| |
| |||||||
Log-Analyse und Auswertung: WIN10 PC gehackt, T-Online Emails werden in meinem Namen versendet, Fremdzugriff über TeamViewer?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
18.06.2021, 12:54
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  WIN10 PC gehackt, T-Online Emails werden in meinem Namen versendet, Fremdzugriff über TeamViewer? Störende, veraltete oder unnötige Programme deinstallieren Bitte über Programme und Features (appwiz.cpl) deinstallieren: Adobe Acrobat Reader DC - Deutsch AntiBrowserSpy 2020 AnyDesk CCleaner PDF-Viewer VLC media player WinRAR 5.31 (64-Bit)
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
18.06.2021, 13:23
| #17 |
 | WIN10 PC gehackt, T-Online Emails werden in meinem Namen versendet, Fremdzugriff über TeamViewer? Erledigt und neu gestartet.
__________________ |
|
18.06.2021, 13:24
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | WIN10 PC gehackt, T-Online Emails werden in meinem Namen versendet, Fremdzugriff über TeamViewer? adwCleaner
__________________Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. adwcleaner zwecks Kontrolle bitte wiederholen, falls es Funde gab.
__________________ |
|
18.06.2021, 14:02
| #19 |
| | WIN10 PC gehackt, T-Online Emails werden in meinem Namen versendet, Fremdzugriff über TeamViewer?Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-18-2021
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 43
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\Users\Popp\AppData\Local\Downloaded Installations\{DAD82379-C684-4D04-83D5-2B9934A9C362}
***** [ Files ] *****
Deleted C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
Deleted C:\Windows\SysWOW64\lavasofttcpservice.dll
Deleted C:\Windows\System32\LavasoftTcpService64.dll
Deleted C:\Windows\System32\LavasoftTcpServiceOff.ini
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted HKLM\Software\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Deleted HKLM\Software\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Deleted HKLM\Software\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Deleted HKLM\Software\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Deleted HKLM\Software\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Deleted HKLM\Software\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Deleted HKLM\Software\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Deleted HKLM\Software\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataContainer
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataContainer.1
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataController
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataController.1
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataTable
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataTable.1
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataTableFields
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataTableFields.1
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataTableHolder
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.DataTableHolder.1
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.LSPLogic
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.LSPLogic.1
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.ReadOnlyManager
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.WFPController
Deleted HKLM\Software\Classes\LavasoftTcpServiceLib.WFPController.1
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted HKU\S-1-5-80-984045770-530578318-3922014146-158851812-3803115751\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKU\S-1-5-80-984045770-530578318-3922014146-158851812-3803115751\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [7507 octets] - [18/05/2021 09:15:47]
AdwCleaner[S01].txt - [7568 octets] - [18/06/2021 14:30:27]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
Aber: Bei "vorinstallierten Dateien" ist mein Sony Kameraprogramm aufgeführt. Da habe ich mich nicht getraut das in Quarantäne zu verschieben. Da sind meine ganzen Bilder und Videos drauf. Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 06-18-2021
# Duration: 00:00:14
# OS: Windows 10 Pro
# Scanned: 31983
# Detected: 13
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.HPSupportAssistant Folder C:\Users\Popp\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Users\Popp\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{56D27851-B9A6-430F-875A-E2D7A3802C7B}
Preinstalled.SonyPlayMemoriesHome File C:\Users\Public\Desktop\PlayMemories Home.lnk
Preinstalled.SonyPlayMemoriesHome Folder C:\Program Files (x86)\SONY\PLAYMEMORIES HOME
Preinstalled.SonyPlayMemoriesHome Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|PMBVolumeWatcher
Preinstalled.SonyPlayMemoriesHome Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|PMBVolumeWatcher
Preinstalled.SonyPlayMemoriesHome Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4F95DC94-A29D-41F6-AF34-15AA0D666186}
Preinstalled.SonyPlayMemoriesHome Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{7D3A0097-9E0E-4073-801C-295BBDAEAED8}
Preinstalled.SonyPlayMemoriesHome Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}
Preinstalled.SonyPlayMemoriesHome Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{D3981248-DBE7-4050-B666-A7FE5AFFC62C}
Preinstalled.SonyPlayMemoriesHome Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}
Preinstalled.VAIOEntertainmentCommonService Folder C:\Program Files\Common Files\SONY SHARED\VAIO ENTERTAINMENT PLATFORM
AdwCleaner[S00].txt - [7507 octets] - [18/05/2021 09:15:47]
AdwCleaner[S01].txt - [7568 octets] - [18/06/2021 14:30:27]
AdwCleaner[C01].txt - [5258 octets] - [18/06/2021 14:32:24]
AdwCleaner[S02].txt - [3309 octets] - [18/06/2021 14:37:07]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########
|
|
18.06.2021, 16:19
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ |  WIN10 PC gehackt, T-Online Emails werden in meinem Namen versendet, Fremdzugriff über TeamViewer?Zitat:
 Du scheinst wohl irgendwie zu glauben, dass alle Bilder und Videos weg sind, nur weil man ein Programm deinstalliert, dass diese Medien betrachten kann - echt jetzt? Noch nie gehört, dass Bilder in deinem Bilderordner liegen und Programme nach C:\Program Files installiert werden? Oder glaubst du Programmdatei und Bilddateien verschmelzen zu einer großen Datei? Ich hab auch den Eindruck, dass du noch nie was von Datensicherung gehört hast, obwohl du so besorgt um deine Bilder und Videos bist. Ist ja lt. deiner Befüchtung alles komplett weg wenn du das Programm deinstallierst. Was willst du denn machen, wenn deine Festplatte/SSD kaputtgeht?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.06.2021, 16:30
| #21 |
| | WIN10 PC gehackt, T-Online Emails werden in meinem Namen versendet, Fremdzugriff über TeamViewer? So weit mir bekannt ist, speichert das Sony-Programm die Bilder nicht in einen Windows Bilderordner. Ich kann die Bilder auch nur über dieses Programm ansehen, es sei denn ich habe was übersehen. Wenn es so wichtig ist (war mir nicht bewusst, sorry), mache ich eine Sicherung und werde das Programm entfernen. Wäre allerdings schade, denn das Programm kommuniziert (über Wlan) direkt mit der Kamera. Bestimmt existiert eine (ältere) Sicherung, wollte es aber nicht darauf ankommen lassen. Kann ich das Programm nach Abschluss unserer Arbeiten dann wieder installieren, oder muss ich darauf verzichten? |
|
18.06.2021, 16:50
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | WIN10 PC gehackt, T-Online Emails werden in meinem Namen versendet, Fremdzugriff über TeamViewer? Was ist denn das für ein bescheuertes Programm? Wenn das mal irgendwann nicht mehr geht, kein Support mehr da ist oder was iauch immer, dann sind auch alle Fotos weg??! Wenn das wirklich so ist, solltest du dir schleunigst ein anderes Programm suchen. 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.06.2021, 17:06
| #23 |
| | WIN10 PC gehackt, T-Online Emails werden in meinem Namen versendet, Fremdzugriff über TeamViewer? Naja, es gehört halt zur Kamera und ich habe eine grosse Menge Bilder und Videos drauf. Bis jetzt hat es sehr gut funktioniert. Aber im Prinzip hast du natürlich Recht Ich versuche gerade die Dateien über den Explorer auf eine externe Festplatte zu kopieren. Das scheint aber ewig zu dauern. Programmseits habe ich keine Sicherungsoption gefunden. Was anderes fällt mir jetzt nicht dazu ein, bin etwas Überfordert. |
|
18.06.2021, 22:09
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | WIN10 PC gehackt, T-Online Emails werden in meinem Namen versendet, Fremdzugriff über TeamViewer? Gut dann lass es drauf. Aber allgemein sollte man schon diesen vorinstallierten Mist auch entfernen. Obwohl ich immer noch nicht davon ganz überzeugt bin, dass dieses Programm wirkilch so tickt wie du behauptest. Es kann doch nicht wahr sein, dass die Bilder quasi zerstört und in irgendeinem undurchsichtigen Format gespeichert werden Dann jetzt bitte neu FRST-Logs.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.06.2021, 22:36
| #25 |
| | WIN10 PC gehackt, T-Online Emails werden in meinem Namen versendet, Fremdzugriff über TeamViewer? Ich bin leider immer noch damit beschäftigt, die Dateien zu sichern (auf externe Festplatte kopieren). Problem: Ich erhalte die Meldung dass nicht genügend Speicherplatz vorhanden wäre. Allerdings sind von den 4TB von der ext. FP. noch etwa 3TB frei. Ich mache morgen weiter und versuche eine Lösung zu finden. Nochmals zur Sicherheit: Muss das Programm wirklich weg? Mein Sohn macht mich einen Kopf kürzer wenn ich das nicht wieder hinbekomme und freut sich auf das frühzeitige Erbe!  Ach ja... ganz vergessen: Das Sony-Programm war nicht vorinstalliert. Das habe ich (mein Sohn) selbst auf den Rechner installiert. Auch das HP -Programm war nicht vorinstalliert. Es gehört sicherlich zu einem ehemaligen Plotter, den es allerdings seit einigen Jahren nicht mehr gibt. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16-06-2021
durchgeführt von Popp (Administrator) auf DELL-PC (Dell Inc. OptiPlex 7010) (18-06-2021 23:31:16)
Gestartet von C:\Users\Popp\Downloads
Geladene Profile: Popp & SFDatabaseServiceV4
Platform: Windows 10 Pro Version 2004 19041.1052 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\91.0.4472.10\remoting_host.exe <2>
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\140\LocalDB\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <8>
(Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Sony Imaging Products & Solutions Inc. -> Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\SFirmV3\SFUpdateService.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\SFirmV4\SFAutomatService.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\SFirmV4\SFDatabaseService.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\SFirmV4\SFSQLServerBackingService\SFSqlServerBackingService.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\SFirmV4\SFUpdateService.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Network Configuration] => C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [725280 2012-08-27] (Oki Data Corporation -> Oki Data Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe [2926336 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [SfWinStartInfoV3] => C:\Program Files (x86)\SFirmV3\sfWinStartupInfo.exe [151024 2015-10-19] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
HKLM-x32\...\Run: [SFUpdateProviderV3] => C:\Program Files (x86)\SFirmV3\SFUpdateProvider.exe [35312 2015-10-19] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [3029480 2018-05-09] (Sony Imaging Products & Solutions Inc. -> Sony Corporation)
HKLM-x32\...\Run: [SfWinStartInfoV4] => C:\Program Files (x86)\SFirmV4\sfWinStartupInfo.exe [832400 2021-03-15] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
HKLM-x32\...\Run: [SFUpdateProviderV4] => C:\Program Files (x86)\SFirmV4\SFUpdateProvider.exe [716176 2021-03-15] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\Run: [DymoQuickPrint] => C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe [1867056 2014-03-20] (Sanford, L.P. -> Sanford, L.P.)
HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [16971752 2017-12-13] (Plex, Inc -> Plex, Inc.)
HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [3015072 2016-01-19] (Comfort Software Group -> Comfort Software Group)
HKLM\...\Windows x64\Print Processors\OPLAPP3: C:\Windows\System32\spool\prtprocs\x64\OPLAPP3.dll [43520 2012-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\...\Print\Monitors\DYMO LabelWriter Monitor: C:\WINDOWS\system32\LW400MON.DLL [16384 2013-03-04] (Microsoft Windows Hardware Compatibility Publisher -> DYMO Corp.)
HKLM\...\Print\Monitors\EvoUN01 Language Monitor: C:\WINDOWS\system32\EVOUN01MON.DLL [76472 2017-08-17] (Evolis -> Evolis Card Printer)
HKLM\...\Print\Monitors\Oki Language Monitor v2 x64: C:\WINDOWS\system32\OKLMON64.DLL [27648 2009-06-25] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.106\Installer\chrmstp.exe [2021-06-17] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Evolis Printer Manager.lnk [2017-12-12]
ShortcutTarget: Evolis Printer Manager.lnk -> C:\Program Files\Evolis Card Printer\Evolis Premium Suite\PrinterManager.exe (Evolis -> Evolis Card Printer)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2016-02-14]
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH) [Datei ist nicht signiert]
Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2016-02-14]
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH) [Datei ist nicht signiert]
Startup: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2016-02-14]
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH) [Datei ist nicht signiert]
Startup: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeskPins.lnk [2020-06-29]
ShortcutTarget: DeskPins.lnk -> C:\Program Files (x86)\DeskPins\deskpins.exe (Elias Fotinis) [Datei ist nicht signiert]
Startup: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2021-06-18]
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH) [Datei ist nicht signiert]
Startup: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagentaCLOUD.lnk [2020-09-21]
ShortcutTarget: MagentaCLOUD.lnk -> C:\Program Files (x86)\Telekom\MagentaCloud\MagentaCloud.App.exe (Deutsche Telekom AG -> )
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {040E19E0-3FF3-4020-B47E-3FA12B98FE02} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {054ADAAB-1C72-4FF9-ADF7-4AB5EAE6FF2D} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {079ABE46-2B85-4F8C-9C49-748396C38D96} - System32\Tasks\Abelssoft\AccountAlarm_106 => C:\Program Files (x86)\AccountAlarm\AbLauncher.exe [21736 2021-04-22] (Ascora GmbH -> )
Task: {09B3DFE9-38BC-4348-9C8E-131A8D6494CE} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [495248 2014-01-16] (Sony Corporation -> Sony Corporation)
Task: {0CCC09F9-BA7F-4445-9897-E212D598503B} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {19F93400-0985-4B60-AC5C-8FE3310BD854} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B083F34-2B3D-40C9-BA62-57BDD6C44C3E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124856 2021-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {232D2253-3AF1-48A5-8350-83C716E4B052} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {239C19D8-5AB3-45A4-8F46-3038F3C0107B} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {26FABCF9-1372-4D82-92CC-848B3BFE9F55} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [3059280 2021-03-06] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {2827F839-3A8A-4782-A915-25B5023E4437} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {2AD1E353-E598-4D49-AAF6-67901E2ECC51} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [690616 2021-06-17] (Mozilla Corporation -> Mozilla Foundation)
Task: {2CDCDA85-CE12-42EC-B509-FDEA06CDBFF8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {2DECFE53-12A3-4D03-8FA0-376D30F7B840} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F6EDE96-1A90-4E86-A603-D40FE0D30184} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-17] (Google Inc -> Google Inc.)
