21 - 2020-09-24 18:21 - 000642560 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\libssl-1_1-x64.dll 2018-05-31 12:29 - 2017-10-29 19:15 - 000076288 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qgifd.dll 2018-05-31 12:29 - 2017-10-29 19:15 - 000097280 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qicnsd.dll 2018-05-31 12:29 - 2017-10-29 19:15 - 000077312 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qicod.dll 2018-05-31 12:29 - 2017-10-29 19:15 - 000432640 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qjpegd.dll 2018-05-31 12:29 - 2017-10-29 19:15 - 000058880 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qsvgd.dll 2018-05-31 12:29 - 2017-10-29 19:15 - 000058880 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qtgad.dll 2018-05-31 12:29 - 2017-10-29 19:15 - 000574976 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qtiffd.dll 2018-05-31 12:29 - 2017-10-29 19:15 - 000058368 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qwbmpd.dll 2018-05-31 12:29 - 2017-10-29 19:15 - 000844800 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qwebpd.dll 2018-05-31 12:29 - 2017-10-29 19:15 - 002932736 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\platforms\qwindowsd.dll 2018-05-31 12:29 - 2017-10-29 19:15 - 009541632 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Cored.dll 2018-05-31 12:29 - 2017-10-29 19:15 - 010430464 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Guid.dll 2018-05-31 12:29 - 2017-10-29 19:15 - 000557056 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Svgd.dll 2018-05-31 12:29 - 2017-10-29 19:15 - 008565248 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Widgetsd.dll 2018-05-31 12:29 - 2017-10-29 19:15 - 000299520 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Xmld.dll 2018-05-31 12:29 - 2017-12-20 05:01 - 000193536 _____ (TODO: <Company name>) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\ASUS\VGA COM\2.00.03\AsusGpuTweak.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== SearchScopes: HKU\S-1-5-21-256580667-2295068177-2157506718-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms} BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Program Files (x86)\Avira\Browser Safety\Avira Browser Safety.dll [2015-03-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Program Files (x86)\Avira\Browser Safety\Avira Browser Safety.dll [2015-03-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\localhost -> localhost ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2017-09-29 15:46 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-256580667-2295068177-2157506718-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Hendrik\AppData\Local\DisplayFusion\Wallpaper_1.png DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei) ist aktiviert. Network Binding: ============= VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled) Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled) VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled) ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKLM\...\StartupApproved\Run: => "GoPro Tray App" HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad" HKLM\...\StartupApproved\Run32: => "Opera Browser Assistant" HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\StartupApproved\StartupFolder: => "Voicemeeter Potato.LNK" HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\StartupApproved\Run: => "World of Warships" HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\StartupApproved\Run: => "World of Warships (1)" HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-256580667-2295068177-2157506718-1000\...\StartupApproved\Run: => "Gaijin.Net Updater" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{27BB23D1-DCDA-4018-A043-BE589AA655BE}] => (Allow) S:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{14C47663-AD11-41F7-AA58-85F45EB3D440}] => (Allow) S:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{43486453-B4EA-4E77-BB45-B5878F7648C0}] => (Allow) M:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => Keine Datei FirewallRules: [{B236D2E1-D79B-4D72-AA35-595B25BE23F2}] => (Allow) M:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => Keine Datei FirewallRules: [UDP Query User{2A236745-C4FB-4A9E-A4C9-77F264F5FE41}M:\steamlibrary\steamapps\common\hideandshriek\hideandshriek\binaries\win64\hideandshriek-win64-shipping.exe] => (Allow) M:\steamlibrary\steamapps\common\hideandshriek\hideandshriek\binaries\win64\hideandshriek-win64-shipping.exe => Keine Datei FirewallRules: [TCP Query User{6A04FB53-A78B-4FD3-B3E3-4CDB1B8A1608}M:\steamlibrary\steamapps\common\hideandshriek\hideandshriek\binaries\win64\hideandshriek-win64-shipping.exe] => (Allow) M:\steamlibrary\steamapps\common\hideandshriek\hideandshriek\binaries\win64\hideandshriek-win64-shipping.exe => Keine Datei FirewallRules: [{9C4ABF41-D23A-4EFE-9AD4-D5E39308ED52}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{8A4763D6-B1F8-472C-A22C-D4609C31401B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{18740AF9-7069-408B-826C-8AA4EEE9CDE5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{4A3CBC89-9C1B-47F8-BDE3-8213C7EBBE53}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [UDP Query User{C3C4098C-7393-4746-9F19-21231DFFFE14}E:\rsi\starcitizen\live\bin64\starcitizen.exe] => (Allow) E:\rsi\starcitizen\live\bin64\starcitizen.exe => Keine Datei FirewallRules: [TCP Query User{0EAB5ACA-CA1D-4BB7-B9C8-FE1B2970CA82}E:\rsi\starcitizen\live\bin64\starcitizen.exe] => (Allow) E:\rsi\starcitizen\live\bin64\starcitizen.exe => Keine Datei FirewallRules: [UDP Query User{EB776F69-C589-4E2C-B8C7-5A2A45E52B46}C:\users\hendrik\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hendrik\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{6977A6DE-59AF-467E-BF59-94620A7EDF49}C:\users\hendrik\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hendrik\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{0210B1C7-8068-4EC1-A5CA-1E0BC86094E4}] => (Allow) M:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert] FirewallRules: [{792F8ABD-38EF-4878-9876-CABF5BEFA3BB}] => (Allow) M:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{7CF02A12-8C31-47E5-AA72-13BB20EE9604}E:\gta v\grand theft auto v\gta5.exe] => (Allow) E:\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{AE8019D4-F690-4C19-BB83-58F0F82C7D44}E:\gta v\grand theft auto v\gta5.exe] => (Allow) E:\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{24BDE374-A5F8-41CA-98CD-F2BDEB687E20}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei FirewallRules: [TCP Query User{EF04B406-EDE4-459B-8E7E-A4C4BA2DFC9C}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei FirewallRules: [UDP Query User{0BF00B15-C4C0-4A63-AD4B-F737AC3340DE}M:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe] => (Allow) M:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe => Keine Datei FirewallRules: [TCP Query User{9B09C0C4-344D-4B7E-9465-5BBFECD6B67E}M:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe] => (Allow) M:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe => Keine Datei FirewallRules: [{21C7CAF0-20A1-4736-9B06-2DEDBFED1933}] => (Allow) M:\SteamLibrary\steamapps\common\theHunter\launcher\launcher.exe => Keine Datei FirewallRules: [{C68CD40B-31E2-4F73-BF2E-D85E0A01EDCF}] => (Allow) M:\SteamLibrary\steamapps\common\theHunter\launcher\launcher.exe => Keine Datei FirewallRules: [UDP Query User{D981039B-C829-4BAC-B4BC-B36FFFD4BE5E}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [TCP Query User{FAF1D954-BFA5-42B6-BE0A-1A8459D5EEFA}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [UDP Query User{C36927CD-B758-4997-B539-714714F10BB9}S:\origin\battlefield 4\bf4.exe] => (Allow) S:\origin\battlefield 4\bf4.exe => Keine Datei FirewallRules: [TCP Query User{9D51B42F-7A70-48D8-B495-FE5F0C995E4E}S:\origin\battlefield 4\bf4.exe] => (Allow) S:\origin\battlefield 4\bf4.exe => Keine Datei FirewallRules: [{1889F816-3DF4-4AFF-84A3-6B16BF730E18}] => (Allow) M:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => Keine Datei FirewallRules: [{945A1E54-4C0C-43DE-993D-94710CF8CA45}] => (Allow) M:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => Keine Datei FirewallRules: [{4A4E810A-03A1-4E13-87DE-DABEE97F3516}] => (Allow) M:\SteamLibrary\steamapps\common\raceroom racing experience\Game\RRRE.exe => Keine Datei FirewallRules: [{D041CDBB-8A84-49B6-95F4-72D4AE0599B7}] => (Allow) M:\SteamLibrary\steamapps\common\raceroom racing experience\Game\RRRE.exe => Keine Datei FirewallRules: [{3177D3AC-B63E-4ADB-977F-6D0ADCEE1FFA}] => (Allow) M:\SteamLibrary\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe => Keine Datei FirewallRules: [{34C0EB25-9676-40E7-A398-B5020B1C086D}] => (Allow) M:\SteamLibrary\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe => Keine