|
Diskussionsforum: Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführtWindows 7 Hier sind ausschließlich fachspezifische Diskussionen erwünscht. Bitte keine Log-Files, Hilferufe oder ähnliches posten. Themen zum "Trojaner entfernen" oder "Malware Probleme" dürfen hier nur diskutiert werden. Bereinigungen von nicht ausgebildeten Usern sind hier untersagt. Wenn du dir einen Virus doer Trojaner eingefangen hast, eröffne ein Thema in den Bereinigungsforen oben. |
27.06.2021, 20:30 | #1 | |
| Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt Hallo, bei mir wir nach dem Login unter AppData\Local\Temp immer ein exe ausgeführt, der Name ändert sich, Bsp: a8ee9d2a-7120-4192-aaa3-0558ee0ba707.tmp.exe (82.944 Bytes) Das Programm öffnet ein Fenster und gibt Zahlen und Buchstaben aus, Bsp. für Anfang: Zitat:
Avast meldet, dass die Datei sicher ist. VirusTotal meldetfolgende Troyaner:
Details siehe https://www.virustotal.com/gui/file/f6436dc45c8356d26174a2a8c67523217ef6024197e61af10edfa137a90a1c65/detection Ich habe Malwarebytes laufen lassen, meldet aber keine Probleme. Hinweis: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mount_Veracrypt.cmd ist unkritisch, ist ein Mount Skript, was ich selber geschrieben habe. Wäre toll, wenn ihr mir helfen könntet. LG tsmomc Anbei die gewünschten Ausgaben von FRST. FRST: FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 26-06-2021 durchgeführt von thoma (Administrator) auf DESKTOP-HCA6LJN (27-06-2021 20:50:28) Gestartet von D:\download\+++ troyaner +++ Geladene Profile: thoma Platform: Windows 10 Pro Version 21H1 19043.1081 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: FF Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\S5WOW_App\ATHEROS\S5wow.exe () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\S5WOW_App\x64\S5wow_2005.exe (1 und 1 Internet AG -> 1&1 Internet AG) C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\ASUSRelayWS.exe (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\LightingService\1.00.29\AsRogAuraGpuDllServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.30\aaHMSvc.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.09.08\AsusFanControlService.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\2.00.06\atkexComSvc.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\1.00.29\LightingService.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <5> (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe (Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe (Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskService.exe (Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskServiceTray.exe (DeepL GmbH) [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\DeepL.exe (Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (EIZO Corporation -> EIZO Corporation) C:\Program Files (x86)\EIZO\Screen InStyle\ScreenInStyle.exe (FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe (FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe (FabulaTech, LLP -> VMware) C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2> (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE (GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe (GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe (GN AUDIO A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct4\jabra-direct.exe <4> (GN AUDIO A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct4\SoftphoneIntegrations.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe <2> (IDRIX SARL -> IDRIX) C:\Program Files\VeraCrypt\VeraCrypt.exe (IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe (Intel(R) INTELND1617S2 -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\GfxDownloadWrapper.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\igfxCUIService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\IntelCpHDCPSvc.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_778512ee63a728ec\RstMwService.exe (Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (LULU Software -> LULU Software) C:\Program Files\Soda PDF Desktop\creator\common\creator-ws.exe (LULU Software -> LULU Software) C:\Program Files\Soda PDF Desktop\updater-ws.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\kited.exe (Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\KiteService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe (MiniTool Software Limited -> ) C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe (MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe (MSIP Code Signing -> www.microsip.org) [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\MicroSIP\microsip.exe (Nenad Hrg -> Nenad Hrg SoftwareOK) C:\Program Files\DesktopOK\DesktopOK_x64.exe (Open Source Developer, Dominik Reichl -> Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\thoma\AppData\Local\slack\app-4.17.1\slack.exe <5> (SplitmediaLabs Limited -> SplitmediaLabs Limited) C:\Program Files\XSplit\VCam\service\XSpltVidSvc.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (The CefSharp Authors) [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\CefSharp.BrowserSubprocess.exe <3> (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Xerox Corporation -> Xerox Corporation) C:\Program Files\Xerox\XeroxPrintExperience\CommonFiles\XeroxPrintJobEventManagerService.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-10-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [122592 2021-06-03] (Avast Software s.r.o. -> AVAST Software) HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [7580488 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd) HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1068624 2020-10-11] (Heidi Computers Ltd -> The Eraser Project) HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> ) HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3160256 2021-05-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl) HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [564928 2021-03-25] (geek software GmbH -> geek software GmbH) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288672 2021-05-21] (IDSA Production signing key 2021 -> Intel) HKLM-x32\...\Run: [Jabra Direct] => C:\Program Files (x86)\Jabra\Direct4\jabra-direct.exe [106801552 2021-06-09] (GN AUDIO A/S -> GN Audio A/S) HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31046640 2020-09-21] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [VeraCrypt] => C:\Program Files\VeraCrypt\VeraCrypt.exe [5928728 2020-10-11] (IDRIX SARL -> IDRIX) HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [1&1_1&1 Upload-Manager] => C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE [989264 2011-11-21] (1 und 1 Internet AG -> 1&1 Internet AG) HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [DeepL] => C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\DeepL.exe [133632 2021-05-30] (DeepL GmbH) [Datei ist nicht signiert] HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [Kite] => C:\Program Files\Kite\kited.exe [562179520 2021-06-10] (Manhattan Engineering Incorporated -> Kite) HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [DesktopOK] => C:\Program Files\DesktopOK\DesktopOK_x64.exe [921480 2021-03-16] (Nenad Hrg -> Nenad Hrg SoftwareOK) HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\GlassWire.exe [9242536 2021-05-14] (GlassWire -> SecureMix LLC) HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\thoma\AppData\Local\slack\slack.exe [308368 2021-06-06] (Slack Technologies, Inc. -> Slack Technologies Inc.) HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\MountPoints2: {1768b476-52b6-11eb-868b-107b4415ae9e} - "O:\AutoRun.exe" HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\MountPoints2: {6b500ea1-4a0e-11eb-867b-107b4415ae9e} - "O:\AutoRun.exe" HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\MountPoints2: {6b500f5d-4a0e-11eb-867b-107b4415ae9e} - "O:\setup.exe" AUTORUN=1 HKU\S-1-5-21-4198695647-2910091461-4277131257-1003\...\Run: [2FFD542F547A6A94419661128FD7298878C7A371._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8 HKU\S-1-5-21-4198695647-2910091461-4277131257-1003\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --auto-launch-onlogon --start-maximized --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session -- (Der Dateneintrag hat 70 mehr Zeichen). HKU\S-1-5-21-4198695647-2910091461-4277131257-1005\...\RunOnce: [Application Restart #0] => C:\Program Files\Macrium\Common\ReflectMonitor.exe [26150760 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd) HKU\S-1-5-21-4198695647-2910091461-4277131257-1005\...\RunOnce: [Application Restart #1] => C:\Program Files\Macrium\Common\ReflectUI.exe [7580488 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd) HKU\S-1-5-21-4198695647-2910091461-4277131257-1010\...\RunOnce: [Application Restart #0] => C:\Program Files\Macrium\Common\ReflectUI.exe [7580488 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd) HKU\S-1-5-21-4198695647-2910091461-4277131257-1010\...\RunOnce: [Application Restart #1] => C:\Program Files\Macrium\Common\ReflectMonitor.exe [26150760 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd) HKLM\...\Windows x64\Print Processors\TeamViewer_PrintProcessor: C:\Windows\System32\spool\prtprocs\x64\TeamViewer_PrintProcessor.dll [20208 2017-08-29] (TeamViewer GmbH -> ) HKLM\...\Print\Monitors\Adobe PDF Port: C:\Windows\SysWOW64\AdobePDF.dll [28248 2006-09-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MX920 series XPS: C:\Windows\System32\CNMXLMBL.DLL [393728 2012-09-20] (CANON INC.) [Datei ist nicht signiert] HKLM\...\Print\Monitors\FRITZ!fax Color Port Monitor: C:\Windows\System32\FritzColorPort64.dll [20480 2006-02-23] () [Datei ist nicht signiert] HKLM\...\Print\Monitors\FRITZ!fax Port Monitor: C:\Windows\System32\FritzPort64.dll [20480 2006-02-22] () [Datei ist nicht signiert] HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\WINDOWS\system32\pxcpmL.dll [2057488 2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) HKLM\...\Print\Monitors\PDFill Writer Monitor: C:\Program Files (x86)\PlotSoft\PDFill\PDFWriter\Driver\PDFillWriterMon.dll [38824 2020-08-23] (PlotSoft LLC -> Windows (R) Codename Longhorn DDK provider) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-06-26] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\91.0.10364.115\Installer\chrmstp.exe [2021-06-23] (Avast Software s.r.o. -> AVAST Software) HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\91.1.26.67\Installer\chrmstp.exe [2021-06-22] (Brave Software, Inc. -> Brave Software, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Screen InStyle.lnk [2018-09-09] ShortcutTarget: Screen InStyle.lnk -> C:\Program Files (x86)\EIZO\Screen InStyle\ScreenInStyle.exe (EIZO Corporation -> EIZO Corporation) Startup: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MicroSIP.lnk [2021-06-16] ShortcutTarget: MicroSIP.lnk -> C:\Users\thoma\AppData\Local\MicroSIP\microsip.exe (MSIP Code Signing -> www.microsip.org) [Datei ist nicht signiert] Startup: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mount_Veracrypt.cmd [2020-10-26] () [Datei ist nicht signiert] HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {005D84C2-EDA3-438D-AE0F-0FB0FAFE59C7} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - Periodic Refresh => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [393928 2020-10-30] (Xerox Corporation -> Xerox Corporation) Task: {0A809507-98FB-45EA-9AFA-6EC7C4E41661} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-04-22] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {0EB7F3EB-E9BF-448D-816F-A6004038B706} - System32\Tasks\SU_AutoUpdate => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4513224 2021-01-19] (IObit Information Technology -> IObit) Task: {105E52A6-D36D-48FD-B0E9-81D2EDAEC76A} - System32\Tasks\SS3svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe [1233920 2017-10-18] (ASUSTeK COMPUTER INC.) [Datei ist nicht signiert] Task: {12C0E9C8-FBB6-41FF-BA4B-654CDF6393C8} - System32\Tasks\Software Updater SkipUAC(thoma) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4513224 2021-01-19] (IObit Information Technology -> IObit) <==== ACHTUNG Task: {1AC165B8-E271-4985-A76D-0F53F4683552} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1112576 2017-05-19] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.) Task: {21390E5A-ECD2-4B2C-8638-E41738294AEA} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-04-22] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {26C8469C-15C8-4782-B07D-4A9E084BEFB6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software) Task: {34186EBC-CDEE-48E4-95C0-8EE410061B22} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software) Task: {36873C61-2D8A-46EB-8B00-6F08E23D19A4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118104 2021-06-21] (Microsoft Corporation -> Microsoft Corporation) Task: {37817CB2-6796-4FE5-BB89-60A132841A63} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2277640 2021-06-18] (Avast Software s.r.o. -> AVAST Software) Task: {37AFCB71-04A4-4CFD-B0D9-0FF999AB1494} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754104 2021-01-07] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {3858C6E9-501D-4496-89F7-79F2CB232AD4} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-4198695647-2910091461-4277131257-1001 => C:\Users\thoma\AppData\Local\MEGAsync\MEGAupdater.exe [615672 2020-09-20] (Mega Limited -> Mega Limited) Task: {3E40CD95-3652-47D8-8FCD-2385ACAEFF3C} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2277640 2021-06-18] (Avast Software s.r.o. -> AVAST Software) Task: {400FEC93-A76B-465F-9FF5-2409C8845D34} - System32\Tasks\G2MUploadTask-S-1-5-21-4198695647-2910091461-4277131257-1001 => C:\Users\thoma\AppData\Local\GoToMeeting\19228\g2mupload.exe [31320 2020-12-18] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {40820894-D3D8-453F-9638-D584DD1DF9B8} - System32\Tasks\Opera scheduled Autoupdate 1573333256 => C:\Users\thoma\AppData\Local\Programs\Opera\launcher.exe Task: {41EC6830-B92E-448B-9809-DAEF9B702842} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-19] (Google Inc -> Google Inc.) Task: {4768BAE1-518E-4A29-9969-55CFE764FCFC} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [1461200 2016-10-07] (ASUSTeK Computer Inc. -> ) Task: {4C058142-2FFD-4045-93C5-ADA908B4B609} - System32\Tasks\ASUS\AsRogAuraGpuDllServer => C:\Program Files (x86)\LightingService\1.00.29\AsRogAuraGpuDllServer.exe [247256 2017-09-22] (ASUSTeK Computer Inc. -> ) Task: {4CD90931-266C-4C0B-9E98-9E004A647A73} - System32\Tasks\G2MUpdateTask-S-1-5-21-4198695647-2910091461-4277131257-1001 => C:\Users\thoma\AppData\Local\GoToMeeting\19228\g2mupdate.exe [31320 2020-12-18] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {4F3153B8-BF1E-4C4C-BDC1-A960DC48B5F5} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software) Task: {5135714E-030B-47A6-AE5E-866A1A560FC9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {52F61971-8A47-41A3-A297-12F0F1B20380} - System32\Tasks\Software Updater SkipUAC(sandr) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4513224 2021-01-19] (IObit Information Technology -> IObit) <==== ACHTUNG Task: {5648571B-7BD1-4A03-82C7-FAC6869F1D3C} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1290200 2017-02-09] (ASUSTeK Computer Inc. -> ) Task: {5A520292-B468-42E9-A05D-4A0ED5DCDFEA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5B328278-0F03-458B-A576-D29414E41BA6} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4417496 2017-02-09] (ASUSTeK Computer Inc. -> TODO: <Company name>) Task: {5D401512-7328-48D0-AF35-4D64BCF4D2E9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124896 2021-06-21] (Microsoft Corporation -> Microsoft Corporation) Task: {629711A6-2BB3-4E6A-8641-B58D732CCC38} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {654FCFAA-1722-4954-A235-E0C20FB80BE7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-19] (Google Inc -> Google Inc.) Task: {668E4F81-18AF-4517-A7AF-8A03FE4AA593} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {6FA86AE2-51B5-4E3C-B7AF-CFFD2CE4542F} - System32\Tasks\Xerox\Xerox PowerENGAGE => C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe [117984 2016-09-13] (Aviata Inc -> Aviata Inc) Task: {710AAD34-E848-41D2-9CB2-C2309C09843D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118104 2021-06-21] (Microsoft Corporation -> Microsoft Corporation) Task: {7F79EC1F-9496-4D3D-A9B6-8B149818496A} - System32\Tasks\ASUS\ASUS File Transfer Server Launcher => C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server Launcher.exe [1898480 2016-09-21] (ASUSTeK Computer Inc. -> TODO: <Company name>) Task: {8277A3E4-ECA0-4132-9223-4FA0C2D4A733} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-06-26] (Mozilla Corporation -> Mozilla Foundation) Task: {8AF3B45E-EEE7-4BE9-BB6E-A773008DF0EF} - System32\Tasks\Xerox\Xerox PowerENGAGE Update => C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe [117984 2016-09-13] (Aviata Inc -> Aviata Inc) Task: {997A2699-5CB4-40B3-BEE1-CEB12890E80C} - System32\Tasks\SS3svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3svc64.exe [811520 2017-10-18] (ASUSTeK COMPUTER INC.) [Datei ist nicht signiert] Task: {9AB4CE3F-981C-49F3-8808-287615E74099} - System32\Tasks\Software Updater Scheduler => C:\Program Files (x86)\IObit\Software Updater\SUInit.exe [1789200 2020-06-30] (IObit Information Technology -> IObit Software updater) <==== ACHTUNG Task: {AB0B23DB-4923-4FF3-AE82-8ECF5E00D829} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-09-21] (Garmin International, Inc. -> ) Task: {B46E811C-C114-4DEE-A6CF-3EE27C5D8083} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [1995736 2017-02-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) Task: {B52182A2-B47B-4EBA-B666-7EFCAE0627D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B6E72D07-8306-4149-B123-147034168A5A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124896 2021-06-21] (Microsoft Corporation -> Microsoft Corporation) Task: {BFD7E10A-CE58-46C0-8E09-4E213B5A51B0} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> ) Task: {C45FC55E-D980-4C28-A408-EF9E520429C3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C494B1F9-E781-4E2A-9025-6927DFF35D29} - System32\Tasks\Amazon Music Helper => C:\Users\thoma\AppData\Local\Amazon Music\Amazon Music Helper.exe [2091960 2020-01-10] (Amazon Services LLC -> Amazon.com Services LLC) Task: {CA2022A4-B81D-4010-9355-193A1B8F32E8} - System32\Tasks\Start CorsairLink4 => C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe [27067088 2017-09-08] (Corsair Components, Inc. -> Corsair Components, Inc.) Task: {D41EBB5B-37DF-49E1-85D6-D951987DCC05} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4808928 2021-06-03] (Avast Software s.r.o. -> AVAST Software) Task: {DDE652BF-3898-4A66-8CD4-D92C0089C2B8} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3074176 2021-04-15] (Intel(R) System Usage Report -> Intel Corporation) Task: {E06909C6-0A80-41E5-87AE-1F95D1B6C26E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3074176 2021-04-15] (Intel(R) System Usage Report -> Intel Corporation) Task: {E345DE8F-18F9-4C60-BC6B-C18B88BB50ED} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - New or Changed => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [393928 2020-10-30] (Xerox Corporation -> Xerox Corporation) Task: {E573A806-D442-4C3A-9A81-5DC052FC282C} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {E77DD0DB-B08E-43DD-96C5-9AA2A084D1CA} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {FDE19336-B182-4BA9-8557-48C100F6C152} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - User Logon => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [393928 2020-10-30] (Xerox Corporation -> Xerox Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4198695647-2910091461-4277131257-1001.job => C:\Users\thoma\AppData\Local\GoToMeeting\19228\g2mupdate.exe Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4198695647-2910091461-4277131257-1001.job => C:\Users\thoma\AppData\Local\GoToMeeting\19228\g2mupload.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{4767166f-faa3-49bd-bcaa-773a41ea516f}: [DhcpNameServer] 192.168.178.1 Edge: ======= DownloadDir: D:\download Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden] Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden] Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden] Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden] Edge DefaultProfile: Default Edge Profile: C:\Users\thoma\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-27] Edge DownloadDir: Default -> D:\download FireFox: ======== FF DefaultProfile: Mozilla Firefox FF ProfilePath: M:\Mozilla Firefox [2020-10-26] FF Homepage: M:\Mozilla Firefox -> hxxps://www.google.de/ FF Extension: (Firefox Lightbeam) - M:\Mozilla Firefox\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2018-02-17] FF Extension: (Dark YouTube Theme) - M:\Mozilla Firefox\Extensions\jid1-hDf2iQXGiUjzGQ@jetpack.xpi [2017-09-06] FF Extension: (MetaMask) - M:\Mozilla Firefox\Extensions\webextension@metamask.io.xpi [2018-03-07] FF Extension: (1-Click YouTube Video Downloader) - M:\Mozilla Firefox\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2018-04-13] FF Extension: (EPUBReader) - M:\Mozilla Firefox\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}.xpi [2020-06-23] FF Extension: (Flash- und Video-Download) - M:\Mozilla Firefox\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2018-08-31] FF Extension: (OkayFreedom) - M:\Mozilla Firefox\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2016-06-17] [UpdateUrl:hxxps://www.steganos.com/updates/okayfreedom/update_okayfreedom_ff.rdf] FF Extension: (Video DownloadHelper) - M:\Mozilla Firefox\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-12-17] FF Extension: (JSONView) - M:\Mozilla Firefox\Extensions\jsonview@brh.numbera.com.xpi [2021-01-06] FF Extension: (DownThemAll!) - M:\Mozilla Firefox\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2021-01-23] FF Extension: (Windscribe - Free Proxy and Ad Blocker) - M:\Mozilla Firefox\Extensions\@windscribeff.xpi [2021-02-08] FF Extension: (Ghostery – Datenschutzorientierter Werbeblocker) - M:\Mozilla Firefox\Extensions\firefox@ghostery.com.xpi [2021-03-03] FF Extension: (I don't care about cookies) - M:\Mozilla Firefox\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2021-04-19] FF Extension: (Kee - Password Manager) - M:\Mozilla Firefox\Extensions\keefox@chris.tomlinson.xpi [2021-05-06] FF Extension: (Web of Trust) - M:\Mozilla Firefox\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2021-05-10] FF Extension: (Python Notebook Viewer) - M:\Mozilla Firefox\Extensions\rushikesh988-5@gmail.com.xpi [2021-05-16] FF Extension: (Adblock Plus - kostenloser Adblocker) - M:\Mozilla Firefox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-05-19] FF Extension: (NoScript) - M:\Mozilla Firefox\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-06-26] FF SearchPlugin: M:\Mozilla Firefox\searchplugins\duckduckgo.xml [2013-08-15] FF SearchPlugin: M:\Mozilla Firefox\searchplugins\englische-ergebnisse.xml [2012-09-26] FF SearchPlugin: M:\Mozilla Firefox\searchplugins\gmx-suche.xml [2012-09-26] FF SearchPlugin: M:\Mozilla Firefox\searchplugins\lastminute.xml [2012-09-26] FF SearchPlugin: M:\Mozilla Firefox\searchplugins\webde-suche.xml [2012-09-26] FF ProfilePath: C:\Users\thoma\AppData\Roaming\Mozilla\Firefox\Profiles\f62kpuh7.default [2021-06-27] FF Extension: (OkayFreedom) - C:\Users\thoma\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2019-03-27] [UpdateUrl:hxxps://www.steganos.com/updates/okayfreedom/update_okayfreedom_ff.rdf] FF Extension: (KeeFox) - C:\Users\thoma\AppData\Roaming\Mozilla\Firefox\Profiles\f62kpuh7.default\Extensions\keefox@chris.tomlinson [2017-10-19] [] FF Extension: (Avast SafePrice | Vergleich, Angebote, Gutscheine) - C:\Users\thoma\AppData\Roaming\Mozilla\Firefox\Profiles\f62kpuh7.default\Extensions\sp@avast.com.xpi [2019-11-15] FF Extension: (Avast Online Security) - C:\Users\thoma\AppData\Roaming\Mozilla\Firefox\Profiles\f62kpuh7.default\Extensions\wrc@avast.com.xpi [2019-11-15] FF HKLM\...\Firefox\Extensions: [soda_pdf_desktop_conv@sodapdf.com] - C:\Program Files\Soda PDF Desktop\creator\plugins\FirefoxAddin\soda_pdf_desktop_conv@sodapdf.com.xpi FF Extension: (Soda PDF Desktop Creator) - C:\Program Files\Soda PDF Desktop\creator\plugins\FirefoxAddin\soda_pdf_desktop_conv@sodapdf.com.xpi [2018-06-04] [] FF HKLM\...