|
Log-Analyse und Auswertung: Windows 10 Home, Internetseite lässt sich nicht öffnen, Warnung Vodafone über SchadsoftwareWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
22.04.2021, 11:46 | #1 |
| Windows 10 Home, Internetseite lässt sich nicht öffnen, Warnung Vodafone über Schadsoftware Hallo, ich habe seit Gestern ein Problem, es lässt sich eine bestimmte Internetseite nicht mehr öffnen, Magix.com (Videobearbeitung). Als ich mich später mit dem Handy über WLAN einloggte, kam die Fehlermeldung von Vodafone, dass 1 Gerät im WLAN mit Schadsoftware infiziert sei. Außerdem wollte ich über Whatsapp web einen Link zu meinem Server (Synology) teilen, den Link hat es in der Zwischenablage wohl irgendwie abgeändert. Leider kann ich nicht mehr sagen zu was, ich habe den abgeänderten dann sofort gelöscht, bevor jemand darauf klickt. Hier die Logs: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021 durchgeführt von Stefan (Administrator) auf DESKTOP-VFO2AEV (Dell Inc. Inspiron 7566) (22-04-2021 12:30:05) Gestartet von C:\Users\Stefan\Downloads Geladene Profile: defaultuser0 & Stefan Platform: Windows 10 Home Version 2004 19041.928 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: FF Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3> (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (Canon Inc. -> CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (CyberGhost S.R.L. -> CyberGhost S.A.) C:\Program Files\CyberGhost 7\CyberGhost.exe (CyberGhost S.R.L. -> CyberGhost S.A.) C:\Program Files\CyberGhost 7\CyberGhost.Service.exe (CyberGhost SRL -> CyberGhost S.A.) C:\Program Files\CyberGhost Pro\CyberGhost.Service.exe (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3> (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\120.4.4598\QtWebEngineProcess.exe <3> (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (geek software GmbH -> geek software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe <2> (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (Intel Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_763182f3860a4408\igfxCUIService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_763182f3860a4408\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_763182f3860a4408\IntelCpHDCPSvc.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_763182f3860a4408\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.925_none_e76d4f6f260a683e\TiWorker.exe (Movavi Software Limited -> ) C:\Users\Stefan\AppData\Roaming\Movavi Video Suite 21\RouterApplication.exe (Movavi Software Limited -> Movavi) C:\Users\Stefan\AppData\Roaming\Movavi Video Suite 21\AgentInformer.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <7> (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_ed2d6589d1176ab4\Display.NvContainer\NVDisplay.Container.exe <2> (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (SatoshiLabs, s.r.o. -> ) C:\Program Files (x86)\TREZOR Bridge\trezord.exe (Synology Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8852512 2016-09-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1852352 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (Canon Inc. -> CANON INC.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117472 2021-04-06] (Avast Software s.r.o. -> AVAST Software) HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [927152 2016-08-07] (Waves Inc -> Waves Audio Ltd.) HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3191728 2017-06-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7991528 2021-04-12] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH) HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 7\CyberGhost.exe [1049680 2020-08-11] (CyberGhost S.R.L. -> CyberGhost S.A.) HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\Run: [movavi_suite_agent] => C:\Users\Stefan\AppData\Roaming\Movavi Video Suite 21\AgentInformer.exe [942720 2021-04-20] (Movavi Software Limited -> Movavi) HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\MountPoints2: {37ac156b-a111-11eb-9f95-18dbf2028a86} - "D:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\MountPoints2: {e5c4a365-5c0b-11eb-9f8f-18dbf2028a86} - "D:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\MountPoints2: {e5c4a413-5c0b-11eb-9f8f-18dbf2028a86} - "D:\HiSuiteDownLoader.exe" HKLM\...\Windows x64\Print Processors\Canon MG5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAT.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series: C:\Windows\system32\CNMLMAT.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [Datei ist nicht signiert] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.128\Installer\chrmstp.exe [2021-04-16] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2019-05-23] ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> ) Startup: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2016-11-29] ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) Startup: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2018-06-28] ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> ) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {073D291B-05A6-4048-ACBF-32E446113548} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1468952 2016-09-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {0A246A0D-A23E-4262-B251-F7852F884A26} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114056 2021-04-18] (Microsoft Corporation -> Microsoft Corporation) Task: {10C618B1-0A79-40B2-86FB-658942C5E421} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {1CE94ECB-0658-4646-9317-34724E475569} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248792 2021-04-07] (Microsoft Corporation -> Microsoft Corporation) Task: {28CC8A35-97F3-4974-B28E-7A95170BE4B3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-15] (Google Inc -> Google Inc.) Task: {2B53BBFE-D4DC-4D0B-8A11-EB627A7CD576} - System32\Tasks\DropboxUpdateTaskMachineUA1d5582862b8dec2 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc -> Dropbox, Inc.) Task: {3E10725C-ABF0-4E49-A551-B0F2741A6190} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [781248 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4B81CC16-F99B-4A3E-A5EF-AFB6F2CE0D31} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1059336 2021-01-09] (Dell Inc -> Dell Inc.) Task: {557A0892-EB64-4B13-9ECD-C8903C88C195} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [696304 2021-04-21] (Mozilla Corporation -> Mozilla Foundation) Task: {557E9060-9000-4C9E-93AA-2455C60F403F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114056 2021-04-18] (Microsoft Corporation -> Microsoft Corporation) Task: {5E53F36E-3A61-4112-B751-296808ED7E14} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5F47CE85-659B-42A1-BE36-1E9AFCCC3C8A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4002744 2021-04-18] (Microsoft Corporation -> Microsoft Corporation) Task: {628859AB-D77C-4761-BD15-6FF4FD423ADD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-15] (Google Inc -> Google Inc.) Task: {68DA2C8F-1B2C-43FB-9485-70244B921BD1} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Stefan\Downloads\esetonlinescanner_deu.exe Task: {6A49499E-1AEF-4167-8372-2A52104CA948} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4686560 2021-04-06] (Avast Software s.r.o. -> AVAST Software) Task: {7691B482-49A2-401C-8520-303E0BB30716} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [628672 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7D02BAF0-761A-4297-9F32-DCFB1B15BFA9} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG Task: {86D78224-79AA-45FB-BDE5-1F04AC9543EE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc -> Dropbox, Inc.) Task: {8C1CA715-2B90-429F-A337-D7DF6F018F05} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248792 2021-04-07] (Microsoft Corporation -> Microsoft Corporation) Task: {91BE7826-B27A-42D3-99BE-D6D26A01FE52} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc -> Dropbox, Inc.) Task: {AD6CCEEA-CE2A-42E5-A222-6CF76DFBF5C6} - System32\Tasks\AsLiftRightsForClient_Sessionunknown LOGON_SESSION_ID id (0xc) => C:\Users\Stefan\AppData\Local\pcvisit Software AG\caloa\pcvisit.Support.guest.15\release\15.0.21.8519\pcvisit_client.exe [7261128 2017-11-29] (pcvisit software ag -> pcvisit Software ag) Task: {B34C07BE-5358-4D24-BA6C-D5E1399E9A4C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4002744 2021-04-18] (Microsoft Corporation -> Microsoft Corporation) Task: {C16C7135-EED6-4CA7-A79C-C362713323E1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [628672 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D05D070E-068C-439B-925C-E95B198F5817} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software) Task: {DC5F3C88-0DF6-43E6-AE90-D608896B291F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Stefan\Downloads\esetonlinescanner_deu.exe Task: {EB49F337-D9A4-46F7-A462-2C0A7EBC6E18} - System32\Tasks\DropboxUpdateTaskMachineCore1d5582862b00140 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc -> Dropbox, Inc.) Task: {EC1D870E-7CE4-4894-BE88-A12DB5D5BBD6} - System32\Tasks\AsLiftRightsForClient_Sessionunknown LOGON_SESSION_ID id (0x8) => C:\Users\Stefan\AppData\Local\pcvisit Software AG\caloa\pcvisit.Support.guest.15\release\15.0.21.8519\pcvisit_client.exe [7261128 2017-11-29] (pcvisit software ag -> pcvisit Software ag) Task: {F4942EA3-1891-4F29-ABE6-17941FACA44C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [704960 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F74F1F01-DB88-47AC-AD5E-6ADED034DC8E} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [704960 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F9BCE553-D5ED-4C0F-87FD-5F8A5F5EC7D5} - System32\Tasks\AsLiftRightsForClient_Sessionunknown LOGON_SESSION_ID id (0x1f) => C:\Users\Stefan\AppData\Local\pcvisit Software AG\caloa\pcvisit.Support.guest.15\release\15.0.21.8519\pcvisit_client.exe [7261128 2017-11-29] (pcvisit software ag -> pcvisit Software ag) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d5582862b00140.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d5582862b8dec2.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{16c5c495-ad99-11e6-9eee-806e6f6e6963}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{3e86762d-5a21-4ad4-8cd0-963753a460b1}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{3e86762d-5a21-4ad4-8cd0-963753a460b1}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{a07588bc-0728-46c3-879f-4fb4b13b8ec5}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{a07588bc-0728-46c3-879f-4fb4b13b8ec5}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{e13994ee-cc85-42e7-b291-64a215e97c8a}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{e95313d7-942e-405d-85e2-31cc32f5afc0}: [DhcpNameServer] 10.101.0.243 Tcpip\..\Interfaces\{f1822e7e-d17d-4e3e-bd78-eff19c60e77f}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{f1822e7e-d17d-4e3e-bd78-eff19c60e77f}: [DhcpNameServer] 192.168.2.1 Edge: ======= DownloadDir: C:\Users\Stefan\Downloads Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden] Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden] Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden] Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden] Edge Profile: C:\Users\Stefan\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-22] FireFox: ======== FF DefaultProfile: xz8conbd.default FF ProfilePath: C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\xz8conbd.default [2021-04-22] FF Homepage: Mozilla\Firefox\Profiles\xz8conbd.default -> hxxps://www.wieistmeineip.de/ FF NetworkProxy: Mozilla\Firefox\Profiles\xz8conbd.default -> backup.ftp", "190.248.158.194" FF Notifications: Mozilla\Firefox\Profiles\xz8conbd.default -> hxxps://web.whatsapp.com; hxxp://192.168.2.15:8083; hxxps://www.shoop.de; hxxp://192.168.2.15:8899; hxxp://192.168.2.15:9090; hxxp://192.168.2.15:8096; hxxps://emby.media FF Extension: (Kee - Password Manager) - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\xz8conbd.default\Extensions\keefox@chris.tomlinson.xpi [2021-04-10] FF Extension: (Shoop Cashback & Gutscheine) - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\xz8conbd.default\Extensions\lisa@qipu.de.xpi [2021-04-16] FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\xz8conbd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-01-29] FF Extension: (NZBLinker) - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\xz8conbd.default\Extensions\{def38e25-28fb-4662-ad6d-bfa415dfd06b}.xpi [2021-01-01] FF Extension: (Picture-In-Picture) - C:\Program Files (x86)\Mozilla Firefox\browser\features\pictureinpicture@mozilla.org.xpi [2021-04-21] [ist nicht signiert] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-11-13] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Plugin: @java.com/DTPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\dtplugin\npDeployJava1.dll [2019-04-17] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\plugin2\npjp2.dll [2019-04-17] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2016-09-20] (Adobe Systems, Inc.) [Datei ist nicht signiert] FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.) [Datei ist nicht signiert] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-14] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default [2021-04-20] CHR StartupUrls: Default -> "chrome://apps/","hxxps://www.ledgerwallet.com/apps" CHR Extension: (Präsentationen) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-15] CHR Extension: (Docs) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-15] CHR Extension: (Google Drive) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-15] CHR Extension: (Ledger Manager) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\beimhnaefocolcplfimocfiaiefpkgbf [2020-09-15] CHR Extension: (YouTube) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-15] CHR Extension: (Tabellen) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-15] CHR Extension: (McAfee® WebAdvisor) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-04-09] CHR Extension: (Google Docs Offline) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-20] CHR Extension: (Avast Online Security) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-03-15] CHR Extension: (Ledger Wallet Ethereum) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmlhkialjkaldndjnlcdfdphcgeadkkm [2019-04-18] CHR Extension: (Ledger Wallet Bitcoin) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdpmhnladdopljabkgpacgpliggeeaf [2020-09-15] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-16] CHR Extension: (Google Mail) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-15] CHR Extension: (Chrome Media Router) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-15] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7888408 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [623216 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [353504 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56920 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R2 CG6Service; C:\Program Files\CyberGhost Pro\CyberGhost.Service.exe [204880 2018-06-11] (CyberGhost SRL -> CyberGhost S.A.) R2 CG7Service; C:\Program Files\CyberGhost 7\CyberGhost.Service.exe [89168 2020-08-11] (CyberGhost S.R.L. -> CyberGhost S.A.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788392 2021-04-07] (Microsoft Corporation -> Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-04-12] (Dropbox, Inc -> Dropbox, Inc.) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [287776 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3750944 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [507936 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe [985584 2021-01-14] (PC-Doctor, Inc. -> PC-Doctor, Inc.) R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2021-01-19] (Dell Inc -> ) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2020-12-05] (Huawei Technologies Co., Ltd. -> ) S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [Datei ist nicht signiert] R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [Datei ist nicht signiert] S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7138296 2020-09-15] (Malwarebytes Inc -> Malwarebytes) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [956760 2020-11-13] (McAfee, LLC -> McAfee, LLC) R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation) R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH) R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39432 2021-01-09] (Dell Inc -> Dell Inc.) R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248856 2018-05-11] (Synology Inc. -> ) [Datei ist nicht signiert] S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-18] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-18] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_ed2d6589d1176ab4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_ed2d6589d1176ab4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> ) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35680 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208552 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365520 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250328 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99288 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-01-01] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41304 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [177872 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [524416 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107808 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83368 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850120 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [466696 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216376 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-04-06] (Avast Software s.r.o. -> AVAST Software) R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider) R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [27896 2021-04-22] (WDKTestCert Amit_K_Tiwari,132158070448517957 -> ) R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.) S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-09-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes) S0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-09-15] (Malwarebytes Inc -> Malwarebytes) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-11-18] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-11-18] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-18] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2021-04-22 