Task: {33B64045-9529-4165-AD45-1D661AB2D70F} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3A32FF18-67EE-4C9B-9FA0-53355B7B8288} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3FB688C2-3F85-4A3F-88E2-981D621CDD0C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {405CCE1E-15DB-4B3C-A8A0-71D30F60F6B4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3953096 2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {42CBCCAA-F998-41D4-A615-51D011606121} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {529974B2-75E5-4ACA-9CA5-02318533540D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5419F753-BBC0-4ACE-9E49-5D968BC1AAB5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {56D16294-0716-4A80-BF4D-43EA3C320E6F} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {590F3F64-8DA9-4F5A-AF63-07FAEC940022} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {59ABDE15-90BA-40D9-8FF6-239CED2A7142} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-17] (Google Inc -> Google Inc.)
Task: {5B29ED17-B5C1-4409-82BB-FFB9C6DCB331} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {627EBC90-5873-47E9-9250-9422271A7CCE} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {684606C1-AB7C-4AF9-92B9-7BB78D5EF746} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {6B3CAC9C-9644-4CF6-8126-7841E8846620} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {6BA53248-DC73-419C-81FE-7B8F04AE7B09} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6BB1D149-D753-4057-AF3A-300A92B9997D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6FF5B52A-E2FC-43C7-AA15-48C1375F0954} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7CDDB027-7CF5-47F1-8D6C-DEE641715EF0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8AD1D1F0-7C51-47F1-8764-8EF06F03476B} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {986D7CB7-BD9F-4277-8100-01209DDBB96F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9CD57278-D4F2-4037-8E7E-004C0331444F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A4AE0861-D717-4EB2-B30C-BA0722680AC0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B184E1DF-7028-4F90-BEB6-7A8437BFFFC6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3953096 2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {B7492F06-29CD-4FDC-869E-B7B3CDEC2493} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {C6D8C2A7-E05F-4BB3-AA03-1D91A402BEC5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CD5CD9F8-2DC2-4AA5-8FF9-E616590639E0} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {D2840624-0294-4FCD-8807-14E722D1C613} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DE5E6EA5-6AE0-4CB4-BB40-3FFA5A1A031F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124856 2021-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4F5B945-0A6E-402F-A34B-74C1E409B16A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {F03F6E97-5E4B-45A3-BF3D-B2D77573F0A1} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F313DA81-4AD0-4B16-9652-811BD2A8D259} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F5578029-B45C-4194-A9B2-48227DE79832} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {F5C9A58B-CFDD-4171-9872-A3A78C826FA0} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FFBB7CC1-1020-4241-BC7E-44803EFA90F3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5ff1a44e-f36c-4a0a-b0a3-d7342e281167}: [DhcpNameServer] 192.168.178.1
Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Popp\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-18]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: ewmeglni.default-1477417793024
FF ProfilePath: C:\Users\Popp\AppData\Roaming\Mozilla\Firefox\Profiles\ewmeglni.default-1477417793024 [2021-06-18]
FF Extension: (Privacy Badger) - C:\Users\Popp\AppData\Roaming\Mozilla\Firefox\Profiles\ewmeglni.default-1477417793024\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2020-03-10]
FF Extension: (Browsing Protection by F-Secure) - C:\Users\Popp\AppData\Roaming\Mozilla\Firefox\Profiles\ewmeglni.default-1477417793024\Extensions\ols@f-secure.com.xpi [2021-06-11] [UpdateUrl:hxxps://download.sp.f-secure.com/online-safety/updates.json]
FF Extension: (uBlock Origin) - C:\Users\Popp\AppData\Roaming\Mozilla\Firefox\Profiles\ewmeglni.default-1477417793024\Extensions\uBlock0@raymondhill.net.xpi [2020-01-11]
FF Extension: (G DATA WebProtection) - C:\Users\Popp\AppData\Roaming\Mozilla\Firefox\Profiles\ewmeglni.default-1477417793024\Extensions\webprotection@gdata.de.xpi [2021-02-27] [UpdateUrl:hxxps://gdata-a.akamaihd.net/R/CommonUpdate/extensions/webprotection/updates.json]
FF Extension: (Startpage.com — Datenschutz-Suchmaschine) - C:\Users\Popp\AppData\Roaming\Mozilla\Firefox\Profiles\ewmeglni.default-1477417793024\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2019-03-27]
FF Extension: (Video DownloadHelper) - C:\Users\Popp\AppData\Roaming\Mozilla\Firefox\Profiles\ewmeglni.default-1477417793024\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-11-02]
FF Extension: (Google Analytics Blocker) - C:\Users\Popp\AppData\Roaming\Mozilla\Firefox\Profiles\ewmeglni.default-1477417793024\Extensions\{c7c3483c-0e96-45f4-8772-f84462cdc047}.xpi [2020-09-28]
FF Extension: (Save time by asking Buster to solve captchas for you.) - C:\Users\Popp\AppData\Roaming\Mozilla\Firefox\Profiles\ewmeglni.default-1477417793024\Extensions\{e58d3966-3d76-4cd9-8552-1582fbc800c1}.xpi [2019-10-01]
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @dymo.com/DymoLabelFramework -> C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll [2014-03-20] (Sanford, L.P. -> Sanford L.P.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\prefs.js [2016-02-13]
Chrome:
=======
CHR Profile: C:\Users\Popp\AppData\Local\Google\Chrome\User Data\Default [2021-06-17]
CHR Extension: (Präsentationen) - C:\Users\Popp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-19]
CHR Extension: (Docs) - C:\Users\Popp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-19]
CHR Extension: (Google Drive) - C:\Users\Popp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-23]
CHR Extension: (YouTube) - C:\Users\Popp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-17]
CHR Extension: (Tabellen) - C:\Users\Popp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-19]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Popp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-07-17]
CHR Extension: (Google Docs Offline) - C:\Users\Popp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-23]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Popp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-09]
CHR Extension: (G DATA WebProtection) - C:\Users\Popp\AppData\Local\Google\Chrome\User Data\Default\Extensions\iokapgenfjiafbmphhhcgmgkobiiomcp [2021-06-09]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Popp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-23]
CHR Extension: (Google Mail) - C:\Users\Popp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-23]
CHR Extension: (Chrome Media Router) - C:\Users\Popp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-09]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\91.0.4472.10\remoting_host.exe [71280 2021-04-14] (Google LLC -> Google LLC)
S2 cjpcsc; C:\WINDOWS\SysWOW64\cjpcsc.exe [611336 2018-11-15] (Reiner Kartengeraete GmbH und Co.KG -> REINER SCT)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-06-03] (Microsoft Corporation -> Microsoft Corporation)
S2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [6282048 2020-07-15] (devolo AG -> devolo AG)
S2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [33072 2014-03-20] (Sanford, L.P. -> Sanford, L.P.)
S2 Evolis Print Center Service; C:\Program Files\Evolis Card Printer\Evolis Premium Suite\EvoPCSvc.exe [2523328 2017-09-19] (Evolis -> Evolis Card Printer)
S2 Evolis Services Provider; C:\Program Files\Evolis Card Printer\Evolis Premium Suite\ESPFSvc.exe [1716416 2017-08-17] (Evolis -> Evolis Card Printer)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-03-17] (Mixbyte Inc -> Freemake)
S2 MagentaCLOUDMaintenanceService; C:\Program Files (x86)\Telekom\MagentaCloud\Updater\MaintenanceService.exe [945352 2017-09-26] (Deutsche Telekom AG -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-08] (Malwarebytes Inc -> Malwarebytes)
S2 MTAgentService; C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe [783344 2020-12-31] (MiniTool Software Limited -> )
S2 MTSchedulerService; C:\Program Files (x86)\MiniTool ShadowMaker\SchedulerService.exe [226800 2020-12-31] (MiniTool Software Limited -> )
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2102248 2017-12-13] (Plex, Inc -> Plex, Inc.)
S2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [498152 2018-05-09] (Sony Imaging Products & Solutions Inc. -> Sony Corporation)
S2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393304 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SFAutomatServiceV4; C:\Program Files (x86)\SFirmV4\SFAutomatService.exe [712080 2021-03-15] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 SFDatabaseServiceV4; C:\Program Files (x86)\SFirmV4\SFDatabaseService.exe [721808 2021-03-15] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 SFirmV4SqlServerBackingService; C:\Program Files (x86)\SFirmV4\SFSQLServerBackingService\SFSqlServerBackingService.exe [1035664 2021-03-15] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 SFUpdateServiceV3; C:\Program Files (x86)\SFirmV3\SFUpdateService.exe [35312 2015-10-19] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 SFUpdateServiceV4; C:\Program Files (x86)\SFirmV4\SFUpdateService.exe [716176 2021-03-15] (Star Finanz - Software Entwicklung und Vertriebs GmbH -> Star Finanz - Software Entwicklung und Vertriebs GmbH)
S3 TDslMgrService; C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe [307200 2008-10-23] (T-Systems Enterprise Services GmbH) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13261608 2021-05-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 avmaura; C:\WINDOWS\System32\drivers\avmaura.sys [116480 2017-08-29] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
S3 BrSerId; C:\WINDOWS\system32\DRIVERS\BrSerId.sys [290816 2012-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Brother Industries Ltd.)
S3 BrUsbSer; C:\WINDOWS\system32\DRIVERS\BrUsbSer.sys [14720 2011-07-18] (Microsoft Windows Hardware Compatibility Publisher -> Brother Industries Ltd.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 cjusb; C:\WINDOWS\System32\drivers\cjusb.sys [43224 2017-03-28] (REINER Kartengeraete GmbH & Co. KG -> REINER SCT)
R1 DslMNLwf; C:\WINDOWS\system32\DRIVERS\dslmnlwf.sys [19008 2007-08-01] (T-Systems Enterprise Services GmbH -> T-Systems Enterprise Services GmbH)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-17] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-08] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-17] (Malwarebytes Inc -> Malwarebytes)
R2 NPF_devolo; C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys [36496 2020-07-15] (devolo AG -> Riverbed Technology, Inc.)
S3 usbser; C:\Windows\SysWOW64\drivers\usbser.sys [25600 2014-04-11] (Microsoft Corporation) [Datei ist nicht signiert]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-17] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-06-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-17] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-06-18 14:25 - 2021-06-18 14:25 - 008534696 _____ (Malwarebytes) C:\Users\Popp\Downloads\adwcleaner_8.2(1).exe
2021-06-17 23:52 - 2021-06-17 23:52 - 001828352 _____ C:\Users\Popp\Downloads\AVCleaner.exe
2021-06-17 14:48 - 2021-06-17 14:48 - 031506184 _____ (Piriform Software Ltd) C:\Users\Popp\Downloads\ccsetup581_slim.exe
2021-06-17 14:09 - 2021-06-17 14:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-06-17 14:03 - 2021-06-18 14:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-06-17 13:38 - 2021-06-17 23:21 - 000090310 _____ C:\Users\Popp\Downloads\Shortcut.txt
2021-06-17 13:37 - 2021-06-17 23:21 - 000059702 _____ C:\Users\Popp\Downloads\Addition.txt
2021-06-17 13:33 - 2021-06-18 23:31 - 000032242 _____ C:\Users\Popp\Downloads\FRST.txt
2021-06-17 13:33 - 2021-06-18 23:31 - 000000000 ____D C:\FRST
2021-06-17 13:33 - 2021-06-17 13:33 - 000000000 ____D C:\Users\Popp\Downloads\FRST-OlderVersion
2021-06-17 13:32 - 2021-06-17 13:33 - 002300416 _____ (Farbar) C:\Users\Popp\Downloads\FRST64.exe
2021-06-17 12:56 - 2021-06-17 12:56 - 005819544 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\Popp\Downloads\HiJackThis_v2.8.0.4.exe
2021-06-15 14:41 - 2021-06-17 12:55 - 000756080 _____ C:\WINDOWS\ntbtlog.txt
2021-06-15 14:41 - 2021-06-17 12:54 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-06-15 14:41 - 2021-06-17 12:54 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-06-13 16:33 - 2021-06-13 16:33 - 000311197 _____ C:\Users\Popp\Desktop\120621.pdf
2021-06-12 22:29 - 2021-06-12 22:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2021-06-12 15:19 - 2021-06-12 15:19 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-12 15:19 - 2021-06-12 15:19 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-12 15:19 - 2021-06-12 15:19 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-12 15:19 - 2021-06-12 15:19 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-12 15:19 - 2021-06-12 15:19 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-12 15:19 - 2021-06-12 15:19 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-12 15:19 - 2021-06-12 15:19 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-12 15:19 - 2021-06-12 15:19 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-12 15:19 - 2021-06-12 15:19 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-12 15:19 - 2021-06-12 15:19 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-12 15:18 - 2021-06-12 15:18 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-12 15:18 - 2021-06-12 15:18 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-12 15:18 - 2021-06-12 15:18 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-12 15:18 - 2021-06-12 15:18 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-12 15:18 - 2021-06-12 15:18 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-12 15:18 - 2021-06-12 15:18 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-12 15:18 - 2021-06-12 15:18 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-12 15:18 - 2021-06-12 15:18 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-11 23:25 - 2021-06-11 23:25 - 000000000 ____D C:\Program Files (x86)\F-Secure