\Firefox\Extensions: [soda_pdf_desktop_conv_v.2@sodapdf.com] - C:\Program Files\Soda PDF Desktop\creator\plugins\FirefoxAddin\soda_pdf_desktop_conv_v.2@sodapdf.com.xpi FF Extension: (Soda PDF Desktop Creator) - C:\Program Files\Soda PDF Desktop\creator\plugins\FirefoxAddin\soda_pdf_desktop_conv_v.2@sodapdf.com.xpi [2018-06-04] FF HKLM-x32\...\Firefox\Extensions: [soda_pdf_desktop_conv_v.2@sodapdf.com] - C:\Program Files\Soda PDF Desktop\creator\plugins\FirefoxAddin\soda_pdf_desktop_conv_v.2@sodapdf.com.xpi FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: Soda PDF Desktop -> C:\Program Files\Soda PDF Desktop\np-previewer.dll [2018-06-04] (LULU Software -> LULU Software) FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-03] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-03] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-30] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-30] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-04-22] (Brave Software, Inc. -> BraveSoftware Inc.) FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-04-22] (Brave Software, Inc. -> BraveSoftware Inc.) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-01-26] (Avast Software s.r.o. -> AVAST Software) FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-01-26] (Avast Software s.r.o. -> AVAST Software) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-4198695647-2910091461-4277131257-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-4198695647-2910091461-4277131257-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-4198695647-2910091461-4277131257-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-4198695647-2910091461-4277131257-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\thoma\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin HKU\S-1-5-21-4198695647-2910091461-4277131257-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\thoma\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default [2021-06-27] CHR DownloadDir: D:\download CHR Notifications: Default -> hxxps://web.whatsapp.com; hxxps://www.gympass.com; hxxps://www.pcwelt.de CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA CHR StartupUrls: Default -> "hxxp://www.google.de/" CHR Extension: (Google Übersetzer) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-19] CHR Extension: (Präsentationen) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-19] CHR Extension: (Talend API Tester - Free Edition) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aejoelaoggembcahagimdiliamlcdmfm [2021-06-26] CHR Extension: (Terra Station) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiifbnbfobpmeekipheeijimdpnlpgpp [2021-06-26] CHR Extension: (Docs) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20] CHR Extension: (Google Drive) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22] CHR Extension: (YouTube) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-20] CHR Extension: (KeeForm) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmhcphbkicakelgpchlhccaeljahoima [2021-06-26] CHR Extension: (Avira Password Manager) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-06-26] CHR Extension: (Avira Safe Shopping) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2021-06-26] CHR Extension: (KeePassHttp-Connector) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\dafgdjggglmmknipkhngniifhplpcldb [2020-05-01] CHR Extension: (Tabellen) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-19] CHR Extension: (Binance Chain Wallet) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbohimaelbohpjbbldcngcnapndodjp [2021-06-26] CHR Extension: (I don't care about cookies) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2021-04-22] CHR Extension: (Google Docs Offline) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-27] CHR Extension: (Plus for Trello (time track, reports)) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjjpophepkbhejnglcmkdnncmaanojkf [2021-05-22] CHR Extension: (Video DownloadHelper) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2021-03-05] CHR Extension: (Export for Trello) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhdelomnagopgaealggpgojkhcafhnin [2018-04-02] CHR Extension: (MetaMask) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2021-06-26] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-07] CHR Extension: (Google Mail) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22] CHR Extension: (Chrome Media Router) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-01] CHR Profile: C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-03-12] CHR Profile: C:\Users\thoma\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-12] CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] Brave: ======= BRA DefaultProfile: Default BRA Profile: C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-06-12] BRA Notifications: Default -> hxxps://app.slack.com BRA Extension: (Avira Password Manager) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-06-12] BRA Extension: (Avira Safe Shopping) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2021-02-24] BRA Extension: (Avast SafePrice | Vergleich, Angebote, Gutscheine) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-01-07] BRA Extension: (OkayFreedom) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hfnbbbkabnehoejfhcbbhdicagcoobji [2019-10-25] BRA Extension: (Kee - Password Manager) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mmhlniccooihdimnnjhamobppdhaolme [2021-02-24] BRA Extension: (PAYBACK Internet Assistent) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pbfjbhoglggakhkngkbfehgghkaadeba [2021-02-24] BRA Extension: (Brave Local Data Files Updater) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-05-04] BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-06-12] BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-04-04] BRA Extension: (Brave Ad Block Updater (EasyList Germany)) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\faknfgalcghekhfggcdikddilkpjbonh [2021-06-12] BRA Extension: (Brave SpeedReader Updater) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-06-12] BRA Extension: (Brave Ad Block Updater (DEU: EasyList Germany)) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\jmomcjcilfpbaaklkifaijjcnancamde [2020-05-24] BRA Extension: (Brave NTP sponsored images) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2021-06-12] BRA Extension: (PDF Viewer) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2019-04-22] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-06-12] StartMenuInternet: Brave - C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 Adiscon EvntSLog; C:\Program Files (x86)\EventReporter\evntslog.exe [4614792 2018-04-27] (Adiscon GmbH -> Adiscon GmbH, Germany (info@adiscon.com, hxxp://www.adiscon.com)) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\2.00.06\atkexComSvc.exe [411456 2017-09-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.30\aaHMSvc.exe [975832 2017-01-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2016-04-20] (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.09.08\AsusFanControlService.exe [610776 2017-02-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8151120 2021-06-03] (Avast Software s.r.o. -> AVAST Software) S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [622816 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [370400 2021-06-03] (Avast Software s.r.o. -> AVAST Software) S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software) S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\91.0.10364.115\elevation_service.exe [1421288 2021-06-18] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-03] (Avast Software s.r.o. -> AVAST Software) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-04-22] (Brave Software, Inc. -> BraveSoftware Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-04-22] (Brave Software, Inc. -> BraveSoftware Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-06-21] (Microsoft Corporation -> Microsoft Corporation) R2 client_service; C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe [444632 2021-02-05] (VMware, Inc. -> VMware, Inc.) S3 CLink4Service; C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe [32976 2017-09-08] (Corsair Components, Inc. -> Corsair Components, Inc.) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [441664 2019-04-16] (Digital Wave Ltd -> Digital Wave Ltd.) S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1113864 2020-05-15] (Bayerisches Landesamt fuer Steuern -> ) S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-07-24] (Mixbyte Inc -> Freemake) R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [283760 2020-09-11] (FabulaTech, LLP -> ) R2 ftscanmgrhv; C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe [301680 2020-09-11] (FabulaTech, LLP -> ) R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [7174568 2021-05-14] (GlassWire -> SecureMix LLC) R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [594216 2018-12-20] (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert] [Datei wird verwendet] S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-03-11] (Hewlett-Packard Co.) [Datei ist nicht signiert] R2 KiteService; C:\Program Files\Kite\KiteService.exe [140864 2021-06-10] (Manhattan Engineering Incorporated -> Kite) R2 LightingService; C:\Program Files (x86)\LightingService\1.00.29\LightingService.exe [1144792 2017-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [8929608 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd) R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-31] (Malwarebytes Inc -> Malwarebytes) R2 MTAgentService; C:\Program Files\MiniTool ShadowMaker\AgentService.exe [783344 2021-01-28] (MiniTool Software Limited -> ) R2 MTSchedulerService; C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe [226800 2021-01-28] (MiniTool Software Limited -> ) R2 PDF24; C:\Program Files\PDF24\pdf24.exe [564928 2021-03-25] (geek software GmbH -> geek software GmbH) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5395360 2021-06-24] (Microsoft Windows Publisher -> Microsoft Corporation) S3 Soda PDF Desktop; C:\Program Files\Soda PDF Desktop\ws.exe [2780400 2018-06-04] (LULU Software -> LULU Software) R2 Soda PDF Desktop Creator; C:\Program Files\Soda PDF Desktop\creator\common\creator-ws.exe [756464 2018-06-04] (LULU Software -> LULU Software) R2 Soda PDF Desktop Update Service; C:\Program Files\Soda PDF Desktop\updater-ws.exe [751344 2018-06-04] (LULU Software -> LULU Software) R2 spacedeskService; C:\WINDOWS\system32\spacedeskService.exe [1091488 2020-09-08] (Datronicsoft, Inc. -> ) S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [183816 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12871464 2021-04-29] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 vmwsprrdpwks; C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [480368 2020-09-22] (FabulaTech, LLP -> VMware) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation) R2 XeroxPrintJobEventManagerService; C:\Program Files\Xerox\XeroxPrintExperience\CommonFiles\XeroxPrintJobEventManagerService.exe [513920 2020-10-30] (Xerox Corporation -> Xerox Corporation) S3 XeroxProdRegManager; C:\Program Files (x86)\Xerox PowerENGAGE\EngageService.exe [293608 2016-09-13] (Aviata Inc -> Aviata, Inc.) S3 XSplit_VCam_Updater; C:\Program Files\XSplit\VCam\XSplit_VCam_Updater.exe [3194032 2021-06-14] (SplitmediaLabs Limited -> XSplit) R2 XSpltVidSvc; C:\Program Files\XSplit\VCam\service\XSpltVidSvc.exe [259248 2021-06-14] (SplitmediaLabs Limited -> SplitmediaLabs Limited) ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 anvsnddrv; C:\WINDOWS\system32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Co., Ltd. -> AnvSoft Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-09-21] (ASUSTeK Computer Inc. -> ) R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] (ASUSTeK Computer Inc. -> ) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35664 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [216360 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365536 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250336 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99296 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17328 2021-05-30] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41296 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [180944 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522864 