Datei FirewallRules: [UDP Query User{6316FFD2-B818-4724-A243-B2CBEC2B616B}M:\spiele\warthunder\win64\aces.exe] => (Allow) M:\spiele\warthunder\win64\aces.exe => Keine Datei FirewallRules: [TCP Query User{A4DAB5EC-1A81-46EF-81C8-ECA8AEFF7D38}M:\spiele\warthunder\win64\aces.exe] => (Allow) M:\spiele\warthunder\win64\aces.exe => Keine Datei FirewallRules: [UDP Query User{8103BEE3-E6A8-4635-84F3-7F16E0D77A50}M:\spiele\warthunder\launcher.exe] => (Allow) M:\spiele\warthunder\launcher.exe => Keine Datei FirewallRules: [TCP Query User{C73394FD-73DC-4695-A67A-64083E18C49E}M:\spiele\warthunder\launcher.exe] => (Allow) M:\spiele\warthunder\launcher.exe => Keine Datei FirewallRules: [{15206087-C6DB-410F-9B3D-AA324C7142E2}] => (Allow) M:\SteamLibrary\steamapps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe => Keine Datei FirewallRules: [{D9135EAA-F7E6-4F2E-8E77-19FF05DD7837}] => (Allow) M:\SteamLibrary\steamapps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe => Keine Datei FirewallRules: [{111DBC9F-8C46-499C-AAFE-DAA241292458}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.) FirewallRules: [{A9C12DE4-9B64-4C72-A790-1CB057E945A8}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.) FirewallRules: [{7889F503-4DAB-431C-AE9B-19AB8BCB5539}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{F604F1A1-8551-48DC-966D-C917C03F9562}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{C13CC647-0E9F-4C0F-A8DD-DA219B14E548}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{37B29676-5A06-4542-B484-4B028112E477}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [UDP Query User{FB09B3BC-2D71-48FE-9BF3-3A761FE77636}E:\rsi\starcitizen\live\bin64\starcitizen.exe] => (Allow) E:\rsi\starcitizen\live\bin64\starcitizen.exe => Keine Datei FirewallRules: [TCP Query User{D88FD2FB-A35A-482E-BE5B-56C78DB3619C}E:\rsi\starcitizen\live\bin64\starcitizen.exe] => (Allow) E:\rsi\starcitizen\live\bin64\starcitizen.exe => Keine Datei FirewallRules: [UDP Query User{D4EB636E-071E-4374-8FF4-0BD65BCD6505}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [TCP Query User{B2FEEB23-23E6-424A-8CB5-5BC037740C92}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{D48D0ADC-5BA5-4043-8DD3-719D9531D99D}] => (Allow) M:\SteamLibrary\steamapps\common\Company of Heroes Relaunch\EF_Bin\CoHEF.exe => Keine Datei FirewallRules: [{F7E84052-329A-49FE-A761-E44F3B519F16}] => (Allow) M:\SteamLibrary\steamapps\common\Company of Heroes Relaunch\EF_Bin\CoHEF.exe => Keine Datei FirewallRules: [{0D2753ED-E8FF-45FF-9861-4B8176008206}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{B9C00E33-D883-4148-97FC-803E8C2BE666}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [UDP Query User{CBEA5FAF-721E-4D08-8436-7A345636E26D}S:\bethesdagames\fallout76.exe] => (Allow) S:\bethesdagames\fallout76.exe => Keine Datei FirewallRules: [TCP Query User{DB8F984E-33AB-4CE5-AECC-3D0A7CF9127F}S:\bethesdagames\fallout76.exe] => (Allow) S:\bethesdagames\fallout76.exe => Keine Datei FirewallRules: [UDP Query User{BBC8DE49-1EEC-4A50-B813-4D935A0E28E7}C:\program files\ultimaker cura 3.5\cura.exe] => (Allow) C:\program files\ultimaker cura 3.5\cura.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{2464E2FA-62C7-4BA8-AA23-AF02A4DEC194}C:\program files\ultimaker cura 3.5\cura.exe] => (Allow) C:\program files\ultimaker cura 3.5\cura.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{D6F1231C-6A9F-4795-94A1-27D2EC737840}D:\steamlibrary\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty-win32-debuggame.exe] => (Allow) D:\steamlibrary\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty-win32-debuggame.exe => Keine Datei FirewallRules: [TCP Query User{230B3C83-13A2-44E4-8BFE-467C78BE5C4F}D:\steamlibrary\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty-win32-debuggame.exe] => (Allow) D:\steamlibrary\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty-win32-debuggame.exe => Keine Datei FirewallRules: [{193885E4-6EC2-4A9B-9D52-4390EE9398AB}] => (Allow) S:\SteamLibrary\steamapps\common\SCUM\SCUM\Binaries\Win64\SCUM.exe => Keine Datei FirewallRules: [{428C2A33-61BA-48B2-AA64-30F3A3263EB4}] => (Allow) S:\SteamLibrary\steamapps\common\SCUM\SCUM\Binaries\Win64\SCUM.exe => Keine Datei FirewallRules: [{AF533971-A2A7-4D34-B18E-B3B44374EF4D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{8892E867-F1C6-4CFD-9171-6E0F5559E47E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{03DA40B6-9C93-4D99-B611-7312F27C1695}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro, Inc. -> ) FirewallRules: [{AC78BA10-46D7-4238-BAC2-2F85B62F4F52}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro, Inc. -> ) FirewallRules: [{67AD132B-6B86-4E6F-9E14-8F7B7BF28B93}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe (GoPro, Inc. -> ) FirewallRules: [{0E4FDDEE-AF5B-47E1-A651-42698FE86E1A}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\Quik.exe (GoPro, Inc. -> ) FirewallRules: [{D09E6F72-2A1B-429A-B5BF-06C601FBA5FC}] => (Allow) M:\World_of_Warships\worldofwarships.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{234CF90F-A380-4571-BCBE-23C5F1AE5DE1}] => (Allow) M:\World_of_Warships\worldofwarships.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{C49A4F24-DEAD-42CB-BE5B-39916FFAFFB2}] => (Allow) M:\World_of_Warships\WoWSLauncher.exe (Wargaming PCL -> Wargaming.net) FirewallRules: [{8C442ECB-6EDB-416F-B6FE-DF23E8D123C4}] => (Allow) M:\World_of_Warships\WoWSLauncher.exe (Wargaming PCL -> Wargaming.net) FirewallRules: [UDP Query User{2D19B552-0CA5-463D-85F0-59559CBEC988}M:\steam\steamapps\common\life is feudal your own\server\cm_yo_server.exe] => (Allow) M:\steam\steamapps\common\life is feudal your own\server\cm_yo_server.exe => Keine Datei FirewallRules: [TCP Query User{48CC9ABB-C2D1-4A61-8C8D-7F821CCEDF04}M:\steam\steamapps\common\life is feudal your own\server\cm_yo_server.exe] => (Allow) M:\steam\steamapps\common\life is feudal your own\server\cm_yo_server.exe => Keine Datei FirewallRules: [UDP Query User{F52ED504-4DD9-4C54-9944-5B0DC914DD91}M:\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe] => (Allow) M:\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe => Keine Datei FirewallRules: [TCP Query User{F0A061B4-4107-41A4-88D1-213A04F0E40E}M:\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe] => (Allow) M:\steam\steamapps\common\space hulk deathwing\spacehulkgame\binaries\win64\spacehulkgame-win64-shipping.exe => Keine Datei FirewallRules: [UDP Query User{CDAA40DB-E2D5-45C8-8F0B-F8473EEEDE95}D:\origin\star wars battlefront\starwarsbattlefront.exe] => (Allow) D:\origin\star wars battlefront\starwarsbattlefront.exe => Keine Datei FirewallRules: [TCP Query User{7D6EDDA3-6A4F-49C4-92DE-A011A2D856D5}D:\origin\star wars battlefront\starwarsbattlefront.exe] => (Allow) D:\origin\star wars battlefront\starwarsbattlefront.exe => Keine Datei FirewallRules: [{DA8FB935-05C8-4861-ABB1-634472A54A1D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei FirewallRules: [{9E41DAB3-6011-40AB-89F4-A7DBF97D81B2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei FirewallRules: [UDP Query User{7AFE5D71-6491-4F3A-B50A-644A0913CD2E}F:\ea games\battlefield 2\bf2.exe] => (Block) F:\ea games\battlefield 2\bf2.exe => Keine Datei FirewallRules: [TCP Query User{C4100931-8AE9-41AF-ABF4-D52B9E6630C9}F:\ea games\battlefield 2\bf2.exe] => (Block) F:\ea games\battlefield 2\bf2.exe => Keine Datei FirewallRules: [{77884DFF-706B-4721-8183-3D4EEB8A556C}] => (Allow) F:\Origin\EA\Battlefield 1\bf1.exe => Keine Datei FirewallRules: [{74E17742-B074-43BF-9B92-4A589AA126BC}] => (Allow) F:\Origin\EA\Battlefield 1\bf1.exe => Keine Datei FirewallRules: [{49094569-9EB6-464A-8AB4-3322E95CF0AD}] => (Allow) F:\Origin\EA\Battlefield 1\bf1Trial.exe => Keine Datei FirewallRules: [{51A26BD4-3074-4998-A460-4411439B3CD6}] => (Allow) F:\Origin\EA\Battlefield 1\bf1Trial.exe => Keine Datei FirewallRules: [UDP Query User{4287286A-B37C-41E9-AB9A-021B158F57B0}F:\origin\ea\fifa 16\fifa16.exe] => (Block) F:\origin\ea\fifa 16\fifa16.exe => Keine Datei FirewallRules: [TCP Query User{E2818EB2-6B60-4CFF-81AF-CDD13EA71BC5}F:\origin\ea\fifa 16\fifa16.exe] => (Block) F:\origin\ea\fifa 16\fifa16.exe => Keine Datei FirewallRules: [UDP Query User{B91901C8-4475-4D42-8622-B15F844117B1}C:\program files (x86)\minecraft2\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft2\runtime\jre-x64\1.8.0_25\bin\javaw.exe => Keine Datei FirewallRules: [TCP Query User{9AF03FC2-3404-4346-AB39-1334F0F4934E}C:\program files (x86)\minecraft2\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft2\runtime\jre-x64\1.8.0_25\bin\javaw.exe => Keine Datei FirewallRules: [UDP Query User{BD7AE3BD-98AB-4815-A8DC-34EC968D080E}C:\program files\java\jre1.8.0_102\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_102\bin\javaw.exe => Keine Datei FirewallRules: [TCP Query User{2D1017E2-8DEE-4C7D-B959-D94B5BF66F4C}C:\program files\java\jre1.8.0_102\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_102\bin\javaw.exe => Keine Datei FirewallRules: [{4E809419-B880-4F3D-B945-33E746287B55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{C50917AF-B1D4-4B64-949E-3D9EE1287CB7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{683D2ADC-9E53-4921-8D6C-046D670FDD92}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{FDEE0316-B4B9-4F58-A646-E362DAD2BA4A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{C2843090-7EF3-48D2-8DA8-F90E816A6435}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => Keine Datei FirewallRules: [{77E281C3-31B6-4143-8B98-C26DA2C2A7FB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => Keine Datei FirewallRules: [TCP Query User{1E404DD6-C606-4705-87EC-F53868C14729}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [UDP Query User{7AF38E78-0CF0-4526-BABC-343323E110A3}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [TCP Query User{A93EAE5D-9BC1-4F55-B09F-E04967F715BB}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [UDP Query User{D6B26A43-F9C7-4293-A7CE-82534F76F355}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [{159D9602-1BC6-4E95-A23F-D6B3EF98F800}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe => Keine Datei FirewallRules: [{8AAF13F5-3688-4939-BB0A-9DE84AFF5596}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe => Keine Datei FirewallRules: [{C49044F2-F28B-49BF-A16B-611519AB9903}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{40461913-7967-47CA-BD7F-6A2F189B831B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{473B5E0A-993B-465A-B4A7-C4FBF34D2F28}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe => Keine Datei FirewallRules: [UDP Query User{B104E232-AE64-4232-A8CF-97EFB0448641}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe => Keine Datei FirewallRules: [TCP Query User{E2C7C270-8CA2-4912-A973-2DCED2CF655A}C:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) C:\program files (x86)\dayzlauncher\dayzlauncher.exe => Keine Datei FirewallRules: [UDP Query User{667A61DF-D900-4A1A-99F7-86A4447AE072}C:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) C:\program files (x86)\dayzlauncher\dayzlauncher.exe => Keine Datei FirewallRules: [{A5B21EB4-5B17-4E3E-8FED-1EABD368E1D4}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe => Keine Datei FirewallRules: [{B9BBFE11-3616-4F9B-A72F-CF1F8850789E}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe => Keine Datei FirewallRules: [{A53173FC-C952-4684-B74D-7AF2A79CD94B}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe => Keine Datei FirewallRules: [{9DE46B40-904D-4983-9506-68ADAA7313C8}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe => Keine Datei FirewallRules: [{7E42E560-3CBB-4333-B0F6-0EA9AF1E7841}] => (Allow) D:\SteamLibrary\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe => Keine Datei FirewallRules: [{17AFDCE2-3BA4-449A-A8F1-F248802C5DA3}] => (Allow) D:\SteamLibrary\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe => Keine Datei FirewallRules: [TCP Query User{4911EACF-4CCA-4925-B006-30FFA7B2CF70}C:\program files\plentymarkets\plentymarkets.exe] => (Allow) C:\program files\plentymarkets\plentymarkets.exe => Keine Datei FirewallRules: [UDP Query User{DF66AE31-34D3-4A77-BB42-47DFEF7C5F8F}C:\program files\plentymarkets\plentymarkets.exe] => (Allow) C:\program files\plentymarkets\plentymarkets.exe => Keine Datei FirewallRules: [TCP Query User{CFD5359D-B6A8-4773-B19B-46B69665116A}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe => Keine Datei FirewallRules: [UDP Query User{50E57783-EEC7-48D0-950E-0C44F8F7CC2F}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe => Keine Datei FirewallRules: [TCP Query User{FED7DCD0-3CBE-4FF9-B27B-5EBC1AFAFB2F}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe => Keine Datei FirewallRules: [UDP Query User{302D78D5-F094-456A-B2B2-7A32ABDE83F0}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe => Keine Datei FirewallRules: [TCP Query User{7A1B68AB-52C7-4CB3-A6F4-E1E31DFBAED9}F:\uplay\far cry 3\bin\farcry3_d3d11.exe] => (Allow) F:\uplay\far cry 3\bin\farcry3_d3d11.exe => Keine Datei FirewallRules: [UDP Query User{FA24577C-9F44-40B9-8243-2EB02F9F5643}F:\uplay\far cry 3\bin\farcry3_d3d11.exe] => (Allow) F:\uplay\far cry 3\bin\farcry3_d3d11.exe => Keine Datei FirewallRules: [{83F4E413-6124-4199-829E-64B21973960C}] => (Allow) D:\SteamLibrary\steamapps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe => Keine Datei FirewallRules: [{353EEEC1-5273-462F-9E20-37B5DE3F66D9}] => (Allow) D:\SteamLibrary\steamapps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe => Keine Datei FirewallRules: [{A8B6606C-23A2-499C-BF27-F6B374F0214E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [Datei ist nicht signiert] FirewallRules: [{2F1525E3-D1A5-465B-9648-8B5F51EE426F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{F73ABA9C-0552-4AC3-93A0-4556FF6D1F27}D:\steamlibrary\steamapps\common\battlegrounds_cbt\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\battlegrounds_cbt\tslgame\binaries\win64\tslgame.exe => Keine Datei FirewallRules: [UDP Query User{17D4F3EE-FEEF-405C-857C-396578BFB79A}D:\steamlibrary\steamapps\common\battlegrounds_cbt\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\battlegrounds_cbt\tslgame\binaries\win64\tslgame.exe => Keine Datei FirewallRules: [{7E1905B9-7DEA-4AC7-8CF6-E0B36A92E9E1}] => (Allow) C:\Users\Hendrik\Downloads\various\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe => Keine Datei FirewallRules: [{1FAA0EA7-DDF5-4B48-A158-33675F38D6D5}] => (Allow) C:\Users\Hendrik\Downloads\various\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe => Keine Datei FirewallRules: [{A9472850-BF43-4A31-98A5-BC4ED830C50E}] => (Allow) C:\Users\Hendrik\Downloads\various\World of Warcraft\Wow.exe => Keine Datei FirewallRules: [{16E11875-258C-4FC1-A6B8-2DC6893A7AD8}] => (Allow) C:\Users\Hendrik\Downloads\various\World of Warcraft\Wow.exe => Keine Datei FirewallRules: [{A6AE43CA-DCB1-479C-96EB-40DA3563118E}] => (Allow) C:\Users\Hendrik\Downloads\various\World of Warcraft\Wow.exe => Keine Datei FirewallRules: [{0A07D15E-AAC1-4068-89CE-7CD5279E3921}] => (Allow) C:\Users\Hendrik\Downloads\various\World of Warcraft\Wow.exe => Keine Datei FirewallRules: [TCP Query User{55CD356A-CE84-4FE2-9AD7-EB372F2423C2}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei FirewallRules: [UDP Query User{FF699FB0-3603-4140-9D16-9EF7A14CE050}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei FirewallRules: [TCP Query User{C53A0A73-3676-4367-96CC-4DA52D48D077}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe => Keine Datei FirewallRules: [UDP Query User{2EA9044D-E5FA-4CCE-BDB7-9E3A6595AD22}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe => Keine Datei FirewallRules: [{26A46133-26D9-45EF-BA62-BC86FD4BF9BD}] => (Allow) F:\SteamLibrary\steamapps\common\theHunterCotW\theHunterCotW_F.exe => Keine Datei FirewallRules: [{5D20871C-3CF7-4BD8-AC91-DCAF8516E523}] => (Allow) F:\SteamLibrary\steamapps\common\theHunterCotW\theHunterCotW_F.exe => Keine Datei FirewallRules: [{CB2DE5D3-17BB-49BD-8B8F-C1A93D90C8C4}] => (Allow) F:\SteamLibrary\steamapps\common\Age2HD\Launcher.exe => Keine Datei FirewallRules: [{4C902E71-47D1-42E3-90C3-505DEF69E785}] => (Allow) F:\SteamLibrary\steamapps\common\Age2HD\Launcher.exe => Keine Datei FirewallRules: [{FA46D65E-DF47-46EF-8F1C-1E181F964376}] => (Allow) M:\Origin\Battlefield Bad Company 2\BFBC2Game.exe => Keine Datei FirewallRules: [{B22A8619-1B90-4FFF-AC2B-CF665735EAE2}] => (Allow) M:\Origin\Battlefield Bad Company 2\BFBC2Game.exe => Keine Datei FirewallRules: [TCP Query User{4A7CADB1-5246-4A1B-BF7B-75546F690419}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe => Keine Datei FirewallRules: [UDP Query User{2B217A3F-5DCB-4061-BD81-5E0C58E8D3FF}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe => Keine Datei FirewallRules: [{100456E6-4378-4459-8C01-BAF1D1EDBC3B}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => Keine Datei FirewallRules: [{0BA6A285-A52D-4D0F-AE0C-8093097E41ED}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => Keine Datei FirewallRules: [{1423DEDE-F177-41EA-95B9-5AA9C5BD86F2}] => (Allow) D:\Origin\Battlefield 1\bf1Trial.exe => Keine Datei FirewallRules: [{A42F3BA9-5F59-495E-ADB8-0C42EA7D80F6}] => (Allow) D:\Origin\Battlefield 1\bf1Trial.exe => Keine Datei FirewallRules: [{2D57C561-9B2E-44E8-A617-9F1AE5AE0A6C}] => (Allow) D:\Origin\Battlefield 1\bf1.exe => Keine Datei FirewallRules: [{AB5E622F-F502-4EDB-95E4-AAF890B8F3CD}] => (Allow) D:\Origin\Battlefield 1\bf1.exe => Keine Datei FirewallRules: [{EF905237-640E-458B-89BF-1612CFC47418}] => (Allow) M:\Origin\Battlefield 4\BFLauncher.exe => Keine Datei FirewallRules: [{F13970A0-64A0-4543-B0E1-DD96ED76EE5E}] => (Allow) M:\Origin\Battlefield 4\BFLauncher.exe => Keine Datei FirewallRules: [{FC5A8C50-BB31-4705-A56E-7B928D96A91C}] => (Allow) M:\Origin\Battlefield 4\BFLauncher_x86.exe => Keine Datei FirewallRules: [{70F3B4A7-30C4-4413-96BA-4C4057405845}] => (Allow) M:\Origin\Battlefield 4\BFLauncher_x86.exe => Keine Datei FirewallRules: [TCP Query User{73B5A2BE-D8CB-4442-A052-F54442251269}M:\origin\battlefield 4\bf4.exe] => (Allow) M:\origin\battlefield 4\bf4.exe => Keine Datei FirewallRules: [UDP Query User{F4745EDC-E613-46CE-862A-9BA9FAD78E85}M:\origin\battlefield 4\bf4.exe] => (Allow) M:\origin\battlefield 4\bf4.exe => Keine Datei FirewallRules: [TCP Query User{C9A5F1B8-8792-4F6D-A740-23ABDB56D0D9}S:\origin\battlefield 4\bf4.exe] => (Allow) S:\origin\battlefield 4\bf4.exe => Keine Datei FirewallRules: [UDP Query User{E64A8B82-E60D-4B12-80DD-2E5B0710F63B}S:\origin\battlefield 4\bf4.exe] => (Allow) S:\origin\battlefield 4\bf4.exe => Keine Datei FirewallRules: [TCP Query User{CAF23F79-803C-405C-84E9-6B07665D9473}M:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) M:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe => Keine Datei FirewallRules: [UDP Query User{5FD8A056-DEF3-412A-8B64-7907736FECBF}M:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) M:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe => Keine Datei FirewallRules: [{5E084DE0-DE2E-4E47-A8D0-1376FD9505D2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{3CC4D0F1-1BCF-4811-8B6E-F88C62011429}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{288C726B-24B5-4218-A1C1-9C8103505AD2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{B5AC7E53-547A-42DB-BE81-83C7730598A5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{C6F44B2A-2E55-45B2-A8FD-DD742AC16B7A}] => (Allow) S:\Origin\Battlefield 4\BFLauncher.exe => Keine Datei FirewallRules: [{935834A3-342B-4012-B8A4-E6987884A745}] => (Allow) S:\Origin\Battlefield 4\BFLauncher.exe => Keine Datei FirewallRules: [{36109203-2016-415F-876A-A6B40F5A7C12}] => (Allow) S:\Origin\Battlefield 4\BFLauncher_x86.exe => Keine Datei FirewallRules: [{8CD4D21C-4B7B-4832-849F-C63C9A3885A5}] => (Allow) S:\Origin\Battlefield 4\BFLauncher_x86.exe => Keine Datei FirewallRules: [{F7EAD8E1-F660-40E7-8E43-7F6EC778EEEB}] => (Block) C:\WINDOWS\systemapps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exeenable=yes => Keine Datei FirewallRules: [TCP Query User{B2B6C613-2F74-4A97-8F2D-410EAA00712E}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_121\bin\javaw.exe => Keine Datei FirewallRules: [UDP Query User{F21D55EF-9E23-4461-AB4C-A642E278523E}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_121\bin\javaw.exe => Keine Datei FirewallRules: [TCP Query User{0F82EB1C-486D-4467-8D7A-652DA979E2EE}C:\program files (x86)\ubisoft\ubisoft game launcher\games\thesettlers3\siedler3r.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\thesettlers3\siedler3r.exe => Keine Datei FirewallRules: [UDP Query User{2B9D025B-642C-4CF8-8500-F129B28ADC35}C:\program files (x86)\ubisoft\ubisoft game launcher\games\thesettlers3\siedler3r.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\thesettlers3\siedler3r.exe => Keine Datei FirewallRules: [{CA34EA42-5583-42C0-9D3A-B14EEC3FD7FF}] => (Allow) S:\SteamLibrary\steamapps\common\World War 3\WW3_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{8200998E-8784-452F-B1FE-C50F563044BF}] => (Allow) S:\SteamLibrary\steamapps\common\World War 3\WW3_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [TCP Query User{05CB348D-7A12-41B9-945C-4C758B15538F}S:\steamlibrary\steamapps\common\world war 3\ww3\binaries\win64\ww3-win64-shipping.exe] => (Allow) S:\steamlibrary\steamapps\common\world war 3\ww3\binaries\win64\ww3-win64-shipping.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [UDP Query User{6CC6F17E-7E60-437D-8EA9-6DE79C7B79B6}S:\steamlibrary\steamapps\common\world war 3\ww3\binaries\win64\ww3-win64-shipping.exe] => (Allow) S:\steamlibrary\steamapps\common\world war 3\ww3\binaries\win64\ww3-win64-shipping.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [TCP Query User{7F550CE8-6B8B-4B3D-8413-A93DCCDEBC07}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{02CC7DD2-8E4C-4FBD-94FC-2160EBA2EA22}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [TCP Query User{363AB86B-2098-4A80-BCBD-4EF9AAFDF5F8}C:\users\hendrik\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hendrik\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{E633530E-7499-4528-BE45-A7D2C4366C0E}C:\users\hendrik\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hendrik\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9A708FE0-39E6-4718-AC81-79B86B0928F0}] => (Allow) S:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Datei ist nicht signiert] FirewallRules: [{3B49BE41-F228-4FF4-BD29-D0FD78E0A1AE}] => (Allow) S:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Datei ist nicht signiert] FirewallRules: [{E37B5554-056B-40D8-97E0-93FFEC2776D0}] => (Allow) S:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe () [Datei ist nicht signiert] FirewallRules: [{9EE979CF-42BC-466C-BE36-304AD10AEA15}] => (Allow) S:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{C15ECFE9-19CA-4BC0-A42F-BA0A449BF786}S:\steamlibrary\steamapps\common\star wars squadrons\starwarssquadrons.exe] => (Allow) S:\steamlibrary\steamapps\common\star wars squadrons\starwarssquadrons.exe => Keine Datei FirewallRules: [UDP Query User{02B27E23-C086-4546-ABC7-0DC867873BE9}S:\steamlibrary\steamapps\common\star wars squadrons\starwarssquadrons.exe] => (Allow) S:\steamlibrary\steamapps\common\star wars squadrons\starwarssquadrons.exe => Keine Datei FirewallRules: [{020908ED-C4EB-41A5-92C0-F840C381CF93}] => (Allow) S:\SteamLibrary\steamapps\common\Jedi Academy\GameData\jasp.exe (Activision Inc) [Datei ist nicht signiert] FirewallRules: [{1D80FCED-0748-46E2-8E88-D52906BBA032}] => (Allow) S:\SteamLibrary\steamapps\common\Jedi Academy\GameData\jasp.exe (Activision Inc) [Datei ist nicht signiert] FirewallRules: [{1BB1AE1B-5048-4B4C-AD04-7853A26D7864}] => (Allow) S:\SteamLibrary\steamapps\common\Jedi Academy\GameData\jamp.exe (Activision Inc) [Datei ist nicht signiert] FirewallRules: [{2CD860DC-BAF5-46A4-8A58-F408436E8229}] => (Allow) S:\SteamLibrary\steamapps\common\Jedi Academy\GameData\jamp.exe (Activision Inc) [Datei ist nicht signiert] FirewallRules: [{0B5AD180-D777-4924-9F2D-14EAE604D54E}] => (Allow) E:\Ubisoft\Splinter Cell Conviction\src\system\Conviction_game.exe => Keine Datei FirewallRules: [{B85533B6-5D86-403E-A73A-39FFB366AACB}] => (Allow) E:\Ubisoft\Splinter Cell Conviction\src\system\Conviction_game.exe => Keine Datei FirewallRules: [TCP Query User{BA055DAD-03EB-4682-BC9B-FE44EB17AD4E}E:\ubisoft\anno 1503 - history edition\anno1503.exe] => (Block) E:\ubisoft\anno 1503 - history edition\anno1503.exe => Keine Datei FirewallRules: [UDP Query User{7B7684EB-83CE-44E1-95F7-32A7D90893AE}E:\ubisoft\anno 1503 - history edition\anno1503.exe] => (Block) E:\ubisoft\anno 1503 - history edition\anno1503.exe => Keine Datei FirewallRules: [TCP Query User{097DA836-2F24-474A-8322-47C1194E0E4D}E:\ubisoft\anno 1602 - history edition\anno1602.exe] => (Block) E:\ubisoft\anno 1602 - history edition\anno1602.exe => Keine Datei FirewallRules: [UDP Query User{FE4B3FE3-EB3E-4DA6-B51A-9995FF036CA1}E:\ubisoft\anno 1602 - history edition\anno1602.exe] => (Block) E:\ubisoft\anno 1602 - history edition\anno1602.exe => Keine Datei FirewallRules: [TCP Query User{7B27BB68-6080-4958-83FC-B50279CE542D}E:\ubisoft\anno 1404 - history edition\anno1404.exe] => (Block) E:\ubisoft\anno 1404 - history edition\anno1404.exe => Keine Datei FirewallRules: [UDP Query User{DC61579F-3C10-44A0-94D7-77003FC2FCAC}E:\ubisoft\anno 1404 - history edition\anno1404.exe] => (Block) E:\ubisoft\anno 1404 - history edition\anno1404.exe => Keine Datei FirewallRules: [{8D7321FE-4106-4656-9B7F-01400987C9D4}] => (Allow) S:\SteamLibrary\steamapps\common\Splinter Cell\system\splintercell.exe () [Datei ist nicht signiert] FirewallRules: [{54A99D97-6769-456F-90EB-9D257AC96B54}] => (Allow) S:\SteamLibrary\steamapps\common\Splinter Cell\system\splintercell.