12:31 - 2021-04-22 12:31 - 000217608 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-04-22 12:30 - 2021-04-22 12:30 - 000037450 _____ C:\Users\Stefan\Downloads\FRST.txt 2021-04-22 12:29 - 2021-04-22 12:30 - 000000000 ____D C:\FRST 2021-04-22 12:29 - 2021-04-22 12:29 - 002298368 _____ (Farbar) C:\Users\Stefan\Downloads\FRST64.exe 2021-04-22 12:26 - 2021-04-22 12:26 - 000027896 _____ C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys 2021-04-21 21:55 - 2021-04-21 21:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-04-21 21:18 - 2021-04-21 21:18 - 000000000 ____D C:\ProgramData\Movavi Video Suite 21 2021-04-21 21:14 - 2021-04-21 21:14 - 000000150 _____ C:\Users\Stefan\Downloads\Movavi Video Suite Serial.txt 2021-04-21 21:13 - 2021-04-21 21:14 - 121236608 _____ (Movavi) C:\Users\Stefan\Downloads\MovaviVideoSuiteSetup.exe 2021-04-20 22:29 - 2021-04-20 22:29 - 000000000 ____D C:\Users\Stefan\AppData\Local\PhotoManager 2021-04-20 22:28 - 2021-04-20 22:35 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Movavi Photo Manager 2 2021-04-20 22:28 - 2021-04-20 22:28 - 000012687 _____ C:\ProgramData\fxatyavk.yrt 2021-04-20 22:23 - 2021-04-20 22:23 - 000000000 ____D C:\Users\Stefan\AppData\Local\MovaviPicverse 2021-04-20 20:56 - 2021-04-20 20:56 - 000000000 ____D C:\Users\Stefan\AppData\Local\VideoEditorPlus 2021-04-20 20:53 - 2021-04-20 22:36 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Movavi Picverse 2021-04-20 20:53 - 2021-04-20 20:53 - 000012747 _____ C:\ProgramData\itjalhsf.rge 2021-04-20 20:52 - 2021-04-20 20:52 - 000000961 _____ C:\Users\Stefan\Desktop\Movavi Video Suite 21.lnk 2021-04-20 20:52 - 2021-04-20 20:52 - 000000000 ____D C:\Users\Stefan\Downloads\Movavi Sync 2021-04-20 20:52 - 2021-04-20 20:52 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Movavi Video Suite 21 2021-04-20 20:52 - 2021-04-20 20:52 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movavi Video Suite 21 2021-04-20 20:52 - 2021-04-20 20:52 - 000000000 ____D C:\Users\Stefan\AppData\Local\Suite 2021-04-20 20:52 - 2021-04-20 20:52 - 000000000 ____D C:\Users\Stefan\AppData\Local\CrashRpt 2021-04-20 20:52 - 2021-04-20 20:52 - 000000000 ____D C:\Users\Stefan\AppData\Local\cache 2021-04-20 20:52 - 2021-04-20 20:52 - 000000000 ____D C:\Users\Stefan\AppData\Local\AgentInformer 2021-04-20 20:51 - 2021-04-20 20:51 - 133905024 _____ (Movavi) C:\Users\Stefan\Downloads\MovaviVideoSuiteSetupF.exe 2021-04-20 20:51 - 2021-04-20 20:51 - 000012545 _____ C:\ProgramData\mijprvzl.ern 2021-04-20 20:25 - 2021-04-20 20:25 - 006348176 _____ (MAGIX Software GmbH) C:\Users\Stefan\Downloads\trial_videodeluxeplus2021_dlm_op4wd1--phfGTKlVsPlX9KSLLu.exe 2021-04-20 19:52 - 2021-04-20 19:52 - 000000000 ____D C:\Program Files\Common Files\MAGIX Shared 2021-04-20 19:51 - 2021-04-20 19:51 - 000000000 ____D C:\Program Files\MAGIX 2021-04-19 15:05 - 2021-04-19 15:05 - 000000000 ____D C:\Users\Stefan\AppData\Local\MAGIX 2021-04-18 20:04 - 2021-04-20 22:17 - 000000000 ____D C:\Users\Stefan\Desktop\HOCHZEIT 2021-04-18 19:43 - 2021-04-18 19:43 - 021265524 _____ C:\Users\Stefan\Downloads\VID-20210305-WA0020.mp4 2021-04-18 15:13 - 2021-04-18 15:13 - 000000000 ____D C:\Users\Stefan\AppData\Local\MAGIX_Software_GmbH 2021-04-18 14:56 - 2021-04-20 20:10 - 000000000 ____D C:\Users\Stefan\Documents\MAGIX downloads 2021-04-18 14:47 - 2021-04-20 19:56 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\MAGIX 2021-04-18 14:47 - 2021-04-20 19:52 - 000000000 ____D C:\Users\Stefan\AppData\Local\Xara 2021-04-18 14:47 - 2021-04-18 14:47 - 000000000 ____D C:\Users\Stefan\Documents\MAGIX_MusicEditor 2021-04-18 14:45 - 2021-04-20 22:33 - 000000000 ___RD C:\Users\Stefan\Documents\MAGIX 2021-04-18 14:45 - 2021-04-20 20:21 - 000000000 ____D C:\ProgramData\MAGIX 2021-04-18 14:45 - 2021-04-18 14:45 - 000000000 ____D C:\Program Files (x86)\MSXML 4.0 2021-04-18 13:48 - 2021-04-18 13:48 - 000002096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-04-18 09:55 - 2021-04-18 17:13 - 000000000 ____D C:\Users\Stefan\Desktop\Magix Photostory 2015 Deluxe v14 0 2 51_ 2021-04-16 21:20 - 2021-04-16 21:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2021-04-16 21:06 - 2021-04-16 21:06 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-04-16 21:05 - 2021-04-16 21:05 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-04-16 21:05 - 2021-04-16 21:05 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-04-14 17:19 - 2021-04-20 20:27 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2452734210-2858773296-2644968050-1001 2021-04-14 17:19 - 2021-04-14 17:19 - 000002386 _____ C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-04-12 12:51 - 2021-04-12 12:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2021-04-12 12:51 - 2021-04-12 12:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2021-04-12 12:51 - 2021-04-12 12:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2021-04-12 12:51 - 2021-04-12 12:51 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2021-04-10 23:10 - 2021-04-10 23:10 - 000384759 _____ C:\Users\Stefan\Downloads\Jahreskontoauszug_2020_15879783.pdf 2021-04-10 23:07 - 2021-04-10 23:07 - 001035063 _____ C:\Users\Stefan\Downloads\Steuerbescheinigungen_2020_Stefan_Müseler.pdf 2021-04-10 23:07 - 2021-04-10 23:07 - 000932990 _____ C:\Users\Stefan\Downloads\Erträgnisaufstellung_2020_Stefan_Müseler.pdf 2021-04-10 20:19 - 2021-04-19 20:09 - 000000000 ____D C:\Users\Stefan\Desktop\2020.08.29 Schuleingang Liel 2021-04-07 08:50 - 2021-04-07 08:50 - 117944320 _____ C:\Users\Stefan\Downloads\PlexMediaServer-1.22.2.4282-a97b03fad-x86_64_DSM6.spk 2021-04-06 08:57 - 2021-04-18 14:52 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2021-04-06 08:57 - 2021-04-06 08:57 - 000850120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2021-04-06 08:57 - 2021-04-06 08:57 - 000524416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys 2021-04-06 08:57 - 2021-04-06 08:57 - 000466696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2021-04-06 08:57 - 2021-04-06 08:57 - 000365520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys 2021-04-06 08:57 - 2021-04-06 08:57 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2021-04-06 08:57 - 2021-04-06 08:57 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2021-04-06 08:57 - 2021-04-06 08:57 - 000250328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys 2021-04-06 08:57 - 2021-04-06 08:57 - 000216376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2021-04-06 08:57 - 2021-04-06 08:57 - 000208552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2021-04-06 08:57 - 2021-04-06 08:57 - 000177872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2021-04-06 08:57 - 2021-04-06 08:57 - 000107808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2021-04-06 08:57 - 2021-04-06 08:57 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys 2021-04-06 08:57 - 2021-04-06 08:57 - 000083368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2021-04-06 08:57 - 2021-04-06 08:57 - 000041304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2021-04-06 08:57 - 2021-04-06 08:57 - 000035680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys 2021-04-03 12:38 - 2021-04-03 12:38 - 000008153 _____ C:\Users\Stefan\Downloads\ledgerlive-operations-2021.04.03.csv ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2021-04-22 12:29 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-04-22 12:27 - 2016-11-18 17:10 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\KeePass 2021-04-22 12:26 - 2019-01-29 23:06 - 000000000 ____D C:\ProgramData\Mozilla 2021-04-22 12:26 - 2017-11-25 21:42 - 000000000 ____D C:\Users\Stefan\AppData\Local\CyberGhost 2021-04-22 12:26 - 2016-11-18 17:07 - 000000000 ____D C:\Users\Stefan\AppData\LocalLow\Mozilla 2021-04-22 12:26 - 2016-11-18 16:44 - 000000000 ____D C:\ProgramData\NVIDIA 2021-04-22 12:26 - 2016-11-18 16:19 - 000000000 __SHD C:\Users\Stefan\IntelGraphicsProfiles 2021-04-21 22:06 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-04-21 22:06 - 2016-11-21 13:39 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\vlc 2021-04-21 21:58 - 2020-11-16 17:19 - 001731564 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-04-21 21:58 - 2019-12-07 16:50 - 000750116 _____ C:\WINDOWS\system32\perfh007.dat 2021-04-21 21:58 - 2019-12-07 16:50 - 000151930 _____ C:\WINDOWS\system32\perfc007.dat 2021-04-21 21:58 - 2019-11-18 17:00 - 000000000 ____D C:\Users\Stefan\AppData\Local\AVAST Software 2021-04-21 21:56 - 2019-11-18 16:56 - 000000000 ____D C:\ProgramData\AVAST Software 2021-04-21 21:55 - 2016-11-18 17:06 - 000001192 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-04-21 21:55 - 2016-11-18 17:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-04-21 21:55 - 2016-11-18 17:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2021-04-21 21:54 - 2020-11-16 17:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-04-21 21:54 - 2020-11-16 17:16 - 000000000 ____D C:\Users\defaultuser0 2021-04-21 21:54 - 2020-11-16 17:13 - 000008192 ___SH C:\DumpStack.log.tmp 2021-04-21 21:54 - 2020-11-16 17:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-04-21 21:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-04-21 21:26 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-04-21 21:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-04-21 21:26 - 2018-08-01 17:18 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Ledger Live 2021-04-21 21:26 - 2017-10-19 16:13 - 000000000 ____D C:\Users\Stefan\AppData\Local\Packages 2021-04-21 20:11 - 2020-11-16 17:25 - 000003630 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-04-21 20:11 - 2020-11-16 17:25 - 000003506 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-04-21 20:09 - 2020-06-24 13:50 - 000002396 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-04-20 22:29 - 2017-02-02 12:54 - 000000000 ____D C:\Users\Stefan\AppData\Local\Movavi 2021-04-20 22:24 - 2017-02-02 12:55 - 000000000 ____D C:\Users\Stefan\.fontconfig 2021-04-20 22:15 - 2016-11-18 17:37 - 000000000 ____D C:\Users\Stefan\AppData\Local\CrashDumps 2021-04-20 20:35 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-04-20 20:35 - 2019-08-21 15:57 - 000001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d5582862b8dec2.job 2021-04-20 20:35 - 2019-08-21 15:57 - 000001250 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d5582862b00140.job 2021-04-20 20:27 - 2021-02-27 10:37 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2021-04-20 20:27 - 2021-01-14 08:16 - 000003270 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate 2021-04-20 20:27 - 2020-11-30 11:00 - 000003434 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6bc2c20930d65 2021-04-20 20:27 - 2020-11-16 17:25 - 000003798 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA1d5582862b8dec2 2021-04-20 20:27 - 2020-11-16 17:25 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-04-20 20:27 - 2020-11-16 17:25 - 000003574 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore1d5582862b00140 2021-04-20 20:27 - 2020-11-16 17:25 - 000003404 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-04-20 20:27 - 2020-11-16 17:25 - 000003142 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-20 20:27 - 2020-11-16 17:25 - 000003114 _____ C:\WINDOWS\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-20 20:27 - 2020-11-16 17:25 - 000002962 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-20 20:27 - 2020-11-16 17:25 - 000002942 _____ C:\WINDOWS\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-20 20:27 - 2020-11-16 17:25 - 000002852 _____ C:\WINDOWS\system32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-20 20:27 - 2020-11-16 17:25 - 000002810 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-20 20:27 - 2020-11-16 17:25 - 000002686 _____ C:\WINDOWS\system32\Tasks\AsLiftRightsForClient_Sessionunknown LOGON_SESSION_ID id (0x1f) 2021-04-20 20:27 - 2020-11-16 17:25 - 000002604 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn 2021-04-20 20:27 - 2020-11-16 17:25 - 000002598 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime 2021-04-20 20:27 - 2020-11-16 17:25 - 000002528 _____ C:\WINDOWS\system32\Tasks\AsLiftRightsForClient_Sessionunknown LOGON_SESSION_ID id (0xc) 2021-04-20 20:27 - 2020-11-16 17:25 - 000002526 _____ C:\WINDOWS\system32\Tasks\AsLiftRightsForClient_Sessionunknown LOGON_SESSION_ID id (0x8) 2021-04-20 20:27 - 2020-11-16 17:25 - 000002304 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_PushButton 2021-04-20 20:27 - 2020-11-16 17:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2021-04-20 20:17 - 2020-11-16 17:25 - 000003760 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA 2021-04-20 20:17 - 2020-11-16 17:25 - 000003536 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore 2021-04-20 19:53 - 2020-12-30 20:14 - 000735848 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-04-20 19:50 - 2016-11-18 16:24 - 000000000 ____D C:\ProgramData\Package Cache 2021-04-18 14:57 - 2018-08-14 15:58 - 000000000 ____D C:\Users\Stefan\AppData\Local\D3DSCache 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-04-18 14:24 - 2019-11-22 14:22 - 000001103 _____ C:\Users\Public\Desktop\VLC media player.lnk 2021-04-18 14:24 - 2019-11-22 14:22 - 000001103 _____ C:\ProgramData\Desktop\VLC media player.lnk 2021-04-18 13:50 - 2017-06-20 09:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2021-04-18 13:49 - 2016-11-18 17:08 - 000000000 ___RD C:\Users\Stefan\Dropbox 2021-04-17 10:00 - 2017-11-03 00:18 - 000000128 _____ C:\Users\Stefan\AppData\Local\PUTTY.RND 2021-04-16 21:20 - 2016-11-18 17:05 - 000000000 ____D C:\Program Files (x86)\Dropbox 2021-04-16 21:11 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-04-16 21:04 - 2020-11-16 17:14 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2021-04-16 20:50 - 2016-11-19 13:13 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-04-16 20:20 - 2016-11-19 13:13 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-04-16 20:17 - 2018-02-15 15:01 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-04-14 17:19 - 2016-11-18 16:16 - 000000000 ___RD C:\Users\Stefan\OneDrive 2021-04-10 20:18 - 2018-05-13 20:34 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Mp3tag 2021-04-06 08:57 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-04-04 13:09 - 2018-08-01 17:17 - 000000000 ____D C:\Program Files\Ledger Live 2021-04-03 19:52 - 2019-03-01 11:32 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Telegram Desktop 2021-04-03 12:44 - 2019-04-16 19:41 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Trinity ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2017-09-10 12:17 - 2018-06-26 12:56 - 000003017 _____ () C:\Users\Stefan\AppData\Roaming\.jocalaadblink.log 2017-11-03 00:18 - 2021-04-17 10:00 - 000000128 _____ () C:\Users\Stefan\AppData\Local\PUTTY.RND ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
22.04.2021, 11:46 | #2 |
| Windows 10 Home, Internetseite lässt sich nicht öffnen, Warnung Vodafone über Schadsoftware FRST Additions Logfile:
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-04-2021 durchgeführt von Stefan (22-04-2021 12:31:54) Gestartet von C:\Users\Stefan\Downloads Windows 10 Home Version 2004 19041.928 (X64) (2020-11-16 15:26:11) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2452734210-2858773296-2644968050-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2452734210-2858773296-2644968050-503 - Limited - Disabled) defaultuser0 (S-1-5-21-2452734210-2858773296-2644968050-1000 - Limited - Disabled) => C:\Users\defaultuser0 Gast (S-1-5-21-2452734210-2858773296-2644968050-501 - Limited - Disabled) Stefan (S-1-5-21-2452734210-2858773296-2644968050-1001 - Administrator - Enabled) => C:\Users\Stefan WDAGUtilityAccount (S-1-5-21-2452734210-2858773296-2644968050-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) ABC der Tiere 1 2.1 (HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\ABC der Tiere 1 2.1 2.1.2019) (Version: 2.1.2019 - Mildenberger Verlag GmbH) ABC der Tiere Spiele (HKLM-x32\...\{03377BAE-A544-E8E5-D5D9-336A95FF090C}) (Version: 2.1 - Mildenberger Verlag GmbH) Hidden ABC der Tiere Spiele (HKLM-x32\...\com.mildenberger.abdeti1v2.1) (Version: 2.1 - Mildenberger Verlag GmbH) adbLink version 3.5 (HKLM-x32\...\{05CF1DD3-4A94-4219-B176-BB1796680A6C}_is1) (Version: 3.5 - jocala.com) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.001.20149 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\{A2116AF9-FA9D-41EA-9874-1E40B227D4DE}) (Version: 12.2.5.195 - Adobe Systems, Inc) Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.0 - Sereby Corporation) AOMEI Partition Assistant Demo Edition 8.6 (HKLM-x32\...\{04F850ED-FD0F-4ED1-AE1B-4498165BF3D2}_is1) (Version: - AOMEI Technology Co., Ltd.) AusweisApp2 (HKLM-x32\...\{904259BB-6BDF-4D98-AB2F-FC758F49E244}) (Version: 1.20.2 - Governikus GmbH & Co. KG) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.2.2455 - Avast Software) Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - ) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - ) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.) Canon MG5300 series Benutzerregistrierung (HKLM-x32\...\Canon MG5300 series Benutzerregistrierung) (Version: - ) Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.) Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version: - ) Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - ) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - ) Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - ) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6452 - CDBurnerXP) CrystalDiskInfo 7.7.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.7.0 - Crystal Dew World) CyberGhost 7 (HKLM\...\CyberGhost 7) (Version: 7.1.2.4167 - CyberGhost S.A.) CyberGhost Pro (HKLM\...\CyberGhost Pro_is1) (Version: - CyberGhost S.A.) DB Browser for SQLite (HKLM\...\{ABCC928D-E47F-4867-94A6-F9F129F3FB05}) (Version: 3.11.2 - DB Browser for SQLite Team) Dell SupportAssist (HKLM\...\{C5A70974-2F89-4BE0-90F7-749E62468C4D}) (Version: 3.8.1.23 - Dell Inc.) Dell Update (HKLM-x32\...\{944FB5B0-9588-45FD-ABE8-73FC879801ED}) (Version: 4.1.0 - Dell Inc.) DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation) Dropbox (HKLM-x32\...\Dropbox) (Version: 120.4.4598 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden Evernote v. 6.4.2 (HKLM-x32\...\{E74F0DCA-9FC8-11E6-9D98-005056950253}) (Version: 6.4.2.3788 - Evernote Corp.) FileBot (HKLM\...