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107792 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82856 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851144 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [471352 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215336 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R2 BlueStacksDrv; C:\Program Files (x86)\BlueStacks\BstkDrv_bgp.sys [315976 2020-04-07] (Bluestack Systems, Inc -> Bluestack System Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert] R3 Ch64USB; C:\WINDOWS\System32\drivers\Ch64USB.sys [150656 2014-10-10] (Microsoft Windows Hardware Compatibility Publisher -> ZF Friedrichshafen AG, Electronic Systems) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [161288 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [140280 2020-06-01] (ADAPP SASU -> Dokan Project) S3 GLCKIO; C:\Program Files (x86)\ASUS\AURA\690b33e1-0462-4e84-9bea-c7552b45432a.sys [14976 2017-10-22] (ASUSTeK Computer Inc. -> ) R1 gwdrv; C:\WINDOWS\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (GlassWire -> SecureMix LLC) R3 HCW85BDA; C:\WINDOWS\system32\drivers\HCW85BDA.sys [2259456 2021-01-18] (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works) R3 hcw85cir; C:\WINDOWS\system32\drivers\hcw85cir4.sys [61264 2019-03-08] (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc.) S3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [85504 2021-01-09] (Huawei Technologies Co., Ltd.) [Datei ist nicht signiert] S3 hwdatacard; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [121600 2021-01-09] (Huawei Technologies Co., Ltd.) [Datei ist nicht signiert] R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [35352 2017-01-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-27] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-31] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-26] (Malwarebytes Inc -> Malwarebytes) S3 MbswMailbox; C:\Program Files (x86)\ASUS\AI Suite III\690b33e1-0462-4e84-9bea-c7552b45432a.sys [17208 2017-10-22] (ASUSTeK Computer Inc. -> ) R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [79504 2017-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 PSMounterEx; C:\Windows\system32\drivers\psmounterex.sys [179416 2019-02-15] (Paramount Software UK Ltd -> Windows (R) Win 7 DDK provider) S3 psvolacc; C:\WINDOWS\system32\drivers\psvolacc.sys [34520 2018-12-06] (Paramount Software UK Ltd -> Windows (R) Win 7 DDK provider) R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> ) R3 scaudio; C:\WINDOWS\System32\drivers\scaudio.sys [54792 2020-06-05] (Brandmeister LLC -> ) S3 SCL01164; C:\WINDOWS\system32\DRIVERS\SCL01164.sys [72320 2010-05-07] (Microsoft Windows Hardware Compatibility Publisher -> SCM Microsystems Inc.) R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [133944 2020-01-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd) R3 spacedeskKtmInputMouse; C:\WINDOWS\System32\drivers\spacedeskKtmInputMouse.sys [35240 2020-08-27] (Datronicsoft, Inc. -> ) R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software) R3 splitcam_hd_driver; C:\WINDOWS\System32\drivers\splitcam_hd_driver.sys [38000 2020-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [168968 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [45064 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-12-10] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) R1 ui11rdr; C:\WINDOWS\System32\DRIVERS\ui11rdr.sys [199752 2011-11-21] (1&1 Internet AG -> 1&1 Internet AG) R1 UimBus; C:\WINDOWS\System32\drivers\uimbus.sys [109504 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH) R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uimdevim.sys [46016 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH) R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [831616 2020-10-11] (IDRIX SARL -> IDRIX) R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [60344 2020-11-17] (VMware, Inc. -> VMware, Inc.) R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [67072 2021-04-30] (VMware, Inc. -> VMware, Inc.) R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [105912 2020-08-11] (VMware, Inc. -> VMware, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-27] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-06-27] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-27] (Microsoft Windows -> Microsoft Corporation) R3 XSpltVid; C:\WINDOWS\system32\DRIVERS\XSpltVid.sys [118800 2020-09-16] (Microsoft Windows Hardware Compatibility Publisher -> SplitmediaLabs Limited) S3 ewusbnet; \SystemRoot\System32\drivers\ewusbnet.sys [X] S3 GPU-Z; \??\C:\Users\thoma\AppData\Local\Temp\GPU-Z.sys [X] <==== ACHTUNG ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2021-06-27 19:13 - 2021-06-27 20:50 - 000000000 ____D C:\FRST 2021-06-27 19:09 - 2021-06-27 19:09 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-06-27 17:55 - 2021-06-27 17:56 - 000000606 _____ C:\Users\thoma\AppData\Local\cbfsconnect2017-{B0031874-3D4F-4F60-8171-49DE03D3E003}.zip 2021-06-27 17:50 - 2021-06-27 17:50 - 122854203 _____ C:\Users\thoma\AppData\Local\Temp.zip 2021-06-27 02:27 - 2021-06-27 02:28 - 000000159 _____ C:\Users\thoma\Desktop\FeWo1.url 2021-06-26 22:11 - 2021-06-26 22:11 - 000000049 _____ C:\Users\thoma\OneDrive\Documents\.RData 2021-06-26 20:18 - 2021-06-26 20:18 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-06-26 20:10 - 2021-06-26 20:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-06-26 18:47 - 2021-06-27 10:01 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-06-24 11:33 - 2021-06-24 11:33 - 000001259 _____ C:\Users\Public\Desktop\XSplit VCam.lnk 2021-06-24 11:33 - 2021-06-24 11:33 - 000001259 _____ C:\ProgramData\Desktop\XSplit VCam.lnk 2021-06-24 11:33 - 2021-06-24 11:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit 2021-06-24 11:33 - 2021-06-24 11:33 - 000000000 ____D C:\Program Files\XSplit 2021-06-24 09:04 - 2021-06-24 09:04 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll 2021-06-24 09:04 - 2021-06-24 09:04 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-06-24 09:04 - 2021-06-24 09:04 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-06-24 09:04 - 2021-06-24 09:04 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-06-24 09:04 - 2021-06-24 09:04 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2021-06-24 09:04 - 2021-06-24 09:04 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2021-06-24 09:04 - 2021-06-24 09:04 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2021-06-24 09:04 - 2021-06-24 09:04 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2021-06-24 09:04 - 2021-06-24 09:04 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-06-24 09:04 - 2021-06-24 09:04 - 000011333 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-06-24 09:03 - 2021-06-24 09:03 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-06-24 09:03 - 2021-06-24 09:03 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-06-21 07:45 - 2021-06-21 07:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jabra 2021-06-20 16:42 - 2021-06-20 16:48 - 000000000 ____D C:\Users\thoma\AppData\Roaming\MPP-Engineering 2021-06-20 16:41 - 2021-06-20 16:49 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CarPort 2021-06-20 16:41 - 2021-06-20 16:41 - 000000000 ____D C:\Users\thoma\OneDrive\Documents\CarPort 2021-06-20 16:41 - 2021-06-20 16:41 - 000000000 ____D C:\Users\thoma\AppData\Local\MPP-Engineering 2021-06-20 16:40 - 2021-06-20 16:49 - 000000000 ____D C:\Program Files (x86)\CarPort 2021-06-20 16:40 - 2021-06-20 16:40 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Obsidium 2021-06-16 09:53 - 2021-06-24 23:22 - 000011820 _____ C:\Users\thoma\Desktop\Geburt_Patrick_2.xlsx 2021-06-13 23:48 - 2021-06-13 23:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\obs-websocket 2021-06-12 23:41 - 2021-06-26 21:01 - 000000000 ____D C:\Ubuntu_21_04 2021-06-12 22:25 - 2021-06-12 22:26 - 006632332 _____ C:\WINDOWS\Minidump\061221-16718-01.dmp 2021-06-12 22:25 - 2021-06-12 22:26 - 000000000 ____D C:\WINDOWS\Minidump 2021-06-12 22:25 - 2021-06-12 22:25 - 2283833209 _____ C:\WINDOWS\MEMORY.DMP 2021-06-10 08:27 - 2021-06-10 08:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-06-10 08:27 - 2021-06-10 08:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-06-10 08:27 - 2021-06-10 08:27 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll 2021-06-10 08:27 - 2021-06-10 08:27 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll 2021-06-10 08:27 - 2021-06-10 08:27 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2021-06-10 08:27 - 2021-06-10 08:27 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-06-10 08:27 - 2021-06-10 08:27 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2021-06-10 08:27 - 2021-06-10 08:27 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-06-10 08:27 - 2021-06-10 08:27 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2021-06-10 08:27 - 2021-06-10 08:27 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-06-10 08:27 - 2021-06-10 08:27 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-06-04 01:40 - 2021-06-04 22:10 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2021-06-03 18:50 - 2021-06-03 18:50 - 000000000 ____D C:\Users\maxim\AppData\Local\Avast Software 2021-06-03 11:14 - 2021-06-03 11:14 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2021-06-03 11:14 - 2021-06-03 11:14 - 000215336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2021-06-02 08:11 - 2021-06-02 08:11 - 000000000 ____D C:\WINDOWS\Panther 2021-05-31 08:04 - 2021-05-31 08:05 - 000000000 ____D C:\AdwCleaner 2021-05-31 07:38 - 2021-05-31 07:38 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-05-31 07:38 - 2021-05-31 07:38 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-05-31 07:38 - 2021-05-31 07:38 - 000002036 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-05-31 07:38 - 2021-05-31 07:38 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-05-31 07:38 - 2021-05-31 07:38 - 000000000 ____D C:\Program Files\Malwarebytes 2021-05-30 21:56 - 2021-05-30 21:56 - 000000218 _____ C:\Users\thoma\AppData\Local\recently-used.xbel 2021-05-30 20:25 - 2021-05-30 20:25 - 000001473 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk 2021-05-30 20:24 - 2021-05-30 20:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24 2021-05-30 20:24 - 2021-05-30 20:24 - 000000000 ____D C:\Program Files\PDF24 2021-05-30 20:22 - 2021-05-30 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2021-05-30 20:16 - 2021-05-12 20:07 - 000041816 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys 2021-05-30 20:15 - 2021-05-30 20:15 - 000017328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2021-06-27 20:50 - 2020-03-14 19:43 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Jabra Direct 2021-06-27 20:50 - 2019-09-08 21:06 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Slack 2021-06-27 20:50 - 2017-10-19 01:39 - 000000000 ____D C:\Users\thoma\AppData\LocalLow\Mozilla 2021-06-27 20:49 - 2018-09-09 15:48 - 000002139 _____ C:\Users\thoma\Desktop\Monitor Power OFF.lnk 2021-06-27 20:48 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-06-27 20:48 - 2017-10-19 01:38 - 000000000 ____D C:\Users\thoma\AppData\Roaming\KeePass 2021-06-27 20:48 - 2017-10-19 01:25 - 000000000 __SHD C:\Users\thoma\IntelGraphicsProfiles 2021-06-27 20:29 - 2017-10-19 07:42 - 000000000 ____D C:\Program Files (x86)\Canon 2021-06-27 20:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-06-27 20:28 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-06-27 20:28 - 2017-10-22 16:12 - 000000000 ____D C:\Users\thoma\AppData\Local\Packages 2021-06-27 20:28 - 2017-10-20 21:36 - 000000000 ____D C:\Users\sandr\AppData\Roaming\Canon 2021-06-27 20:28 - 2017-10-19 07:52 - 000000000 ___HD C:\ProgramData\CanonIJScan 2021-06-27 20:25 - 2021-03-21 12:14 - 000004172 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{5B4F6576-251A-43E1-A98E-A8FEBC528C28} 2021-06-27 20:25 - 2021-02-10 23:05 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Kite 2021-06-27 20:21 - 2020-09-06 15:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-06-27 20:15 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-06-27 19:59 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-06-27 19:48 - 