2021-06-11 23:23 - 2021-06-11 23:23 - 001816408 _____ (F-Secure Corporation) C:\Users\Popp\Downloads\F-Secure-Safe-Network-Installer_w0dcsq1ndzdvf_.exe
2021-06-11 23:18 - 2021-06-11 23:18 - 000000085 _____ C:\WINDOWS\wininit.ini
2021-06-11 23:16 - 2021-06-17 23:06 - 000000000 ____D C:\ProgramData\F-Secure
2021-06-11 23:16 - 2021-06-11 23:28 - 000000000 ____D C:\Users\Popp\AppData\Local\F-Secure
2021-06-11 23:16 - 2021-06-11 23:16 - 001816408 _____ (F-Secure Corporation) C:\Users\Popp\Downloads\F-Secure-Safe-Network-Installer_hiapik1l4fm1x_.exe
2021-06-07 21:24 - 2021-06-07 21:24 - 000206842 _____ C:\Users\Popp\Desktop\070621.pdf
2021-06-06 21:54 - 2021-06-06 21:54 - 000000000 ____D C:\Users\Popp\AppData\Roaming\java
2021-06-06 21:52 - 2021-06-06 21:52 - 000191776 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2021-06-06 21:52 - 2021-06-06 21:52 - 000000000 ____D C:\Users\Popp\AppData\Roaming\Sun
2021-06-06 21:52 - 2021-06-06 21:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-06-06 21:52 - 2021-06-06 21:52 - 000000000 ____D C:\Program Files\Java
2021-06-06 21:51 - 2021-06-06 21:52 - 084613384 _____ (Oracle Corporation) C:\Users\Popp\Downloads\jre-8u291-windows-x64.exe
2021-06-04 09:59 - 2021-06-04 09:59 - 000104121 _____ C:\Users\Popp\Desktop\Angels Bestellung 4.6.21.pdf
2021-05-29 00:25 - 2021-05-29 00:25 - 000461881 _____ C:\Users\Popp\Desktop\Kaufvertrag Jimny.pdf
2021-05-26 19:59 - 2021-05-26 19:59 - 000287578 _____ C:\Users\Popp\Desktop\TT Doppelbestellung.pdf
2021-05-26 19:00 - 2021-05-26 19:00 - 000191356 _____ C:\Users\Popp\Desktop\Soya Fehlmenge.pdf
2021-05-25 11:43 - 2021-05-25 11:43 - 000002028 _____ C:\Users\Public\Desktop\AccountAlarm.lnk
2021-05-25 11:43 - 2021-05-25 11:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Abelssoft
2021-05-25 11:43 - 2021-05-25 11:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AccountAlarm
2021-05-25 11:43 - 2021-05-25 11:43 - 000000000 ____D C:\ProgramData\Abelssoft
2021-05-25 11:43 - 2021-05-25 11:43 - 000000000 ____D C:\Program Files (x86)\AccountAlarm
2021-05-25 11:42 - 2021-05-25 11:42 - 004991544 _____ (Abelssoft ) C:\Users\Popp\Downloads\AccountAlarm_Setup.exe
2021-05-25 11:39 - 2021-05-25 11:43 - 000000000 ____D C:\Users\Popp\AppData\Local\Abelssoft
2021-05-25 11:39 - 2021-05-25 11:39 - 000000000 ____D C:\Users\Popp\AppData\Roaming\Abelssoft
2021-05-25 11:39 - 2021-05-25 11:39 - 000000000 ____D C:\ProgramData\XDMessagingv4
2021-05-25 11:38 - 2021-05-25 11:38 - 009815496 _____ (Abelssoft ) C:\Users\Popp\Downloads\AntiBrowserSpy-2020-CB-Online.exe
2021-05-20 21:34 - 2021-05-20 21:34 - 000054698 _____ C:\Users\Popp\Desktop\Muster_Testnachweis.pdf
2021-05-20 14:31 - 2021-05-20 14:31 - 000198824 ____N C:\Users\Popp\Desktop\Deurag.pdf
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-06-18 23:32 - 2016-02-13 01:21 - 000000000 ____D C:\Users\Popp\AppData\Roaming\NetSpeedMonitor
2021-06-18 23:12 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-18 22:04 - 2020-10-02 15:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-18 17:37 - 2021-02-27 17:39 - 000000000 ____D C:\Users\Popp\AppData\Local\CrashDumps
2021-06-18 17:22 - 2020-10-02 15:47 - 000004152 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{ED39372D-3D4D-4158-A507-1EB9775FB781}
2021-06-18 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-18 14:33 - 2016-11-19 13:41 - 000000000 ____D C:\Users\Popp\AppData\LocalLow\Mozilla
2021-06-18 14:32 - 2021-05-18 09:14 - 000000000 ____D C:\AdwCleaner
2021-06-18 14:32 - 2017-04-04 14:40 - 000000000 ____D C:\Users\Popp\AppData\Local\Downloaded Installations
2021-06-18 14:32 - 2016-02-13 01:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2021-06-18 14:28 - 2020-10-02 15:46 - 001917390 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-18 14:28 - 2019-12-07 16:51 - 000820884 _____ C:\WINDOWS\system32\perfh007.dat
2021-06-18 14:28 - 2019-12-07 16:51 - 000177416 _____ C:\WINDOWS\system32\perfc007.dat
2021-06-18 14:28 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-18 14:21 - 2020-10-02 15:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-18 14:21 - 2020-10-02 15:38 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-18 14:21 - 2017-07-17 16:15 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-06-18 14:21 - 2016-02-16 14:46 - 000000000 ____D C:\Program Files\WinRAR
2021-06-18 14:21 - 2016-02-13 21:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-06-18 14:21 - 2016-02-13 03:57 - 000000000 __SHD C:\Users\Popp\IntelGraphicsProfiles
2021-06-18 14:19 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-06-18 14:14 - 2016-10-20 22:37 - 000000000 ____D C:\Program Files\VideoLAN
2021-06-18 14:12 - 2020-02-27 16:26 - 000000000 ____D C:\ProgramData\AnyDesk
2021-06-18 14:12 - 2020-02-27 16:26 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2021-06-18 14:12 - 2020-02-27 16:23 - 000000000 ____D C:\Users\Popp\AppData\Roaming\AnyDesk
2021-06-18 14:11 - 2016-08-04 18:41 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-06-18 13:07 - 2020-04-01 20:13 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-18 13:07 - 2020-04-01 20:13 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-06-18 13:07 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-18 12:20 - 2016-02-21 16:50 - 000000000 ____D C:\FL_Temp
2021-06-18 12:20 - 2016-02-13 00:59 - 000000000 ____D C:\Users\Popp\AppData\Local\VirtualStore
2021-06-18 09:49 - 2016-08-10 10:57 - 000000000 ____D C:\Users\Popp\Documents\Outlook-Dateien
2021-06-18 03:33 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-17 23:17 - 2018-05-22 11:53 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-17 23:06 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-17 17:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-06-17 17:16 - 2016-02-14 17:58 - 000000432 _____ C:\WINDOWS\BRWMARK.INI
2021-06-17 17:15 - 2016-02-18 02:34 - 000000000 ____D C:\Users\Popp\AppData\Local\ElevatedDiagnostics
2021-06-17 15:02 - 2017-07-17 21:48 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-17 15:02 - 2017-07-17 21:48 - 000002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-06-17 14:10 - 2020-10-02 15:47 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-814051134-1916513075-1057447149-1000
2021-06-17 14:10 - 2020-10-02 15:39 - 000002429 _____ C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-17 14:10 - 2016-02-13 14:52 - 000000000 ___RD C:\Users\Popp\OneDrive
2021-06-17 14:09 - 2016-02-13 21:08 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-06-17 14:08 - 2021-04-14 20:37 - 000000000 ____D C:\Program Files (x86)\SFirmV4
2021-06-17 14:07 - 2021-05-08 15:11 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-12 22:31 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-12 22:29 - 2020-10-02 15:38 - 000595832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-12 22:28 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-06-12 22:28 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-12 22:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-12 22:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-12 22:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-06-12 22:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-12 22:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-12 22:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-12 22:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-12 22:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-12 22:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-12 22:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-06-12 22:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-12 22:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-06-12 22:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-12 22:28 - 2016-08-06 18:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-06-12 15:18 - 2016-02-13 00:56 - 000414020 __RSH C:\bootmgr
2021-06-11 23:24 - 2018-01-17 13:10 - 000000000 ____D C:\Program Files\Common Files\AV
2021-06-11 23:19 - 2021-02-23 17:06 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-06-11 23:18 - 2021-02-23 17:06 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2021-06-11 23:10 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-06-10 22:33 - 2016-02-13 03:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-10 22:30 - 2016-02-13 03:42 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-10 10:16 - 2017-12-10 18:06 - 000000000 ____D C:\Users\Popp\AppData\Local\Packages
2021-06-09 10:04 - 2017-07-17 16:15 - 000000000 ____D C:\Users\Popp\AppData\Roaming\TeamViewer
2021-06-06 22:44 - 2017-09-12 08:28 - 000000000 ____D C:\Users\Popp\AppData\Roaming\Tangysoft
2021-06-06 21:54 - 2018-12-24 01:15 - 000000000 ____D C:\Users\Popp\.mediathek3
2021-06-05 12:11 - 2018-02-07 18:07 - 000000000 ____D C:\Users\Popp\Documents\Rechnungen Buchhaltungsmonat
2021-06-04 10:24 - 2019-01-30 15:21 - 000000000 ____D C:\ProgramData\Mozilla
2021-06-01 10:26 - 2017-11-30 21:14 - 000000000 ____D C:\Users\Popp\Documents\SFIRM KTO
2021-05-30 22:38 - 2021-05-08 15:11 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-05-30 22:38 - 2021-05-08 15:11 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-05-23 12:37 - 2019-10-12 14:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-05-23 12:37 - 2019-08-29 16:24 - 000002583 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-05-23 12:37 - 2019-08-29 16:24 - 000002579 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-05-23 12:37 - 2019-08-29 16:24 - 000002558 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-05-23 12:37 - 2019-08-29 16:24 - 000002536 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2021-05-23 12:37 - 2019-08-29 16:24 - 000002533 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-05-23 12:37 - 2019-08-29 16:24 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-05-23 12:37 - 2019-08-29 16:24 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-05-23 12:37 - 2019-08-29 16:24 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2016-02-22 21:12 - 2016-02-22 21:13 - 000037226 _____ () C:\Program Files (x86)\DLS8Uninstall.log
2016-02-13 19:55 - 2016-02-13 19:55 - 000000000 _____ () C:\Users\Popp\AppData\Roaming\gdfw.log
2016-02-13 19:55 - 2021-05-17 22:37 - 000002337 _____ () C:\Users\Popp\AppData\Roaming\gdscan.log
2016-05-19 13:08 - 2020-11-03 19:25 - 000000175 _____ () C:\Users\Popp\AppData\Roaming\Opusbext.dat
2019-09-23 23:45 - 2019-09-23 23:45 - 000007655 _____ () C:\Users\Popp\AppData\Local\Resmon.ResmonCfg
2008-02-05 14:28 - 2008-02-05 14:28 - 000000051 _____ () C:\Users\Popp\AppData\Local\setup.txt
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16-06-2021
durchgeführt von Popp (18-06-2021 23:32:53)
Gestartet von C:\Users\Popp\Downloads
Windows 10 Pro Version 2004 19041.1052 (X64) (2020-10-02 13:48:02)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-814051134-1916513075-1057447149-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-814051134-1916513075-1057447149-503 - Limited - Disabled)
Gast (S-1-5-21-814051134-1916513075-1057447149-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-814051134-1916513075-1057447149-1002 - Limited - Enabled)
Popp (S-1-5-21-814051134-1916513075-1057447149-1000 - Administrator - Enabled) => C:\Users\Popp
WDAGUtilityAccount (S-1-5-21-814051134-1916513075-1057447149-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Spybot - Search and Destroy (Disabled - Out of date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: G DATA INTERNET SECURITY (Disabled - Up to date) {A9C56A9B-ECCD-57EA-78F6-92511DA1C885}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G DATA INTERNET SECURITY (Disabled) {91FEEBBE-A6A2-56B2-53A9-3B64E3728FFE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
AccountAlarm 2021 (HKLM-x32\...\f9a6b7ed-0223-427f-8e73-61c3d74aa8f1_is1) (Version: 3.01 - Abelssoft)
ActKey (HKLM-x32\...\{681B82EF-A457-4849-AABC-5B6099380FA5}) (Version: 1.7.1.0 - Oki Data Corporation) Hidden
ASUS MultiFrame (HKLM-x32\...\{FB4D076A-DEFD-4EAF-AD63-70D5A3BC262A}) (Version: 1.1.0 - ASUS)
AusweisApp2 (HKLM-x32\...\{85FBA664-D994-4E05-BBF8-E531E73D99EA}) (Version: 1.20.0 - Governikus GmbH & Co. KG)
AVM FRITZ!Box AddOn (IE) (HKLM-x32\...\{CEAD06D8-D033-4D2A-9328-AF49089E129F}) (Version: 1.7.0 - AVM Berlin)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6229 - CDBurnerXP)
Chrome Remote Desktop Host (HKLM-x32\...\{536BCB9B-9D3F-493F-9236-8D50A93B70F9}) (Version: 91.0.4472.10 - Google LLC)
Corel Compatibility Pack (HKLM-x32\...\{77ECF7E9-5758-4965-803D-77AABC474747}) (Version: 12.4518.1018 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\_{340C451C-F2FD-4309-B259-580FD5E44025}) (Version: 18.1.0.661 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{340C451C-F2FD-4309-B259-580FD5E44025}) (Version: 18.1.661 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{B86D7255-2418-45F1-A36F-7E1FF617550C}) (Version: 18.1.661 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{B8C05FFE-C36F-4F17-AD20-739E4BC65AC9}) (Version: 2.11.552 - Corel corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM Content (x64) (HKLM\...\{FB081BA0-08D2-4C8C-9E55-788A90430BE3}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM T (x64) (HKLM\...\{A040C72A-0ADC-4FB9-9DB4-19B18F6053F1}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Writing Tools (x64) (HKLM\...\{23A2ABD8-8231-48AD-AD71-FF0566A7DD8F}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 (64-Bit) (HKLM\...\_{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.1.0.661 - Corel Corporation)
CR11_Reportengine (HKLM-x32\...\{00012160-D627-44B3-A1C5-3D14672837EA}) (Version: 11.0.0.0 - NBD-Systems)
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 7.7.2 - REINER SCT)
Datalogic Aladdin (HKLM-x32\...\Aladdin) (Version: 1.12.0.0 - datalogic.com)
Dell System Detect (HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\58d94f3ce2c27db0) (Version: 6.12.0.5 - Dell)
Design & Print (HKLM-x32\...\Design & Print 4.0.0) (Version: 4.0.0 - Avery Zweckform)
DesignPro 5 (HKLM-x32\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery)
DeskPins (HKLM-x32\...\DeskPins) (Version: 1.32 - Elias Fotinis)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 5.1.4.0 - devolo AG)
DYMO Label v.8 (HKLM-x32\...\DYMO Label v.8) (Version: 8.5.1.1816 - Sanford, L.P.)