\{34E88655-E87E-47EB-9FC8-259BA61D3947}) (Version: 4.7.19.1 - Reinhard Pointner) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.128 - Google LLC) GutscheinMaker (HKLM-x32\...\{8CE74634-466C-404C-AA69-941F76E9A875}_is1) (Version: 2 - Abelssoft) HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.500 - Huawei Technologies Co., Ltd.) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000110-0210-1031-84C8-B8D95FA3C8C3}) (Version: 21.110.0.3 - Intel Corporation) Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{4e75a24b-6cc4-4a46-accf-525f8a08c533}) (Version: 10.1.1.18 - Intel(R) Corporation) Hidden Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{4B3C56AB-963E-4F48-9747-05297683DB3B}) (Version: 16.8.3.1003 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation) Intel® Software Installer (HKLM-x32\...\{4a50fa17-2911-43ed-a2a1-d3a34411e2bb}) (Version: 21.110.2.1 - Intel Corporation) Hidden Java 10.0.2 (64-bit) (HKLM\...\{EECB2736-D013-5AC5-9917-7656712F6931}) (Version: 10.0.2.0 - Oracle Corporation) KeePass Password Safe 2.36 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.36 - Dominik Reichl) Ledger Live 2.24.0 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.24.0 - Ledger Live Team) Malwarebytes version 4.2.0.82 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.0.82 - Malwarebytes) Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.8655.0 - Waves Audio Ltd.) Hidden Mediaport (HKLM-x32\...\Mediaport) (Version: - ) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.42 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.13901.20400 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{82f2609e-68ba-408d-963f-530ad8809435}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{577ff5ba-39aa-4d8c-a3a9-f95012763438}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24406 (HKLM-x32\...\{7c8a1675-0fe9-41fd-a2ed-aa4871816197}) (Version: 14.0.24406.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24406 (HKLM-x32\...\{b5e24db9-876e-4af2-ac7f-00d0e8bc162c}) (Version: 14.0.24406.0 - Microsoft Corporation) Movavi Video Suite 21 (HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\Movavi Video Suite 21) (Version: 21.2.0 - Movavi) Mozilla Firefox 88.0 (x64 de) (HKLM\...\Mozilla Firefox 88.0 (x64 de)) (Version: 88.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.1 - Mozilla) Mp3tag v2.87a (HKLM-x32\...\Mp3tag) (Version: 2.87a - Florian Heidenreich) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.4 - Notepad++ Team) NVIDIA GeForce Experience 3.1.0.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.0.52 - NVIDIA Corporation) NVIDIA Grafiktreiber 452.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.41 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13901.20400 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20400 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden PDF24 Creator 9.2.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 9.2.2 - PDF24.org) PuTTY release 0.73 (64-bit) (HKLM\...\{44F7642C-AB7E-4468-B028-E8D08A0CBB0E}) (Version: 0.73.0.0 - Simon Tatham) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7904 - Realtek Semiconductor Corp.) Security Task Manager 2.4 (HKLM-x32\...\Security Task Manager) (Version: 2.4 - Neuber Software) Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 6.2-23733 - Synology) TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) Telegram Desktop version 2.7.1 (HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.7.1 - Telegram FZ-LLC) tiptoi® Manager 4.2 (HKLM\...\{833392BB-E8C0-4066-9408-3A30FA43972F}_is1) (Version: 4.2 - Ravensburger AG) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH) Trinity 1.6.1 (HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\e2e246ce-857c-53ed-b9ad-26e0668b9510) (Version: 1.6.1 - IOTA Foundation) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN) Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden WebAdvisor von McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.167 - McAfee, LLC) WinRAR 5.50 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) WinX DVD Author 6.3.10 (HKLM-x32\...\WinX DVD Author_is1) (Version: - DigiartySoft, Inc.) Zoom (HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\ZoomUMX) (Version: 5.4.2 (58740.1105) - Zoom Video Communications, Inc.) Packages: ========= Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-18] (Canon Inc.) Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.8.10.0_x64__htrsf667h5kn2 [2021-01-14] (Dell Inc) Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.312.1.0_neutral__8xx8rvfyw5nnt [2021-04-01] (Facebook Inc) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-14] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-14] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.4072.0_x64__8wekyb3d8bbwe [2021-04-18] (Microsoft Studios) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-21] (NVIDIA Corp.) Paradise Bay -> C:\Program Files\WindowsApps\king.com.ParadiseBay_3.9.0.0_x86__kgqvnymyfvs32 [2018-12-14] (king.com) Photo Editor | Polarr -> C:\Program Files\WindowsApps\613EBCEA.PolarrPhotoEditorAcademicEdition_5.10.200.0_x64__jb41c8remg0x2 [2020-06-01] (Polarr) Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.) Xodo Docs -> C:\Program Files\WindowsApps\5E8FC25E.XODODOCS_4.5.10.0_x64__3v3sf0k6w2rec [2021-04-18] (Xodo Technologies Inc.) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2452734210-2858773296-2644968050-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd) CustomCLSID: HKU\S-1-5-21-2452734210-2858773296-2644968050-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Stefan\Dropbox [2016-11-18 17:08] ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Datei ist nicht signiert] ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-06] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-06] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Keine Datei ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2019-01-01] (Notepad++ -> ) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-06] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Keine Datei ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-03-29] (Florian Heidenreich) [Datei ist nicht signiert] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-03-29] (Florian Heidenreich) [Datei ist nicht signiert] ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-06] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Datei ist nicht signiert] ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Keine Datei ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Keine Datei ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-03-29] (Florian Heidenreich) [Datei ist nicht signiert] ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Keine Datei ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_763182f3860a4408\igfxDTCM.dll [2020-05-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_ed2d6589d1176ab4\nvshext.dll [2020-10-22] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-06] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Keine Datei ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Keine Datei ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Namexif\Help.lnk -> hxxp://www.digicamsoft.com ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Ledger Manager.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=beimhnaefocolcplfimocfiaiefpkgbf ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Ledger Wallet Bitcoin.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kkdpmhnladdopljabkgpacgpliggeeaf ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Ledger Wallet Ethereum.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmlhkialjkaldndjnlcdfdphcgeadkkm ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=16619&utm_medium=desktop&x-pos=Metro ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2016-11-19 15:11 - 2011-01-15 17:44 - 000319488 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_DEU.DLL 2016-11-19 15:07 - 2011-08-17 10:45 - 000049152 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\Solution Menu EX\LangInfo\DE\CNSELANG.dll 2016-11-19 15:04 - 2011-04-07 19:09 - 000069632 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files\Canon\MyPrinter\BJMyRes.dll 2016-11-19 15:04 - 2011-03-14 19:09 - 000136704 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files\Canon\MyPrinter\cnmpu.dll 2016-11-19 14:52 - 2012-06-14 18:18 - 000359936 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMN6PPM.DLL 2019-07-15 10:20 - 2019-07-15 10:20 - 000126976 _____ (Intel Corporation) [Datei ist nicht signiert] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll 2020-11-16 17:18 - 2020-11-16 17:18 - 001093632 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6229_none_cbee8c4a4710d003\MFC80U.DLL 2020-11-16 17:18 - 2020-11-16 17:18 - 000065536 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6229_none_03c6cf28205ff947\MFC80DEU.DLL 2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.) BHO: Kein Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Keine Datei BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-11-13] (McAfee, LLC -> McAfee, LLC) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.2\bin\jp2ssv.dll [2019-04-17] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.) BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2016-10-31] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-11-13] (McAfee, LLC -> McAfee, LLC) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - Keine Datei Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - Keine Datei (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\hola.org -> hxxp://hola.org ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2016-07-16 13:47 - 2021-04-18 15:17 - 000000875 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 www.magix.com 127.0.0.1 195.214.216.16 2017-11-09 02:14 - 2017-11-09 02:14 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\FileBot\;C:\Program Files\PuTTY\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL HKU\S-1-5-21-2452734210-2858773296-2644968050-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg DNS Servers: 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\StartupApproved\Run: => "Lync" HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\StartupApproved\Run: => "Steam" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{6A9477D1-E95C-4F5A-8AE1-5C90ABFF435A}] => (Allow) C:\Users\Stefan\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{A01F3301-90F8-40B1-9DF8-483FEC842060}] => (Allow) C:\Users\Stefan\AppData\Local\pcvisit Software AG\caloa\pcvisit.Support.guest.15\release\15.0.21.8519\pcvdisplayserver.exe (pcvisit software ag -> ) FirewallRules: [{4D327E1F-CAD2-46E7-9C4C-3D33F1A39AC4}] => (Allow) C:\Users\Stefan\AppData\Local\pcvisit Software AG\caloa\pcvisit.Support.guest.15\release\15.0.21.8519\pcvisit_client.exe (pcvisit software ag -> pcvisit Software ag) FirewallRules: [{8DC21B46-C7AD-4735-91E9-429D589732E6}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{1C899954-6849-4BAC-A466-9C2E9F854B16}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{46F8A272-54DF-4216-B1D3-FE8C5398440A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => Keine Datei FirewallRules: [{ADC89288-7096-409A-A8C5-53ED442ED49A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => Keine Datei FirewallRules: [{33F93299-A844-4673-AD45-3B0642A5B46E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{2B76820A-CB54-4765-BE25-E188AD0459AB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{E538DC5B-21B9-4AF7-B0F5-9EC2BC3DD251}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{1F2BFDBA-DFFB-45A2-9C8E-9D2BC0F5B954}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{3004DCA1-9D2A-4883-9E55-1A8DB582E7CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{8854CAF2-8F97-45AA-B73D-37511DACAB40}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{CCA849D4-1A0B-4E28-8D47-159122CAEB6B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{68BA6FD2-94C1-434F-91DA-0D4B8AF8E894}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{79D43C5D-A970-4D4E-94A4-BABDD71FFA90}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F36F572B-73D9-4FC8-81F8-896C94F4AAF4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{481BC1C5-620B-4604-BC2D-469E2EDDF903}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG) FirewallRules: [{32C35D54-E24B-49EB-8830-D8CDE4B05869}] => (Allow) LPort=24727 FirewallRules: [TCP Query User{AB319108-9F3F-41F4-B9EE-FEFECBD4A1D8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{9242BA7E-BAE2-4C62-90AC-D484F6246E6E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{884972BA-E98E-4D3E-ADF1-64E7C8E43D28}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{1EC04944-1ED9-44C9-8D08-CE05B8D6F346}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E953E49C-49F4-40DF-BD45-9C373B5F9151}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{520A782A-C426-4A69-B84C-E64A9EE5E92D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A9FCF5E0-608F-4242-92F2-F287D0E6FBAC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{9B61B65D-F191-47A2-B7EB-3252D22B0227}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{70964E97-F435-42C9-AA7E-908EF5AD428D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [TCP Query User{8057D20B-B962-477A-8F69-AD178AF3B364}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Block) C:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> ) [Datei ist nicht signiert] FirewallRules: [UDP Query User{19F95498-B601-422A-B722-A6A1FD188CC9}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Block) C:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> ) [Datei ist nicht signiert] ==================== Wiederherstellungspunkte ========================= ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:118.17 GB) (Free:46.33 GB) (39%) ==================== Fehlerhafte Geräte im Gerätemanager ============ ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (04/20/2021 10:14:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Fotos_dlx.exe, Version: 14.0.2.51, Zeitstempel: 0x5422d547 Name des fehlerhaften Moduls: Fotos_dlx.exe, Version: 14.0.2.51, Zeitstempel: 0x5422d547 Ausnahmecode: 0xc0000005 Fehleroffset: 0x008974d7 ID des fehlerhaften Prozesses: 0x405c Startzeit der fehlerhaften Anwendung: 0x01d73621c6cc4fde Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\MAGIX\Photostory 2015 Deluxe\Fotos_dlx.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\MAGIX\Photostory 2015 Deluxe\Fotos_dlx.exe Berichtskennung: 836a1a1f-f8bb-4af1-afe1-98b8d80f78b9 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (04/20/2021 07:52:57 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren. . Error: (04/20/2021 07:52:57 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren. ] Error: (04/18/2021 08:00:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Fotos_dlx.exe, Version: 14.0.2.51, Zeitstempel: 0x5422d547 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften Prozesses: 0x1bb0 Startzeit der fehlerhaften Anwendung: 0x01d7347b6f83eb07 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\MAGIX\Photostory 2015 Deluxe\Fotos_dlx.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 25f933ab-314d-4fd0-9093-7f5e32a59152 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (04/18/2021 05:52:42 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren. . Error: (04/18/2021 05:52:42 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren. ] Error: (04/18/2021 05:52:42 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren. . Error: (04/18/2021 05:52:42 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren. ] Systemfehler: ============= Error: (04/22/2021 12:26:22 PM) (Source: Tcpip) (EventID: 4207) (User: ) Description: Die IPv6 TCP/IP-Schnittstelle mit dem Index 8 konnte nicht an den Anbieter gebunden werden. Error: (04/21/2021 09:55:11 PM) (Source: Tcpip) (EventID: 4207) (User: ) Description: Die IPv6 TCP/IP-Schnittstelle mit dem Index 8 konnte nicht an den Anbieter gebunden werden. Error: (04/21/2021 09:53:58 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VFO2AEV) Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (04/21/2021 09:53:58 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VFO2AEV) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (04/21/2021 09:53:58 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VFO2AEV) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (04/21/2021 09:53:58 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VFO2AEV) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (04/21/2021 09:53:58 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VFO2AEV) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (04/21/2021 09:53:58 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VFO2AEV) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. CodeIntegrity: =============== Date: 2021-04-21 21:58:04 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2021-04-21 21:56:42 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2021-04-21 21:56:31 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2021-04-21 21:55:36 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. ==================== Speicherinformationen =========================== BIOS: Dell Inc. 1.7.1 11/02/2020 Hauptplatine: Dell Inc. 042NDD Prozessor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz Prozentuale Nutzung des RAM: 42% Installierter physikalischer RAM: 16246.25 MB Verfügbarer physikalischer RAM: 9318 MB Summe virtueller Speicher: 18678.25 MB Verfügbarer virtueller Speicher: 10949.26 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:118.17 GB) (Free:46.33 GB) NTFS Drive e: () (Fixed) (Total:931.51 GB) (Free:871.58 GB) NTFS \\?\Volume{5cf26948-6e27-403d-a714-8ba29cdb3e06}\ (Wiederherstellung) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS \\?\Volume{d7cac8b1-cbbf-48cd-bf2d-faa1d81dad56}\ () (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS \\?\Volume{19dab91c-f98e-4cf0-b041-e024991598c6}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: DCF3AB4A) Partition: GPT. ========================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: DCF3AEED) Partition: GPT. ==================== Ende von Addition.txt ======================= Code:
ATTFilter Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 17-04-2021 durchgeführt von Stefan (22-04-2021 12:33:14) Gestartet von C:\Users\Stefan\Downloads Start-Modus: Normal ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Namexif\Help.lnk -> hxxp://www.digicamsoft.com Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\adbLink.lnk -> C:\Program Files (x86)\adbLink\adbLink.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AusweisApp2.lnk -> C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk -> C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe (Canneverbe Limited) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk -> C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ledger Live.lnk -> C:\Program Files\Ledger Live\Ledger Live.exe (Ledger Live Team) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO don.h@free.fr) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk -> C:\Program Files (x86)\Security Task Manager\TaskMan.exe (Neuber Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk -> C:\Program Files (x86)\Security Task Manager\SpyProtector.exe (Neuber Software - www.neuber.com) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager.lnk -> C:\Program Files\tiptoi® Manager\tiptoi® Manager.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Audio Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinX DVD Author\WinX DVD Author entfernen.lnk -> C:\Program Files (x86)\Digiarty\WinX DVD Author 6.3.10\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinX DVD Author\WinX DVD Author.lnk -> C:\Program Files (x86)\Digiarty\WinX DVD Author 6.3.10\DVD_Author.exe (Digiarty Software, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TREZOR Bridge\Uninstall.lnk -> C:\Program Files (x86)\TREZOR Bridge\Uninstall.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology\Synology Assistant.lnk -> C:\Program Files (x86)\Synology\Assistant\DSAssistant.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology\Uninstall Synology Assistant.lnk -> C:\Program Files (x86)\Synology\Assistant\Uninstall.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\Pageant.lnk -> C:\Program Files\PuTTY\pageant.exe (Simon Tatham) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PSFTP.lnk -> C:\Program Files\PuTTY\psftp.exe (Simon Tatham) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTY Manual.lnk -> C:\Program Files\PuTTY\putty.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTY Web Site.lnk -> C:\Program Files\PuTTY\website.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTY.lnk -> C:\Program Files\PuTTY\putty.exe (Simon Tatham) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTYgen.lnk -> C:\Program Files\PuTTY\puttygen.exe (Simon Tatham) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24\PDF24.lnk -> C:\Program Files (x86)\PDF24\pdf24-Launcher.exe (geek software GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Mp3tag Hilfe.lnk -> C:\Program Files (x86)\Mp3tag\help\index.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Mp3tag.lnk -> C:\Program Files (x86)\Mp3tag\Mp3tag.exe (Florian Heidenreich) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Neu in dieser Version.lnk -> C:\Program Files (x86)\Mp3tag\Mp3tagVersion.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.50709.0\Silverlight.Configuration.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office Language Preferences.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Skype for Business Recording Manager.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OcPubMgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetry Dashboard for Office.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\msotd.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetry Log for Office.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\msoev.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Java konfigurieren.lnk -> C:\Program Files\Java\jre-10.0.2\bin\javacpl.exe (Oracle Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite\HiSuite.lnk -> C:\Program Files (x86)\HiSuite\HiSuite.exe (华为技术有限公司 版权所有) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite\Uninstall.lnk -> C:\Program Files (x86)\HiSuite\uninst.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GutscheinMaker\GutscheinMaker.lnk -> C:\Program Files (x86)\GutscheinMaker\AbLauncher.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote\Evernote.lnk -> C:\Windows\Installer\{E74F0DCA-9FC8-11E6-9D98-005056950253}\Evernote.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Update\Dell Update.lnk -> C:\Program Files (x86)\Dell\Update\DellUpdate.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost Pro\CyberGhost Pro deinstallieren.lnk -> C:\Program Files\CyberGhost Pro\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost Pro\CyberGhost Pro.lnk -> C:\Program Files\CyberGhost Pro\CyberGhost.exe (CyberGhost S.A.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 7\CyberGhost 7.lnk -> C:\Program Files\CyberGhost 7\CyberGhost.exe (CyberGhost S.A.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo\CrystalDiskInfo.lnk -> C:\Program Files (x86)\CrystalDiskInfo\DiskInfo32.exe (Crystal Dew World) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Solution Menu EX\Solution Menu EX - Liesmich.lnk -> C:\Program Files (x86)\Canon\Solution Menu EX\Readme.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Solution Menu EX\Solution Menu EX.lnk -> C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Printer\My Printer - Liesmich.lnk -> C:\Program Files\Canon\MyPrinter\Readme.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\MP Navigator EX 5.0\MP Navigator EX 5.0.lnk -> C:\Program Files (x86)\Canon\MP Navigator EX 5.0\mpnex50.exe (CANON INC.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\MP Navigator EX 5.0\MP Navigator EX Liesmich.lnk -> C:\Program Files (x86)\Canon\MP Navigator EX 5.0\Readme.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Network Tool\IJ Network Tool.lnk -> C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNPUT.EXE (CANON INC.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Network Scanner Selector EX\IJ Network Scanner Selector EX.lnk -> C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Easy-PhotoPrint EX\Easy-PhotoPrint EX - Liesmich.lnk -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\Readme.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Easy-PhotoPrint EX\Easy-PhotoPrint EX.lnk -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZMAIN.EXE (CANON INC.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series Manual\Deinstallieren.lnk -> C:\Program Files (x86)\Canon\IJ Manual\CANON MG5300 SERIES\uninstall.exe (CANON INC.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series Benutzerregistrierung\Benutzerregistrierung - Deinstallation.LNK -> C:\Program Files (x86)\Canon\IJEREG\MG5300 series\UNINST.EXE (CANON INC.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series Benutzerregistrierung\Benutzerregistrierung.LNK -> C:\Program Files (x86)\Canon\IJEREG\MG5300 series\IJEREG.exe (CANON INC.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series\Liesmich.lnk -> C:\Program Files\CanonBJ\IJPrinter\Canon MG5300 series\readme_German.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant\AOMEI Partition Assistant Demo Edition 8.6.lnk -> C:\Program Files (x86)\AOMEI Partition Assistant\PartAssist.exe (AOMEI Technology Co., Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant\Uninstall AOMEI Partition Assistant.lnk -> C:\Program Files (x86)\AOMEI Partition Assistant\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation) Shortcut: C:\Users\Default\Links\OneDrive.lnk -> C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Stefan\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\defaultuser0\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Keine Datei) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\Public\Desktop\ABC der Tiere 1 2.1.lnk -> C:\Program Files (x86)\Mildenberger\ABCderTiere1-2.1.2019\ABC der Tiere Spiele\ABC der Tiere Spiele.exe () Shortcut: C:\Users\Public\Desktop\Avast Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) Shortcut: C:\Users\Public\Desktop\DB Browser (SQLite).lnk -> C:\Program Files\DB Browser for SQLite\DB Browser for SQLite.exe (DB Browser for SQLite Team) Shortcut: C:\Users\Public\Desktop\GutscheinMaker.lnk -> C:\Program Files (x86)\GutscheinMaker\AbLauncher.exe () Shortcut: C:\Users\Public\Desktop\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes) Shortcut: C:\Users\Public\Desktop\Mp3tag.lnk -> C:\Program Files (x86)\Mp3tag\Mp3tag.exe (Florian Heidenreich) Shortcut: C:\Users\Public\Desktop\PDF24.lnk -> C:\Program Files (x86)\PDF24\pdf24-Launcher.exe (geek software GmbH) Shortcut: C:\Users\Public\Desktop\Synology Assistant.lnk -> C:\Program Files (x86)\Synology\Assistant\DSAssistant.exe () Shortcut: C:\Users\Public\Desktop\tiptoi® Manager.lnk -> C:\Program Files\tiptoi® Manager\tiptoi® Manager.exe () Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) Shortcut: C:\Users\Stefan\Links\Desktop.lnk -> C:\Users\Stefan\Desktop () Shortcut: C:\Users\Stefan\Links\Downloads.lnk -> C:\Users\Stefan\Downloads () Shortcut: C:\Users\Stefan\Documents\MAGIX\Video deluxe 2016 Premium\Fotoshow-Musik.lnk -> C:\ProgramData\MAGIX\Video deluxe 2016 Premium\Slideshow music (Keine Datei) Shortcut: C:\Users\Stefan\Documents\MAGIX\Video deluxe 2016 Premium\Sichtbares TV-Bild.LNK -> C:\ProgramData\MAGIX\Video deluxe 2016 Premium\_TV-Anti-Cropping (Keine Datei) Shortcut: C:\Users\Stefan\Documents\MAGIX\Video deluxe 2016 Premium\Studio-Vorspann.LNK -> C:\ProgramData\MAGIX\Video deluxe 2016 Premium\_Studio-Preview (Keine Datei) Shortcut: C:\Users\Stefan\Documents\MAGIX\Photostory 2015 Deluxe\Complete Demo.LNK -> C:\ProgramData\MAGIX\Photostory 2015 Deluxe\_Complete_Demo (Keine Datei) Shortcut: C:\Users\Stefan\Documents\MAGIX\Photostory 2015 Deluxe\One-Click-Optimization Demo.LNK -> C:\ProgramData\MAGIX\Photostory 2015 Deluxe\_One_Click_Optimization_Demo (Keine Datei) Shortcut: C:\Users\Stefan\Documents\MAGIX\Photostory 2015 Deluxe\Picture-In-Picture Demo.LNK -> C:\ProgramData\MAGIX\Photostory 2015 Deluxe\_Picture-in-picture_Demo (Keine Datei) Shortcut: C:\Users\Stefan\Documents\MAGIX\Photostory 2015 Deluxe\Slideshow music.lnk -> C:\ProgramData\MAGIX\Photostory 2015 Deluxe\Slideshow music (Keine Datei) Shortcut: C:\Users\Stefan\Documents\MAGIX\Photostory 2015 Deluxe\Stereo3D Demo.LNK -> C:\ProgramData\MAGIX\Photostory 2015 Deluxe\_Stereo3D_Demo (Keine Datei) Shortcut: C:\Users\Stefan\Documents\MAGIX\Photostory 2015 Deluxe\TV Anti Cropping.LNK -> C:\ProgramData\MAGIX\Photostory 2015 Deluxe\_TV-Anti-Cropping (Keine Datei) Shortcut: C:\Users\Stefan\Desktop\CrystalDiskInfo.lnk -> C:\Program Files (x86)\CrystalDiskInfo\DiskInfo32.exe (Crystal Dew World) Shortcut: C:\Users\Stefan\Desktop\FileBot.lnk -> C:\Program Files\FileBot\filebot.launcher.exe () Shortcut: C:\Users\Stefan\Desktop\HiSuite.lnk -> C:\Program Files (x86)\HiSuite\HiSuite.exe (华为技术有限公司 版权所有) Shortcut: C:\Users\Stefan\Desktop\Kryptocurrency.xlsx - Verknüpfung.lnk -> T:\Dokumente, Anträge, Formulare\Kryptowährung\Kryptocurrency.xlsx (Keine Datei) Shortcut: C:\Users\Stefan\Desktop\Mediaport.lnk -> C:\Program Files (x86)\Technisat\Mediaport\Mediaport.exe () Shortcut: C:\Users\Stefan\Desktop\Metalle.xlsx - Verknüpfung.lnk -> T:\Dokumente, Anträge, Formulare\Metalle.xlsx (Keine Datei) Shortcut: C:\Users\Stefan\Desktop\Movavi Video Suite 21.lnk -> C:\Users\Stefan\AppData\Roaming\Movavi Video Suite 21\Suite.exe (Movavi) Shortcut: C:\Users\Stefan\Desktop\Namexif.lnk -> C:\Program Files (x86)\Namexif\Namexif.exe (REBOL Technologies) Shortcut: C:\Users\Stefan\Desktop\Telegram.lnk -> C:\Users\Stefan\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC) Shortcut: C:\Users\Stefan\Desktop\Total Commander 64 bit.lnk -> C:\Program Files\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH) Shortcut: C:\Users\Stefan\Desktop\Fire TV - Kodi\adbLink.lnk -> C:\Program Files (x86)\adbLink\adbLink.exe () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Stefan\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk -> C:\Users\Stefan\Desktop\Tor Browser\Browser\firefox.exe (Keine Datei) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trinity.lnk -> C:\Users\Stefan\AppData\Local\Programs\trinity-desktop\Trinity.exe (IOTA Foundation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Zoom.lnk -> C:\Users\Stefan\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TREZOR Bridge\Uninstall.lnk -> C:\Program Files (x86)\TREZOR Bridge\Uninstall.exe () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander 64 bit Entfernen oder Reparieren.lnk -> C:\Program Files\totalcmd\TCUNIN64.EXE () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander 64 bit.lnk -> C:\Program Files\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander Hilfe.lnk -> C:\Program Files\totalcmd\TOTALCMD.CHM () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Telegram entfernen.lnk -> C:\Users\Stefan\AppData\Roaming\Telegram Desktop\unins000.exe () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Telegram.lnk -> C:\Users\Stefan\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Technisat\Mediaport.lnk -> C:\Program Files (x86)\Technisat\Mediaport\Mediaport.exe () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Namexif\Namexif.lnk -> C:\Program Files (x86)\Namexif\Namexif.exe (REBOL Technologies) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Namexif\Uninstall.lnk -> C:\Program Files (x86)\Namexif\Uninstall.exe () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movavi Video Suite 21\Movavi Video Suite 21 deinstallieren.lnk -> C:\Users\Stefan\AppData\Roaming\Movavi Video Suite 21\uninst.exe (Movavi) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movavi Video Suite 21\Movavi Video Suite 21.lnk -> C:\Users\Stefan\AppData\Roaming\Movavi Video Suite 21\Suite.exe (Movavi) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movavi Video Suite 21\Website Movavi Video Suite 21.lnk -> C:\Users\Stefan\AppData\Roaming\Movavi Video Suite 21\Movavi Video Suite 21.url () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mildenberger Verlag GmbH\ABC der Tiere 1 2.1\ABC der Tiere 1 2.1 deinstallieren.lnk -> C:\Program Files (x86)\Mildenberger\ABCderTiere1-2.1.2019\uninstall.exe (Mildenberger Verlag GmbH) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mildenberger Verlag GmbH\ABC der Tiere 1 2.1\ABC der Tiere 1 2.1.lnk -> C:\Program Files (x86)\Mildenberger\ABCderTiere1-2.1.2019\ABC der Tiere Spiele\ABC der Tiere Spiele.exe () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiSuite\HiSuite.lnk -> C:\Program Files (x86)\HiSuite\HiSuite.exe (华为技术有限公司 版权所有) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiSuite\Uninstall.lnk -> C:\Program Files (x86)\HiSuite\uninst.exe () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileBot\FileBot (console).lnk -> C:\Program Files\FileBot\filebot.exe () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileBot\FileBot (platform).lnk -> C:\Program Files\FileBot\filebot.platform.launcher.exe () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileBot\FileBot.lnk -> C:\Program Files\FileBot\filebot.launcher.exe () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\SendTo\Evernote.lnk -> C:\Program Files (x86)\Evernote\Evernote\Evernote.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\SendTo\FileBot.lnk -> C:\Program Files\FileBot\filebot.launcher.exe () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CyberGhost Pro.lnk -> C:\Program Files\CyberGhost Pro\CGLogoPro.ico () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WinX DVD Author.lnk -> C:\Program Files (x86)\Digiarty\WinX DVD Author 6.3.10\DVD_Author.exe (Digiarty Software, Inc.) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AusweisApp2.lnk -> C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CDBurnerXP.lnk -> C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe (Canneverbe Limited) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Evernote.lnk -> C:\Program Files (x86)\Evernote\Evernote\Evernote.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\KeePass 2.lnk -> C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Ledger Live.lnk -> C:\Program Files\Ledger Live\Ledger Live.exe (Ledger Live Team) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\mkvtoolnix-gui.lnk -> C:\Users\Stefan\Desktop\mkvtoolnix\mkvtoolnix-gui.exe () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Outlook 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Keine Datei) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Tor Browser.lnk -> C:\Program Files\Tor Browser\Browser\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Trinity.lnk -> C:\Users\Stefan\AppData\Local\Programs\trinity-desktop\Trinity.exe (IOTA Foundation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\WinX DVD Author.lnk -> C:\Program Files (x86)\Digiarty\WinX DVD Author 6.3.10\DVD_Author.exe (Digiarty Software, Inc.) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Tombstones\Ashampoo Photo Commander 12.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Photo Commander 12\apc.exe (Keine Datei) Shortcut: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=16619&utm_medium=desktop&x-pos=Metro ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TREZOR Bridge\TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe () -> -v -l "%APPDATA%\TREZOR Bridge\trezord.log" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe () -> -v -l "%APPDATA%\TREZOR Bridge\trezord.log" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Database Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\DATABASECOMPARE.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Spreadsheet Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\SPREADSHEETCOMPARE.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Database Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\DATABASECOMPARE.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Office Upload Center.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\MSOUC.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Spreadsheet Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\SPREADSHEETCOMPARE.