2020-09-06 15:20 - 000003450 _____ C:\WINDOWS\system32\Tasks\SU_AutoUpdate 2021-06-27 19:48 - 2019-12-04 01:06 - 000000000 ____D C:\Users\thoma\AppData\Roaming\IObit 2021-06-27 19:30 - 2018-04-30 21:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-06-27 19:20 - 2019-04-12 21:10 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2021-06-27 19:19 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2021-06-27 19:17 - 2020-04-27 22:07 - 000000000 ____D C:\Users\thoma\AppData\Local\AVAST Software 2021-06-27 19:16 - 2019-12-07 16:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2021-06-27 19:14 - 2017-10-19 08:26 - 000000000 ____D C:\Users\thoma\AppData\Roaming\VMware 2021-06-27 19:07 - 2020-09-06 11:11 - 000000000 ____D C:\Users\thoma\AppData\Local\KeeForm 2021-06-27 18:47 - 2020-03-14 19:43 - 000000000 ____D C:\Users\thoma\AppData\Roaming\JabraSDK 2021-06-27 18:13 - 2020-09-06 15:23 - 001732926 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-06-27 18:13 - 2019-12-07 16:51 - 000746436 _____ C:\WINDOWS\system32\perfh007.dat 2021-06-27 18:13 - 2019-12-07 16:51 - 000151384 _____ C:\WINDOWS\system32\perfc007.dat 2021-06-27 18:06 - 2020-09-06 15:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-06-27 18:06 - 2020-09-06 15:11 - 000008192 ___SH C:\DumpStack.log.tmp 2021-06-27 18:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-06-27 18:06 - 2019-11-15 08:09 - 000000000 ____D C:\ProgramData\AVAST Software 2021-06-27 18:06 - 2017-10-19 08:21 - 000000000 ____D C:\ProgramData\VMware 2021-06-27 18:06 - 2017-10-19 08:16 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-06-27 18:06 - 2017-10-19 01:48 - 000000000 ____D C:\ProgramData\Hauppauge 2021-06-27 18:06 - 2017-10-19 01:25 - 000000000 ____D C:\Intel 2021-06-27 18:05 - 2019-12-07 11:03 - 001572864 _____ C:\WINDOWS\system32\config\BBI 2021-06-27 10:01 - 2017-10-19 01:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-06-27 01:20 - 2021-04-11 17:18 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2021-06-27 01:20 - 2021-04-10 23:53 - 000002970 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 2021-06-27 01:20 - 2021-04-10 23:53 - 000002604 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon 2021-06-27 01:20 - 2021-02-20 17:45 - 000003598 _____ C:\WINDOWS\system32\Tasks\Xerox XeroxPrintExperience Printer Configuration - User Logon 2021-06-27 01:20 - 2020-09-06 15:20 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-06-27 01:20 - 2020-09-06 15:20 - 000003558 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-06-27 01:20 - 2020-09-06 15:20 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2021-06-27 01:20 - 2020-09-06 15:20 - 000003468 _____ C:\WINDOWS\system32\Tasks\Xerox XeroxPrintExperience Printer Configuration - New or Changed 2021-06-27 01:20 - 2020-09-06 15:20 - 000003404 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-06-27 01:20 - 2020-09-06 15:20 - 000003334 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-06-27 01:20 - 2020-09-06 15:20 - 000003270 _____ C:\WINDOWS\system32\Tasks\Xerox XeroxPrintExperience Printer Configuration - Periodic Refresh 2021-06-27 01:20 - 2020-09-06 15:20 - 000002564 _____ C:\WINDOWS\system32\Tasks\Software Updater Scheduler 2021-06-27 01:20 - 2020-09-06 15:20 - 000002392 _____ C:\WINDOWS\system32\Tasks\Software Updater SkipUAC(thoma) 2021-06-27 01:20 - 2020-09-06 15:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2021-06-26 23:25 - 2017-10-20 06:15 - 000000000 ____D C:\Users\thoma\AppData\Local\CrashDumps 2021-06-26 23:16 - 2021-03-27 20:21 - 000003276 _____ C:\WINDOWS\system32\Tasks\MiniToolPartitionWizard 2021-06-26 23:12 - 2020-02-16 16:09 - 000000000 ____D C:\Users\thoma\Desktop\ADS 2021-06-26 22:26 - 2021-04-24 01:55 - 000000000 ____D C:\Users\thoma\AppData\Local\RStudio 2021-06-26 22:26 - 2020-02-22 00:21 - 000000000 ____D C:\Users\thoma\AppData\Roaming\RStudio 2021-06-26 22:22 - 2020-02-22 00:21 - 000019443 _____ C:\Users\thoma\OneDrive\Documents\.Rhistory 2021-06-26 21:01 - 2017-10-19 08:26 - 000000000 ____D C:\Users\thoma\AppData\Local\VMware 2021-06-26 20:10 - 2017-10-19 01:39 - 000001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-06-26 18:50 - 2020-06-23 07:43 - 000002399 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-06-26 18:50 - 2017-10-19 01:41 - 000002256 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-06-24 11:34 - 2018-05-05 14:07 - 000000000 ____D C:\Users\thoma\AppData\Local\D3DSCache 2021-06-24 11:33 - 2021-05-16 20:45 - 000000000 ____D C:\ProgramData\XSplit 2021-06-24 11:33 - 2021-01-09 23:18 - 000000000 ____D C:\ProgramData\SplitmediaLabs 2021-06-24 11:30 - 2020-09-06 15:11 - 000805200 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-06-24 11:29 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-06-24 08:55 - 2019-12-04 01:06 - 000000000 ____D C:\ProgramData\ProductData 2021-06-23 18:23 - 2020-04-27 22:06 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk 2021-06-22 18:50 - 2019-04-22 23:09 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2021-06-21 07:48 - 2017-10-19 23:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2021-06-21 07:45 - 2020-03-14 19:43 - 000000000 ____D C:\Program Files (x86)\Jabra 2021-06-21 07:45 - 2017-10-19 01:34 - 000000000 ____D C:\ProgramData\Package Cache 2021-06-20 16:41 - 2017-10-20 22:42 - 000000000 ____D C:\Program Files\DIFX 2021-06-17 23:36 - 2019-02-05 12:34 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Sqrl 2021-06-16 08:07 - 2021-02-10 23:04 - 000000000 ____D C:\Program Files\Kite 2021-06-16 08:07 - 2020-12-20 16:43 - 000001132 _____ C:\Users\thoma\Desktop\MicroSIP.lnk 2021-06-16 08:07 - 2020-12-20 16:43 - 000000000 ____D C:\Users\thoma\AppData\Local\MicroSIP 2021-06-14 15:12 - 2017-10-19 08:15 - 000000000 ____D C:\Users\thoma\AppData\Roaming\vlc 2021-06-14 15:04 - 2020-09-14 00:02 - 000000000 ____D C:\Users\thoma\AppData\Roaming\obs-studio 2021-06-14 00:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-06-13 23:48 - 2020-09-14 00:02 - 000000000 ____D C:\Program Files\obs-studio 2021-06-12 23:47 - 2021-01-02 23:56 - 000000000 ____D C:\Ubuntu_20_10 2021-06-12 22:26 - 2020-09-06 13:52 - 000000000 ____D C:\Users\thoma 2021-06-11 13:01 - 2021-02-17 21:21 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-06-10 08:20 - 2017-10-19 22:07 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-06-10 08:12 - 2017-10-19 22:06 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-06-09 16:10 - 2017-10-19 01:37 - 000002099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-06-06 16:38 - 2019-10-04 00:31 - 000000000 ____D C:\ProgramData\CanonIJPLM 2021-06-06 15:44 - 2021-02-18 23:17 - 000002206 _____ C:\Users\thoma\Desktop\Slack.lnk 2021-06-06 15:44 - 2021-02-18 23:17 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc 2021-06-06 15:44 - 2021-02-18 23:17 - 000000000 ____D C:\Users\thoma\AppData\Local\slack 2021-06-06 15:44 - 2017-10-19 08:12 - 000000000 ____D C:\Users\thoma\AppData\Local\SquirrelTemp 2021-06-04 22:11 - 2017-10-19 01:40 - 000001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2021-06-03 18:50 - 2020-04-30 07:10 - 000000000 ____D C:\Users\sandr\AppData\Local\AVAST Software 2021-06-03 11:16 - 2019-02-01 00:09 - 000000000 ____D C:\ProgramData\Mozilla 2021-06-03 11:14 - 2020-10-26 21:56 - 000180944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2021-06-03 11:14 - 2020-09-06 15:20 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2021-06-03 11:14 - 2020-04-20 20:52 - 000522864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys 2021-06-03 11:14 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-06-03 11:14 - 2019-11-15 08:10 - 000851144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2021-06-03 11:14 - 2019-11-15 08:10 - 000471352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2021-06-03 11:14 - 2019-11-15 08:10 - 000365536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys 2021-06-03 11:14 - 2019-11-15 08:10 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2021-06-03 11:14 - 2019-11-15 08:10 - 000250336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys 2021-06-03 11:14 - 2019-11-15 08:10 - 000216360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2021-06-03 11:14 - 2019-11-15 08:10 - 000107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2021-06-03 11:14 - 2019-11-15 08:10 - 000099296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys 2021-06-03 11:14 - 2019-11-15 08:10 - 000082856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2021-06-03 11:14 - 2019-11-15 08:10 - 000041296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2021-06-03 11:14 - 2019-11-15 08:10 - 000035664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys 2021-06-03 11:14 - 2017-12-25 23:33 - 000351544 _____ C:\WINDOWS\Macrium Reflect Patch Log.txt 2021-05-31 08:07 - 2017-12-09 15:31 - 000000000 ____D C:\Program Files (x86)\Innovative Solutions 2021-05-31 08:03 - 2021-01-04 00:27 - 000000000 ____D C:\Users\thoma\Desktop\Programme 2021-05-31 08:03 - 2017-12-09 15:31 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Innovative Solutions 2021-05-31 08:03 - 2017-12-09 15:31 - 000000000 ____D C:\Users\thoma\AppData\Local\Innovative Solutions 2021-05-31 07:32 - 2019-11-09 23:01 - 000000000 ____D C:\Users\thoma\AppData\Local\Opera Software 2021-05-30 21:56 - 2019-03-02 00:25 - 000000000 ____D C:\Users\thoma\.dbus-keyrings 2021-05-30 20:25 - 2017-10-19 01:25 - 000000000 ____D C:\Program Files (x86)\Intel 2021-05-30 20:22 - 2018-09-04 21:15 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk 2021-05-30 20:16 - 2019-09-15 01:23 - 000002166 _____ C:\Users\thoma\Desktop\DeepL.lnk 2021-05-30 20:16 - 2019-09-15 01:23 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeepL GmbH 2021-05-30 20:16 - 2019-09-15 01:23 - 000000000 ____D C:\Users\thoma\AppData\Local\DeepL ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2020-10-04 17:19 - 2020-10-04 17:19 - 000000000 _____ () C:\Users\thoma\.mongorc.js 2020-11-27 09:35 - 2020-11-18 15:04 - 114459920 _____ (Microsoft Corporation) C:\Program Files\Teams_windows_x64.exe 2018-10-21 00:46 - 2017-10-25 03:31 - 007438336 _____ () C:\Program Files (x86)\WinAuth.exe 2018-02-10 21:14 - 2018-02-10 21:14 - 000000171 _____ () C:\Users\thoma\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f 2018-02-10 21:14 - 2018-10-14 18:06 - 000000904 _____ () C:\Users\thoma\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf 2019-12-04 08:33 - 2019-12-04 08:33 - 000000171 _____ () C:\Users\thoma\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0 2018-02-10 21:14 - 2018-02-10 21:14 - 000000175 _____ () C:\Users\thoma\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388 2017-10-19 08:13 - 2017-12-10 16:12 - 000000883 _____ () C:\Users\thoma\AppData\Roaming\gnuplot_history 2021-01-09 22:59 - 2021-01-13 19:59 - 000000016 _____ () C:\Users\thoma\AppData\Roaming\obs-virtualcam.txt 2018-07-22 15:03 - 2021-02-06 17:56 - 000000128 _____ () C:\Users\thoma\AppData\Roaming\winscp.rnd 2021-06-27 17:55 - 2021-06-27 17:56 - 000000606 _____ () C:\Users\thoma\AppData\Local\cbfsconnect2017-{B0031874-3D4F-4F60-8171-49DE03D3E003}.zip 2019-05-16 06:28 - 2020-09-26 09:37 - 000009728 _____ () C:\Users\thoma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2018-07-01 16:15 - 2018-07-01 16:15 - 000000600 _____ () C:\Users\thoma\AppData\Local\PUTTY.RND 2021-05-30 21:56 - 2021-05-30 21:56 - 000000218 _____ () C:\Users\thoma\AppData\Local\recently-used.xbel 2021-04-09 19:33 - 2021-04-09 19:33 - 000007609 _____ () C:\Users\thoma\AppData\Local\Resmon.ResmonCfg 2019-11-09 22:48 - 2019-11-09 22:48 - 000000000 _____ () C:\Users\thoma\AppData\Local\TaskMan.cmd.done 2019-11-09 22:48 - 2019-11-09 22:48 - 000000105 _____ () C:\Users\thoma\AppData\Local\TaskMan.cmd.errors 2021-06-27 17:50 - 2021-06-27 17:50 - 122854203 _____ () C:\Users\thoma\AppData\Local\Temp.zip ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
27.06.2021, 20:31 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt edit: alles gut
__________________
__________________ |
27.06.2021, 20:33 | #3 |
| Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt Und was ist das Programm dann?
__________________ |
27.06.2021, 20:36 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt Bitte das ander Log von FRST noch posten.