etope Lister 2 (HKLM-x32\...\etope Lister_is1) (Version: - Freshworx GmbH & Co.KG)
Evolis Premium Suite version 6.29.0.1183 (HKLM\...\Evolis Premium Suite_is1) (Version: 6.29.0.1183 - Evolis Card Printer)
eXtra Buttons (HKLM-x32\...\eXtra Buttons) (Version: - )
FashionLager25_BASIS (HKLM-x32\...\FashionLager25_BASIS) (Version: 2.60.0.94 - NBD-Systems)
FashionLager30 (HKLM-x32\...\{93AB2D0A-5A7F-4548-A7BF-B86937A05E5A}) (Version: 3.5.0.163 - NBD-Systems)
Free Alarm Clock (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 4.0.1.0 - Comfort Software Group)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Gigaset QuickSync (HKLM\...\{5f46d2d1-51d8-4682-8092-c7d8964f9cfc}) (Version: 8.6.0881.1 - Gigaset Communications GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.106 - Google LLC)
INSTAR Camera Tool (HKLM-x32\...\{B69EDBC4-E9D7-4DCA-B636-B8B9E8BC05CC}) (Version: 2.0.7.0 - INSTAR Deutschland GmbH)
InstarVision 2.7 (HKLM-x32\...\InstarVision_is1) (Version: 2.7 - INSTAR Deutschland GmbH)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Network Connections 16.8.45.00 (HKLM\...\PROSetDX) (Version: 16.8.45.00 - Dell)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
iSpy (64 bit) (HKLM\...\{94BF44A0-CBD4-428A-84FC-C80064865F2A}) (Version: 6.8.5.0 - DeveloperInABox)
iSpy package installer (64 bit) (HKLM-x32\...\{f9edb82a-15a3-4dba-86f5-425d6c74b283}) (Version: 6.8.5.0 - DeveloperInABox)
Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
MagentaCLOUD Software (HKLM-x32\...\{4ED18EBF-A841-45C5-A05F-3FCC5C6BFFA1}) (Version: 5.5.0.0 - Deutsche Telekom AG)
Malwarebytes version 4.4.0.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 - Malwarebytes)
Mediaport (HKLM-x32\...\Mediaport) (Version: - )
MergeModule_x64 (HKLM\...\{12DCC5A7-0100-4433-B4FF-217A3C5DC83B}) (Version: 9.3.00 - Sony Corporation) Hidden
MergeModule_x86 (HKLM-x32\...\{42251A8D-C4AE-4D3B-8A50-948CB98A0969}) (Version: 10.5.00 - Sony Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.53 - Microsoft Corporation)
Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{DBCD7798-30AE-474B-A733-717996DCCA41}) (Version: 17.6.1.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.14026.20270 - Microsoft Corporation)
Microsoft OLE DB Driver for SQL Server (HKLM\...\{EE6D1BC2-277F-4841-8FC9-DE132F856BB8}) (Version: 18.2.1.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\OneDriveSetup.exe) (Version: 21.099.0516.0003 - Microsoft Corporation)
Microsoft SQL Server 2017 LocalDB (HKLM\...\{216778FC-CC9A-4D47-AF5E-8223A37626D4}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
MiniTool ShadowMaker Free Edition (HKLM-x32\...\MT-75D7C412-925B-4AD0-90DC-5E4FEE22EAE1_is1) (Version: 3.6 - MiniTool Software Limited)
Mozilla Firefox 89.0.1 (x64 de) (HKLM\...\Mozilla Firefox 89.0.1 (x64 de)) (Version: 89.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.1 - Mozilla)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14026.20270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
OKI ActKey (HKLM-x32\...\InstallShield_{681B82EF-A457-4849-AABC-5B6099380FA5}) (Version: 1.7.1.0 - Oki Data Corporation)
OKI Color Swatch-Dienstprogramm (HKLM-x32\...\{A344F95E-E51A-450C-8F84-C940BF61903E}) (Version: 2.1.12 - Okidata)
OKI MC5(3)x2/ES5(3)4x2 Scanner (HKLM-x32\...\InstallShield_{14915907-DB64-49DC-BB9D-1935D38CD250}) (Version: 1.0.2.0 - Oki Data Corporation)
OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
Opera Stable 45.0.2552.635 (HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\Opera 45.0.2552.635) (Version: 45.0.2552.635 - Opera Software)
PlayMemories Home (HKLM-x32\...\{D3981248-DBE7-4050-B666-A7FE5AFFC62C}) (Version: 5.5.01.05091 - Sony Corporation)
Plex Media Server (HKLM-x32\...\{2fb84613-d20f-4778-8955-66178d5dee6f}) (Version: 1.10.1.4602 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{CB3C17B5-1DE6-4D78-9447-38C6F1277A2A}) (Version: 1.10.1602 - Plex, Inc.) Hidden
PMB_ModeEditor (HKLM-x32\...\{E95982CA-945F-41F2-B156-A603897AB242}) (Version: 10.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (HKLM-x32\...\{7D3A0097-9E0E-4073-801C-295BBDAEAED8}) (Version: 10.5.01 - Sony Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6075 - Realtek Semiconductor Corp.)
remove.bg (HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\remove) (Version: 1.4.1 - Kaleido AI GmbH)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.3.0.330 - Samsung Electronics)
ScannerDriver (HKLM\...\{14915907-DB64-49DC-BB9D-1935D38CD250}) (Version: 1.0.2.0 - Oki Data Corporation) Hidden
SFirm (HKLM-x32\...\{837075BE-29D5-49EB-A316-DCBB81EC96C3}) (Version: 4.55.52.400.0 - Star Finanz GmbH)
SOHLib for PlayMemories Home (HKLM\...\{E6F6EB33-C0A6-4277-98C4-3529DE87D5B1}) (Version: 1.0.4.03050 - Sony Corporation) Hidden
Stopping Plex (HKLM-x32\...\{5E4EA395-F2C2-4A16-A4C7-99897E1859F2}) (Version: 1.10.1602 - Plex, Inc.) Hidden
supra IPCam (HKLM-x32\...\{A18AE023-7013-4381-95B8-6C383EEE99CE}) (Version: 1.9.1.0 - SUPRA Foto-Elektronik-Vertriebs-GmbH)
Tangysoft (HKLM-x32\...\Tangysoft_is1) (Version: - Tangysoft Ltd.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.18.5 - TeamViewer)
TechniPort Plus Beta (HKLM-x32\...\TechniPort Plus Beta) (Version: 0.9.5.4_beta - TechniSat)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
USBCOMInstaller (HKLM-x32\...\{E9AAAF26-52A4-4A44-AA14-708EB7A9BC58}) (Version: 6.3.2 - Datalogic)
VirtualDJ 8 (HKLM-x32\...\{E1962904-0960-42F6-9072-3EC7D66A5495}) (Version: 8.2.3994.0 - Atomix Productions)
Packages:
=========
InstarVision -> C:\Program Files\WindowsApps\INSTARDeutschlandGmbH.InstarVision_1.2.8.0_x64__v4jvt15wr9gya [2020-12-01] (INSTAR Deutschland GmbH)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-06] (Microsoft Studios) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-12] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-02-13] (Microsoft Corporation)
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2021-06-06] (New Work SE)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-814051134-1916513075-1057447149-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [ MagentaOverlayIconCheck] -> {4dfbbee1-4bea-3ce8-883e-009600f0a407} => C:\Program Files (x86)\Telekom\MagentaCloud\ShellExtensions\MagentaCloudShellExtensions.dll [2018-02-14] (Deutsche Telekom AG -> )
ShellIconOverlayIdentifiers: [ MagentaOverlayIconError] -> {7f0bb1a7-0c46-3fce-8520-71fc13a3eada} => C:\Program Files (x86)\Telekom\MagentaCloud\ShellExtensions\MagentaCloudShellExtensions.dll [2018-02-14] (Deutsche Telekom AG -> )
ShellIconOverlayIdentifiers: [ MagentaOverlayIconSync] -> {18ad8c11-3ce2-348e-a6e9-833f0571c2cf} => C:\Program Files (x86)\Telekom\MagentaCloud\ShellExtensions\MagentaCloudShellExtensions.dll [2018-02-14] (Deutsche Telekom AG -> )
ContextMenuHandlers1: [MagentaCopyExtension] -> {a6d27c21-925c-3983-9a5b-75c8af3c2abc} => C:\Program Files (x86)\Telekom\MagentaCloud\ShellExtensions\MagentaCloudShellExtensions.dll [2018-02-14] (Deutsche Telekom AG -> )
ContextMenuHandlers1: [MagentaShareExtension] -> {75829b29-e291-3968-917d-0c7828857580} => C:\Program Files (x86)\Telekom\MagentaCloud\ShellExtensions\MagentaCloudShellExtensions.dll [2018-02-14] (Deutsche Telekom AG -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-08] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [MagentaCopyExtension] -> {a6d27c21-925c-3983-9a5b-75c8af3c2abc} => C:\Program Files (x86)\Telekom\MagentaCloud\ShellExtensions\MagentaCloudShellExtensions.dll [2018-02-14] (Deutsche Telekom AG -> )
ContextMenuHandlers4: [MagentaShareExtension] -> {75829b29-e291-3968-917d-0c7828857580} => C:\Program Files (x86)\Telekom\MagentaCloud\ShellExtensions\MagentaCloudShellExtensions.dll [2018-02-14] (Deutsche Telekom AG -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-08] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com
ShortcutWithArgument: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2016-02-14 17:58 - 2005-04-22 14:36 - 000143360 _____ () [Datei ist nicht signiert] C:\WINDOWS\system32\BrSNMP64.dll
2016-02-14 17:58 - 2009-02-24 15:01 - 000082944 _____ (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\WINDOWS\system32\BrNetSti.dll
2010-04-05 00:08 - 2010-04-05 00:08 - 001253376 _____ (Florian Gilles) [Datei ist nicht signiert] C:\Program Files\NetSpeedMonitor\nsm.dll
2020-04-18 14:44 - 2020-04-18 14:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2020-04-18 14:44 - 2020-04-18 14:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [153]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-c9ac31fc
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-814051134-1916513075-1057447149-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&pc=UE00
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-c9ac31fc&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-c9ac31fc&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-c9ac31fc&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-c9ac31fc&q={searchTerms}
SearchScopes: HKU\S-1-5-21-814051134-1916513075-1057447149-1000 -> DefaultScope {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-814051134-1916513075-1057447149-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-c9ac31fc&q={searchTerms}
SearchScopes: HKU\S-1-5-21-814051134-1916513075-1057447149-1000 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-06-06] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-06-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: FRITZ!Box Addon BHO -> {C0C86BBE-9509-4296-8459-FDBFDAF4B673} -> C:\Program Files (x86)\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll [2012-12-11] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7940 mehr Seiten.
IE trusted site: HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\123simsen.com -> www.123simsen.com
Da befinden sich 7940 mehr Seiten.
IE restricted site: HKU\S-1-5-80-984045770-530578318-3922014146-158851812-3803115751\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-80-984045770-530578318-3922014146-158851812-3803115751\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-80-984045770-530578318-3922014146-158851812-3803115751\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-80-984045770-530578318-3922014146-158851812-3803115751\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-80-984045770-530578318-3922014146-158851812-3803115751\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-80-984045770-530578318-3922014146-158851812-3803115751\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-80-984045770-530578318-3922014146-158851812-3803115751\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-80-984045770-530578318-3922014146-158851812-3803115751\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-80-984045770-530578318-3922014146-158851812-3803115751\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-80-984045770-530578318-3922014146-158851812-3803115751\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-80-984045770-530578318-3922014146-158851812-3803115751\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-80-984045770-530578318-3922014146-158851812-3803115751\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-80-984045770-530578318-3922014146-158851812-3803115751\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-80-984045770-530578318-3922014146-158851812-3803115751\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-80-984045770-530578318-3922014146-158851812-3803115751\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-80-984045770-530578318-3922014146-158851812-3803115751\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-80-984045770-530578318-3922014146-158851812-3803115751\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-80-984045770-530578318-3922014146-158851812-3803115751\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-80-984045770-530578318-3922014146-158851812-3803115751\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-80-984045770-530578318-3922014146-158851812-3803115751\...\123simsen.com -> www.123simsen.com
Da befinden sich 7940 mehr Seiten.
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2021-05-03 15:05 - 000454708 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15607 zusätzliche Einträge.
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%C_EM64T_REDIST11%bin\Intel64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\140\Tools\Binn\
HKU\S-1-5-21-814051134-1916513075-1057447149-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
HKU\S-1-5-80-984045770-530578318-3922014146-158851812-3803115751\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei)
ist aktiviert.
Network Binding:
=============
LAN-Verbindung: DSL-Manager NDIS LightWeight Filter -> TS_DslMNLwf (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\StartupFolder: => "Evolis Printer Manager.lnk"
HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\Run32: => "SfWinStartInfoV3"
HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher"
HKLM\...\StartupApproved\Run32: => "SFUpdateProviderV3"
HKLM\...\StartupApproved\Run32: => "SfWinStartInfoV4"
HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\StartupApproved\StartupFolder: => "MagentaCLOUD.lnk"
HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\StartupApproved\StartupFolder: => "DeskPins.lnk"
HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\StartupApproved\Run: => "Plex Media Server"
HKU\S-1-5-21-814051134-1916513075-1057447149-1000\...\StartupApproved\Run: => "FreeAC"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{F3F6BBDE-41C9-4107-9A68-1DCFE8F3B67E}] => (Allow) LPort=24727
FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [{878CB2C3-FA3F-4CF6-AB11-F7A0B4945011}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{383DDAB0-8202-4924-894B-D9605A2CF475}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{850192EF-98A6-4420-AB6B-7F6A2D81901B}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (devolo AG -> devolo AG)
FirewallRules: [{3D94C631-18F3-421C-B9A6-F94A704550D9}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey (non-skinned).exe => Keine Datei
FirewallRules: [{ED92C0F5-D9DB-4405-AEFB-5E969EF4F0E4}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey (non-skinned).exe => Keine Datei
FirewallRules: [{CFEDD57F-9EFD-4B2C-8A66-A4805A17705C}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey (non-skinned).exe => Keine Datei
FirewallRules: [{AE58AFA8-5FF4-4422-8092-BEB8908A106C}] => (Allow) C:\Users\Popp\AppData\Local\Temp\7zS0455\HP.EasyStart.exe => Keine Datei
FirewallRules: [{A6DAB0C7-50A0-405B-8E91-73C2E79DC8F7}] => (Allow) C:\Users\Popp\AppData\Local\Temp\7zS1D7D\hppiw.exe => Keine Datei
FirewallRules: [{C3FF59FA-C570-4151-813A-EFD80EFD5219}] => (Allow) C:\Users\Popp\AppData\Local\Temp\7zS1D7D\hppiw.exe => Keine Datei
FirewallRules: [{E28033C6-6C4D-4831-BE91-F29FCAD5E9EE}] => (Allow) C:\Users\Popp\AppData\Local\Apps\2.0\2QOQ5T5R.7YR\RWBXXQZ1.BZX\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [{B72EFB59-3D37-490C-8A04-82B242C5E045}] => (Allow) C:\Users\Popp\AppData\Local\Apps\2.0\2QOQ5T5R.7YR\RWBXXQZ1.BZX\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [{A74440DF-D0F6-41C8-84CD-41C2B46C0410}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe (Oki Data Corporation -> Oki Data Corporation)
FirewallRules: [{E2456D5C-EFDB-46CA-B32F-18776392472C}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe (Oki Data Corporation -> Oki Data Corporation)
FirewallRules: [{4F2E2099-B2FC-42D7-A837-3F03FD62AAE6}] => (Allow) C:\Users\Popp\AppData\Local\Apps\2.0\2QOQ5T5R.7YR\RWBXXQZ1.BZX\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [{9A7154A5-27F3-4F2C-9869-D0170B21F92C}] => (Allow) C:\Users\Popp\AppData\Local\Apps\2.0\2QOQ5T5R.7YR\RWBXXQZ1.BZX\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [{191C2C30-4980-4A31-89D4-4F16679172FF}] => (Allow) C:\Users\Popp\Downloads\NetworkRepairTool\BrotherNetTool.exe (Brother Industries, Ltd. -> Brother Industries, Ltd.)