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{6A591036-FA9B-449C-81E4-451903B554C0}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin) FirewallRules: [UDP Query User{A5CEE8D5-3D65-4B56-980F-EBBC375CCF86}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin) FirewallRules: [TCP Query User{83F7F6E0-33D3-48A7-A0EC-84A11E53AA7D}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment) FirewallRules: [UDP Query User{30BFC99A-E5C6-415C-BF91-F56025FB4CA1}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment) FirewallRules: [{16706714-A2CE-4AC9-A354-730FFDD76CD3}] => (Allow) S:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [Datei ist nicht signiert] FirewallRules: [{6936D4EB-EEEC-4624-B96F-5538F6E53F55}] => (Allow) S:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [Datei ist nicht signiert] FirewallRules: [{679DA04F-EE2A-4B74-8347-05AA6A8CDE8E}] => (Allow) S:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => Keine Datei FirewallRules: [{E4F4F0B9-BEC4-493E-B281-C4A008F8A1D4}] => (Allow) S:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => Keine Datei FirewallRules: [{9F2DE498-A6B5-4674-8B1F-AE5C27C709BA}] => (Allow) M:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{0061B80D-A3B6-4E3D-A7D7-EED60711B50A}] => (Allow) M:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{9956E162-359D-4454-A1A1-8CCA3112AFD7}] => (Allow) M:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.) FirewallRules: [{E9704EA4-4515-4EE9-ACEB-9385D15495B5}] => (Allow) M:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.) FirewallRules: [{4EE550BA-F4EA-4812-8CBB-AA0AA998746B}] => (Allow) M:\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{8615F1A6-E593-42A4-8450-F2DEBEB1181D}] => (Allow) M:\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{6D452EB6-B5BA-40DC-840B-185AADAB8FA5}] => (Allow) M:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe => Keine Datei FirewallRules: [{F6B03899-94EB-45CC-8CC8-B3E9DEC984FF}] => (Allow) M:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe => Keine Datei FirewallRules: [TCP Query User{202CA219-87FA-4FD0-B5EE-240C57C7AED8}C:\users\hendrik\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\hendrik\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{D7DA80C1-B099-4867-A6BF-5850410009FB}C:\users\hendrik\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\hendrik\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{2C4E2A40-C6C7-4D4F-BC60-6025C2128C16}] => (Allow) S:\SteamLibrary\steamapps\common\Raft\Raft.exe () [Datei ist nicht signiert] FirewallRules: [{D5042955-1C95-4DBB-9629-8314CF8683FD}] => (Allow) S:\SteamLibrary\steamapps\common\Raft\Raft.exe () [Datei ist nicht signiert] FirewallRules: [{53196529-35B7-4C9A-A011-3CB755DCB917}] => (Allow) E:\Ubisoft\Assassin's Creed Valhalla\ACValhalla_Plus.exe (UBISOFT ENTERTAINMENT INC. -> ) FirewallRules: [TCP Query User{C9981ECA-8F91-4D09-9955-D741DA861280}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe => Keine Datei FirewallRules: [UDP Query User{6FA15A52-14E1-45E3-AFEC-0EB6FC904F1A}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe => Keine Datei FirewallRules: [TCP Query User{E7BC7763-FA26-4234-A4CF-EF8CE5CFA11A}C:\program files\raise3d\ideamaker\ideamaker.exe] => (Block) C:\program files\raise3d\ideamaker\ideamaker.exe (RAISE 3D TECHNOLOGIES INC -> Raise3D) FirewallRules: [UDP Query User{E0D2C5A0-A599-461C-94C2-C7A42893C7DD}C:\program files\raise3d\ideamaker\ideamaker.exe] => (Block) C:\program files\raise3d\ideamaker\ideamaker.exe (RAISE 3D TECHNOLOGIES INC -> Raise3D) FirewallRules: [{F35E4C22-6474-4ACB-8ADD-EC29D59002A3}] => (Allow) C:\Users\Hendrik\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{352DF61B-D0F5-4A2C-8450-A5A40CBA2D18}] => (Allow) C:\Users\Hendrik\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei FirewallRules: [{BBF0AD13-FA1C-455E-BA72-A1741707E71A}] => (Allow) C:\Users\Hendrik\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei FirewallRules: [{35B65E9D-9933-48D5-BDCF-3C69CDE919DB}] => (Allow) S:\Origin\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) FirewallRules: [{5AED16AE-69CD-4EAD-BECA-77D10263C1C1}] => (Allow) S:\Origin\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) FirewallRules: [{E7DD3ED0-4DAD-44BB-9126-C8318F2C3218}] => (Allow) S:\Origin\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) FirewallRules: [{2EA1B5BA-8E33-4F4C-885F-80797CB07EB0}] => (Allow) S:\Origin\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) FirewallRules: [{4E19ECA0-7D56-4660-ADC6-E92E5DC6D7D0}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive) FirewallRules: [{3BB6DBC5-3CC9-4BA2-BC89-BA6A9796A008}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive) FirewallRules: [TCP Query User{68EFF304-8222-4004-98BA-E0BA748148CB}E:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe] => (Allow) E:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive) FirewallRules: [UDP Query User{5A45E3CE-93B8-4605-9D57-1AEE50278871}E:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe] => (Allow) E:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive) FirewallRules: [{F315BBAB-C9CF-43A2-ADD6-7337369F52FC}] => (Allow) LPort=9223 FirewallRules: [{AC93D3E9-D258-40A7-8981-C7F26FDABDEB}] => (Allow) LPort=9245 FirewallRules: [{F93B50A6-6BE8-4D7C-8447-DDC792ED50B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> Valve Corporation) FirewallRules: [{59A468BE-F340-449F-9909-EA6B4D2AE476}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{71211C00-7E36-4769-8E2D-90F5E086688D}C:\program files (x86)\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> ) FirewallRules: [UDP Query User{85A8ADFB-CD98-4A7D-AB6D-427409285ACA}C:\program files (x86)\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> ) FirewallRules: [{E4FA4802-82A8-452F-83A6-DAD9F0DE8575}] => (Allow) C:\Program Files\Elgato\StreamDeck\StreamDeck.exe (Corsair Memory, Inc. -> Corsair Memory, Inc) FirewallRules: [{94D7D0A7-7AE8-490E-A0C4-D6BD12822B99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{274BE37E-7792-4C76-8198-1BDC2ABCF97E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{955A4A2B-E516-4587-95EB-56AEBEB40346}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A34F9700-BE7D-401D-B26B-C8B798C2A6DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{8C89B2DD-3D73-461A-9957-EC71CB52F043}S:\steamlibrary\steamapps\common\world war 3\ww3\binaries\win64\ww3-win64-shipping.exe] => (Allow) S:\steamlibrary\steamapps\common\world war 3\ww3\binaries\win64\ww3-win64-shipping.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [UDP Query User{C8A25AE2-A35A-4AAC-B184-54D34D517D67}S:\steamlibrary\steamapps\common\world war 3\ww3\binaries\win64\ww3-win64-shipping.exe] => (Allow) S:\steamlibrary\steamapps\common\world war 3\ww3\binaries\win64\ww3-win64-shipping.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{12D5CE99-E533-42B3-9DF3-9CB44E1FEB70}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3 Tools\Arma3Tools.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.) FirewallRules: [{96F23621-F816-469F-97C0-4CF3B2DEC2D4}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3 Tools\Arma3Tools.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.) FirewallRules: [{41DC50CE-7FAF-45FE-88BF-C7B56C8E8780}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3 Tools\starter.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.) FirewallRules: [{22AA8014-8717-468F-B5D8-A6E5B89AD1F6}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3 Tools\starter.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.) FirewallRules: [{88297049-B99B-4E16-883A-77FC8A438EA9}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3 Tools\AddonBuilder\AddonBuilder.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive) FirewallRules: [{BDB8C91C-F409-498C-9F56-11B8E8D10ED7}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3 Tools\AddonBuilder\AddonBuilder.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive) FirewallRules: [{FC9D6447-1959-4976-A41A-5CCB0A04953C}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3 Tools\Publisher\Publisher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive) FirewallRules: [{A53BFF93-EA3A-4BA2-AF56-6854835AFCEF}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3 Tools\Publisher\Publisher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive) FirewallRules: [{896C1362-F1E2-40ED-BA93-80B8A0864DCC}] => (Allow) S:\SteamLibrary\steamapps\common\Crusader Kings III\launcher\dowser.exe (Paradox Interactive AB (publ) -> ) FirewallRules: [{DD734F33-73EC-412B-B846-EA456956477F}] => (Allow) S:\SteamLibrary\steamapps\common\Crusader Kings III\launcher\dowser.exe (Paradox Interactive AB (publ) -> ) FirewallRules: [{EED79436-0EBD-47F3-9D54-DC6625ED3E67}] => (Allow) E:\SteamLibrary\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert] FirewallRules: [{CBC71883-6213-4A16-8406-83313B06CBAE}] => (Allow) E:\SteamLibrary\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert] FirewallRules: [{CE9ADBAA-8E20-47AC-9C8A-5B52D473D00D}] => (Allow) E:\SteamLibrary\steamapps\common\The Forest\TheForest.exe () [Datei ist nicht signiert] FirewallRules: [{57F92FF3-5ACB-4AE5-A81E-C13D9A616F8D}] => (Allow) E:\SteamLibrary\steamapps\common\The Forest\TheForest.exe () [Datei ist nicht signiert] FirewallRules: [{BC609385-3B0E-463D-AAFE-7FA71CAC5EC8}] => (Allow) E:\SteamLibrary\steamapps\common\The Forest\TheForestVR.exe () [Datei