__________________ Logfiles bitte immer in CODE-Tags posten |
27.06.2021, 20:39 | #5 |
| Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt Shortcut Teil 1 Code:
ATTFilter Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 26-06-2021 durchgeführt von thoma (27-06-2021 20:54:31) Gestartet von D:\download\+++ troyaner +++ Start-Modus: Normal ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies\EasyBCD\Online Documentation.lnk -> hxxp://neosmart.net/wiki/easybcd Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 11\BesuchtDVDFabWebsite.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab11&v=11.0.8. Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber\Support-Forum.lnk -> hxxp://forum.audiograbber.de Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 11\BesuchtDVDFabWebsite.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab11&v=11.0.8. Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk -> C:\ProgramData\BlueStacks\Client\BlueStacks.exe (BlueStack Systems, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqdirec.exe (Hewlett-Packard Company) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Luminar 3.lnk -> C:\Program Files\Skylum\Luminar 3\Luminar 3.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\PDFill PDF Editor.lnk -> C:\Program Files (x86)\PlotSoft\PDFill\PDFill.exe (PlotSoft L.L.C.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1&1 Verschlüsselung.lnk -> C:\Program Files\1&1 Verschlüsselung\1&1 Verschluesselung.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 8.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Distiller.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 8 Professional.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 4.5.lnk -> C:\Program Files (x86)\Adobe\Adobe Digital Editions 4.5\DigitalEditions.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle Designer 8.0.lnk -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Designer 8.0\FormDesigner.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyMusic.lnk -> C:\Program Files\AnyMusic\AnyMusic.exe (AmoyShare Technology Company) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (Audacity Team) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 2021.lnk -> C:\Program Files (x86)\Audials\Audials 2021\AudialsStarter.exe (Audials AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials Music Tube.lnk -> C:\Program Files (x86)\Audials\MusicTube 2020\AudialsStarter.exe (Audials AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AusweisApp2.lnk -> C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk -> C:\Program Files (x86)\BlueStacks\HD-MultiInstanceManager.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks.lnk -> C:\ProgramData\BlueStacks\Client\Bluestacks.exe (BlueStack Systems, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 9 (64-bit).lnk -> C:\Program Files\CyberLink\PhotoDirector9\PhotoDirector9.exe (CyberLink Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eraser.lnk -> C:\Program Files\Eraser\Eraser.exe (The Eraser Project) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.24.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.10.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GPA.lnk -> C:\Program Files (x86)\Gpg4win\bin\gpa.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HBCI-Modul für Money 99 Version 2000.lnk -> C:\Program Files (x86)\MSMoney99\System\hbci\hbcifm99.exe (Dr. Ulrich Amann) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk -> C:\Program Files (x86)\HP\Digital Imaging\DocProc\regipe.exe (I.R.I.S. SA) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk -> C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePassXC.lnk -> C:\Windows\Installer\{ECCC6E1C-C5D1-4B71-94B0-B2F713AF9036}\ProductIcon.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kleopatra.lnk -> C:\Program Files (x86)\Gpg4win\bin\kleopatra.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium viBoot.lnk -> C:\Program Files\Macrium\Reflect\viBoot.exe (Windows (R) Win 7 DDK provider) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Money.lnk -> C:\Program Files (x86)\MSMoney99\MSMONEY.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Money-Browser.lnk -> C:\Program Files (x86)\MSMoney99\System\Money-Browser\MNYBrowser.exe (Dr. Ulrich Amann) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neo4j Desktop.lnk -> C:\Program Files\Neo4j Desktop\Neo4j Desktop.exe (Neo4j Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk -> C:\Program Files\paint.net\PaintDotNet.exe (dotPDN LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung DeX.lnk -> C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics Co., Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\spacedesk SERVER.lnk -> C:\Windows\System32\spacedeskServiceTray.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs OBS.lnk -> C:\Program Files\Streamlabs OBS\Streamlabs OBS.exe (General Workings, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware Horizon Client.lnk -> C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe (VMware, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk -> C:\Program Files (x86)\WinSCP\WinSCP.exe (Martin Prikryl) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind.lnk -> C:\Program Files\XMind ZEN\XMind.exe (XMind Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube-DLG\Youtube-DLG entfernen.lnk -> C:\Program Files (x86)\Youtube-DLG\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube-DLG\Youtube-DLG.lnk -> C:\Program Files (x86)\Youtube-DLG\youtube-dl-gui.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit\XSplit VCam.lnk -> C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind\XMind 8 Update 8.lnk -> C:\Program Files (x86)\XMind\XMind.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind\Support\Readme.lnk -> C:\Program Files (x86)\XMind\readme.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind\Support\Uninstall XMind.lnk -> C:\Program Files (x86)\XMind\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode 64bit\Uninstall XMedia Recode 64bit.lnk -> C:\Program Files\XMedia Recode 64bit\unins000.exe (XMedia Recode 64bit ) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode 64bit\XMedia Recode 64bit.lnk -> C:\Program Files\XMedia Recode 64bit\XMedia Recode.exe (XMedia Recode) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xerox\Xerox Notifications.lnk -> C:\Program Files\Xerox\XeroxPrintExperience\XeroxPrintExperience\XeroxToastNotifier.Exe (Xerox Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xerox\Xerox Scanner Management Utility.lnk -> C:\Program Files\Xerox\Xerox Scanner Management Utility\XrxScannerManagementUtility.exe (Xerox Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMerge\Benutzerhandbuch.lnk -> C:\Program Files (x86)\WinMerge\Docs\WinMerge.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMerge\WinMerge.lnk -> C:\Program Files (x86)\WinMerge\WinMergeU.exe (hxxps://winmerge.org) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack\Documentation.lnk -> C:\Program Files\WinHTTrack\httrack-doc.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack\WinHTTrack Website Copier.lnk -> C:\Program Files\WinHTTrack\WinHTTrack.exe (HTTrack) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Weka 3.8.4\Documentation.lnk -> C:\Program Files\Weka-3-8-4\documentation.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Weka 3.8.4\Uninstall Weka 3.8.4.lnk -> C:\Program Files\Weka-3-8-4\uninstall.exe (Machine Learning Group, University of Waikato, Hamilton, NZ) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware\VMware Workstation 16 Player.lnk -> C:\Program Files (x86)\VMware\VMware Player\vmplayer.exe (VMware, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual BCD\DualBootRepair.lnk -> C:\Program Files (x86)\Visual BCD\DualBootRepair.exe (BoYans) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual BCD\Visual BCD Editor.lnk -> C:\Program Files (x86)\Visual BCD\VisualBcd.exe (mail: 'boyans.gm@gmail.com') Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoProc\Deinstallieren VideoProc.lnk -> C:\Program Files (x86)\Digiarty\VideoProc\uninstaller.exe (Digiarty, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoProc\VideoProc.lnk -> C:\Program Files (x86)\Digiarty\VideoProc\VideoProc.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files\VideoLAN\VLC\Documentation.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files\VideoLAN\VLC\NEWS.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files\VideoLAN\VLC\VideoLAN Website.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeraCrypt\VeraCrypt.lnk -> C:\Program Files\VeraCrypt\VeraCrypt.exe (IDRIX) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeraCrypt\VeraCryptExpander.lnk -> C:\Program Files\VeraCrypt\VeraCryptExpander.exe (IDRIX) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS\VEGAS Pro 15.0\VEGAS Pro 15.0 Liesmich.lnk -> C:\Program Files\VEGAS\VEGAS Pro 15.0\readme\Vegas_readme_deu.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS\VEGAS Pro 15.0\VEGAS Pro 15.0.lnk -> C:\Program Files\VEGAS\VEGAS Pro 15.0\vegas150.exe (MAGIX Computer Products Intl. Co.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Manager\Uninstall Manager entfernen.lnk -> C:\Program Files (x86)\Martin Fuchs\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Manager\Uninstall Manager im Internet.lnk -> C:\Program Files (x86)\Martin Fuchs\uninstmgr.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Manager\Uninstall Manager.lnk -> C:\Program Files (x86)\Martin Fuchs\uninstmgr.exe (Martin Fuchs) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraEdit\UltraEdit-Hilfe.lnk -> C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\uedit32.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraEdit\UltraEdit-LIESMICH.lnk -> C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\readme.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraEdit\UltraEdit-Texteditor.lnk -> C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\Uedit32.exe (IDM Computer Solutions, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software\PDF-XChange Editor (Compatibility mode).lnk -> C:\Program Files\Tracker Software\PDF Editor\PDFXEdit_low.exe (Tracker Software Products (Canada) Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software\PDF-XChange Editor.lnk -> C:\Program Files\Tracker Software\PDF Editor\PDFXEdit.exe (Tracker Software Products (Canada) Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software\Tracker Updater.lnk -> C:\Program Files\Tracker Software\Update\TrackerUpdate.exe (Tracker Software Products (Canada) Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software\PDF-XChange Lite\PDF-XChange Lite License Agreement.lnk -> C:\Program Files\Tracker Software\PDF-XChange Lite\Help\PDFXLicense.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software\PDF-XChange Lite\PDF-XChange Lite User Manual.lnk -> C:\Program Files\Tracker Software\PDF-XChange Lite\Help\PDFX8ManLiteSm.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software\PDF-XChange Editor\PDF-XChange Editor Help.lnk -> C:\Program Files\Tracker Software\PDF Editor\Help\PDFXVE8Sm.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software\PDF-XChange Editor\PDF-XChange Editor License Agreement.lnk -> C:\Program Files\Tracker Software\PDF Editor\PDF_VE.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander 64 bit Entfernen oder Reparieren.lnk -> C:\Program Files\totalcmd\TCUNIN64.EXE () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander 64 bit.lnk -> C:\Program Files\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander Hilfe.lnk -> C:\Program Files\totalcmd\TOTALCMD.CHM () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechyGeeksHome\Ultimate Settings Panel.lnk -> C:\Windows\Installer\{2F0E2793-E444-4851-A4FC-61EC635326CF}\_D8C59A019EF6A81D071155.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Studio 3T\Studio 3T.lnk -> C:\Program Files\3T Software Labs\Studio 3T\Studio 3T.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Screen InStyle.lnk -> C:\Program Files (x86)\EIZO\Screen InStyle\ScreenInStyle.exe (EIZO Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolarCoin\SolarCoin.lnk -> C:\Program Files (x86)\SolarCoin\solarcoin-qt.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolarCoin\Uninstall.lnk -> C:\Program Files (x86)\SolarCoin\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soda PDF Desktop\Soda PDF Desktop.lnk -> C:\Program Files\Soda PDF Desktop\soda.exe (LULU Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SILKYPIX Developer Studio 7 Deutsch\SILKYPIX Developer Studio 7 Deutsch.lnk -> C:\Program Files\ISL\SILKYPIX Developer Studio 7 Deutsch\SILKYPIX_DS7.exe (Ichikawa Soft Laboratory) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SILKYPIX Developer Studio 7 Deutsch\Software Manual.lnk -> C:\Program Files\ISL\SILKYPIX Developer Studio 7 Deutsch\Manual\man0001.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\SeaTools for Windows\Uninstall.lnk -> C:\Program Files (x86)\Seagate\SeaTools for Windows\uninst.exe (Seagate Technology LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician\Samsung Magician entfernen.lnk -> C:\Program Files (x86)\Samsung\Samsung Magician\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician\Samsung Magician.lnk -> C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe (Samsung Electronics Co. Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rtools 4.0\Rtools Bash.lnk -> C:\Program Files\rtools40\msys2.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rtools 4.0\Rtools MinGW 32-bit.lnk -> C:\Program Files\rtools40\mingw32.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rtools 4.0\Rtools MinGW 64-bit.lnk -> C:\Program Files\rtools40\mingw64.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rtools 4.0\Uninstall Rtools.lnk -> C:\Program Files\rtools40\unins000.exe (The R Foundation ) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio\RStudio.lnk -> C:\Program Files\RStudio\bin\rstudio.exe (RStudio, PBC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio\Uninstall.lnk -> C:\Program Files\RStudio\Uninstall.exe (RStudio, PBC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recordify\Recordify.lnk -> C:\Program Files (x86)\Recordify\AbLauncher.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.9\Python 3.9 (64-bit).lnk -> C:\Python39\python.exe (Python Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\Pageant.lnk -> C:\Program Files\PuTTY\pageant.exe (Simon Tatham) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PSFTP.lnk -> C:\Program Files\PuTTY\psftp.exe (Simon Tatham) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTY Manual.lnk -> C:\Program Files\PuTTY\putty.