FirewallRules: [{9F292F20-CB5D-453B-A464-9E4DB2F205B5}] => (Allow) C:\Users\Popp\Downloads\NetworkRepairTool\BrotherNetTool.exe (Brother Industries, Ltd. -> Brother Industries, Ltd.)
FirewallRules: [{65D3BF4C-B1E1-4BAC-BCC7-7391D0D0F1A5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DAE34DC0-14AF-462F-9336-2E48C4E2C0A9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{302E2FEF-F130-476D-80CF-A9C37598725B}] => (Allow) LPort=54925
FirewallRules: [{F3E7BDA1-BA7B-4CF8-8342-BF7832CCC39B}] => (Allow) C:\Program Files (x86)\Brother\Brmfl05c\FAXRX.exe (Brother Industries Ltd.) [Datei ist nicht signiert]
FirewallRules: [{FFF40EB1-FCB7-4BB3-BF58-6D430299FFF4}] => (Allow) C:\Program Files (x86)\Brother\Brmfl05c\FAXRX.exe (Brother Industries Ltd.) [Datei ist nicht signiert]
FirewallRules: [{6E93809B-1652-4C44-A892-F667EE33F5D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5FDE57E0-8A07-4649-90C0-943B99675DE5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F263DF15-808F-4BD9-8535-339D85ED2E00}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [{554A5D22-6CAF-49DC-B529-8914F5085B22}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc -> Python Software Foundation)
FirewallRules: [{67A6CF1F-FB44-4B11-980F-4F6FA61455EB}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [{A4DBEB37-0BC6-4289-8BB0-FA89610938C9}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc -> Plex)
FirewallRules: [{8785A877-5A6E-4345-B766-FFC443B7CBDA}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{7E1DCDED-CEB6-4C73-A029-129BA079B4A6}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{FCEE4855-F955-42E9-9368-1D28A562A3E3}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{591E2BA7-8B9D-4976-9983-E74F6F18B6EC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7B5F30F4-347D-43D5-8FE0-B982970B9E27}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4A7E9716-6177-4B1B-A160-194467D6008C}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (devolo AG -> devolo AG)
FirewallRules: [{C731EAA5-CE18-4710-AF90-CCA0CAABB963}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (devolo AG -> devolo AG)
FirewallRules: [{6768F3EB-00DD-4496-99DA-506721E1B4AD}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\91.0.4472.10\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{9C2AD135-044F-4B22-9A53-382379574EB6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D013629A-239C-4830-B0EB-6AC4F295D072}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DCBA90FD-0E70-43CC-9838-90FE62411F7D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{743EC59B-1E17-4CF2-9ACD-53448BEE502C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{226E2B74-F162-4BF2-9B98-2C45F9CC8956}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{32BB6287-5F8D-4A60-BADD-1E863460E572}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F3FDDCE8-061F-4981-B524-92246E4468FB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{58961C23-F552-434A-A29E-236B44E3D937}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{438D4C31-31A3-4FEC-8BE4-D77A3D915960}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BBB29F11-756E-49F8-BB75-96E3802E0192}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA9511BE-A53F-4EAC-9156-99ABD7D2C915}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A4AE547D-287F-4B2C-AB67-898ADD69D585}] => (Allow) C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> )
FirewallRules: [{64CCA687-44A8-4F4A-88B2-BC28445A4A5D}] => (Allow) C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> )
FirewallRules: [{6DA9460F-BE41-4A44-961B-D6F63E376BC6}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei
FirewallRules: [{EF32C0B2-ECAF-40FD-9A21-4856AAC7A2B8}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei
FirewallRules: [{A28BF48A-685E-4F4E-9874-6C6EB8E10035}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei
FirewallRules: [{02D439D1-2C02-4A77-A8CD-A6E2CB2C4308}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei
FirewallRules: [{BC177520-2CC6-4A76-822E-9315E6CCE387}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei
FirewallRules: [{4C32FCED-D8C3-422C-9A3E-FF67D136954A}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei
FirewallRules: [{7B86CDE9-878A-4043-A56B-E4FD55F0F305}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{29D25F42-61A6-4801-994C-ACEFF79C6546}] => (Allow) C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> )
FirewallRules: [{19458DFA-D329-4674-BBDF-1BAE0035B34F}] => (Allow) C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> )
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (06/18/2021 05:37:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxext.exe, Version: 6.15.10.4358, Zeitstempel: 0x567856cc
Name des fehlerhaften Moduls: igfxext.exe, Version: 6.15.10.4358, Zeitstempel: 0x567856cc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000084b0
ID des fehlerhaften Prozesses: 0x21d0
Startzeit der fehlerhaften Anwendung: 0x01d76457e76b80b4
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\igfxext.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\system32\igfxext.exe
Berichtskennung: 6c207237-b2ce-498c-acd1-c22118f0d6db
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/18/2021 02:22:19 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DELL-PC)
Description: Windows kann die erweiterbare Leistungsindikator-DLL "C:\WINDOWS\system32\sysmain.dll" nicht laden (Win32-Fehlercode 126).
Error: (06/18/2021 02:21:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FreemakeUtilsService.exe, Version: 1.0.0.0, Zeitstempel: 0x5e709015
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.1023, Zeitstempel: 0xcbf6f7d1
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0012a6f2
ID des fehlerhaften Prozesses: 0xf8c
Startzeit der fehlerhaften Anwendung: 0x01d7643c7f0133f8
Pfad der fehlerhaften Anwendung: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 54b876a4-3ec5-4dc7-b027-060365c94026
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/18/2021 02:21:42 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: FreemakeUtilsService.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.FileNotFoundException
bei FreemakeUtilsService.Program.Main(System.String[])
Error: (06/18/2021 11:36:06 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\WINDOWS\Twain_32\okidata\012\common\MFC80U.DLL". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\Twain_32\okidata\012\common\Microsoft.VC80.MFCLOC.MANIFEST" in Zeile 5.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.42".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/18/2021 11:36:06 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\WINDOWS\Twain_32\okidata\012\common\MFC80U.DLL". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\Twain_32\okidata\012\common\Microsoft.VC80.MFCLOC.MANIFEST" in Zeile 5.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.42".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/18/2021 11:36:06 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\WINDOWS\Twain_32\okidata\012\common\MFC80U.DLL". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\Twain_32\okidata\012\common\Microsoft.VC80.MFCLOC.MANIFEST" in Zeile 5.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.42".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/18/2021 11:36:06 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\WINDOWS\Twain_32\okidata\012\common\MFC80U.DLL". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\Twain_32\okidata\012\common\Microsoft.VC80.MFCLOC.MANIFEST" in Zeile 5.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.42".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Systemfehler:
=============
Error: (06/18/2021 07:15:20 PM) (Source: volsnap) (EventID: 35) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht vergrößert werden kann.
Error: (06/18/2021 02:33:23 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten.
Error: (06/18/2021 02:32:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SQL Server VSS Writer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/18/2021 02:32:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VAIO Entertainment Common Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/18/2021 02:32:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "SNMP-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/18/2021 02:32:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/18/2021 02:32:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DSL-Manager" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/18/2021 02:32:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "cyberJack PC/SC COM Service " wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Windows Defender:
================
Date: 2021-06-18 04:04:09
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {847F226B-5D2A-443F-A89D-2D4A950D9D52}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2021-06-17 23:15:50
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/LoadMoney&threatid=223699&enterprise=0
Name: PUA:Win32/LoadMoney
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\Users\Popp\Downloads\DesignPrintDE-3.0.2.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DELL-PC\Popp
Prozessname: C:\Windows\explorer.exe
Sicherheitsversion: AV: 1.341.922.0, AS: 1.341.922.0, NIS: 1.341.922.0
Modulversion: AM: 1.1.18200.4, NIS: 1.1.18200.4
CodeIntegrity:
===============
Date: 2021-06-17 23:06:51
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1623843446\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
BIOS: Dell Inc. A08 09/19/2012
Hauptplatine: Dell Inc. 0KRC95
Prozessor: Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 12174.54 MB
Verfügbarer physikalischer RAM: 7558.28 MB
Summe virtueller Speicher: 24462.54 MB
Verfügbarer virtueller Speicher: 19872.22 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:237.96 GB) (Free:0 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive e: (TOSHIBA EXT) (Fixed) (Total:3725.88 GB) (Free:3482.01 GB) exFAT
\\?\Volume{f19a3873-0000-0000-0000-407d3b000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: F19A3873)
Partition 1: (Active) - (Size=238 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=529 MB) - (Type=27)
==========================================================
Disk: 1 (Size: 3726 GB) (Disk ID: 57768FBF)
Partition: GPT.
==================== Ende von Addition.txt =======================
|
|
18.06.2021, 22:37
| #26 |
| | WIN10 PC gehackt, T-Online Emails werden in meinem Namen versendet, Fremdzugriff über TeamViewer?Code:
ATTFilter Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 16-06-2021
durchgeführt von Popp (18-06-2021 23:34:47)
Gestartet von C:\Users\Popp\Downloads
Start-Modus: Normal
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AusweisApp2.lnk -> C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk -> C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe (Canneverbe Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock.lnk -> C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe (Comfort Software Group)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\supra IPCam Config.lnk -> C:\Program Files (x86)\supra IPCam\IPCConfig.exe (SUPRA Foto-Elektronik-Vertriebs-GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telekom\MagentaCLOUD\MagentaCLOUD.lnk -> C:\Program Files (x86)\Telekom\MagentaCloud\MagentaCloud.App.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tangysoft\Tangysoft.lnk -> C:\Program Files (x86)\Tangysoft\Tangysoft.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Evolis Printer Manager.lnk -> C:\Program Files\Evolis Card Printer\Evolis Premium Suite\PrinterManager.exe (Evolis Card Printer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SFirm 4.0\Automat.lnk -> C:\Program Files (x86)\SFirmV4\SFAutomat.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SFirm 4.0\Automatischer Versand.lnk -> C:\Program Files (x86)\SFirmV4\SfAutosend.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SFirm 4.0\SFirm 4.0.lnk -> C:\Program Files (x86)\SFirmV4\SFirm.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SFirm 4.0\SFirm Hilfe und Support.lnk -> C:\Program Files (x86)\SFirmV4\SFSupport.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SFirm 3.2\Automat.lnk -> C:\Program Files (x86)\SFirmV3\SFAutomat.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SFirm 3.2\Automatischer Versand.lnk -> C:\Program Files (x86)\SFirmV3\SfAutosend.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SFirm 3.2\SFirm 3.2.lnk -> C:\Program Files (x86)\SFirmV3\SFirm.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SFirm 3.2\SFirm Hilfe und Support.lnk -> C:\Program Files (x86)\SFirmV3\SFSupport.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician\Samsung Magician entfernen.lnk -> C:\Program Files (x86)\Samsung\Samsung Magician\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician\Samsung Magician.lnk -> C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe (Samsung Electronics Co., Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REINER SCT cyberJack\cyberJack Gerätemanager, Funktionstest.lnk -> C:\Program Files (x86)\REINER SCT\cyberJack\cJCC.exe (REINER SCT)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server\Plex Media Server.lnk -> C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home\Initialisierungswerkzeug für Einstellungen für PlayMemories Home.lnk -> C:\Program Files (x86)\Sony\PlayMemories Home\PMBInit.exe (Sony Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home\PlayMemories Home.lnk -> C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe (Sony Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Okidata\Color Swatch-Dienstprogramm\Color Swatch-Dienstprogramm.lnk -> C:\Program Files\Okidata\Color Swatch Utility\Swatch.exe (Oki Data Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Okidata\ActKey\ActKey.lnk -> C:\Program Files (x86)\Okidata\ActKey\ActKey.exe (Oki Data Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Okidata\ActKey\Extras\Netzwerkkonfiguration.lnk -> C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe (Oki Data Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (32bit).lnk -> C:\Program Files (x86)\obs-studio\bin\32bit\obs32.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (64bit).lnk -> C:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\Uninstall.lnk -> C:\Program Files (x86)\obs-studio\uninstall.exe (obsproject.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool ShadowMaker\MiniTool ShadowMaker Free.lnk -> C:\Program Files (x86)\MiniTool ShadowMaker\system_backup_gui.exe (MiniTool)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool ShadowMaker\Uninstall MiniTool ShadowMaker.lnk -> C:\Program Files (x86)\MiniTool ShadowMaker\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Aufzeichnungs-Manager von Skype for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OcPubMgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office-Spracheinstellungen.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetriedashboard für Office.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\msotd.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetrieprotokoll für Office.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\msoev.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Java konfigurieren.lnk -> C:\Program Files\Java\jre1.8.0_291\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSpy\iSpy (64 bit).lnk -> C:\Program Files\iSpy\iSpy.exe (www.ispyconnect.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\INSTAR\INSTAR Camera Tool.lnk -> C:\Program Files (x86)\INSTAR\INSTAR Camera Tool\INSTAR Camera Tool.exe (INSTAR Deutschland GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\INSTAR\InstarVision\InstarPlayer 2.7.lnk -> C:\Program Files (x86)\INSTAR\InstarVision\InstarPlayer.exe (INSTAR Deutschland GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\INSTAR\InstarVision\InstarVision 2.7.lnk -> C:\Program Files (x86)\INSTAR\InstarVision\InstarWCDog.exe (INSTAR Deutschland GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\INSTAR\InstarVision\Uninstall.lnk -> C:\Program Files (x86)\INSTAR\InstarVision\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gigaset QuickSync\Gigaset QuickSync.lnk -> C:\Program Files (x86)\Gigaset QuickSync\Gqs.UI.exe (Gigaset Communications GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCommander XE\FreeCommander on the Web.lnk -> C:\Program Files (x86)\FreeCommander XE\FreeCommander.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCommander XE\FreeCommander XE.lnk -> C:\Program Files (x86)\FreeCommander XE\FreeCommander.exe (Marek Jasinski)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCommander XE\Uninstall FreeCommander XE.lnk -> C:\Program Files (x86)\FreeCommander XE\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock\Free Alarm Clock entfernen.lnk -> C:\Program Files (x86)\FreeAlarmClock\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock\Free Alarm Clock im Internet.lnk -> C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock\Free Alarm Clock.lnk -> C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe (Comfort Software Group)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FashionLager30\FashionLager 3.0.lnk -> C:\Program Files (x86)\FashionLager30\FashionL.exe (NBD SYstems)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FashionLager25_BASIS\FashionLager 2.5_BASIS-HILFE.lnk -> C:\Program Files (x86)\FashionLager25_BASIS\Fl25_BL.