ist nicht signiert] FirewallRules: [{3CF9AE0F-447E-4E56-8FAE-53795B2F8489}] => (Allow) E:\SteamLibrary\steamapps\common\The Forest\TheForestVR.exe () [Datei ist nicht signiert] FirewallRules: [{5D20A1CB-3007-4B1D-B476-FA637537AAFB}] => (Allow) E:\SteamLibrary\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert] FirewallRules: [{668A4211-A861-4EA6-88EC-2A9E48928436}] => (Allow) E:\SteamLibrary\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{36D22EAE-EACC-4677-A189-664377CBC0AE}C:\programdata\oracle\java\javapath_target_1142152750\javaw.exe] => (Allow) C:\programdata\oracle\java\javapath_target_1142152750\javaw.exe => Keine Datei FirewallRules: [UDP Query User{5B367EB3-E255-4626-AC3B-33D3C5D68075}C:\programdata\oracle\java\javapath_target_1142152750\javaw.exe] => (Allow) C:\programdata\oracle\java\javapath_target_1142152750\javaw.exe => Keine Datei FirewallRules: [{9FDF967F-FC8E-42B6-BA21-89100642DFB5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\89.0.774.77\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{ADCB7CCE-9D20-4F59-BEA5-595D46A98E67}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{3C08EBFA-11C0-4050-9539-34EFCFF80E32}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) ==================== Wiederherstellungspunkte ========================= 10-04-2021 12:31:12 Geplanter Prüfpunkt 14-04-2021 09:25:51 Windows Modules Installer 18-04-2021 12:38:06 Removed Avira Browser Safety 20-04-2021 09:51:06 Removed Avira Browser Safety ==================== Fehlerhafte Geräte im Gerätemanager ============ ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (04/20/2021 11:37:31 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Die Speicheroptimierung konnte erneut optimieren auf Mastermind (M:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A) Error: (04/20/2021 11:28:07 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Die Speicheroptimierung konnte erneut optimieren auf Mastermind (M:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A) Error: (04/20/2021 10:45:53 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: sdzoomplugin.exe, Version: 0.0.0.0, Zeitstempel: 0x602c096a Name des fehlerhaften Moduls: uiautomationcore.dll, Version: 7.2.19041.906, Zeitstempel: 0xae6be9d8 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000023c11 ID des fehlerhaften Prozesses: 0x2ee0 Startzeit der fehlerhaften Anwendung: 0x01d735be5948b1ee Pfad der fehlerhaften Anwendung: C:\Users\Hendrik\AppData\Roaming\Elgato\StreamDeck\Plugins\com.lostdomain.zoom.sdPlugin\sdzoomplugin.exe Pfad des fehlerhaften Moduls: C:\Windows\System32\uiautomationcore.dll Berichtskennung: fd3ee785-4afe-4f1a-bb53-2a5b78220c45 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (04/20/2021 10:22:47 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: sdzoomplugin.exe, Version: 0.0.0.0, Zeitstempel: 0x602c096a Name des fehlerhaften Moduls: uiautomationcore.dll, Version: 7.2.19041.906, Zeitstempel: 0xae6be9d8 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000023c11 ID des fehlerhaften Prozesses: 0x1444 Startzeit der fehlerhaften Anwendung: 0x01d735be1f399f5e Pfad der fehlerhaften Anwendung: C:\Users\Hendrik\AppData\Roaming\Elgato\StreamDeck\Plugins\com.lostdomain.zoom.sdPlugin\sdzoomplugin.exe Pfad des fehlerhaften Moduls: C:\Windows\System32\uiautomationcore.dll Berichtskennung: 24ad5601-6333-493e-a38b-dd35bc1bce85 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (04/20/2021 10:21:38 AM) (Source: MsiInstaller) (EventID: 10005) (User: Zeiträuber) Description: Product: Avira Browser Safety -- OS version incompatibility Error: (04/20/2021 10:21:08 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: sdzoomplugin.exe, Version: 0.0.0.0, Zeitstempel: 0x602c096a Name des fehlerhaften Moduls: uiautomationcore.dll, Version: 7.2.19041.906, Zeitstempel: 0xae6be9d8 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000023c11 ID des fehlerhaften Prozesses: 0x37cc Startzeit der fehlerhaften Anwendung: 0x01d735a50dd908f4 Pfad der fehlerhaften Anwendung: C:\Users\Hendrik\AppData\Roaming\Elgato\StreamDeck\Plugins\com.lostdomain.zoom.sdPlugin\sdzoomplugin.exe Pfad des fehlerhaften Moduls: C:\Windows\System32\uiautomationcore.dll Berichtskennung: 5555414a-87ee-42a0-9fe2-667ef1595568 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (04/20/2021 09:51:23 AM) (Source: MsiInstaller) (EventID: 10005) (User: Zeiträuber) Description: Product: Avira Browser Safety -- OS version incompatibility Error: (04/20/2021 07:20:40 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1000) (User: NT-AUTORITÄT) Description: Der Zugriff auf Leistungsdaten wurde für den Benutzer "SYSTEM" (Wert von getbenutzername() für den ausgeführten Thread) verweigert, da er vom Modul "C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe" (Wert von GetModuleFileName() für die Binärdatei, die die Abfrage ausgegeben hat) versucht wurde. Systemfehler: ============= Error: (04/20/2021 07:21:15 AM) (Source: SNMP) (EventID: 1500) (User: ) Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten. Error: (04/18/2021 01:23:01 PM) (Source: SNMP) (EventID: 1500) (User: ) Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten. Error: (04/18/2021 12:58:11 PM) (Source: SNMP) (EventID: 1500) (User: ) Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten. Error: (04/18/2021 12:57:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts. Error: (04/18/2021 12:57:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Logi Facecam Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts. Error: (04/18/2021 12:57:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Microsoft Update Health Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (04/18/2021 12:57:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "GoPro Device Detection Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (04/18/2021 12:57:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) Security Assist" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Windows Defender: ================ Date: 2021-04-18 14:19:55 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {A09C37D1-E6FD-46ED-A0DF-D31849C34BA7} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2021-04-17 16:31:55 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {C5BD1AE5-439D-4A73-BBB1-80AA6CA6BFFB} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2021-04-16 23:17:03 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {8EA8C48E-D49C-4B55-BFC8-3866CFEDC665} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2021-04-15 14:23:00 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {2C096C7F-215C-4AA8-8799-B37EB79C01D0} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2021-04-14 14:13:53 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {32643AB2-1BFB-43F6-96FE-C35E794E5AED} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM CodeIntegrity: =============== Date: 2021-04-18 12:50:49 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. ==================== Speicherinformationen =========================== BIOS: American Megatrends Inc. 3016 12/27/2016 Hauptplatine: ASUSTeK COMPUTER INC. Z170 PRO GAMING Prozessor: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz Prozentuale Nutzung des RAM: 23% Installierter physikalischer RAM: 32634.81 MB Verfügbarer physikalischer RAM: 24873.86 MB Summe virtueller Speicher: 65402.81 MB Verfügbarer virtueller Speicher: 56021.7 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:237.52 GB) (Free:62.16 GB) NTFS Drive d: (Spiele) (Fixed) (Total:232.88 GB) (Free:177.63 GB) NTFS Drive e: (Volume) (Fixed) (Total:465.75 GB) (Free:149.29 GB) NTFS Drive m: (Mastermind) (Fixed) (Total:3725.9 GB) (Free:3193.12 GB) NTFS Drive s: (Steam) (Fixed) (Total:465.63 GB) (Free:220.66 GB) NTFS \\?\Volume{5b439334-728b-11e5-8795-806e6f6e6963}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS \\?\Volume{769568a4-0000-0000-0000-e0673b000000}\ () (Fixed) (Total:0.85 GB) (Free:0.4 GB) NTFS ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 769568A4) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=237.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=871 MB) - (Type=27) ========================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 9231999F) Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS) ========================================================== Disk: 3 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 4 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ==================== Ende von Addition.txt ======================= |
20.04.2021, 12:31 | #18 |
/// Winkelfunktion /// TB-Süch-Tiger™ | W10: Firefox, automatischer Aufruf von craccoon.com Scripting/Repair mit FRST64
__________________WARNUNG AN ALLE MITLESER !!! Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System angewendet werden!