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Auf Updates prüfen.lnk -> C:\Program Files\Java\jre-10.0.2\bin\javacpl.exe (Oracle Corporation) -> -tab update ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Info zu Java.lnk -> C:\Program Files\Java\jre-10.0.2\bin\javacpl.exe (Oracle Corporation) -> -tab about ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 7\Uninstall CyberGhost 7.lnk -> C:\Program Files\CyberGhost 7\WebInstaller.exe (CyberGhost S.A.) -> /uninstall ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Solution Menu EX\Solution Menu EX Deinstallieren.lnk -> C:\Program Files (x86)\Canon\Solution Menu EX\uninst.exe (CANON INC.) -> /Uninstall C:\Program Files (x86)\Canon\Solution Menu EX\uninst.ini ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Printer\My Printer Deinstallieren.lnk -> C:\Program Files\Canon\MyPrinter\uninst.exe (CANON INC.) -> C:\Program Files\Canon\MyPrinter\uninst.ini ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Printer\My Printer.lnk -> C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.) -> /mn ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\MP Navigator EX 5.0\MP Navigator EX Deinstallieren.lnk -> C:\Program Files (x86)\Canon\MP Navigator EX 5.0\Maint.exe (CANON INC.) -> /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 5.0\uninst.ini ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Network Scanner Selector EX\IJ Network Scanner Selector EX Deinstallieren.lnk -> C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSU.exe (CANON INC.) -> /UninstallRemove C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\uninst.ini ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Easy-PhotoPrint EX\Easy-PhotoPrint EX Deinstallieren.lnk -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\uninst.exe (CANON INC.) -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\uninst.ini ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series Manual\Canon MG5300 series Online-Handbuch.lnk -> C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe (CANON INC.) -> "C:\PROGRAM FILES (X86)\Canon\IJ Manual\CANON MG5300 SERIES\German\Info.egv" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E} ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\Stefan\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Video Communications, Inc.) -> /uninstall ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TREZOR Bridge\TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe () -> -l "%APPDATA%\TREZOR Bridge\trezord.log" ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe () -> -l "%APPDATA%\TREZOR Bridge\trezord.log" ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileBot\Uninstall FileBot.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {34E88655-E87E-47EB-9FC8-259BA61D3947} ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Ledger Manager.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=beimhnaefocolcplfimocfiaiefpkgbf ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Ledger Wallet Bitcoin.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kkdpmhnladdopljabkgpacgpliggeeaf ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Ledger Wallet Ethereum.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmlhkialjkaldndjnlcdfdphcgeadkkm ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) -> /recycle ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E} ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinX DVD Author\WinX DVD Author im Internet.url -> URL: hxxp://www.winxdvd.com/dvd-author/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Mp3tag Website.url -> URL: hxxp://www.mp3tag.de InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Besuchen Sie Java.com.url -> URL: hxxp://java.com/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Hilfe aufrufen.url -> URL: hxxp://java.com/help InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant\User Help - German.url -> URL: hxxp://www.disk-partition.com/de/manual.html InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant\User Manual (PDF) - German.url -> URL: hxxp://www.disk-partition.com/de/download/UserManual.pdf InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant\Visit our website - German.url -> URL: hxxp://www.disk-partition.com/de InternetURL: C:\Users\Stefan\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142 InternetURL: C:\Users\Stefan\Desktop\Tanzen.url -> URL: hxxps://us04web.zoom.us/j/71715103047?pwd=YlM1cm9ySlAxZ0VibGx5WWZHTVo2QT09 InternetURL: C:\Users\Stefan\Desktop\Untitled.URL -> URL: hxxp://quickconnect.to/Mue1 InternetURL: C:\Users\Stefan\Desktop\mkvtoolnix\MKVToolNix.url -> URL: hxxps://www.bunkus.org/videotools/mkvtoolnix/ InternetURL: C:\Users\Stefan\Desktop\Magix Photostory 2015 Deluxe v14 0 2 51_\00 - JBinUp.url -> URL: hxxp://www.JBinUp.com InternetURL: C:\Users\Stefan\Desktop\Fire TV - Kodi\Anleitung Backup.url -> URL: hxxps://aftvhacks.de/anleitung-kodi-backup-erstellen-und-auf-gleichem-oder-anderem-fire-tv-zuruecksichern/ InternetURL: C:\Users\Stefan\Desktop\Fire TV - Kodi\Anleitung Datenbank.url -> URL: hxxp://powerpi.de/so-installierst-du-auf-deinem-synology-nas-eine-gemeinsame-mysql-datenbank-und-nutzt-sie-mit-kodi/ InternetURL: C:\Users\Stefan\AppData\Roaming\Movavi Video Suite 21\Movavi Video Suite 21.url -> URL: hxxps://links.movavi.com/?asrc=start&app=suite&module=installer&version=21-2-0&lang=de_de&isTrial=1&partner=&huid=eebac40801bc39e9e14bfff7aa9b44d50d09d17d&utm_nooverride=1 ==================== Ende vom Shortcut.txt ============================= |
22.04.2021, 12:14 | #3 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10 Home, Internetseite lässt sich nicht öffnen, Warnung Vodafone über Schadsoftware Störende, veraltete oder unnötige Programme deinstallieren
__________________Bitte über Programme und Features (appwiz.cpl) deinstallieren: Adobe Acrobat Reader DC Adobe AIR Adobe Shockwave Player 12.2 Avast Free Antivirus CrystalDiskInfo 7.7.0 CyberGhost 7.1.2 CyberGhost Pro Dell SupportAssist Dell Update DirectX 9.0c Extra Files Evernote v. 6.4.2 Google Chrome GutscheinMaker Java 10.0.2 (64-bit) KeePass Password Safe 2.36 PDF24 Creator 9.2.2 WebAdvisor von McAfee WinRAR 5.50 (64-Bit)
__________________ |
22.04.2021, 12:37 | #4 |
| Windows 10 Home, Internetseite lässt sich nicht öffnen, Warnung Vodafone über Schadsoftware ähm ok, dell auch alles deinstallieren? Hab darüber immer treiber aktualisiert und so weiter, keepass bräuchte ich eigentlich auch noch, kann ich da nicht update machen? |
22.04.2021, 12:46 | #5 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10 Home, Internetseite lässt sich nicht öffnen, Warnung Vodafone über Schadsoftware Dell ist doch völlig unnötig. Windows bringt so schon Treiberupdates mit. Und KeePass updaten. Code:
ATTFilter 2016-07-16 13:47 - 2021-04-18 15:17 - 000000875 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 www.magix.com
__________________ Logfiles bitte immer in CODE-Tags posten |
22.04.2021, 12:57 | #6 | |
| Windows 10 Home, Internetseite lässt sich nicht öffnen, Warnung Vodafone über SchadsoftwareZitat:
|
22.04.2021, 13:00 | #7 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10 Home, Internetseite lässt sich nicht öffnen, Warnung Vodafone über Schadsoftware Also Rechner mutwillig selbst mit gecrackter Software verhunzt? Und dann ein Täuschungsversuch, sich Doofstellen, man habe überhaupt keine Idee was passiert sei... sry aber das ist einfach nur dreist und
__________________ Logfiles bitte immer in CODE-Tags posten |
22.04.2021, 13:14 | #8 |
| Windows 10 Home, Internetseite lässt sich nicht öffnen, Warnung Vodafone über Schadsoftware ja dann sorry Trotzdem Danke für Deine Mühe. Geändert von Mü83 (22.04.2021 um 13:19 Uhr) |
22.04.2021, 14:02 | #9 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10 Home, Internetseite lässt sich nicht öffnen, Warnung Vodafone über SchadsoftwareCracks, Keygens und andere illegale Software Bitte lesen => Cracks, Keygens und andere illegale Software Es geht weiter wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________ Logfiles bitte immer in CODE-Tags posten |
22.04.2021, 14:36 | #10 |
| Windows 10 Home, Internetseite lässt sich nicht öffnen, Warnung Vodafone über Schadsoftware Oh, ich dachte du hattest den Support schon eingestellt Sorry noch mal, es war echt nicht meine Absicht dich zu verarschen. Also ich hab nix illegales (mehr) auf dem Rechner, das Programm hatte ich auch gleich wieder deinstalliert und meines wissens alles runtergeschmissen, wollte es ja dann auch kaufen, bin halt nicht mehr auf die Seite gekommen. Also, ich habe alle Programme deinstalliert welche du gesagt hast, außer keepass, das ist geupdatet. |
22.04.2021, 14:42 | #11 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10 Home, Internetseite lässt sich nicht öffnen, Warnung Vodafone über Schadsoftware adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. adwcleaner bitte wiederholen falls es Funde gab.
__________________ Logfiles bitte immer in CODE-Tags posten |
22.04.2021, 14:49 | #12 |
| Windows 10 Home, Internetseite lässt sich nicht öffnen, Warnung Vodafone über SchadsoftwareCode:
ATTFilter ------------------------------- # Malwarebytes AdwCleaner 8.2.0.0 # ------------------------------- # Build: 03-22-2021 # Database: 2021-04-20.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 04-22-2021 # Duration: 00:00:01 # OS: Windows 10 Home # Cleaned: 9 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Program Files\Hola Deleted C:\Users\Stefan\AppData\Local\Temp\VideoConverter Deleted C:\Users\Stefan\AppData\Roaming\Hola ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\Hola Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org Deleted HKLM\Software\Hola Deleted HKLM\Software\Wow6432Node\Hola ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files (x86)\DELL\SUPPORTASSISTAGENT Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\SUPPORTASSIST ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [1438 octets] - [15/01/2019 11:57:02] AdwCleaner[C00].txt - [1586 octets] - [15/01/2019 11:57:54] AdwCleaner[S01].txt - [2144 octets] - [22/04/2021 15:44:54] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ########## Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 8.2.0.0 # ------------------------------- # Build: 03-22-2021 # Database: 2021-04-20.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 04-22-2021 # Duration: 00:00:08 # OS: Windows 10 Home # Scanned: 31974 # Detected: 0 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** No Preinstalled Software found. AdwCleaner[S00].txt - [1438 octets] - [15/01/2019 11:57:02] AdwCleaner[C00].txt - [1586 octets] - [15/01/2019 11:57:54] AdwCleaner[S01].txt - [2144 octets] - [22/04/2021 15:44:54] AdwCleaner[C01].txt - [2228 octets] - [22/04/2021 15:45:59] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ########## |
22.04.2021, 14:56 | #13 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10 Home, Internetseite lässt sich nicht öffnen, Warnung Vodafone über Schadsoftware Dann jetzt neue FRST-Logs.
__________________ Logfiles bitte immer in CODE-Tags posten |
22.04.2021, 15:06 | #14 |
| Windows 10 Home, Internetseite lässt sich nicht öffnen, Warnung Vodafone über SchadsoftwareFRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021 durchgeführt von Stefan (Administrator) auf DESKTOP-VFO2AEV (Dell Inc. Inspiron 7566) (22-04-2021 16:03:51) Gestartet von C:\Users\Stefan\Downloads Geladene Profile: Stefan Platform: Windows 10 Home Version 2004 19041.928 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: FF Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (Canon Inc. -> CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3> (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\120.4.4598\QtWebEngineProcess.exe <3> (Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (Intel Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_763182f3860a4408\igfxCUIService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_763182f3860a4408\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_763182f3860a4408\IntelCpHDCPSvc.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_763182f3860a4408\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe (Movavi Software Limited -> ) C:\Users\Stefan\AppData\Roaming\Movavi Video Suite 21\RouterApplication.exe (Movavi Software Limited -> Movavi) C:\Users\Stefan\AppData\Roaming\Movavi Video Suite 21\AgentInformer.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <8> (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_ed2d6589d1176ab4\Display.NvContainer\NVDisplay.Container.exe <2> (Open Source Developer, Dominik Reichl -> Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (SatoshiLabs, s.r.o. -> ) C:\Program Files (x86)\TREZOR Bridge\trezord.exe (Synology Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8852512 2016-09-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1852352 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (Canon Inc. -> CANON INC.) HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [927152 2016-08-07] (Waves Inc -> Waves Audio Ltd.) HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3137728 2021-01-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7991528 2021-04-12] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (Canon Inc. -> CANON INC.) HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\Run: [movavi_suite_agent] => C:\Users\Stefan\AppData\Roaming\Movavi Video Suite 21\AgentInformer.exe [942720 2021-04-20] (Movavi Software Limited -> Movavi) HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\MountPoints2: {37ac156b-a111-11eb-9f95-18dbf2028a86} - "D:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\MountPoints2: {e5c4a365-5c0b-11eb-9f8f-18dbf2028a86} - "D:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\MountPoints2: {e5c4a413-5c0b-11eb-9f8f-18dbf2028a86} - "D:\HiSuiteDownLoader.exe" HKLM\...\Windows x64\Print Processors\Canon MG5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAT.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series: C:\Windows\system32\CNMLMAT.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [Datei ist nicht signiert] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2019-05-23] ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> ) Startup: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2018-06-28] ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> ) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {073D291B-05A6-4048-ACBF-32E446113548} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1468952 2016-09-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {0A246A0D-A23E-4262-B251-F7852F884A26} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114056 2021-04-18] (Microsoft Corporation -> Microsoft Corporation) Task: {1CE94ECB-0658-4646-9317-34724E475569} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248792 2021-04-07] (Microsoft Corporation -> Microsoft Corporation) Task: {2B53BBFE-D4DC-4D0B-8A11-EB627A7CD576} - System32\Tasks\DropboxUpdateTaskMachineUA1d5582862b8dec2 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc -> Dropbox, Inc.) Task: {3E10725C-ABF0-4E49-A551-B0F2741A6190} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [781248 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {45EE9DB5-8B5A-4128-A902-1F2D13EFC84C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-22] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {557A0892-EB64-4B13-9ECD-C8903C88C195} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [696304 2021-04-21] (Mozilla Corporation -> Mozilla Foundation) Task: {557E9060-9000-4C9E-93AA-2455C60F403F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114056 2021-04-18] (Microsoft Corporation -> Microsoft Corporation) Task: {5E53F36E-3A61-4112-B751-296808ED7E14} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5F47CE85-659B-42A1-BE36-1E9AFCCC3C8A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4002744 2021-04-18] (Microsoft Corporation -> Microsoft Corporation) Task: {68DA2C8F-1B2C-43FB-9485-70244B921BD1} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Stefan\Downloads\esetonlinescanner_deu.exe Task: {7691B482-49A2-401C-8520-303E0BB30716} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [628672 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7D02BAF0-761A-4297-9F32-DCFB1B15BFA9} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG Task: {86D78224-79AA-45FB-BDE5-1F04AC9543EE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc -> Dropbox, Inc.) Task: {8C1CA715-2B90-429F-A337-D7DF6F018F05} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248792 2021-04-07] (Microsoft Corporation -> Microsoft Corporation) Task: {91BE7826-B27A-42D3-99BE-D6D26A01FE52} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc -> Dropbox, Inc.) Task: {A613D09D-9505-4AC3-A3A4-3469056850CC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-22] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {AD6CCEEA-CE2A-42E5-A222-6CF76DFBF5C6} - System32\Tasks\AsLiftRightsForClient_Sessionunknown LOGON_SESSION_ID id (0xc) => C:\Users\Stefan\AppData\Local\pcvisit Software AG\caloa\pcvisit.Support.guest.15\release\15.0.21.8519\pcvisit_client.exe [7261128 2017-11-29] (pcvisit software ag -> pcvisit Software ag) Task: {B34C07BE-5358-4D24-BA6C-D5E1399E9A4C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4002744 2021-04-18] (Microsoft Corporation -> Microsoft Corporation) Task: {C0F91783-3449-43B9-ACAB-BCFF1C236D44} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-22] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C16C7135-EED6-4CA7-A79C-C362713323E1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [628672 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DC5F3C88-0DF6-43E6-AE90-D608896B291F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Stefan\Downloads\esetonlinescanner_deu.exe Task: {E135F4BE-FA67-4022-943B-40560BC944EA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-22] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {EB49F337-D9A4-46F7-A462-2C0A7EBC6E18} - System32\Tasks\DropboxUpdateTaskMachineCore1d5582862b00140 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc -> Dropbox, Inc.) Task: {EC1D870E-7CE4-4894-BE88-A12DB5D5BBD6} - System32\Tasks\AsLiftRightsForClient_Sessionunknown LOGON_SESSION_ID id (0x8) => C:\Users\Stefan\AppData\Local\pcvisit Software AG\caloa\pcvisit.Support.guest.15\release\15.0.21.8519\pcvisit_client.exe [7261128 2017-11-29] (pcvisit software ag -> pcvisit Software ag) Task: {F4942EA3-1891-4F29-ABE6-17941FACA44C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [704960 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F74F1F01-DB88-47AC-AD5E-6ADED034DC8E} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [704960 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F9BCE553-D5ED-4C0F-87FD-5F8A5F5EC7D5} - System32\Tasks\AsLiftRightsForClient_Sessionunknown LOGON_SESSION_ID id (0x1f) => C:\Users\Stefan\AppData\Local\pcvisit Software AG\caloa\pcvisit.Support.guest.15\release\15.0.21.8519\pcvisit_client.exe [7261128 2017-11-29] (pcvisit software ag -> pcvisit Software ag) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d5582862b00140.