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FashionLager25_BASIS\FashionLager 2.5_BASIS.lnk -> C:\Program Files (x86)\FashionLager25_BASIS\fl_Basis.exe (NBD-Datenbankanwendungen)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eXtra Buttons\eXtra Buttons Help.lnk -> C:\Program Files (x86)\eXtra Buttons\XB.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eXtra Buttons\eXtra Buttons.lnk -> C:\Program Files (x86)\eXtra Buttons\xb.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eXtra Buttons\Uninstall.lnk -> C:\Program Files (x86)\eXtra Buttons\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolis Card Printer\Evolis Drivers.lnk -> C:\Program Files\Evolis Card Printer\Evolis Drivers ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolis Card Printer\Evolis Premium Suite\Evolis Print Center.lnk -> C:\Program Files\Evolis Card Printer\Evolis Premium Suite\EvoPCUI.exe (Evolis Card Printer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolis Card Printer\Evolis Premium Suite\Evolis Printer Manager.lnk -> C:\Program Files\Evolis Card Printer\Evolis Premium Suite\PrinterManager.exe (Evolis Card Printer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolis Card Printer\Evolis Premium Suite\Werkzeuge\Aktualisierungsassistent der Drucker-Firmware.lnk -> C:\Program Files\Evolis Card Printer\Evolis Premium Suite\WzFirm.exe (Evolis Card Printer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolis Card Printer\Evolis Premium Suite\Werkzeuge\Assistent für den ausschließlichen Laminiervorgang.lnk -> C:\Program Files\Evolis Card Printer\Evolis Premium Suite\WzLam.exe (Evolis Card Printer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolis Card Printer\Evolis Premium Suite\Werkzeuge\Assistent für die Aktivierung der Duplexdruckfunktion des Druckers.lnk -> C:\Program Files\Evolis Card Printer\Evolis Premium Suite\WzFlip.exe (Evolis Card Printer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolis Card Printer\Evolis Premium Suite\Werkzeuge\Assistent für die Aktivierung-Deaktivierung des Debug-Betriebs.lnk -> C:\Program Files\Evolis Card Printer\Evolis Premium Suite\WzLog.exe (Evolis Card Printer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolis Card Printer\Evolis Premium Suite\Werkzeuge\Assistent für die Aktualisierung der Firmware für das Laminiermodul.lnk -> C:\Program Files\Evolis Card Printer\Evolis Premium Suite\WzUpdLam.exe (Evolis Card Printer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolis Card Printer\Evolis Premium Suite\Werkzeuge\Assistent für die gründliche Reinigung des Druckers.lnk -> C:\Program Files\Evolis Card Printer\Evolis Premium Suite\WzAdvCln.exe (Evolis Card Printer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolis Card Printer\Evolis Premium Suite\Werkzeuge\Assistent für die periodische Reinigung des Druckers.lnk -> C:\Program Files\Evolis Card Printer\Evolis Premium Suite\WzCln.exe (Evolis Card Printer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolis Card Printer\Evolis Premium Suite\Werkzeuge\Assistent für die Reinigung des Laminiermoduls.lnk -> C:\Program Files\Evolis Card Printer\Evolis Premium Suite\WzClnLam.exe (Evolis Card Printer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolis Card Printer\Evolis Premium Suite\Werkzeuge\Assistent für die Überprüfung der Codierstationen PCSC.lnk -> C:\Program Files\Evolis Card Printer\Evolis Premium Suite\WzTstPCSC.exe (Evolis Card Printer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolis Card Printer\Evolis Premium Suite\Werkzeuge\Assistent für Update-Verifizierung.lnk -> C:\Program Files\Evolis Card Printer\Evolis Premium Suite\WzUpd.exe (Evolis Card Printer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolis Card Printer\Evolis Premium Suite\Werkzeuge\Evolis Druckereigenschaften (minimaler Modus).lnk -> C:\Program Files\Evolis Card Printer\Evolis Premium Suite\DEvoUIP.exe (Evolis Card Printer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolis Card Printer\Evolis Premium Suite\Werkzeuge\Installationsassistent für das Magnetkodierungsmodul.lnk -> C:\Program Files\Evolis Card Printer\Evolis Premium Suite\Wzmag.exe (Evolis Card Printer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolis Card Printer\Evolis Premium Suite\Werkzeuge\Installationsassistent für einen Netzwerk- und-oder WLAN-Drucker.lnk -> C:\Program Files\Evolis Card Printer\Evolis Premium Suite\WzNet.exe (Evolis Card Printer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolis Card Printer\Evolis Premium Suite\Werkzeuge\LCD-Kalibrierungsassistent.lnk -> C:\Program Files\Evolis Card Printer\Evolis Premium Suite\WzCalibLCD.exe (Evolis Card Printer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolis Card Printer\Evolis Premium Suite\Werkzeuge\LCD-Updateassistent.lnk -> C:\Program Files\Evolis Card Printer\Evolis Premium Suite\WzUpdLCD.exe (Evolis Card Printer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\etope Lister\etope Lister entfernen.lnk -> C:\Program Files (x86)\Freshworx\etope Lister\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\etope Lister\etope Lister.lnk -> C:\Program Files (x86)\Freshworx\etope Lister\lister.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DYMO\DYMO Add Printer Utility.lnk -> C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPrinterWizard.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DYMO\DYMO Label v.8.lnk -> C:\Program Files (x86)\DYMO\DYMO Label Software\DLS.exe (Sanford, L.P.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DYMO\DYMO QuickPrint.lnk -> C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe (Sanford, L.P.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DSL-Manager\DSL-Manager Hilfe.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\devolo\devolo Cockpit.lnk -> C:\Program Files (x86)\devolo\dlan\frontend\plcnetui.exe ( )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)\Corel CAPTURE X8 (64-Bit).lnk -> c:\Windows\Installer\{1253ED86-69FD-4A7B-BDF2-96A522583A88}\NewShortcut8_65BCA6E0337A452DA55C0654EAAD7A0B.exe (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)\Corel CONNECT X8 (64-Bit).lnk -> C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Connect64\Connect.exe (Corel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)\Corel Font Manager X8 (64-Bit).lnk -> C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\FontManager.exe (Corel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)\Corel PHOTO-PAINT X8 (64-Bit).lnk -> c:\Windows\Installer\{04D8C47E-C0FE-4CA5-8878-91ECD9552109}\NewShortcut2_EBB51BFEE10948A888CB7ADF96E8EC80.exe (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)\CorelDRAW X8 (64-Bit).lnk -> c:\Windows\Installer\{A66E09BB-9892-421D-9EB9-311D12AA5244}\NewShortcut1_68427AB8B2C044C58AA777A4C3F75634.exe (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)\Duplexing Wizard (64-Bit).lnk -> c:\Windows\Installer\{A66E09BB-9892-421D-9EB9-311D12AA5244}\NewShortcut10_BB562587DB944A668ECBA27E6BFD871C.exe (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)\Video Tutorials X8 (64-Bit).lnk -> C:\Program Files\Corel\CorelDRAW Graphics Suite X8\VideoBrowser64\VideoBrowser.exe (Corel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-8460N LAN\Read Me.lnk -> C:\Program Files (x86)\Brother\Brmfl05c\RM09aGer.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-8460N LAN\Scanner-Einstellungen\Read Me.lnk -> C:\Program Files (x86)\Brother\Brmfl05c\ScanRead.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-8460N LAN\Scanner-Einstellungen\Scanner Utility.lnk -> C:\Program Files (x86)\Brother\Brmfl05c\BrScUtil.exe (Brother Industries Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-8460N LAN\PC-FAX-Empfang\PC-Fax-Empfang verwenden.lnk -> C:\Program Files (x86)\Brother\Brmfl05c\howtousepcfaxrx.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-8460N LAN\PC-Fax senden\PC-Fax-Senden verwenden.lnk -> C:\Program Files (x86)\Brother\Brmfl05c\howtousebrotherpc.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avery Zweckform\Design&Print.lnk -> C:\Program Files (x86)\Design&Print\DesktopDPO.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avery\DesignPro 5.lnk -> C:\Program Files (x86)\Avery\DesignPro 5\labeler.exe (Avery Products Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS MultiFrame.lnk -> C:\Windows\Installer\{FB4D076A-DEFD-4EAF-AD63-70D5A3BC262A}\_402F8D6A415B779481E446.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AccountAlarm\AccountAlarm.lnk -> C:\Program Files (x86)\AccountAlarm\AbLauncher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Popp\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Popp\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Popp\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\Links\Desktop.lnk -> C:\Users\Popp\Desktop ()
Shortcut: C:\Users\Popp\Links\Downloads.lnk -> C:\Users\Popp\Downloads ()
Shortcut: C:\Users\Popp\Links\RecentPlaces.lnk -> [::{22877A6D-37A1-461A-91B0-DBDA5AAEBC99}]
Shortcut: C:\Users\Popp\Documents\GESCHÄFT-LADEN\Fashion-Lager_Kasse\FashionLager 2.5_BASIS.lnk -> C:\Program Files (x86)\FashionLager25_BASIS\fl_Basis.exe (NBD-Datenbankanwendungen)
Shortcut: C:\Users\Popp\Documents\Corel\CorelDRAW X8 Beispiele\target.lnk -> C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Draw\Samples ()
Shortcut: C:\Users\Popp\Documents\Corel\Corel PHOTO-PAINT X8 Beispiele\target.lnk -> C:\Program Files\Corel\CorelDRAW Graphics Suite X8\PHOTO-PAINT\Samples ()
Shortcut: C:\Users\Popp\Desktop\Aladdin.lnk -> C:\Program Files (x86)\Datalogic\Aladdin\aladdin.exe (Smart.it)
Shortcut: C:\Users\Popp\Desktop\FreeCommander XE.lnk -> C:\Program Files (x86)\FreeCommander XE\FreeCommander.exe (Marek Jasinski)
Shortcut: C:\Users\Popp\Desktop\InstarVision 2.7.lnk -> C:\Program Files (x86)\INSTAR\InstarVision\InstarWCDog.exe (INSTAR Deutschland GmbH)
Shortcut: C:\Users\Popp\Desktop\Mediaport.lnk -> C:\Program Files (x86)\Technisat\Mediaport\Mediaport.exe ()
Shortcut: C:\Users\Popp\Desktop\remove.bg.lnk -> C:\Users\Popp\AppData\Local\remove\removebg-desktop.exe (Kaleido AI GmbH)
Shortcut: C:\Users\Popp\Desktop\Start Tor Browser.lnk -> C:\Users\Popp\Desktop\Tor Browser\Browser\firefox.exe (Keine Datei)
Shortcut: C:\Users\Popp\Desktop\TechniPort Plus.lnk -> C:\Program Files (x86)\Technisat\TechniPort Plus\TechniPortPlus.exe ()
Shortcut: C:\Users\Popp\Desktop\VirtualDJ 8.lnk -> C:\Program Files (x86)\VirtualDJ\virtualdj8.exe (Atomix Productions)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Popp\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Users\Popp\AppData\Local\Programs\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk -> C:\Windows\System32\fodhelper.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk -> C:\Users\Popp\Desktop\Tor Browser\Browser\firefox.exe (Keine Datei)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Setup QuickStart.lnk -> C:\Users\Popp\Documents\VirtualDJ\VirtualDJ 8 - Getting Started.pdf ()
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\User Guide.lnk -> C:\Users\Popp\Documents\VirtualDJ\VirtualDJ 8 - User Guide.pdf ()
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\VirtualDJ 8.lnk -> C:\Program Files (x86)\VirtualDJ\virtualdj8.exe (Atomix Productions)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Technisat\Mediaport.lnk -> C:\Program Files (x86)\Technisat\Mediaport\Mediaport.exe ()
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Technisat\TechniPort Plus\TechniPort Plus.lnk -> C:\Program Files (x86)\Technisat\TechniPort Plus\TechniPortPlus.exe ()
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Technisat\TechniPort Plus\TechniSat Website.lnk -> C:\Program Files (x86)\Technisat\TechniPort Plus\TechniSat Website.url ()
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Technisat\TechniPort Plus\Uninstall.lnk -> C:\Program Files (x86)\Technisat\TechniPort Plus\uninst.exe ()
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeskPins.lnk -> C:\Program Files (x86)\DeskPins\deskpins.exe (Elias Fotinis)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaleido AI GmbH\remove.bg.lnk -> C:\Users\Popp\AppData\Local\remove\removebg-desktop.exe (Kaleido AI GmbH)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeskPins\DeskPins.lnk -> C:\Program Files (x86)\DeskPins\deskpins.exe (Elias Fotinis)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeskPins\Help.lnk -> C:\Program Files (x86)\DeskPins\DeskPins.chm ()
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeskPins\Uninstall.lnk -> C:\Program Files (x86)\DeskPins\uninst.exe (Elias Fotinis)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Datalogic\Aladdin\Aladdin.lnk -> C:\Program Files (x86)\Datalogic\Aladdin\aladdin.exe (Smart.it)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Datalogic\Aladdin\Uninstall.lnk -> C:\Program Files (x86)\Datalogic\Aladdin\uninst.exe (Datalogic)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FreeCommander XE.lnk -> C:\Program Files (x86)\FreeCommander XE\FreeCommander.exe (Marek Jasinski)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Opera.lnk -> C:\Users\Popp\AppData\Local\Programs\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ActKey.lnk -> C:\Program Files (x86)\Okidata\ActKey\ActKey.exe (Oki Data Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CorelDRAW X8 (64-Bit).lnk -> c:\Windows\Installer\{A66E09BB-9892-421D-9EB9-311D12AA5244}\NewShortcut1_68427AB8B2C044C58AA777A4C3F75634.exe (Flexera Software LLC)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\DYMO Label v.8.lnk -> C:\Program Files (x86)\DYMO\DYMO Label Software\DLS.exe (Sanford, L.P.)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Excel 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\FashionLager 3.0.lnk -> C:\Program Files (x86)\FashionLager30\FashionL.exe (NBD SYstems)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox (2).lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox (3).lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox (4).lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Outlook 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\remove.bg.lnk -> C:\Users\Popp\AppData\Local\remove\removebg-desktop.exe (Kaleido AI GmbH)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TeamViewer 15.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Word 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\62ab5e82947cf171\SFirm.lnk -> C:\Program Files (x86)\SFirmV4\SFirm.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
Shortcut: C:\Users\Popp\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Popp\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Popp\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Popp\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\AccountAlarm.lnk -> C:\Program Files (x86)\AccountAlarm\AbLauncher.exe ()
Shortcut: C:\Users\Public\Desktop\ActKey.lnk -> C:\Program Files (x86)\Okidata\ActKey\ActKey.exe (Oki Data Corporation)
Shortcut: C:\Users\Public\Desktop\ASUS MultiFrame.lnk -> C:\Windows\Installer\{FB4D076A-DEFD-4EAF-AD63-70D5A3BC262A}\_076A0BB294FED4779A6952.exe ()
Shortcut: C:\Users\Public\Desktop\AusweisApp2.lnk -> C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG)
Shortcut: C:\Users\Public\Desktop\CDBurnerXP.lnk -> C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe (Canneverbe Limited)
Shortcut: C:\Users\Public\Desktop\Corel CAPTURE X8 (64-Bit).lnk -> c:\Windows\Installer\{1253ED86-69FD-4A7B-BDF2-96A522583A88}\NewShortcut8_65BCA6E0337A452DA55C0654EAAD7A0B.exe (Flexera Software LLC)
Shortcut: C:\Users\Public\Desktop\Corel CONNECT X8 (64-Bit).lnk -> C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Connect64\Connect.exe (Corel Corporation)
Shortcut: C:\Users\Public\Desktop\Corel Font Manager X8 (64-Bit).lnk -> C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\FontManager.exe (Corel Corporation)
Shortcut: C:\Users\Public\Desktop\Corel PHOTO-PAINT X8 (64-Bit).lnk -> c:\Windows\Installer\{04D8C47E-C0FE-4CA5-8878-91ECD9552109}\NewShortcut2_EBB51BFEE10948A888CB7ADF96E8EC80.exe (Flexera Software LLC)
Shortcut: C:\Users\Public\Desktop\CorelDRAW X8 (64-Bit).lnk -> c:\Windows\Installer\{A66E09BB-9892-421D-9EB9-311D12AA5244}\NewShortcut1_68427AB8B2C044C58AA777A4C3F75634.exe (Flexera Software LLC)
Shortcut: C:\Users\Public\Desktop\cyberJack Gerätemanager, Funktionstest.lnk -> C:\Program Files (x86)\REINER SCT\cyberJack\cJCC.exe (REINER SCT)
Shortcut: C:\Users\Public\Desktop\Design&Print.lnk -> C:\Program Files (x86)\Design&Print\DesktopDPO.exe ()
Shortcut: C:\Users\Public\Desktop\DesignPro 5.lnk -> C:\Program Files (x86)\Avery\DesignPro 5\labeler.exe (Avery Products Corporation)
Shortcut: C:\Users\Public\Desktop\devolo Cockpit.lnk -> C:\Program Files (x86)\devolo\dlan\frontend\plcnetui.exe ( )
Shortcut: C:\Users\Public\Desktop\DYMO Label v.8.lnk -> C:\Program Files (x86)\DYMO\DYMO Label Software\DLS.exe (Sanford, L.P.)