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTY Web Site.lnk -> C:\Program Files\PuTTY\website.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTY.lnk -> C:\Program Files\PuTTY\putty.exe (Simon Tatham) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTYgen.lnk -> C:\Program Files\PuTTY\puttygen.exe (Simon Tatham) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFtk - The PDF Toolkit\PDFtk - The PDF Toolkit.lnk -> C:\Program Files (x86)\PDFtk\bin\PdftkXp.exe (PDF Labs) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFtk - The PDF Toolkit\Uninstall PDFtk.lnk -> C:\Program Files (x86)\PDFtk\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill\Help for PDFill PDF Editor.lnk -> C:\Program Files (x86)\PlotSoft\PDFill\PDFill.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill\Help for PDFill PDF Tools.lnk -> C:\Program Files (x86)\PlotSoft\PDFill\PDFill_PDF_Tools.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill\Help for PDFill PDF&Image Writer.lnk -> C:\Program Files (x86)\PlotSoft\PDFill\WriterSave.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill\PDFill PDF Editor.lnk -> C:\Program Files (x86)\PlotSoft\PDFill\PDFill.exe (PlotSoft L.L.C.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill\PDFill PDF Tools (FREE).lnk -> C:\Program Files (x86)\PlotSoft\PDFill\PDFill_PDF_Tools.exe (PlotSoft L.L.C.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill\PDFill PDF&Image Writer (Free).lnk -> C:\Program Files (x86)\PlotSoft\PDFill\WriterSave.exe (PlotSoft LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24\PDF24.lnk -> C:\Program Files\PDF24\pdf24-Toolbox.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Passbild-Generator\Passbild-Generator entfernen.lnk -> C:\Program Files (x86)\Passbild-Generator\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Passbild-Generator\Passbild-Generator.lnk -> C:\Program Files (x86)\Passbild-Generator\Passbild-Generator.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Base.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sbase.exe (Apache Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Calc.lnk -> C:\Program Files (x86)\OpenOffice 4\program\scalc.exe (Apache Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Draw.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe (Apache Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Impress.lnk -> C:\Program Files (x86)\OpenOffice 4\program\simpress.exe (Apache Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Math.lnk -> C:\Program Files (x86)\OpenOffice 4\program\smath.exe (Apache Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Writer.lnk -> C:\Program Files (x86)\OpenOffice 4\program\swriter.exe (Apache Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\obs-websocket\Uninstall obs-websocket.lnk -> C:\Program Files\obs-studio\unins000.exe (Stephane Lepin ) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (64bit).lnk -> C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\Uninstall.lnk -> C:\Program Files\obs-studio\uninstall.exe (obsproject.com) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\NVIDIA Tools Extension (64 bit)\Browse NVIDIA Tools Extension.lnk -> C:\Program Files\NVIDIA Corporation\NvToolsExt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\Nsight Visual Studio Edition 2020.3\Nsight Monitor.lnk -> C:\Program Files (x86)\NVIDIA Corporation\Nsight Visual Studio Edition 2020.3\Monitor\Common\Nsight.Monitor.exe (NVIDIA Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\Nsight Visual Studio Edition 2020.3\Nsight Redistributable.lnk -> C:\ProgramData\NVIDIA Corporation\Nsight\NVIDIA_Nsight_Visual_Studio_Edition_Win64_2020.3.1.21012_29495073.msi () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\Nsight Systems 2020.4.3\Nsight Systems 2020.4.3.lnk -> C:\Program Files\NVIDIA Corporation\Nsight Systems 2020.4.3\host-windows-x64\nsys-ui.exe (NVIDIA Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\Nsight Compute 2020.3.1\Nsight Compute.lnk -> C:\Program Files\NVIDIA Corporation\Nsight Compute 2020.3.1\host\windows-desktop-win7-x64\ncu-ui.exe (NVIDIA Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js.lnk -> C:\Program Files\nodejs\node.exe (Node.js) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies\EasyBCD\EasyBCD 2.4.lnk -> C:\Program Files (x86)\NeoSmart Technologies\EasyBCD\EasyBCD.exe (NeoSmart Technologies) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies\EasyBCD\Uninstall EasyBCD.lnk -> C:\Program Files (x86)\NeoSmart Technologies\EasyBCD\uninstall.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAPS2\NAPS2.lnk -> C:\Program Files (x86)\NAPS2\NAPS2.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MovieJack free\MovieJack free.lnk -> C:\Program Files (x86)\Engelmann Software\MovieJack free\MovieJack.exe (Engelmann Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool ShadowMaker\ MiniTool ShadowMaker entfernen.lnk -> C:\Program Files\MiniTool ShadowMaker\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool ShadowMaker\MiniTool ShadowMaker.lnk -> C:\Program Files\MiniTool ShadowMaker\system_backup_gui.exe (MiniTool) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12\MiniTool Partition Wizard entfernen.lnk -> C:\Program Files\MiniTool Partition Wizard 12\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12\MiniTool Partition Wizard.lnk -> C:\Program Files\MiniTool Partition Wizard 12\partitionwizard.exe (MiniTool Software Limited) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool MovieMaker\MiniTool MovieMaker.lnk -> C:\Program Files (x86)\MiniTool MovieMaker\bin\Launcher.exe (MiniTool) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool MovieMaker\Uninstall MiniTool MovieMaker.lnk -> C:\Program Files (x86)\MiniTool MovieMaker\Uninstaller\unins000.exe (MiniTool ) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\Silverlight.Configuration.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Aufzeichnungs-Manager von Skype for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OcPubMgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office-Spracheinstellungen.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Access 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\accicons.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Excel 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft OneNote 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\joticon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft PowerPoint 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Publisher 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pubs.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Word 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-Tools\Digitales Zertifikat für VBA-Projekte.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-Tools\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\cagicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-Tools\Microsoft Office 2010 Upload Center.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\msouc.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-Tools\Microsoft Office 2010-Spracheinstellungen.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-Tools\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\oisicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-Tools\Office Anytime Upgrade.lnk -> C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\promo.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaHuman\YouTube to MP3 Converter\MediaHuman YouTube to MP3 Converter.lnk -> C:\Program Files (x86)\MediaHuman\YouTube to MP3 Converter\YouTubeToMP3.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\Music Maker\Music Maker.lnk -> C:\Program Files (x86)\MAGIX\Music Maker\25\MusicMaker.exe (MAGIX Software GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Video deluxe COMPUTER BILD-Edition\MAGIX Video deluxe COMPUTER BILD-Edition.lnk -> C:\Program Files\MAGIX\Video deluxe COMPUTER BILD-Edition\2019\Videodeluxe.exe (MAGIX Software GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Photostory Deluxe COMPUTER BILD-Edition\MAGIX Photostory Deluxe COMPUTER BILD-Edition.lnk -> C:\Program Files\MAGIX\Photostory Deluxe COMPUTER BILD-Edition\2019\Fotos_dlx.exe (MAGIX Software GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium\Reflect\Macrium Reflect.lnk -> C:\Program Files\Macrium\Reflect\reflect.exe (Paramount Software UK Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Luminar 2018\Luminar 2018.lnk -> C:\Windows\Installer\{935AB8A6-0E0A-41E4-BAC3-5EBDCDC7F766}\LogoIcon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LizardSystems\Wi-Fi Scanner\Uninstall Wi-Fi Scanner.lnk -> C:\Program Files (x86)\LizardSystems\Wi-Fi Scanner\unins000.exe (LizardSystems ) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LizardSystems\Wi-Fi Scanner\Wi-Fi Scanner.lnk -> C:\Program Files (x86)\LizardSystems\Wi-Fi Scanner\wifiscanner.exe (LizardSystems) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks\lightworks x64 (14.0.0.0).lnk -> C:\Program Files\Lightworks\lightworks.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks\Uninstall Lightworks.lnk -> C:\Program Files\Lightworks\uninstall.exe (EditShare) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KNIME\KNIME Analytics Platform.lnk -> C:\Program Files\KNIME\knime.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KNIME\Uninstall KNIME Analytics Platform.lnk -> C:\Program Files\KNIME\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kite\Kite.lnk -> C:\Program Files\Kite\kited.exe (Kite) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains\PyCharm Community Edition 2019.3.3.lnk -> C:\Program Files\JetBrains\PyCharm Community Edition 2019.3.3\bin\pycharm64.exe (JetBrains s.r.o.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Java konfigurieren.lnk -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\javacpl.exe (Oracle Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jabra\Jabra Direct.lnk -> C:\Program Files (x86)\Jabra\Direct4\jabra-direct.exe (GN Audio A/S) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\About IrfanView.lnk -> C:\Program Files\IrfanView\i_about.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\Available Languages.lnk -> C:\Program Files\IrfanView\i_languages.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\Available PlugIns.lnk -> C:\Program Files\IrfanView\i_plugins.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\Command line Options.lnk -> C:\Program Files\IrfanView\i_options.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView 64 4.50.lnk -> C:\Program Files\IrfanView\i_view64.exe (Irfan Skiljan) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView 64 4.51.lnk -> C:\Program Files\IrfanView\i_view64.exe (Irfan Skiljan) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView Help.lnk -> C:\Program Files\IrfanView\i_view32.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView Hilfe.lnk -> C:\Program Files\IrfanView\Help\i_view32_deutsch.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\Kommandozeilen-Optionen.lnk -> C:\Program Files\IrfanView\i_options.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\Verfügbare PlugIns.lnk -> C:\Program Files\IrfanView\i_plugins.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\Verfügbare Sprachen.lnk -> C:\Program Files\IrfanView\i_languages.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\Was ist neu.lnk -> C:\Program Files\IrfanView\i_changes.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\What's New.lnk -> C:\Program Files\IrfanView\i_changes.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\Über IrfanView.lnk -> C:\Program Files\IrfanView\i_about.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Software Updater\IObit Software Updater entfernen.lnk -> C:\Program Files (x86)\IObit\Software Updater\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Software Updater\IObit Software Updater.lnk -> C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe (IObit) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk -> C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe (Intel Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape\Inkscape.lnk -> C:\Program Files\Inkscape\bin\inkscape.exe (Inkscape project) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape\Inkview.lnk -> C:\Program Files\Inkscape\bin\inkview.exe (Inkscape project) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape\Uninstall.lnk -> C:\Program Files\Inkscape\Uninstall.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart Essential.lnk -> C:\Program Files (x86)\HP\Photosmart Essential\HP_IZE.exe (Hewlett-Packard, Co.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Produktassistent.lnk -> C:\Program Files (x86)\HP\Digital Imaging\Product Assistant\bin\hprbui.exe (Hewlett-Packard Co.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Solution Center.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqdirec.exe (Hewlett-Packard Company) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Scanjet\8200\Benutzerhandbuch.lnk -> C:\Program Files (x86)\HP\Digital Imaging\sj8270\SJumDI.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Scanjet\8200\Info.lnk -> C:\Program Files (x86)\HP\Digital Imaging\sj8270\readme.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Scanjet\8200\Produktregistrierung.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe (Hewlett-Packard Co.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Scanjet\8200\Produktsupport-Website.lnk -> C:\Program Files (x86)\HP\Digital Imaging\sj8270\Support.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart Essential\HP Photosmart Essential.lnk -> C:\Program Files (x86)\HP\Photosmart Essential\HP_IZE.exe (Hewlett-Packard, Co.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HBCI-Modul für Money 99 Version 2000\FAQ zum HBCI-Modul für Money 99 Version 2000.lnk -> C:\Program Files (x86)\MSMoney99\System\hbci\FAQ.CHM () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HBCI-Modul für Money 99 Version 2000\HBCI-Modul für Money 99 Version 2000.lnk -> C:\Program Files (x86)\MSMoney99\System\hbci\hbcifm99.exe (Dr. Ulrich Amann) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HBCI-Modul für Money 99 Version 2000\Hilfe zum HBCI-Modul für Money 99 Version 2000.lnk -> C:\Program Files (x86)\MSMoney99\System\hbci\HBCIFM99.CHM () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV\WinTV 8.5.lnk -> C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe (Hauppauge Computer Works, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV\WinTV v8.5 Help.lnk -> C:\Users\Public\WinTV\Help\German\WinTV7.