__________________ |
20.04.2021, 13:04 | #19 |
| W10: Firefox, automatischer Aufruf von craccoon.com Hi, die Fixlog: Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-04-2021 durchgeführt von Hendrik (20-04-2021 13:55:07) Run:1 Gestartet von C:\Users\Hendrik\Downloads Geladene Profile: Hendrik Start-Modus: Normal ============================================== fixlist Inhalt: ***************** CloseProcesses: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG GroupPolicy: Beschränkung ? <==== ACHTUNG Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG C:\Users\Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk Task: {13DD2E0F-8F1D-4844-A353-1652E99A6F2A} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG Task: {193D141E-04C3-44E8-8B90-C2DF0886C5D9} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {1CFCC27F-17D9-4963-9A9A-53B391628E73} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG Task: {36A13E3F-5BB3-4919-96E2-22AE6695455D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {5B6777DE-8127-46FD-9342-AFF596DC9820} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {606C8B4C-FC4B-4118-A888-D9A991DC1FAA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {B22365E3-DD44-4F9D-B86F-6A0292865C26} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {B52DBA18-9F13-43F0-8DBF-B47BE975645A} - \Microsoft\Windows\Setup\EOONotify -> Keine Datei <==== ACHTUNG Task: {E0EC010C-9185-4E57-B0FE-4DCA18103968} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG Task: {E2BEF094-DC6D-4DAB-A837-17FB57AB50FF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {E4A2BD13-0B03-423E-86BA-94C6867AA9BC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {EE2C32F3-60ED-454C-9C67-A9B3897DF478} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG Task: {F24EA26E-E48B-4F71-95FC-315193016752} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {F7F5F5C9-EC9A-41C1-A847-80F83A7F4119} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {F98535FE-B58A-4CF0-9A08-3F05355DDE68} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG Task: {F9985183-E490-46AA-8E10-C0F9492A5396} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG cmd: reg query "HKCU\Environment" cmd: reg query "HKCU\Software" cmd: netsh advfirewall reset emptytemp: ***************** Prozesse erfolgreich geschlossen. HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => erfolgreich entfernt C:\WINDOWS\system32\GroupPolicy\Machine => erfolgreich verschoben C:\WINDOWS\system32\GroupPolicy\GPT.ini => erfolgreich verschoben C:\ProgramData\NTUSER.pol => erfolgreich verschoben C:\Users\Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => erfolgreich verschoben "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{13DD2E0F-8F1D-4844-A353-1652E99A6F2A}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13DD2E0F-8F1D-4844-A353-1652E99A6F2A}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{193D141E-04C3-44E8-8B90-C2DF0886C5D9}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{193D141E-04C3-44E8-8B90-C2DF0886C5D9}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1CFCC27F-17D9-4963-9A9A-53B391628E73}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1CFCC27F-17D9-4963-9A9A-53B391628E73}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{36A13E3F-5BB3-4919-96E2-22AE6695455D}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36A13E3F-5BB3-4919-96E2-22AE6695455D}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5B6777DE-8127-46FD-9342-AFF596DC9820}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B6777DE-8127-46FD-9342-AFF596DC9820}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{606C8B4C-FC4B-4118-A888-D9A991DC1FAA}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{606C8B4C-FC4B-4118-A888-D9A991DC1FAA}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B22365E3-DD44-4F9D-B86F-6A0292865C26}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B22365E3-DD44-4F9D-B86F-6A0292865C26}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B52DBA18-9F13-43F0-8DBF-B47BE975645A}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B52DBA18-9F13-43F0-8DBF-B47BE975645A}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOONotify" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0EC010C-9185-4E57-B0FE-4DCA18103968}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0EC010C-9185-4E57-B0FE-4DCA18103968}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2BEF094-DC6D-4DAB-A837-17FB57AB50FF}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2BEF094-DC6D-4DAB-A837-17FB57AB50FF}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E4A2BD13-0B03-423E-86BA-94C6867AA9BC}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4A2BD13-0B03-423E-86BA-94C6867AA9BC}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE2C32F3-60ED-454C-9C67-A9B3897DF478}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE2C32F3-60ED-454C-9C67-A9B3897DF478}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F24EA26E-E48B-4F71-95FC-315193016752}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F24EA26E-E48B-4F71-95FC-315193016752}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F7F5F5C9-EC9A-41C1-A847-80F83A7F4119}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7F5F5C9-EC9A-41C1-A847-80F83A7F4119}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F98535FE-B58A-4CF0-9A08-3F05355DDE68}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F98535FE-B58A-4CF0-9A08-3F05355DDE68}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F9985183-E490-46AA-8E10-C0F9492A5396}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9985183-E490-46AA-8E10-C0F9492A5396}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => erfolgreich entfernt ========= reg query "HKCU\Environment" ========= HKEY_CURRENT_USER\Environment Path REG_EXPAND_SZ %USERPROFILE%\AppData\Local\Microsoft\WindowsApps; TEMP REG_EXPAND_SZ %USERPROFILE%\AppData\Local\Temp TMP REG_EXPAND_SZ %USERPROFILE%\AppData\Local\Temp MOZ_PLUGIN_PATH REG_SZ JD2_HOME REG_SZ M:\JDownloader\JDownloader OneDrive REG_EXPAND_SZ C:\Users\Hendrik\OneDrive OneDriveConsumer REG_EXPAND_SZ C:\Users\Hendrik\OneDrive ========= Ende von CMD: ========= ========= reg query "HKCU\Software" ========= HKEY_CURRENT_USER\Software\7-Zip HKEY_CURRENT_USER\Software\AppDataLow HKEY_CURRENT_USER\Software\ASRock HKEY_CURRENT_USER\Software\ASUS HKEY_CURRENT_USER\Software\Avira HKEY_CURRENT_USER\Software\Battlefield 1942 HKEY_CURRENT_USER\Software\Beam Team Games HKEY_CURRENT_USER\Software\BetaDwarf ApS HKEY_CURRENT_USER\Software\Bethesda Softworks HKEY_CURRENT_USER\Software\Binary Fortress Software HKEY_CURRENT_USER\Software\Blacklight Interactive HKEY_CURRENT_USER\Software\Blizzard Entertainment HKEY_CURRENT_USER\Software\Bohemia Interactive HKEY_CURRENT_USER\Software\Bohemia Interactive Studio HKEY_CURRENT_USER\Software\Brother HKEY_CURRENT_USER\Software\BugSplat HKEY_CURRENT_USER\Software\Buhl Data Service GmbH HKEY_CURRENT_USER\Software\Chromium HKEY_CURRENT_USER\Software\CineForm HKEY_CURRENT_USER\Software\City Interactive HKEY_CURRENT_USER\Software\Clients HKEY_CURRENT_USER\Software\CodeHatch HKEY_CURRENT_USER\Software\Corel HKEY_CURRENT_USER\Software\Creepy Jar HKEY_CURRENT_USER\Software\Cyberlore HKEY_CURRENT_USER\Software\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b HKEY_CURRENT_USER\Software\DirectShow HKEY_CURRENT_USER\Software\Discord HKEY_CURRENT_USER\Software\Dropbox HKEY_CURRENT_USER\Software\DropboxUpdate HKEY_CURRENT_USER\Software\DTP HKEY_CURRENT_USER\Software\DVDVideoSoft HKEY_CURRENT_USER\Software\ej-technologies HKEY_CURRENT_USER\Software\Elaborate Bytes HKEY_CURRENT_USER\Software\Electronic Arts HKEY_CURRENT_USER\Software\Elgato Systems GmbH HKEY_CURRENT_USER\Software\Epic Games HKEY_CURRENT_USER\Software\EPSON HKEY_CURRENT_USER\Software\Foxit