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d5582862b8dec2.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{16c5c495-ad99-11e6-9eee-806e6f6e6963}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{3e86762d-5a21-4ad4-8cd0-963753a460b1}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{3e86762d-5a21-4ad4-8cd0-963753a460b1}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{a07588bc-0728-46c3-879f-4fb4b13b8ec5}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{a07588bc-0728-46c3-879f-4fb4b13b8ec5}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{e13994ee-cc85-42e7-b291-64a215e97c8a}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{f1822e7e-d17d-4e3e-bd78-eff19c60e77f}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{f1822e7e-d17d-4e3e-bd78-eff19c60e77f}: [DhcpNameServer] 192.168.2.1 Edge: ======= DownloadDir: C:\Users\Stefan\Downloads Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden] Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden] Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden] Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden] Edge Profile: C:\Users\Stefan\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-22] FireFox: ======== FF DefaultProfile: xz8conbd.default FF ProfilePath: C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\xz8conbd.default [2021-04-22] FF Homepage: Mozilla\Firefox\Profiles\xz8conbd.default -> hxxps://www.wieistmeineip.de/ FF NetworkProxy: Mozilla\Firefox\Profiles\xz8conbd.default -> backup.ftp", "190.248.158.194" FF Notifications: Mozilla\Firefox\Profiles\xz8conbd.default -> hxxps://web.whatsapp.com; hxxp://192.168.2.15:8083; hxxps://www.shoop.de; hxxp://192.168.2.15:8899; hxxp://192.168.2.15:9090; hxxp://192.168.2.15:8096; hxxps://emby.media FF Extension: (Kee - Password Manager) - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\xz8conbd.default\Extensions\keefox@chris.tomlinson.xpi [2021-04-10] FF Extension: (Shoop Cashback & Gutscheine) - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\xz8conbd.default\Extensions\lisa@qipu.de.xpi [2021-04-16] FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\xz8conbd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-01-29] FF Extension: (NZBLinker) - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\xz8conbd.default\Extensions\{def38e25-28fb-4662-ad6d-bfa415dfd06b}.xpi [2021-01-01] FF Extension: (Picture-In-Picture) - C:\Program Files (x86)\Mozilla Firefox\browser\features\pictureinpicture@mozilla.org.xpi [2021-04-21] [ist nicht signiert] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.) [Datei ist nicht signiert] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788392 2021-04-07] (Microsoft Corporation -> Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-04-12] (Dropbox, Inc -> Dropbox, Inc.) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2020-12-05] (Huawei Technologies Co., Ltd. -> ) S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [Datei ist nicht signiert] R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [Datei ist nicht signiert] S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-04-22] (Malwarebytes Inc -> Malwarebytes) R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation) R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248856 2018-05-11] (Synology Inc. -> ) [Datei ist nicht signiert] R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-22] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-22] (Microsoft Windows Publisher -> Microsoft Corporation) S2 CG6Service; "C:\Program Files\CyberGhost Pro\CyberGhost.Service.exe" [X] R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_ed2d6589d1176ab4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_ed2d6589d1176ab4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> ) R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider) R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [27896 2021-04-22] (WDKTestCert Amit_K_Tiwari,132158070448517957 -> ) S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-09-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-22] (Malwarebytes Inc -> Malwarebytes) S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-04-22] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421088 2021-04-22] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-22] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2021-04-22 16:03 - 2021-04-22 16:04 - 000026843 _____ C:\Users\Stefan\Downloads\FRST.txt 2021-04-22 16:03 - 2021-04-22 16:03 - 002298368 _____ (Farbar) C:\Users\Stefan\Downloads\FRST64.exe 2021-04-22 15:43 - 2021-04-22 15:43 - 008534696 _____ (Malwarebytes) C:\Users\Stefan\Downloads\adwcleaner_8.2.exe 2021-04-22 15:20 - 2021-04-22 15:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee 2021-04-22 14:49 - 2021-04-22 14:49 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-04-22 14:49 - 2020-09-15 14:44 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-04-22 14:18 - 2016-09-23 13:16 - 000000109 _____ C:\Users\Stefan\Desktop\Online PDF Tools.url 2021-04-22 14:00 - 2021-04-22 14:00 - 000001150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk 2021-04-22 12:29 - 2021-04-22 16:04 - 000000000 ____D C:\FRST 2021-04-22 12:26 - 2021-04-22 12:26 - 000027896 _____ C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys 2021-04-21 21:55 - 2021-04-21 21:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-04-21 21:18 - 2021-04-21 21:18 - 000000000 ____D C:\ProgramData\Movavi Video Suite 21 2021-04-20 22:29 - 2021-04-20 22:29 - 000000000 ____D C:\Users\Stefan\AppData\Local\PhotoManager 2021-04-20 22:28 - 2021-04-20 22:35 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Movavi Photo Manager 2 2021-04-20 22:28 - 2021-04-20 22:28 - 000012687 _____ C:\ProgramData\fxatyavk.yrt 2021-04-20 22:23 - 2021-04-20 22:23 - 000000000 ____D C:\Users\Stefan\AppData\Local\MovaviPicverse 2021-04-20 20:56 - 2021-04-20 20:56 - 000000000 ____D C:\Users\Stefan\AppData\Local\VideoEditorPlus 2021-04-20 20:53 - 2021-04-20 22:36 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Movavi Picverse 2021-04-20 20:53 - 2021-04-20 20:53 - 000012747 _____ C:\ProgramData\itjalhsf.rge 2021-04-20 20:52 - 2021-04-20 20:52 - 000000961 _____ C:\Users\Stefan\Desktop\Movavi Video Suite 21.lnk 2021-04-20 20:52 - 2021-04-20 20:52 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Movavi Video Suite 21 2021-04-20 20:52 - 2021-04-20 20:52 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movavi Video Suite 21 2021-04-20 20:52 - 2021-04-20 20:52 - 000000000 ____D C:\Users\Stefan\AppData\Local\Suite 2021-04-20 20:52 - 2021-04-20 20:52 - 000000000 ____D C:\Users\Stefan\AppData\Local\CrashRpt 2021-04-20 20:52 - 2021-04-20 20:52 - 000000000 ____D C:\Users\Stefan\AppData\Local\cache 2021-04-20 20:52 - 2021-04-20 20:52 - 000000000 ____D C:\Users\Stefan\AppData\Local\AgentInformer 2021-04-20 20:51 - 2021-04-20 20:51 - 000012545 _____ C:\ProgramData\mijprvzl.ern 2021-04-20 19:52 - 2021-04-20 19:52 - 000000000 ____D C:\Program Files\Common Files\MAGIX Shared 2021-04-20 19:51 - 2021-04-20 19:51 - 000000000 ____D C:\Program Files\MAGIX 2021-04-19 15:05 - 2021-04-19 15:05 - 000000000 ____D C:\Users\Stefan\AppData\Local\MAGIX 2021-04-18 20:04 - 2021-04-20 22:17 - 000000000 ____D C:\Users\Stefan\Desktop\HOCHZEIT 2021-04-18 15:13 - 2021-04-18 15:13 - 000000000 ____D C:\Users\Stefan\AppData\Local\MAGIX_Software_GmbH 2021-04-18 14:56 - 2021-04-20 20:10 - 000000000 ____D C:\Users\Stefan\Documents\MAGIX downloads 2021-04-18 14:47 - 2021-04-20 19:56 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\MAGIX 2021-04-18 14:47 - 2021-04-20 19:52 - 000000000 ____D C:\Users\Stefan\AppData\Local\Xara 2021-04-18 14:47 - 2021-04-18 14:47 - 000000000 ____D C:\Users\Stefan\Documents\MAGIX_MusicEditor 2021-04-18 14:45 - 2021-04-20 22:33 - 000000000 ___RD C:\Users\Stefan\Documents\MAGIX 2021-04-18 14:45 - 2021-04-20 20:21 - 000000000 ____D C:\ProgramData\MAGIX 2021-04-18 14:45 - 2021-04-18 14:45 - 000000000 ____D C:\Program Files (x86)\MSXML 4.0 2021-04-18 09:55 - 2021-04-18 17:13 - 000000000 ____D C:\Users\Stefan\Desktop\Magix Photostory 2015 Deluxe v14 0 2 51_ 2021-04-16 21:20 - 2021-04-16 21:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2021-04-16 21:06 - 2021-04-16 21:06 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-04-16 21:05 - 2021-04-16 21:05 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-04-16 21:05 - 2021-04-16 21:05 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-04-14 17:19 - 2021-04-22 12:56 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2452734210-2858773296-2644968050-1001 2021-04-14 17:19 - 2021-04-14 17:19 - 000002386 _____ C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-04-12 12:51 - 2021-04-12 12:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2021-04-12 12:51 - 2021-04-12 12:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2021-04-12 12:51 - 2021-04-12 12:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2021-04-12 12:51 - 2021-04-12 12:51 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2021-04-22 16:01 - 2019-01-29 23:06 - 000000000 ____D C:\ProgramData\Mozilla 2021-04-22 16:01 - 2016-11-18 17:07 - 000000000 ____D C:\Users\Stefan\AppData\LocalLow\Mozilla 2021-04-22 16:00 - 2020-11-16 17:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-04-22 16:00 - 2020-11-16 17:13 - 000008192 ___SH C:\DumpStack.log.tmp 2021-04-22 16:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-04-22 16:00 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-04-22 16:00 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-04-22 16:00 - 2016-11-18 16:44 - 000000000 ____D C:\ProgramData\NVIDIA 2021-04-22 16:00 - 2016-11-18 16:19 - 000000000 __SHD C:\Users\Stefan\IntelGraphicsProfiles 2021-04-22 15:59 - 2016-11-18 17:10 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\KeePass 2021-04-22 15:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2021-04-22 15:56 - 2017-09-10 10:16 - 000000000 ____D C:\Program Files (x86)\adbLink 2021-04-22 15:55 - 2017-09-10 10:16 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\.jocala 2021-04-22 15:45 - 2016-11-18 16:58 - 000000000 ____D C:\Program Files (x86)\Dell 2021-04-22 15:45 - 2016-11-18 16:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2021-04-22 15:28 - 2020-11-16 17:19 - 001731564 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-04-22 15:28 - 2019-12-07 16:50 - 000750116 _____ C:\WINDOWS\system32\perfh007.dat 2021-04-22 15:28 - 2019-12-07 16:50 - 000151930 _____ C:\WINDOWS\system32\perfc007.dat 2021-04-22 15:28 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-04-22 15:26 - 2016-12-01 10:06 - 000000000 ____D C:\Program Files\WinRAR 2021-04-22 14:49 - 2020-09-15 14:44 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-04-22 14:49 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-04-22 14:49 - 2019-07-22 17:31 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-04-22 14:49 - 2019-07-22 17:31 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2021-04-22 14:48 - 2019-07-22 17:31 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-04-22 14:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-04-22 14:43 - 2017-10-19 16:13 - 000000000 ____D C:\Users\Stefan\AppData\Local\Packages 2021-04-22 14:41 - 2016-11-18 17:04 - 000000000 ____D C:\Program Files (x86)\KeePass Password Safe 2 2021-04-22 14:30 - 2019-11-18 16:56 - 000000000 ____D C:\ProgramData\AVAST Software 2021-04-22 14:30 - 2019-08-21 15:57 - 000001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d5582862b8dec2.job 2021-04-22 14:30 - 2019-08-21 15:57 - 000001250 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d5582862b00140.job 2021-04-22 14:30 - 2016-11-18 17:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-04-22 14:30 - 2016-11-18 17:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2021-04-22 14:29 - 2020-11-16 17:16 - 000000000 ____D C:\Users\defaultuser0 2021-04-22 14:16 - 2018-02-15 15:00 - 000000000 ____D C:\Users\Stefan\AppData\Local\Google 2021-04-22 14:16 - 2018-02-15 15:00 - 000000000 ____D C:\Program Files (x86)\Google 2021-04-22 14:16 - 2016-11-29 12:16 - 000000000 ____D C:\Users\Stefan\Evernote 2021-04-22 13:51 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-04-22 13:50 - 2018-05-21 20:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-04-22 13:46 - 2016-11-18 16:24 - 000000000 ____D C:\ProgramData\Dell 2021-04-22 13:45 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-04-22 13:45 - 2016-11-18 16:42 - 000000000 ____D C:\ProgramData\PCDr 2021-04-22 13:45 - 2016-11-18 16:42 - 000000000 ____D C:\Program Files\Dell 2021-04-22 13:42 - 2017-11-25 21:42 - 000000000 ____D C:\Program Files\CyberGhost Pro 2021-04-22 13:38 - 2017-04-05 14:43 - 000000000 ____D C:\Program Files (x86)\Adobe 2021-04-22 13:33 - 2020-11-16 17:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-04-22 13:13 - 2018-08-14 15:58 - 000000000 ____D C:\Users\Stefan\AppData\Local\D3DSCache 2021-04-22 12:56 - 2020-11-30 11:00 - 000003434 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6bc2c20930d65 2021-04-22 12:56 - 2020-11-16 17:25 - 000003798 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA1d5582862b8dec2 2021-04-22 12:56 - 2020-11-16 17:25 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-04-22 12:56 - 2020-11-16 17:25 - 000003574 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore1d5582862b00140 2021-04-22 12:56 - 2020-11-16 17:25 - 000003404 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-04-22 12:56 - 2020-11-16 17:25 - 000003142 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-22 12:56 - 2020-11-16 17:25 - 000003114 _____ C:\WINDOWS\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-22 12:56 - 2020-11-16 17:25 - 000002962 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-22 12:56 - 2020-11-16 17:25 - 000002942 _____ C:\WINDOWS\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-22 12:56 - 2020-11-16 17:25 - 000002852 _____ C:\WINDOWS\system32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-22 12:56 - 2020-11-16 17:25 - 000002810 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-22 12:56 - 2020-11-16 17:25 - 000002686 _____ C:\WINDOWS\system32\Tasks\AsLiftRightsForClient_Sessionunknown LOGON_SESSION_ID id (0x1f) 2021-04-22 12:56 - 2020-11-16 17:25 - 000002604 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn 2021-04-22 12:56 - 2020-11-16 17:25 - 000002598 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime 2021-04-22 12:56 - 2020-11-16 17:25 - 000002528 _____ C:\WINDOWS\system32\Tasks\AsLiftRightsForClient_Sessionunknown LOGON_SESSION_ID id (0xc) 2021-04-22 12:56 - 2020-11-16 17:25 - 000002526 _____ C:\WINDOWS\system32\Tasks\AsLiftRightsForClient_Sessionunknown LOGON_SESSION_ID id (0x8) 2021-04-22 12:56 - 2020-11-16 17:25 - 000002304 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_PushButton 2021-04-22 12:56 - 2016-11-21 13:39 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\vlc 2021-04-22 12:53 - 2020-11-16 17:25 - 000003760 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA 2021-04-22 12:53 - 2020-11-16 17:25 - 000003536 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore 2021-04-21 21:58 - 2019-11-18 17:00 - 000000000 ____D C:\Users\Stefan\AppData\Local\AVAST Software 2021-04-21 21:55 - 2016-11-18 17:06 - 000001192 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-04-21 21:26 - 2018-08-01 17:18 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Ledger Live 2021-04-21 20:09 - 2020-06-24 13:50 - 000002396 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-04-20 22:29 - 2017-02-02 12:54 - 000000000 ____D C:\Users\Stefan\AppData\Local\Movavi 2021-04-20 22:24 - 2017-02-02 12:55 - 000000000 ____D C:\Users\Stefan\.fontconfig 2021-04-20 22:15 - 2016-11-18 17:37 - 000000000 ____D C:\Users\Stefan\AppData\Local\CrashDumps 2021-04-20 19:53 - 2020-12-30 20:14 - 000735848 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-04-20 19:50 - 2016-11-18 16:24 - 000000000 ____D C:\ProgramData\Package Cache 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-04-18 14:24 - 2019-11-22 14:22 - 000001103 _____ C:\Users\Public\Desktop\VLC media player.lnk 2021-04-18 14:24 - 2019-11-22 14:22 - 000001103 _____ C:\ProgramData\Desktop\VLC media player.lnk 2021-04-18 13:50 - 2017-06-20 09:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2021-04-18 13:49 - 2016-11-18 17:08 - 000000000 ___RD C:\Users\Stefan\Dropbox 2021-04-17 10:00 - 2017-11-03 00:18 - 000000128 _____ C:\Users\Stefan\AppData\Local\PUTTY.RND 2021-04-16 21:20 - 2016-11-18 17:05 - 000000000 ____D C:\Program Files (x86)\Dropbox 2021-04-16 21:04 - 2020-11-16 17:14 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2021-04-16 20:50 - 2016-11-19 13:13 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-04-16 20:20 - 2016-11-19 13:13 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-04-14 17:19 - 2016-11-18 16:16 - 000000000 ___RD C:\Users\Stefan\OneDrive 2021-04-10 20:18 - 2018-05-13 20:34 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Mp3tag 2021-04-04 13:09 - 2018-08-01 17:17 - 000000000 ____D C:\Program Files\Ledger Live 2021-04-03 19:52 - 2019-03-01 11:32 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Telegram Desktop 2021-04-03 12:44 - 2019-04-16 19:41 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Trinity ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2017-09-10 12:17 - 2018-06-26 12:56 - 000003017 _____ () C:\Users\Stefan\AppData\Roaming\.jocalaadblink.log 2017-11-03 00:18 - 2021-04-17 10:00 - 000000128 _____ () C:\Users\Stefan\AppData\Local\PUTTY.RND ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
22.04.2021, 15:07 | #15 |