Shortcut: C:\Users\Public\Desktop\Evolis Print Center.lnk -> C:\Program Files\Evolis Card Printer\Evolis Premium Suite\EvoPCUI.exe (Evolis Card Printer)
Shortcut: C:\Users\Public\Desktop\FashionLager 3.0.lnk -> C:\Program Files (x86)\FashionLager30\FashionL.exe (NBD SYstems)
Shortcut: C:\Users\Public\Desktop\Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Free Alarm Clock.lnk -> C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe (Comfort Software Group)
Shortcut: C:\Users\Public\Desktop\Gigaset QuickSync.lnk -> C:\Program Files (x86)\Gigaset QuickSync\Gqs.UI.exe (Gigaset Communications GmbH)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Public\Desktop\INSTAR Camera Tool.lnk -> C:\Program Files (x86)\INSTAR\INSTAR Camera Tool\INSTAR Camera Tool.exe (INSTAR Deutschland GmbH)
Shortcut: C:\Users\Public\Desktop\iSpy (64 bit).lnk -> C:\Program Files\iSpy\iSpy.exe (www.ispyconnect.com)
Shortcut: C:\Users\Public\Desktop\MagentaCLOUD.lnk -> C:\Program Files (x86)\Telekom\MagentaCloud\MagentaCloud.App.exe ()
Shortcut: C:\Users\Public\Desktop\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\Users\Public\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\MiniTool ShadowMaker Free.lnk -> C:\Program Files (x86)\MiniTool ShadowMaker\system_backup_gui.exe (MiniTool)
Shortcut: C:\Users\Public\Desktop\OBS Studio.lnk -> C:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe ()
Shortcut: C:\Users\Public\Desktop\PlayMemories Home.lnk -> C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe (Sony Corporation)
Shortcut: C:\Users\Public\Desktop\SFirm 4.0.lnk -> C:\Program Files (x86)\SFirmV4\SFirm.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
Shortcut: C:\Users\Public\Desktop\supra IPCam Config.lnk -> C:\Program Files (x86)\supra IPCam\IPCConfig.exe (SUPRA Foto-Elektronik-Vertriebs-GmbH)
Shortcut: C:\Users\Public\Desktop\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REINER SCT cyberJack\ZKA Komponenten aktualisieren.lnk -> C:\Program Files (x86)\REINER SCT\cyberJack\SetupZkaSig.exe (REINER SCT) -> /d
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home\Einstellungen.lnk -> C:\Program Files (x86)\Sony\PlayMemories Home\PMBSettingsTool.exe (Sony Corporation) -> /bootfromsettingshortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home\PlayMemories Home-Hilfe.lnk -> C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe (Sony Corporation) -> /Help
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Okidata\ActKey\Deinstallieren ActKey.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{681B82EF-A457-4849-AABC-5B6099380FA5}\setup.exe (Oki Data Corporation ) -> -runfromtemp -l0x0407
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Database Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\DATABASECOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Spreadsheet Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\SPREADSHEETCOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Database Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\DATABASECOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Office Upload Center.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\MSOUC.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Spreadsheet Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\SPREADSHEETCOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Auf Updates prüfen.lnk -> C:\Program Files\Java\jre1.8.0_291\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Info zu Java.lnk -> C:\Program Files\Java\jre1.8.0_291\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSpy\iSpy (64 bit) Reset.lnk -> C:\Program Files\iSpy\iSpy.exe (www.ispyconnect.com) -> -reset
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSpy\iSpy (64 bit) Silent Start.lnk -> C:\Program Files\iSpy\iSpy.exe (www.ispyconnect.com) -> -silent
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSpy\Uninstall iSpy (64 bit).lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {94BF44A0-CBD4-428A-84FC-C80064865F2A}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FashionLager30\FashionLager30 deinstallieren.lnk -> C:\Program Files (x86)\FashionLager30\{93AB2D0A-5A7F-4548-A7BF-B86937A05E5A}\AKDeInstall.exe () -> /x
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FashionLager25_BASIS\FashionLager25_BASIS deinstallieren.lnk -> C:\Windows\AKDeInstall.exe () -> /x "C:\Program Files (x86)\FashionLager25_BASIS\unins2.dat"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eXtra Buttons\eXtra Buttons Options.lnk -> C:\Program Files (x86)\eXtra Buttons\xb.exe () -> -options
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DSL-Manager\DSL-Manager Deinstallation.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{90A455A7-0FC8-4508-B7FA-8F135B8F041A}\Setup.exe" -l0x7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DSL-Manager\DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH) -> /ShowGUI
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-8460N LAN\ControlCenter3.lnk -> C:\Program Files (x86)\Brother\ControlCenter3\BrCtrCen.exe (Brother Industries, Ltd.) -> /Model=MFC-8460N LAN
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-8460N LAN\Deinstallieren.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{9211CCBB-BEFE-4A0C-9199-D7A535DBFE5F}\setup.exe (Macrovision Corporation) -> -runfromtemp -l0x0007 UNINSTALL Reg=ALFB,Brother MFC-8460N,LAN
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-8460N LAN\Installationsprüfung.lnk -> C:\Program Files (x86)\Brother\Brmfl05c\Brinstck.exe (Brother Industries, Ltd.) -> MFC-8460N LAN
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-8460N LAN\Online-Registrierung.lnk -> C:\Program Files (x86)\Brother\Brmfl05c\Brolink\Brolink0.exe (Brother Industories, Ltd.) -> OLR_URL /mMFC-8460N
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-8460N LAN\Remote Setup.lnk -> C:\Program Files (x86)\Brother\Brmfl05c\brmfrmss.exe (Brother Industries Ltd.) -> NET "MFC-8460N LAN"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-8460N LAN\Status Monitor.lnk -> C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.) -> Brother MFC-8460N USB Printer on BRN_90F904 /SHOW
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-8460N LAN\PC-FAX-Empfang\Empfangen.lnk -> C:\Program Files (x86)\Brother\Brmfl05c\FAXRX.exe (Brother Industries Ltd.) -> -Net "MFC-8460N LAN"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-8460N LAN\PC-Fax senden\PC-FAX-Adressbuch.lnk -> C:\Program Files (x86)\Brother\Brmfl05c\AddrBook.exe (Brother Industries, Ltd.) -> PCFAX TOP
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-8460N LAN\PC-Fax senden\PC-FAX-Einstellungen.lnk -> C:\Program Files (x86)\Brother\Brmfl05c\PCfxSet.exe (Brother Industries, Ltd.) -> PCFAX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto
ShortcutWithArgument: C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Popp\AppData\Roaming\Microsoft\Word\AKTUELLER%20BRIEF%20Privat308923353530493118\AKTUELLER%20BRIEF%20Privat.doc.lnk -> C:\Users\Popp\Documents\---PRIVAT---\RICHARD\AKTUELLER BRIEF Privat.doc () -> 12
ShortcutWithArgument: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagentaCLOUD.lnk -> C:\Program Files (x86)\Telekom\MagentaCloud\MagentaCloud.App.exe () -> /hideexp
ShortcutWithArgument: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto
ShortcutWithArgument: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) -> /recycle
ShortcutWithArgument: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ControlCenter3.lnk -> C:\Program Files (x86)\Brother\ControlCenter3\BrCtrCen.exe (Brother Industries, Ltd.) -> /Model=MFC-8460N LAN
ShortcutWithArgument: C:\Users\Popp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Popp\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Popp\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Popp\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Popp\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Popp\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Popp\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Popp\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Popp\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Popp\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Popp\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Popp\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Popp\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Popp\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Popp\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Public\Desktop\PlayMemories Home-Hilfe.lnk -> C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe (Sony Corporation) -> /Help
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REINER SCT cyberJack\REINER SCT im Internet.url -> URL: hxxp://www.reiner-sct.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REINER SCT cyberJack\Support.url -> URL: file://C:\Program Files (x86)\REINER SCT\cyberJack\support.htm
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool ShadowMaker\MiniTool Web site.url -> URL: hxxps://www.minitool.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Besuchen Sie Java.com.url -> URL: hxxps://java.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Hilfe aufrufen.url -> URL: hxxps://java.com/help
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\etope Lister\etope Lister im Internet.url -> URL: hxxps://freshworx.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-8460N LAN\Online-Hilfe und FAQs.url -> URL: hxxp://solutions.brother.com/cgi-bin/solutions.cgi?MDL=mfc111&LNG=de&SRC=FAQ
InternetURL: C:\Users\Popp\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Popp\Favorites\Windows Live\Windows Live Gallery.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\Popp\Favorites\Windows Live\Windows Live Ideas.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72700
InternetURL: C:\Users\Popp\Favorites\Windows Live\Windows Live Mail.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72681
InternetURL: C:\Users\Popp\Favorites\Windows Live\Windows Live Spaces.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72682
InternetURL: C:\Users\Popp\Favorites\MSN-Websites\MSN Auto.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72680
InternetURL: C:\Users\Popp\Favorites\MSN-Websites\MSN Fernsehen.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72659
InternetURL: C:\Users\Popp\Favorites\MSN-Websites\MSN Money.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72640
InternetURL: C:\Users\Popp\Favorites\MSN-Websites\MSN Nachrichten.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72636
InternetURL: C:\Users\Popp\Favorites\MSN-Websites\MSN Sport.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72635
InternetURL: C:\Users\Popp\Favorites\MSN-Websites\MSN.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72630
InternetURL: C:\Users\Popp\Favorites\Microsoft-Websites\IE-Site auf Microsoft.com.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72186
InternetURL: C:\Users\Popp\Favorites\Microsoft-Websites\Microsoft Deutschland GmbH.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72520
InternetURL: C:\Users\Popp\Favorites\Microsoft-Websites\Microsoft Store.url -> URL: hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\Popp\Favorites\Microsoft-Websites\Microsoft Windows - Start.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72629
InternetURL: C:\Users\Popp\Favorites\Microsoft-Websites\Microsoft zu Hause.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72406
InternetURL: C:\Users\Popp\Favorites\Microsoft-Websites\Microsoft.com durchsuchen.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72893
InternetURL: C:\Users\Popp\Favorites\Microsoft-Websites\Site für IE Add-Ons.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Popp\Favorites\Links\Vorgeschlagene Sites.url -> URL: hxxps://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\Popp\Favorites\Links\Web Slice-Katalog.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Popp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box\FRITZ!Box USB-Fernanschluss Onlineunterstützung.url -> BASEURL: hxxps://avm.de/ URL: hxxps://avm.de/
==================== Ende vom Shortcut.txt =============================
|
|
18.06.2021, 22:45
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | WIN10 PC gehackt, T-Online Emails werden in meinem Namen versendet, Fremdzugriff über TeamViewer? Also von solchen Schrottprogrammen müsst ihr euch aber trennen. Es kann doch echt nicht wahr sein, dass man an die Photos und Videos nicht mehr einfach rankommt nur weil man das Programm nicht mehr zur Hand hat. Bilder sind einfach Bilddateien, die man in einen ganz normalen Ordner ablegt und dann mit jedem beliebigen Bildbetrachter oder -editor öffnen kann. Unter Windows nimmt man sehr gerne IrfanView. Und dann kann man die Bilder auch einfacher sichern auf ne DVD (MDISC) oder externe Festplatte. JPG und PNG ist ein so verbreiteter Standard, der schon seit Jahren auch von stinknormalen DVD-Playern gelesen werden kann. Scripting/Repair mit FRST64 WARNUNG AN ALLE MITLESER !!! Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System angewendet werden!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.06.2021, 22:58
| #28 |
| | WIN10 PC gehackt, T-Online Emails werden in meinem Namen versendet, Fremdzugriff über TeamViewer?Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16-06-2021
durchgeführt von Popp (18-06-2021 23:50:43) Run:1
Gestartet von C:\Users\Popp\Downloads
Geladene Profile: Popp & SFDatabaseServiceV4
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
CloseProcesses:
AV: Spybot - Search and Destroy (Disabled - Out of date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: G DATA INTERNET SECURITY (Disabled - Up to date) {A9C56A9B-ECCD-57EA-78F6-92511DA1C885}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G DATA INTERNET SECURITY (Disabled) {91FEEBBE-A6A2-56B2-53A9-3B64E3728FFE}
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
Task: {42CBCCAA-F998-41D4-A615-51D011606121} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {5B29ED17-B5C1-4409-82BB-FFB9C6DCB331} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {A4AE0861-D717-4EB2-B30C-BA0722680AC0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {B7492F06-29CD-4FDC-869E-B7B3CDEC2493} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {E4F5B945-0A6E-402F-A34B-74C1E409B16A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
FF Extension: (Browsing Protection by F-Secure) - C:\Users\Popp\AppData\Roaming\Mozilla\Firefox\Profiles\ewmeglni.default-1477417793024\Extensions\ols@f-secure.com.xpi [2021-06-11] [UpdateUrl:hxxps://download.sp.f-secure.com/online-safety/updates.json]
FF Extension: (G DATA WebProtection) - C:\Users\Popp\AppData\Roaming\Mozilla\Firefox\Profiles\ewmeglni.default-1477417793024\Extensions\webprotection@gdata.de.xpi [2021-02-27] [UpdateUrl:hxxps://gdata-a.akamaihd.net/R/CommonUpdate/extensions/webprotection/updates.json]
C:\Program Files (x86)\Spybot - Search & Destroy 2
C:\ProgramData\Spybot - Search & Destroy
cmd: reg query "HKCU\Environment"
cmd: reg query "HKCU\Software"
cmd: netsh advfirewall reset
emptytemp:
hosts:
*****************
Prozesse erfolgreich geschlossen.