Software HKEY_CURRENT_USER\Software\Frontier Developments HKEY_CURRENT_USER\Software\Gaijin HKEY_CURRENT_USER\Software\GameSpy HKEY_CURRENT_USER\Software\Google HKEY_CURRENT_USER\Software\GoPro HKEY_CURRENT_USER\Software\GPL Ghostscript HKEY_CURRENT_USER\Software\Haali HKEY_CURRENT_USER\Software\HmelyoffLabs HKEY_CURRENT_USER\Software\HTC HKEY_CURRENT_USER\Software\HtcVive HKEY_CURRENT_USER\Software\IM Providers HKEY_CURRENT_USER\Software\ImgBurn HKEY_CURRENT_USER\Software\Innersloth HKEY_CURRENT_USER\Software\Intel HKEY_CURRENT_USER\Software\Invent4.com HKEY_CURRENT_USER\Software\IO Interactive HKEY_CURRENT_USER\Software\IronGate HKEY_CURRENT_USER\Software\JavaSoft HKEY_CURRENT_USER\Software\JEDI-VCL HKEY_CURRENT_USER\Software\Khronos HKEY_CURRENT_USER\Software\Lagarith HKEY_CURRENT_USER\Software\LAV HKEY_CURRENT_USER\Software\Lavasoft HKEY_CURRENT_USER\Software\Licenses HKEY_CURRENT_USER\Software\LinuxLive HKEY_CURRENT_USER\Software\LogiShrd HKEY_CURRENT_USER\Software\Logitech HKEY_CURRENT_USER\Software\LogMeInInc HKEY_CURRENT_USER\Software\Macromedia HKEY_CURRENT_USER\Software\MAGIX HKEY_CURRENT_USER\Software\Magix Low Latency 2016 HKEY_CURRENT_USER\Software\MainConcept HKEY_CURRENT_USER\Software\Malwarebytes HKEY_CURRENT_USER\Software\Martin Prikryl HKEY_CURRENT_USER\Software\Mediatonic HKEY_CURRENT_USER\Software\Microsoft HKEY_CURRENT_USER\Software\Mojang HKEY_CURRENT_USER\Software\Mozilla HKEY_CURRENT_USER\Software\MozillaPlugins HKEY_CURRENT_USER\Software\MPC-HC HKEY_CURRENT_USER\Software\NewBlue HKEY_CURRENT_USER\Software\NVIDIA Corporation HKEY_CURRENT_USER\Software\O&O HKEY_CURRENT_USER\Software\OCS HKEY_CURRENT_USER\Software\ODBC HKEY_CURRENT_USER\Software\OffworldIndustries HKEY_CURRENT_USER\Software\OpenAutomate HKEY_CURRENT_USER\Software\OpenVR HKEY_CURRENT_USER\Software\Opera Software HKEY_CURRENT_USER\Software\Paradox Interactive HKEY_CURRENT_USER\Software\PDFPrint HKEY_CURRENT_USER\Software\Policies HKEY_CURRENT_USER\Software\QtProject HKEY_CURRENT_USER\Software\Raise3D HKEY_CURRENT_USER\Software\Realtek HKEY_CURRENT_USER\Software\Redbeet Interactive HKEY_CURRENT_USER\Software\RegisteredApplications HKEY_CURRENT_USER\Software\Repetier HKEY_CURRENT_USER\Software\Respawn Entertainment HKEY_CURRENT_USER\Software\Rockstar Games HKEY_CURRENT_USER\Software\SecuROM HKEY_CURRENT_USER\Software\SimBin HKEY_CURRENT_USER\Software\SimonTatham HKEY_CURRENT_USER\Software\SKS HKEY_CURRENT_USER\Software\Skype HKEY_CURRENT_USER\Software\Sony Creative Software HKEY_CURRENT_USER\Software\SplitmediaLabs HKEY_CURRENT_USER\Software\Spotify HKEY_CURRENT_USER\Software\SyncEngines HKEY_CURRENT_USER\Software\Team17 Digital Ltd HKEY_CURRENT_USER\Software\Team17SoftwareLTD HKEY_CURRENT_USER\Software\TeamSpeak 3 Client HKEY_CURRENT_USER\Software\TeamViewer HKEY_CURRENT_USER\Software\The Creative Assembly HKEY_CURRENT_USER\Software\The Silicon Realms Toolworks HKEY_CURRENT_USER\Software\TheCreativeAssembly HKEY_CURRENT_USER\Software\Thunderbird HKEY_CURRENT_USER\Software\Trolltech HKEY_CURRENT_USER\Software\Ubisoft HKEY_CURRENT_USER\Software\UIUTask HKEY_CURRENT_USER\Software\UniqueInt HKEY_CURRENT_USER\Software\Unity HKEY_CURRENT_USER\Software\Valve HKEY_CURRENT_USER\Software\VMware, Inc. HKEY_CURRENT_USER\Software\Wargaming.net HKEY_CURRENT_USER\Software\WebEx HKEY_CURRENT_USER\Software\WinRAR SFX HKEY_CURRENT_USER\Software\Wintertree HKEY_CURRENT_USER\Software\Wow6432Node HKEY_CURRENT_USER\Software\Z-Software GmbH HKEY_CURRENT_USER\Software\ZoomUMX HKEY_CURRENT_USER\Software\{B2CB09FF-2453-4f85-9F40-21C05BE4CBA8} HKEY_CURRENT_USER\Software\Classes ========= Ende von CMD: ========= ========= netsh advfirewall reset ========= OK. ========= Ende von CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 10510336 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 770396534 B Java, Flash, Steam htmlcache => 1053131839 B Windows/system/drivers => 2846818 B Edge => 1915880 B Chrome => 23106056 B Firefox => 1157109665 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 26740 B NetworkService => 258090 B Hendrik => 524723014 B DefaultAppPool => 524723014 B RecycleBin => 405462033 B EmptyTemp: => 4.2 GB temporäre Dateien entfernt. ================================ Das System musste neu gestartet werden. ==== Ende von Fixlog 13:57:56 ==== |
20.04.2021, 13:32 | #20 |
/// Winkelfunktion /// TB-Süch-Tiger™ | W10: Firefox, automatischer Aufruf von craccoon.com Kontrollscans mit MBAM und RK Wir sind fast fertig. Jetzt ist es an der Zeit für Kontrollscans mit Poste nach Abschluss der beiden Scans die Logs in CODE-Tags.
__________________ Logfiles bitte immer in CODE-Tags posten |
20.04.2021, 13:57 | #21 |
| W10: Firefox, automatischer Aufruf von craccoon.com Hi, eiman MBAM: Code:
ATTFilter Malwarebytes www.malwarebytes.com -Protokolldetails- Scan-Datum: 20.04.21 Scan-Zeit: 14:40 Protokolldatei: 9f7d02cc-a1d5-11eb-a244-704d7b645db9.json -Softwaredaten- Version: 4.3.0.98 Komponentenversion: 1.0.1251 Version des Aktualisierungspakets: 1.0.39621 Lizenz: Testversion -Systemdaten- Betriebssystem: Windows 10 (Build 19042.928) CPU: x64 Dateisystem: NTFS Benutzer: Zeiträuber\Hendrik -Scan-Übersicht- Scan-Typ: Bedrohungs-Scan Scan gestartet von: Manuell Ergebnis: Abgeschlossen Gescannte Objekte: 350734 Erkannte Bedrohungen: 0 In die Quarantäne verschobene Bedrohungen: 0 Abgelaufene Zeit: 2 Min., 37 Sek. -Scan-Optionen- Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Erkennung PUM: Erkennung -Scan-Details- Prozess: 0 (keine bösartigen Elemente erkannt) Modul: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswert: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Datei: 0 (keine bösartigen Elemente erkannt) Physischer Sektor: 0 (keine bösartigen Elemente erkannt) WMI: 0 (keine bösartigen Elemente erkannt) (end) Und einmal RogueKiller: Code:
ATTFilter RogueKiller Anti-Malware V14.8.6.0 (x64) [Mar 24 2021] (Free) von Adlice Software Mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Betriebssystem : Windows 10 (10.0.19042) 64 bits Gestartet in : Normaler Modus Benutzer : Hendrik [Administrator] Gestartet von : C:\Users\Hendrik\Desktop\RogueKiller_portable64.exe Signaturen : 20210419_123737, Treiber : Geladen Modus : Standard-Scan, Löschen -- Datum : 2021/04/20 14:54:21 (Dauer : 00:06:59) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Löschen ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [PUP.Gen1 (Potenziell bösartig)] HKEY_USERS\.DEFAULT\Software\OCS -- -> Gelöscht [PUP.Gen1 (Potenziell bösartig)] HKEY_USERS\S-1-5-21-256580667-2295068177-2157506718-1000\Software\OCS -- -> Gelöscht [PUP.Gen1 (Potenziell bösartig)] HKEY_USERS\S-1-5-18\Software\OCS -- -> Gelöscht [PUP.Gen1 (Potenziell bösartig)] simplitec -- %programdata%\simplitec -> Gelöscht |
20.04.2021, 14:04 | #22 |
/// Winkelfunktion /// TB-Süch-Tiger™ | W10: Firefox, automatischer Aufruf von craccoon.com Dann wären wir durch! Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen. Abschließend bitte noch einen Cleanup mit unserem TB-Cleanup-Script durchführen und unbedingt die Sicherheitsmaßnahmen lesen und umsetzen - beides ist in folgendem Lesestoff verlinkt:
__________________ Logfiles bitte immer in CODE-Tags posten |
22.04.2021, 15:55 | #23 |
/// TB-Ausbilder | W10: Firefox, automatischer Aufruf von craccoon.com Wir sind froh, dass wir helfen konnten Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Jeder andere bitte hier klicken und ein eigenes Thema erstellen. |
Themen zu W10: Firefox, automatischer Aufruf von craccoon.com |
.com, adware, appdata, craccoon, download, explorer, failed, festgestellt, firefox, folge, forum, frage, google, internet, internet explorer, lösung, microsoft, recovery, registry, reset, secure, suche, surfen, system32, temp, update, weiterleitung, windows |