| Windows 10 Home, Internetseite lässt sich nicht öffnen, Warnung Vodafone über Schadsoftware FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-04-2021 durchgeführt von Stefan (22-04-2021 16:05:23) Gestartet von C:\Users\Stefan\Downloads Windows 10 Home Version 2004 19041.928 (X64) (2020-11-16 15:26:11) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2452734210-2858773296-2644968050-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2452734210-2858773296-2644968050-503 - Limited - Disabled) defaultuser0 (S-1-5-21-2452734210-2858773296-2644968050-1000 - Limited - Disabled) => C:\Users\defaultuser0 Gast (S-1-5-21-2452734210-2858773296-2644968050-501 - Limited - Disabled) Stefan (S-1-5-21-2452734210-2858773296-2644968050-1001 - Administrator - Enabled) => C:\Users\Stefan WDAGUtilityAccount (S-1-5-21-2452734210-2858773296-2644968050-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.0 - Sereby Corporation) AOMEI Partition Assistant Demo Edition 8.6 (HKLM-x32\...\{04F850ED-FD0F-4ED1-AE1B-4498165BF3D2}_is1) (Version: - AOMEI Technology Co., Ltd.) AusweisApp2 (HKLM-x32\...\{904259BB-6BDF-4D98-AB2F-FC758F49E244}) (Version: 1.20.2 - Governikus GmbH & Co. KG) Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - ) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - ) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.) Canon MG5300 series Benutzerregistrierung (HKLM-x32\...\Canon MG5300 series Benutzerregistrierung) (Version: - ) Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.) Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version: - ) Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - ) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - ) Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - ) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6452 - CDBurnerXP) Dropbox (HKLM-x32\...\Dropbox) (Version: 120.4.4598 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden FileBot (HKLM\...\{34E88655-E87E-47EB-9FC8-259BA61D3947}) (Version: 4.7.19.1 - Reinhard Pointner) HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.500 - Huawei Technologies Co., Ltd.) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000110-0210-1031-84C8-B8D95FA3C8C3}) (Version: 21.110.0.3 - Intel Corporation) Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{4e75a24b-6cc4-4a46-accf-525f8a08c533}) (Version: 10.1.1.18 - Intel(R) Corporation) Hidden Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{4B3C56AB-963E-4F48-9747-05297683DB3B}) (Version: 16.8.3.1003 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation) Intel® Software Installer (HKLM-x32\...\{4a50fa17-2911-43ed-a2a1-d3a34411e2bb}) (Version: 21.110.2.1 - Intel Corporation) Hidden KeePass Password Safe 2.47 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.47 - Dominik Reichl) Ledger Live 2.24.0 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.24.0 - Ledger Live Team) Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes) Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.8655.0 - Waves Audio Ltd.) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.42 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.13901.20400 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{82f2609e-68ba-408d-963f-530ad8809435}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{577ff5ba-39aa-4d8c-a3a9-f95012763438}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24406 (HKLM-x32\...\{7c8a1675-0fe9-41fd-a2ed-aa4871816197}) (Version: 14.0.24406.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24406 (HKLM-x32\...\{b5e24db9-876e-4af2-ac7f-00d0e8bc162c}) (Version: 14.0.24406.0 - Microsoft Corporation) Movavi Video Suite 21 (HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\Movavi Video Suite 21) (Version: 21.2.0 - Movavi) Mozilla Firefox 88.0 (x64 de) (HKLM\...\Mozilla Firefox 88.0 (x64 de)) (Version: 88.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.1 - Mozilla) Mp3tag v2.87a (HKLM-x32\...\Mp3tag) (Version: 2.87a - Florian Heidenreich) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.4 - Notepad++ Team) NVIDIA GeForce Experience 3.1.0.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.0.52 - NVIDIA Corporation) NVIDIA Grafiktreiber 452.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.41 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13901.20400 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20400 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden PuTTY release 0.73 (64-bit) (HKLM\...\{44F7642C-AB7E-4468-B028-E8D08A0CBB0E}) (Version: 0.73.0.0 - Simon Tatham) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7904 - Realtek Semiconductor Corp.) Security Task Manager 2.4 (HKLM-x32\...\Security Task Manager) (Version: 2.4 - Neuber Software) Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 6.2-23733 - Synology) Telegram Desktop version 2.7.1 (HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.7.1 - Telegram FZ-LLC) tiptoi® Manager 4.2 (HKLM\...\{833392BB-E8C0-4066-9408-3A30FA43972F}_is1) (Version: 4.2 - Ravensburger AG) Trinity 1.6.1 (HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\e2e246ce-857c-53ed-b9ad-26e0668b9510) (Version: 1.6.1 - IOTA Foundation) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN) Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden WinX DVD Author 6.3.10 (HKLM-x32\...\WinX DVD Author_is1) (Version: - DigiartySoft, Inc.) Zoom (HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\ZoomUMX) (Version: 5.4.2 (58740.1105) - Zoom Video Communications, Inc.) Packages: ========= Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-18] (Canon Inc.) Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.312.1.0_neutral__8xx8rvfyw5nnt [2021-04-01] (Facebook Inc) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-14] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-14] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.4072.0_x64__8wekyb3d8bbwe [2021-04-18] (Microsoft Studios) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-21] (NVIDIA Corp.) Paradise Bay -> C:\Program Files\WindowsApps\king.com.ParadiseBay_3.9.0.0_x86__kgqvnymyfvs32 [2018-12-14] (king.com) Photo Editor | Polarr -> C:\Program Files\WindowsApps\613EBCEA.PolarrPhotoEditorAcademicEdition_5.10.200.0_x64__jb41c8remg0x2 [2020-06-01] (Polarr) Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.) Xodo Docs -> C:\Program Files\WindowsApps\5E8FC25E.XODODOCS_4.5.10.0_x64__3v3sf0k6w2rec [2021-04-18] (Xodo Technologies Inc.) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2452734210-2858773296-2644968050-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd) CustomCLSID: HKU\S-1-5-21-2452734210-2858773296-2644968050-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Stefan\Dropbox [2016-11-18 17:08] ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Datei ist nicht signiert] [Datei wird verwendet] ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Keine Datei ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2019-01-01] (Notepad++ -> ) ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Keine Datei ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-03-29] (Florian Heidenreich) [Datei ist nicht signiert] ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-03-29] (Florian Heidenreich) [Datei ist nicht signiert] ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Datei ist nicht signiert] [Datei wird verwendet] ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Keine Datei ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Keine Datei ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-03-29] (Florian Heidenreich) [Datei ist nicht signiert] ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Keine Datei ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_763182f3860a4408\igfxDTCM.dll [2020-05-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_ed2d6589d1176ab4\nvshext.dll [2020-10-22] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Keine Datei ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Keine Datei ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Namexif\Help.lnk -> hxxp://www.digicamsoft.com ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=16619&utm_medium=desktop&x-pos=Metro ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2016-11-19 15:11 - 2011-01-15 17:44 - 000319488 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_DEU.DLL 2016-11-19 15:07 - 2011-08-17 10:45 - 000049152 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\Solution Menu EX\LangInfo\DE\CNSELANG.dll 2016-11-19 15:04 - 2011-04-07 19:09 - 000069632 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files\Canon\MyPrinter\BJMyRes.dll 2016-11-19 15:04 - 2011-03-14 19:09 - 000136704 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files\Canon\MyPrinter\cnmpu.dll 2016-11-19 14:52 - 2012-06-14 18:18 - 000359936 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMN6PPM.DLL 2019-07-15 10:20 - 2019-07-15 10:20 - 000126976 _____ (Intel Corporation) [Datei ist nicht signiert] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll 2020-11-16 17:18 - 2020-11-16 17:18 - 001093632 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6229_none_cbee8c4a4710d003\MFC80U.DLL 2020-11-16 17:18 - 2020-11-16 17:18 - 000065536 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6229_none_03c6cf28205ff947\MFC80DEU.DLL ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.) BHO: Kein Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Keine Datei BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.) BHO-x32: Kein Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Keine Datei Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2016-07-16 13:47 - 2021-04-22 13:59 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts 2017-11-09 02:14 - 2017-11-09 02:14 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\FileBot\;C:\Program Files\PuTTY\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL HKU\S-1-5-21-2452734210-2858773296-2644968050-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg DNS Servers: 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\StartupApproved\Run: => "Lync" HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\StartupApproved\Run: => "Steam" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{6A9477D1-E95C-4F5A-8AE1-5C90ABFF435A}] => (Allow) C:\Users\Stefan\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{A01F3301-90F8-40B1-9DF8-483FEC842060}] => (Allow) C:\Users\Stefan\AppData\Local\pcvisit Software AG\caloa\pcvisit.Support.guest.15\release\15.0.21.8519\pcvdisplayserver.exe (pcvisit software ag -> ) FirewallRules: [{4D327E1F-CAD2-46E7-9C4C-3D33F1A39AC4}] => (Allow) C:\Users\Stefan\AppData\Local\pcvisit Software AG\caloa\pcvisit.Support.guest.15\release\15.0.21.8519\pcvisit_client.exe (pcvisit software ag -> pcvisit Software ag) FirewallRules: [{8DC21B46-C7AD-4735-91E9-429D589732E6}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{1C899954-6849-4BAC-A466-9C2E9F854B16}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{46F8A272-54DF-4216-B1D3-FE8C5398440A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => Keine Datei FirewallRules: [{ADC89288-7096-409A-A8C5-53ED442ED49A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => Keine Datei FirewallRules: [{33F93299-A844-4673-AD45-3B0642A5B46E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{2B76820A-CB54-4765-BE25-E188AD0459AB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{E538DC5B-21B9-4AF7-B0F5-9EC2BC3DD251}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{1F2BFDBA-DFFB-45A2-9C8E-9D2BC0F5B954}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{3004DCA1-9D2A-4883-9E55-1A8DB582E7CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{8854CAF2-8F97-45AA-B73D-37511DACAB40}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{CCA849D4-1A0B-4E28-8D47-159122CAEB6B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{68BA6FD2-94C1-434F-91DA-0D4B8AF8E894}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{79D43C5D-A970-4D4E-94A4-BABDD71FFA90}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F36F572B-73D9-4FC8-81F8-896C94F4AAF4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{481BC1C5-620B-4604-BC2D-469E2EDDF903}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG) FirewallRules: [{32C35D54-E24B-49EB-8830-D8CDE4B05869}] => (Allow) LPort=24727 FirewallRules: [TCP Query User{AB319108-9F3F-41F4-B9EE-FEFECBD4A1D8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{9242BA7E-BAE2-4C62-90AC-D484F6246E6E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{884972BA-E98E-4D3E-ADF1-64E7C8E43D28}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{1EC04944-1ED9-44C9-8D08-CE05B8D6F346}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E953E49C-49F4-40DF-BD45-9C373B5F9151}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{520A782A-C426-4A69-B84C-E64A9EE5E92D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A9FCF5E0-608F-4242-92F2-F287D0E6FBAC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{70964E97-F435-42C9-AA7E-908EF5AD428D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [TCP Query User{8057D20B-B962-477A-8F69-AD178AF3B364}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Block) C:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> ) [Datei ist nicht signiert] FirewallRules: [UDP Query User{19F95498-B601-422A-B722-A6A1FD188CC9}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Block) C:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> ) [Datei ist nicht signiert] ==================== Wiederherstellungspunkte ========================= ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:118.17 GB) (Free:54.9 GB) (46%) ==================== Fehlerhafte Geräte im Gerätemanager ============ ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (04/20/2021 10:14:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Fotos_dlx.exe, Version: 14.0.2.51, Zeitstempel: 0x5422d547 Name des fehlerhaften Moduls: Fotos_dlx.exe, Version: 14.0.2.51, Zeitstempel: 0x5422d547 Ausnahmecode: 0xc0000005 Fehleroffset: 0x008974d7 ID des fehlerhaften Prozesses: 0x405c Startzeit der fehlerhaften Anwendung: 0x01d73621c6cc4fde Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\MAGIX\Photostory 2015 Deluxe\Fotos_dlx.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\MAGIX\Photostory 2015 Deluxe\Fotos_dlx.exe Berichtskennung: 836a1a1f-f8bb-4af1-afe1-98b8d80f78b9 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (04/20/2021 07:52:57 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren. . Error: (04/20/2021 07:52:57 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren. ] Error: (04/18/2021 08:00:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Fotos_dlx.exe, Version: 14.0.2.51, Zeitstempel: 0x5422d547 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften Prozesses: 0x1bb0 Startzeit der fehlerhaften Anwendung: 0x01d7347b6f83eb07 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\MAGIX\Photostory 2015 Deluxe\Fotos_dlx.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 25f933ab-314d-4fd0-9093-7f5e32a59152 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (04/18/2021 05:52:42 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren. . Error: (04/18/2021 05:52:42 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren. ] Error: (04/18/2021 05:52:42 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren. . Error: (04/18/2021 05:52:42 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren. ] Systemfehler: ============= Error: (04/22/2021 04:00:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "CG6Service" wurde aufgrund folgenden Fehlers nicht gestartet: Das System kann die angegebene Datei nicht finden. Error: (04/22/2021 04:00:01 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet. Modulpfad: C:\WINDOWS\system32\IntelIHVRouter04.dll Error: (04/22/2021 04:00:01 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet. Modulpfad: C:\WINDOWS\system32\IntelIHVRouter04.dll Error: (04/22/2021 03:59:59 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet. Modulpfad: C:\WINDOWS\system32\IntelIHVRouter04.dll Error: (04/22/2021 03:59:58 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VFO2AEV) Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (04/22/2021 03:45:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts. Error: (04/22/2021 03:45:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) Content Protection HECI Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (04/22/2021 03:45:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Windows Defender: ================ Date: 2021-04-22 14:06:54 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {168A740E-1298-4437-B7AD-CCA721C6F50B} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2021-04-22 13:53:52 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {36A46C2A-18F1-49FF-952F-3397C7061A30} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM CodeIntegrity: =============== Date: 2021-04-22 14:53:51 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2021-04-22 13:37:24 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. ==================== Speicherinformationen =========================== BIOS: Dell Inc. 1.7.1 11/02/2020 Hauptplatine: Dell Inc. 042NDD Prozessor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz Prozentuale Nutzung des RAM: 34% Installierter physikalischer RAM: 16246.25 MB Verfügbarer physikalischer RAM: 10698.92 MB Summe virtueller Speicher: 18678.25 MB Verfügbarer virtueller Speicher: 12801.84 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:118.17 GB) (Free:54.9 GB) NTFS Drive e: () (Fixed) (Total:931.51 GB) (Free:871.58 GB) NTFS \\?\Volume{5cf26948-6e27-403d-a714-8ba29cdb3e06}\ (Wiederherstellung) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS \\?\Volume{d7cac8b1-cbbf-48cd-bf2d-faa1d81dad56}\ () (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS \\?\Volume{19dab91c-f98e-4cf0-b041-e024991598c6}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: DCF3AB4A) Partition: GPT. ========================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: DCF3AEED) Partition: GPT. ==================== Ende von Addition.txt ======================= Code:
ATTFilter Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 17-04-2021 durchgeführt von Stefan (22-04-2021 16:06:32) Gestartet von C:\Users\Stefan\Downloads Start-Modus: Normal ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Namexif\Help.lnk -> hxxp://www.digicamsoft.com Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AusweisApp2.lnk -> C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk -> C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe (Canneverbe Limited) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk -> C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ledger Live.lnk -> C:\Program Files\Ledger Live\Ledger Live.exe (Ledger Live Team) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO don.h@free.fr) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk -> C:\Program Files (x86)\Security Task Manager\TaskMan.exe (Neuber Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk -> C:\Program Files (x86)\Security Task Manager\SpyProtector.exe (Neuber Software - www.neuber.com) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager.lnk -> C:\Program Files\tiptoi® Manager\tiptoi® Manager.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Audio Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinX DVD Author\WinX DVD Author entfernen.lnk -> C:\Program Files (x86)\Digiarty\WinX DVD Author 6.3.10\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinX DVD Author\WinX DVD Author.lnk -> C:\Program Files (x86)\Digiarty\WinX DVD Author 6.3.10\DVD_Author.exe (Digiarty Software, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TREZOR Bridge\Uninstall.lnk -> C:\Program Files (x86)\TREZOR Bridge\Uninstall.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology\Synology Assistant.lnk -> C:\Program Files (x86)\Synology\Assistant\DSAssistant.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology\Uninstall Synology Assistant.lnk -> C:\Program Files (x86)\Synology\Assistant\Uninstall.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\Pageant.lnk -> C:\Program Files\PuTTY\pageant.exe (Simon Tatham) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PSFTP.lnk -> C:\Program Files\PuTTY\psftp.exe (Simon Tatham) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTY Manual.lnk -> C:\Program Files\PuTTY\putty.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTY Web Site.lnk -> C:\Program Files\PuTTY\website.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTY.lnk -> C:\Program Files\PuTTY\putty.exe (Simon Tatham) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTYgen.lnk -> C:\Program Files\PuTTY\puttygen.exe (Simon Tatham) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Mp3tag Hilfe.lnk -> C:\Program Files (x86)\Mp3tag\help\index.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Mp3tag.lnk -> C:\Program Files (x86)\Mp3tag\Mp3tag.exe (Florian Heidenreich) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Neu in dieser Version.lnk -> C:\Program Files (x86)\Mp3tag\Mp3tagVersion.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.50709.0\Silverlight.Configuration.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office Language Preferences.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Skype for Business Recording Manager.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OcPubMgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetry Dashboard for Office.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\msotd.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetry Log for Office.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\msoev.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Auf Updates prüfen.lnk -> C:\Program Files\Java\jre-10.0.2\bin\javacpl.exe (Keine Datei) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Info zu Java.lnk -> C:\Program Files\Java\jre-10.0.2\bin\javacpl.exe (Keine Datei) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Java konfigurieren.lnk -> C:\Program Files\Java\jre-10.0.2\bin\javacpl.exe (Keine Datei) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite\HiSuite.lnk -> C:\Program Files (x86)\HiSuite\HiSuite.exe (华为技术有限公司 版权所有) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite\Uninstall.lnk -> C:\Program Files (x86)\HiSuite\uninst.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Solution Menu EX\Solution Menu EX - Liesmich.lnk -> C:\Program Files (x86)\Canon\Solution Menu EX\Readme.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Solution Menu EX\Solution Menu EX.lnk -> C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Printer\My Printer - Liesmich.lnk -> C:\Program Files\Canon\MyPrinter\Readme.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\MP Navigator EX 5.0\MP Navigator EX 5.0.lnk -> C:\Program Files (x86)\Canon\MP Navigator EX 5.0\mpnex50.exe (CANON INC.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\MP Navigator EX 5.0\MP Navigator EX Liesmich.lnk -> C:\Program Files (x86)\Canon\MP Navigator EX 5.0\Readme.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Network Tool\IJ Network Tool.lnk -> C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNPUT.EXE (CANON INC.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Network Scanner Selector EX\IJ Network Scanner Selector EX.lnk -> C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Easy-PhotoPrint EX\Easy-PhotoPrint EX - Liesmich.lnk -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\Readme.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Easy-PhotoPrint EX\Easy-PhotoPrint EX.lnk -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZMAIN.EXE (CANON INC.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series Manual\Deinstallieren.lnk -> C:\Program Files (x86)\Canon\IJ Manual\CANON MG5300 SERIES\uninstall.exe (CANON INC.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series Benutzerregistrierung\Benutzerregistrierung - Deinstallation.LNK -> C:\Program Files (x86)\Canon\IJEREG\MG5300 series\UNINST.EXE (CANON INC.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series Benutzerregistrierung\Benutzerregistrierung.LNK -> C:\Program Files (x86)\Canon\IJEREG\MG5300 series\IJEREG.exe (CANON INC.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series\Liesmich.lnk -> C:\Program Files\CanonBJ\IJPrinter\Canon MG5300 series\readme_German.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant\AOMEI Partition Assistant Demo Edition 8.6.lnk -> C:\Program Files (x86)\AOMEI Partition Assistant\PartAssist.exe (AOMEI Technology Co., Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant\Uninstall AOMEI Partition Assistant.lnk -> C:\Program Files (x86)\AOMEI Partition Assistant\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation) Shortcut: C:\Users\Default\Links\OneDrive.lnk -> C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Stefan\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\defaultuser0\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Keine Datei) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\Public\Desktop\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes) Shortcut: C:\Users\Public\Desktop\Mp3tag.lnk -> C:\Program Files (x86)\Mp3tag\Mp3tag.exe (Florian Heidenreich) Shortcut: C:\Users\Public\Desktop\Synology Assistant.lnk -> C:\Program Files (x86)\Synology\Assistant\DSAssistant.exe () Shortcut: C:\Users\Public\Desktop\tiptoi® Manager.lnk -> C:\Program Files\tiptoi® Manager\tiptoi® Manager.exe () Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) Shortcut: C:\Users\Stefan\Links\Desktop.lnk -> C:\Users\Stefan\Desktop () Shortcut: C:\Users\Stefan\Links\Downloads.lnk -> C:\Users\Stefan\Downloads () Shortcut: C:\Users\Stefan\Documents\MAGIX\Video deluxe 2016 Premium\Fotoshow-Musik.lnk -> C:\ProgramData\MAGIX\Video deluxe 2016 Premium\Slideshow music (Keine Datei) Shortcut: C:\Users\Stefan\Documents\MAGIX\Video deluxe 2016 Premium\Sichtbares TV-Bild.LNK -> C:\ProgramData\MAGIX\Video deluxe 2016 Premium\_TV-Anti-Cropping (Keine Datei) Shortcut: C:\Users\Stefan\Documents\MAGIX\Video deluxe 2016 Premium\Studio-Vorspann.LNK -> C:\ProgramData\MAGIX\Video deluxe 2016 Premium\_Studio-Preview (Keine Datei) Shortcut: C:\Users\Stefan\Documents\MAGIX\Photostory 2015 Deluxe\Complete Demo.LNK -> C:\ProgramData\MAGIX\Photostory 2015 Deluxe\_Complete_Demo (Keine Datei) Shortcut: C:\Users\Stefan\Documents\MAGIX\Photostory 2015 Deluxe\One-Click-Optimization Demo.LNK -> C:\ProgramData\MAGIX\Photostory 2015 Deluxe\_One_Click_Optimization_Demo (Keine Datei) Shortcut: C:\Users\Stefan\Documents\MAGIX\Photostory 2015 Deluxe\Picture-In-Picture Demo.LNK -> C:\ProgramData\MAGIX\Photostory 2015 Deluxe\_Picture-in-picture_Demo (Keine Datei) Shortcut: C:\Users\Stefan\Documents\MAGIX\Photostory 2015 Deluxe\Slideshow music.lnk -> C:\ProgramData\MAGIX\Photostory 2015 Deluxe\Slideshow music (Keine Datei) Shortcut: C:\Users\Stefan\Documents\MAGIX\Photostory 2015 Deluxe\Stereo3D Demo.LNK -> C:\ProgramData\MAGIX\Photostory 2015 Deluxe\_Stereo3D_Demo (Keine Datei) Shortcut: C:\Users\Stefan\Documents\MAGIX\Photostory 2015 Deluxe\TV Anti Cropping.LNK -> C:\ProgramData\MAGIX\Photostory 2015 Deluxe\_TV-Anti-Cropping (Keine Datei) Shortcut: C:\Users\Stefan\Desktop\FileBot.lnk -> C:\Program Files\FileBot\filebot.launcher.exe () Shortcut: C:\Users\Stefan\Desktop\HiSuite.lnk -> C:\Program Files (x86)\HiSuite\HiSuite.exe (华为技术有限公司 版权所有) Shortcut: C:\Users\Stefan\Desktop\Kryptocurrency.xlsx - Verknüpfung.lnk -> T:\Dokumente, Anträge, Formulare\Kryptowährung\Kryptocurrency.xlsx (Keine Datei) Shortcut: C:\Users\Stefan\Desktop\Metalle.xlsx - Verknüpfung.lnk -> T:\Dokumente, Anträge, Formulare\Metalle.xlsx (Keine Datei) Shortcut: C:\Users\Stefan\Desktop\Movavi Video Suite 21.lnk -> C:\Users\Stefan\AppData\Roaming\Movavi Video Suite 21\Suite.exe (Movavi) Shortcut: C:\Users\Stefan\Desktop\Namexif.lnk -> C:\Program Files (x86)\Namexif\Namexif.exe (REBOL Technologies) Shortcut: C:\Users\Stefan\Desktop\Telegram.lnk -> C:\Users\Stefan\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Stefan\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk -> C:\Users\Stefan\Desktop\Tor Browser\Browser\firefox.exe (Keine Datei) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trinity.lnk -> C:\Users\Stefan\AppData\Local\Programs\trinity-desktop\Trinity.exe (IOTA Foundation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Zoom.lnk -> C:\Users\Stefan\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TREZOR Bridge\Uninstall.lnk -> C:\Program Files (x86)\TREZOR Bridge\Uninstall.exe () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Telegram entfernen.lnk -> C:\Users\Stefan\AppData\Roaming\Telegram Desktop\unins000.exe () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Telegram.lnk -> C:\Users\Stefan\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Namexif\Namexif.lnk -> C:\Program Files (x86)\Namexif\Namexif.exe (REBOL Technologies) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Namexif\Uninstall.lnk -> C:\Program Files (x86)\Namexif\Uninstall.exe () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movavi Video Suite 21\Movavi Video Suite 21 deinstallieren.lnk -> C:\Users\Stefan\AppData\Roaming\Movavi Video Suite 21\uninst.exe (Movavi) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movavi Video Suite 21\Movavi Video Suite 21.lnk -> C:\Users\Stefan\AppData\Roaming\Movavi Video Suite 21\Suite.exe (Movavi) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movavi Video Suite 21\Website Movavi Video Suite 21.lnk -> C:\Users\Stefan\AppData\Roaming\Movavi Video Suite 21\Movavi Video Suite 21.url () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiSuite\HiSuite.lnk -> C:\Program Files (x86)\HiSuite\HiSuite.exe (华为技术有限公司 版权所有) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiSuite\Uninstall.lnk -> C:\Program Files (x86)\HiSuite\uninst.exe () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileBot\FileBot (console).lnk -> C:\Program Files\FileBot\filebot.exe () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileBot\FileBot (platform).lnk -> C:\Program Files\FileBot\filebot.platform.launcher.exe () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileBot\FileBot.lnk -> C:\Program Files\FileBot\filebot.launcher.exe () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\SendTo\FileBot.lnk -> C:\Program Files\FileBot\filebot.launcher.exe () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WinX DVD Author.lnk -> C:\Program Files (x86)\Digiarty\WinX DVD Author 6.3.10\DVD_Author.exe (Digiarty Software, Inc.) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AusweisApp2.lnk -> C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CDBurnerXP.lnk -> C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe (Canneverbe Limited) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\KeePass 2.lnk -> C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Ledger Live.lnk -> C:\Program Files\Ledger Live\Ledger Live.exe (Ledger Live Team) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\mkvtoolnix-gui.lnk -> C:\Users\Stefan\Desktop\mkvtoolnix\mkvtoolnix-gui.exe () Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Outlook 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Tor Browser.lnk -> C:\Program Files\Tor Browser\Browser\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Trinity.lnk -> C:\Users\Stefan\AppData\Local\Programs\trinity-desktop\Trinity.exe (IOTA Foundation) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\WinX DVD Author.lnk -> C:\Program Files (x86)\Digiarty\WinX DVD Author 6.3.10\DVD_Author.exe (Digiarty Software, Inc.) Shortcut: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Tombstones\Ashampoo Photo Commander 12.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Photo Commander 12\apc.exe (Keine Datei) Shortcut: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=16619&utm_medium=desktop&x-pos=Metro ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TREZOR Bridge\TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe () -> -v -l "%APPDATA%\TREZOR Bridge\trezord.log" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe () -> -v -l "%APPDATA%\TREZOR Bridge\trezord.log" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Database Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\DATABASECOMPARE.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Spreadsheet Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\SPREADSHEETCOMPARE.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Database Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\DATABASECOMPARE.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Office Upload Center.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\MSOUC.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Spreadsheet Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\SPREADSHEETCOMPARE.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Solution Menu EX\Solution Menu EX Deinstallieren.lnk -> C:\Program Files (x86)\Canon\Solution Menu EX\uninst.exe (CANON INC.) -> /Uninstall C:\Program Files (x86)\Canon\Solution Menu EX\uninst.ini ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Printer\My Printer Deinstallieren.lnk -> C:\Program Files\Canon\MyPrinter\uninst.exe (CANON INC.) -> C:\Program Files\Canon\MyPrinter\uninst.ini ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Printer\My Printer.lnk -> C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.) -> /mn ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\MP Navigator EX 5.0\MP Navigator EX Deinstallieren.lnk -> C:\Program Files (x86)\Canon\MP Navigator EX 5.0\Maint.exe (CANON INC.) -> /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 5.0\uninst.ini ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Network Scanner Selector EX\IJ Network Scanner Selector EX Deinstallieren.lnk -> C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSU.exe (CANON INC.) -> /UninstallRemove C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\uninst.ini ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Easy-PhotoPrint EX\Easy-PhotoPrint EX Deinstallieren.lnk -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\uninst.exe (CANON INC.) -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\uninst.ini ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series Manual\Canon MG5300 series Online-Handbuch.lnk -> C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe (CANON INC.) -> "C:\PROGRAM FILES (X86)\Canon\IJ Manual\CANON MG5300 SERIES\German\Info.egv" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E} ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\Stefan\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Video Communications, Inc.) -> /uninstall ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TREZOR Bridge\TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe () -> -l "%APPDATA%\TREZOR Bridge\trezord.log" ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe () -> -l "%APPDATA%\TREZOR Bridge\trezord.log" ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileBot\Uninstall FileBot.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {34E88655-E87E-47EB-9FC8-259BA61D3947} ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) -> /recycle ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E} ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\Stefan\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinX DVD Author\WinX DVD Author im Internet.url -> URL: hxxp://www.winxdvd.com/dvd-author/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Mp3tag Website.url -> URL: hxxp://www.mp3tag.de InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Besuchen Sie Java.com.url -> URL: hxxp://java.com/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Hilfe aufrufen.url -> URL: hxxp://java.com/help InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant\User Help - German.url -> URL: hxxp://www.disk-partition.com/de/manual.html InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant\User Manual (PDF) - German.url -> URL: hxxp://www.disk-partition.com/de/download/UserManual.pdf InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant\Visit our website - German.url -> URL: hxxp://www.disk-partition.com/de InternetURL: C:\Users\Stefan\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142 InternetURL: C:\Users\Stefan\Desktop\Online PDF Tools.url -> URL: hxxps://tools.pdf24.org/ InternetURL: C:\Users\Stefan\Desktop\Tanzen.url -> URL: hxxps://us04web.zoom.us/j/71715103047?pwd=YlM1cm9ySlAxZ0VibGx5WWZHTVo2QT09 InternetURL: C:\Users\Stefan\Desktop\Untitled.URL -> URL: hxxp://quickconnect.to/Mue1 InternetURL: C:\Users\Stefan\Desktop\mkvtoolnix\MKVToolNix.url -> URL: hxxps://www.bunkus.org/videotools/mkvtoolnix/ InternetURL: C:\Users\Stefan\Desktop\Magix Photostory 2015 Deluxe v14 0 2 51_\00 - JBinUp.url -> URL: hxxp://www.JBinUp.com InternetURL: C:\Users\Stefan\AppData\Roaming\Movavi Video Suite 21\Movavi Video Suite 21.url -> URL: hxxps://links.movavi.com/?asrc=start&app=suite&module=installer&version=21-2-0&lang=de_de&isTrial=1&partner=&huid=eebac40801bc39e9e14bfff7aa9b44d50d09d17d&utm_nooverride=1 ==================== Ende vom Shortcut.txt ============================= |
Themen zu Windows 10 Home, Internetseite lässt sich nicht öffnen, Warnung Vodafone über Schadsoftware |
.dll, administrator, adobe, antivirus, avast, canon, defender, fehlermeldung, firefox, google, home, homepage, mozilla, mp3, nvcontainer, problem, prozesse, realtek, registry, scan, security, server, system, temp, trezor, warnung, webadvisor, windows, wlan |