"AV: Spybot - Search and Destroy (Disabled - Out of date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}" => erfolgreich entfernt
"AV: G DATA INTERNET SECURITY (Disabled - Up to date) {A9C56A9B-ECCD-57EA-78F6-92511DA1C885}" => erfolgreich entfernt
"AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}" => erfolgreich entfernt
"AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}" => erfolgreich entfernt
"FW: G DATA INTERNET SECURITY (Disabled) {91FEEBBE-A6A2-56B2-53A9-3B64E3728FFE}" => erfolgreich entfernt
C:\WINDOWS\system32\GroupPolicy\Machine => erfolgreich verschoben
C:\WINDOWS\system32\GroupPolicy\GPT.ini => erfolgreich verschoben
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => erfolgreich verschoben
C:\ProgramData\NTUSER.pol => erfolgreich verschoben
HKLM\SOFTWARE\Policies\Google => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{42CBCCAA-F998-41D4-A615-51D011606121}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42CBCCAA-F998-41D4-A615-51D011606121}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => nicht gefunden
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B29ED17-B5C1-4409-82BB-FFB9C6DCB331}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B29ED17-B5C1-4409-82BB-FFB9C6DCB331}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A4AE0861-D717-4EB2-B30C-BA0722680AC0}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4AE0861-D717-4EB2-B30C-BA0722680AC0}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B7492F06-29CD-4FDC-869E-B7B3CDEC2493}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7492F06-29CD-4FDC-869E-B7B3CDEC2493}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E4F5B945-0A6E-402F-A34B-74C1E409B16A}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4F5B945-0A6E-402F-A34B-74C1E409B16A}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => erfolgreich entfernt
C:\Users\Popp\AppData\Roaming\Mozilla\Firefox\Profiles\ewmeglni.default-1477417793024\Extensions\ols@f-secure.com.xpi => erfolgreich verschoben
C:\Users\Popp\AppData\Roaming\Mozilla\Firefox\Profiles\ewmeglni.default-1477417793024\Extensions\webprotection@gdata.de.xpi => erfolgreich verschoben
C:\Program Files (x86)\Spybot - Search & Destroy 2 => erfolgreich verschoben
C:\ProgramData\Spybot - Search & Destroy => erfolgreich verschoben
========= reg query "HKCU\Environment" =========
HKEY_CURRENT_USER\Environment
Path REG_EXPAND_SZ %USERPROFILE%\AppData\Local\Microsoft\WindowsApps;
TEMP REG_EXPAND_SZ %USERPROFILE%\AppData\Local\Temp
TMP REG_EXPAND_SZ %USERPROFILE%\AppData\Local\Temp
MOZ_PLUGIN_PATH REG_SZ C:\Program Files\Tracker Software\PDF Viewer\Win32
OneDrive REG_EXPAND_SZ C:\Users\Popp\OneDrive
========= Ende von CMD: =========
========= reg query "HKCU\Software" =========
HKEY_CURRENT_USER\Software\Adobe
HKEY_CURRENT_USER\Software\Anvsoft
HKEY_CURRENT_USER\Software\AppDataLow
HKEY_CURRENT_USER\Software\ASUS
HKEY_CURRENT_USER\Software\AvastAdSDK
HKEY_CURRENT_USER\Software\Avery
HKEY_CURRENT_USER\Software\Avery Dennison
HKEY_CURRENT_USER\Software\AVM
HKEY_CURRENT_USER\Software\BIVG Hannover Programmeinstellungen
HKEY_CURRENT_USER\Software\Brother
HKEY_CURRENT_USER\Software\Business Objects
HKEY_CURRENT_USER\Software\Canneverbe Limited
HKEY_CURRENT_USER\Software\Chromium
HKEY_CURRENT_USER\Software\Clients
HKEY_CURRENT_USER\Software\ComfortSoftware
HKEY_CURRENT_USER\Software\Corel
HKEY_CURRENT_USER\Software\DatevLohnViewer
HKEY_CURRENT_USER\Software\Dell
HKEY_CURRENT_USER\Software\DMGR1.25
HKEY_CURRENT_USER\Software\DYMO
HKEY_CURRENT_USER\Software\Elias Fotinis
HKEY_CURRENT_USER\Software\Evolis Card Printer
HKEY_CURRENT_USER\Software\eXtra Buttons
HKEY_CURRENT_USER\Software\F-Secure
HKEY_CURRENT_USER\Software\Fast Reports
HKEY_CURRENT_USER\Software\Freemake
HKEY_CURRENT_USER\Software\G Data
HKEY_CURRENT_USER\Software\Geek Uninstaller
HKEY_CURRENT_USER\Software\geissplugin
HKEY_CURRENT_USER\Software\Google
HKEY_CURRENT_USER\Software\Governikus GmbH & Co. KG
HKEY_CURRENT_USER\Software\Hewlett-Packard
HKEY_CURRENT_USER\Software\IM Providers
HKEY_CURRENT_USER\Software\INSTAR
HKEY_CURRENT_USER\Software\Intel
HKEY_CURRENT_USER\Software\iSpy
HKEY_CURRENT_USER\Software\iSpy64
HKEY_CURRENT_USER\Software\Lavasoft
HKEY_CURRENT_USER\Software\Licenses
HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications
HKEY_CURRENT_USER\Software\LogiShrd
HKEY_CURRENT_USER\Software\LogMeIn
HKEY_CURRENT_USER\Software\Macromedia
HKEY_CURRENT_USER\Software\Malwarebytes
HKEY_CURRENT_USER\Software\Microsoft
HKEY_CURRENT_USER\Software\Mozilla
HKEY_CURRENT_USER\Software\MozillaPlugins
HKEY_CURRENT_USER\Software\NBD Systems
HKEY_CURRENT_USER\Software\NBD-Systems
HKEY_CURRENT_USER\Software\NDB-Datenbankanwendungen
HKEY_CURRENT_USER\Software\Netscape
HKEY_CURRENT_USER\Software\OCS
HKEY_CURRENT_USER\Software\ODBC
HKEY_CURRENT_USER\Software\Okidata
HKEY_CURRENT_USER\Software\Opera Software
HKEY_CURRENT_USER\Software\Plex, Inc.
HKEY_CURRENT_USER\Software\Policies
HKEY_CURRENT_USER\Software\QtProject
HKEY_CURRENT_USER\Software\RadiAnt Viewer
HKEY_CURRENT_USER\Software\Realtek
HKEY_CURRENT_USER\Software\RegisteredApplications
HKEY_CURRENT_USER\Software\REINER SCT
HKEY_CURRENT_USER\Software\Safer Networking Limited
HKEY_CURRENT_USER\Software\Screentime Media
HKEY_CURRENT_USER\Software\Simply Super Software
HKEY_CURRENT_USER\Software\Sony Corporation
HKEY_CURRENT_USER\Software\StarFinanz
HKEY_CURRENT_USER\Software\SUPRA
HKEY_CURRENT_USER\Software\TeamViewer
HKEY_CURRENT_USER\Software\TechniSat
HKEY_CURRENT_USER\Software\Telekom
HKEY_CURRENT_USER\Software\The Silicon Realms Toolworks
HKEY_CURRENT_USER\Software\TOnline
HKEY_CURRENT_USER\Software\Tracker Software
HKEY_CURRENT_USER\Software\Trolltech
HKEY_CURRENT_USER\Software\undefined
HKEY_CURRENT_USER\Software\VB and VBA Program Settings
HKEY_CURRENT_USER\Software\VirtualDJ
HKEY_CURRENT_USER\Software\Winamp
HKEY_CURRENT_USER\Software\WinRAR SFX
HKEY_CURRENT_USER\Software\Wondershare
HKEY_CURRENT_USER\Software\Wow6432Node
HKEY_CURRENT_USER\Software\Classes
========= Ende von CMD: =========
========= netsh advfirewall reset =========
OK.
========= Ende von CMD: =========
C:\Windows\System32\Drivers\etc\hosts => erfolgreich verschoben
Hosts erfolgreich wiederhergestellt.
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1598116090 B
Java, Flash, Steam htmlcache => 1154 B
Windows/system/drivers => 22501172 B
Edge => 71672 B
Chrome => 172032 B
Firefox => 25963515 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 17920 B
ProgramData => 17920 B
Public => 17920 B
systemprofile => 17920 B
systemprofile32 => 17920 B
LocalService => 150748 B
NetworkService => 169260 B
Popp => 2015334381 B
LogMeInRemoteUser => 2015334381 B
SFDatabaseServiceV4 => 2015334381 B
DefaultAppPool => 2015334381 B
RecycleBin => 0 B
EmptyTemp: => 9.1 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 23:52:17 ====
|
|
18.06.2021, 23:37
| #29 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | WIN10 PC gehackt, T-Online Emails werden in meinem Namen versendet, Fremdzugriff über TeamViewer? Kontrollscans mit MBAM und RK Wir sind fast fertig. Jetzt ist es an der Zeit für Kontrollscans mit Poste nach Abschluss der beiden Scans die Logs in CODE-Tags.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.06.2021, 00:49
| #30 |
| | WIN10 PC gehackt, T-Online Emails werden in meinem Namen versendet, Fremdzugriff über TeamViewer?Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 19.06.21
Scan-Zeit: 00:47
Protokolldatei: 318384ae-d087-11eb-b3ea-90b11c7b60d8.json
-Softwaredaten-
Version: 4.4.0.117
Komponentenversion: 1.0.1318
Version des Aktualisierungspakets: 1.0.41899
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 19041.1052)
CPU: x64
Dateisystem: NTFS
Benutzer: DELL-PC\Popp
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 496016
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 36 Min., 16 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter RogueKiller Anti-Malware V15.0.3.0 (x64) [Jun 15 2021] (Free) von Adlice Software Mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Betriebssystem : Windows 10 (10.0.19041) 64 bits Gestartet in : Normaler Modus Benutzer : Popp [Administrator] Gestartet von : C:\Users\Popp\Downloads\RogueKiller_portable64.exe Signaturen : 20210615_000001, Treiber : Geladen Modus : Standard-Scan, Löschen -- Datum : 2021/06/19 01:47:40 (Dauer : 00:16:47) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Löschen ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [PUP.Gen1 (Potenziell bösartig)] HKEY_USERS\.DEFAULT\Software\OCS -- -> Gelöscht [PUP.Gen1 (Potenziell bösartig)] HKEY_USERS\S-1-5-21-814051134-1916513075-1057447149-1000\Software\OCS -- -> Gelöscht [PUP.Gen1 (Potenziell bösartig)] HKEY_USERS\S-1-5-18\Software\OCS -- -> Gelöscht [PUM.Proxy (Potenziell bösartig)] HKEY_USERS\S-1-5-21-814051134-1916513075-1057447149-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer -- -> Gelöscht [PUM.Policies (Potenziell bösartig)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- -> Ersetzt (2) [PUM.SearchEngine (Potenziell bösartig)] browser.search.defaultenginename -- Bing® -> Gelöscht [PUM.SearchEngine (Potenziell bösartig)] browser.search.selectedEngine -- Bing® -> Gelöscht |
|
| Themen zu WIN10 PC gehackt, T-Online Emails werden in meinem Namen versendet, Fremdzugriff über TeamViewer? |
| abgesicherte, abgesicherten, bereits, emails, ergebnis, ersetzt, gdata, gehackt, geschlossen, hoffe, interne, logdateien, lösung, modus, namen, neue, neuen, passwort, passwörter, prüfen, sofort, telekom, versuche, win, zugang |
Linear-Darstellung