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Manager 25 Anniversary LE\Logs Collector Tool.lnk -> C:\Program Files\Paragon Software\Hard Disk Manager 25 Anniversary LE\program\logsaver.exe (Paragon Software GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Manager 25 Anniversary LE\Paragon Festplatten Manager™ 25 Jahre Limitierte Jubiläumsedition.lnk -> C:\Program Files\Paragon Software\Hard Disk Manager 25 Anniversary LE\program\hdm17.exe (Paragon Software GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HackCheck\HackCheck.lnk -> C:\Program Files (x86)\HackCheck\AbLauncher.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gsview\gsview 6.0.LNK -> C:\Program Files\Artifex Software\gsview6.0\bin\gsview.exe (Artifex Software Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gsview\Uninstall gsview 6.0.LNK -> C:\Program Files\Artifex Software\gsview6.0\uninstgsview.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuCash\Deinstallieren von GnuCash.lnk -> C:\Program Files (x86)\gnucash\uninstall\gnucash\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuCash\Erweiterung um Wechselkurse mit GnuCash online abzurufen.lnk -> C:\Program Files (x86)\gnucash\bin\install-fq-mods.cmd () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuCash\GnuCash README anzeigen.lnk -> C:\Program Files (x86)\gnucash\doc\gnucash\README-de.win32-bin.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuCash\GnuCash.lnk -> C:\Program Files (x86)\gnucash\bin\gnucash.exe (GnuCash Development Team) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GlassWire\GlassWire.lnk -> C:\Program Files (x86)\GlassWire\GlassWire.exe (SecureMix LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GlassWire\Uninstall.lnk -> C:\Program Files (x86)\GlassWire\uninstall.exe (SecureMix LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git\Git GUI.lnk -> C:\Program Files\Git\cmd\git-gui.exe (The Git Development Community) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git\Git Release Notes.lnk -> C:\Program Files\Git\ReleaseNotes.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gigaset QuickSync\Gigaset QuickSync.lnk -> C:\Program Files (x86)\Gigaset QuickSync\Gqs.UI.exe (Gigaset Communications GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript\Ghostscript Readme 9.53.3.LNK -> C:\Program Files\gs\gs9.53.3\doc\Readme.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript\Uninstall Ghostscript 9.53.3.LNK -> C:\Program Files\gs\gs9.53.3\uninstgs.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\Garmin Express.lnk -> C:\Program Files (x86)\Garmin\Express\express.exe (Garmin Ltd. or its subsidiaries) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeMind\FreeMind.lnk -> C:\Program Files (x86)\FreeMind\FreeMind.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeMind\Uninstall FreeMind.lnk -> C:\Program Files (x86)\FreeMind\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis\HDR projects 4\HDR projects 4 (64-Bit).lnk -> C:\Program Files\Franzis\HDR projects 4\HDR projects 4.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EventReporter\EventReporter Configuration.lnk -> C:\Program Files (x86)\EventReporter\CFGEvntSLog.exe (Adiscon GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EventReporter\EventReporter Legacy Client.lnk -> C:\Program Files (x86)\EventReporter\oldCFGEvntSLog.exe (Adiscon GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EventReporter\EventReporter Manual.lnk -> C:\Program Files (x86)\EventReporter\manual\EventReporter.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eudora\Eudora Help.lnk -> C:\Program Files (x86)\Qualcomm\Eudora\EUDORA.hlp () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eudora\Eudora Quick Start Guide.lnk -> C:\Program Files (x86)\Qualcomm\Eudora\Qckstart.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eudora\Eudora.lnk -> C:\Program Files (x86)\Qualcomm\Eudora\Eudora.exe (QUALCOMM Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eudora\Visit Website.lnk -> C:\Program Files (x86)\Qualcomm\Eudora\eudora.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\ElsterFormular.lnk -> C:\Program Files (x86)\ElsterFormular\bin\pica.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Infodatei - Support.lnk -> C:\Program Files (x86)\ElsterFormular\bin\hotlinetool.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Lizenzvertrag.lnk -> C:\Program Files (x86)\ElsterFormular\lizenzvertrag.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\DVDVideoSoft Free Studio.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\FreeStudioManager.exe (Digital Wave Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free YouTube To MP3 Converter.lnk -> C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe (Digital Wave Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Log Report.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVSSysReport.exe (DVDVideoSoft Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Premium Membership.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\PremiumMembershipOffer.exe (DVDVideoSoft Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Uninstall.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 11\DeinstalliertDVDFab.lnk -> C:\Program Files (x86)\DVDFab 11\uninstall.exe (Keine Datei) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 11\DVDFab 11 Mini.lnk -> C:\Program Files (x86)\DVDFab 11\DVDFab.exe (Keine Datei) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 11\DVDFab 11.lnk -> C:\Program Files (x86)\DVDFab 11\DVDFab.exe (Keine Datei) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia\Dia Manual (CHM).lnk -> C:\Program Files (x86)\Dia\help\C\dia-manual.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia\Dia Manual (PDF).lnk -> C:\Program Files (x86)\Dia\help\C\dia-manual.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia\FAQ.lnk -> C:\Program Files (x86)\Dia\help\C\faq.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia\Uninstall.lnk -> C:\Program Files (x86)\Dia\dia-0.97.2-uninstall.exe (The Dia Developers) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia\Polish\Dia Manual (CHM).lnk -> C:\Program Files (x86)\Dia\help\pl\dia-manual.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia\Polish\Dia Manual (PDF).lnk -> C:\Program Files (x86)\Dia\help\pl\dia-manual.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia\French\Dia Manual (CHM).lnk -> C:\Program Files (x86)\Dia\help\fr\dia-manual.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia\French\Dia Manual (PDF).lnk -> C:\Program Files (x86)\Dia\help\fr\dia-manual.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia\Basque\Dia Manual (CHM).lnk -> C:\Program Files (x86)\Dia\help\eu\dia-manual.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia\Basque\Dia Manual (PDF).lnk -> C:\Program Files (x86)\Dia\help\eu\dia-manual.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DB Browser for SQLite\DB Browser for SQLite.lnk -> C:\Program Files\DB Browser for SQLite\DB Browser for SQLite.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DB Browser for SQLite\Uninstall.lnk -> C:\Program Files\DB Browser for SQLite\Uninstall.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\darktable\darktable.lnk -> C:\Program Files\darktable\bin\darktable.exe (The darktable team) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\darktable\Uninstall.lnk -> C:\Program Files\darktable\Uninstall.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cut Out pro 4\Cut Out pro 4.lnk -> C:\Program Files\Franzis\Cut Out pro 4\CutOut.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cut Out pro 4\Photoshop plugins.lnk -> C:\Program Files\Franzis\Cut Out pro 4\Photoshop Plugins () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cut Out pro 4\Uninstall Cut Out pro 4.lnk -> C:\Program Files\Franzis\Cut Out pro 4\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\cryptomator.org\Cryptomator.lnk -> C:\Program Files\Cryptomator\Cryptomator.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cryptomator\Cryptomator.lnk -> C:\Program Files\Cryptomator\Cryptomator.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.exe (CPUID) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Edit CPU-Z Config File.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.ini () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Uninstall CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corsair LINK 4\Corsair LINK 4.lnk -> C:\Windows\Installer\{C636E92F-74DD-42A1-B614-64BC42D2DA3A}\Icon.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management\calibre 64bit - E-book management.lnk -> C:\Program Files\Calibre2\calibre.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management\E-book viewer 64bit.lnk -> C:\Program Files\Calibre2\ebook-viewer.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management\Edit E-book 64bit.lnk -> C:\Program Files\Calibre2\ebook-edit.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management\LRF viewer 64bit.lnk -> C:\Program Files\Calibre2\lrfviewer.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design\DaVinci Resolve\DaVinci Resolve Panels.lnk -> C:\Program Files (x86)\Blackmagic Design\DaVinci Resolve Panels\DaVinci Resolve Panels Setup.exe (Blackmagic Design) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeCyPDFMetaEdit\BeCyPDFMetaEdit.lnk -> C:\Program Files (x86)\BeCyPDFMetaEdit\BeCyPDFMetaEdit.exe (Benjamin Bentmann) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeCyPDFMetaEdit\UnInstaller.lnk -> C:\Program Files (x86)\BeCyPDFMetaEdit\UnInstall.exe (Benjamin Bentmann) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aurora\Aurora.lnk -> C:\Windows\Installer\{BB7ADD89-7C4D-430B-9D3C-8597736DFB4E}\LogoIcon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber\Audiograbber.lnk -> C:\Program Files (x86)\Audiograbber\audiograbber.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber\Deinstallieren.lnk -> C:\Program Files (x86)\Audiograbber\Uninstall.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber\Erste Schritte.lnk -> C:\Program Files (x86)\Audiograbber\Erste_Schritte.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber\Hilfe.lnk -> C:\Program Files (x86)\Audiograbber\German.hlp () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber\Line In Aufnahme.lnk -> C:\Program Files (x86)\Audiograbber\Line-In.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AURA.lnk -> C:\Program Files (x86)\ASUS\AURA\Aura.exe (ASUSTek Computer Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\GameFirst IV.lnk -> C:\Program Files (x86)\ASUS\GameFirst IV\GameFirst IV.exe (Apextitan) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AI Suite 3\AI Suite 3.lnk -> C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe (ASUSTeK Computer Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Home Design 5\Ashampoo Home Design 5 .lnk -> C:\Program Files\Ashampoo\Ashampoo Home Design 5\Program\CAD.exe (VICABO GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Home Design 5\Hilfe\Ashampoo Home Design 5.lnk -> C:\Program Files\Ashampoo\Ashampoo Home Design 5\Program\de-DE\Ashampoo.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Home Design 5\Handbücher\Handbuch Ashampoo Home Design 5.lnk -> C:\Program Files\Ashampoo\Ashampoo Home Design 5\Manuals\de-De\Manual.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Home Design 5\Handbücher\Handbuch Tastaturbelegung.lnk -> C:\Program Files\Ashampoo\Ashampoo Home Design 5\Manuals\de-De\ShortCuts.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio 2017\Ashampoo Burning Studio 2017 .lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2017\burningstudio2017.exe (Ashampoo) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft\ApowerMirror\ApowerMirror entfernen.lnk -> C:\Program Files (x86)\Apowersoft\ApowerMirror\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft\ApowerMirror\ApowerMirror.lnk -> C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe (Apowersoft) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Any Video Recorder\Any Video Recorder entfernen.lnk -> C:\Program Files (x86)\Any Video Recorder\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Any Video Recorder\Any Video Recorder.lnk -> C:\Program Files (x86)\Any Video Recorder\Any Video Recorder.exe (any-video-recorder.com) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Digital Editions 4.5\Adobe Digital Editions 4.5.lnk -> C:\Program Files (x86)\Adobe\Adobe Digital Editions 4.5\DigitalEditions.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Digital Editions 4.5\Help.lnk -> C:\Program Files (x86)\Adobe\Adobe Digital Editions 4.5\DigitalEditions.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Digital Editions 4.5\Home Page.lnk -> C:\Program Files (x86)\Adobe\Adobe Digital Editions 4.5\DigitalEditions.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Digital Editions 4.5\Uninstall.lnk -> C:\Program Files (x86)\Adobe\Adobe Digital Editions 4.5\uninstall.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files\7-Zip\7zFM.exe (Igor Pavlov) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files\7-Zip\7-zip.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1&1\1&1 Upload-Manager\1&1 Upload-Manager.lnk -> C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE (1&1 Internet AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default)\UFRaw.lnk -> C:\Program Files (x86)\UFRaw\bin\ufraw.exe () Shortcut: C:\ProgramData\Magix\Music Maker\25\MxSynth\Concert Grand LE.lnk -> C:\Program Files (x86)\Common Files\MAGIX Services\MxSynth\Concert Grand LE () Shortcut: C:\Users\Default\Desktop\Cloudevo.lnk -> C:\Program Files\Evorim\Cloudevo\Cloudevo.exe () Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\thoma\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evorim\Cloudevo\Cloudevo.lnk -> C:\Program Files\Evorim\Cloudevo\Cloudevo.exe () Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\josef\Links\Desktop.lnk -> C:\Users\josef\Desktop () Shortcut: C:\Users\josef\Links\Downloads.lnk -> D:\download () Shortcut: C:\Users\josef\Desktop\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) Shortcut: C:\Users\josef\Desktop\Cloudevo.lnk -> C:\Program Files\Evorim\Cloudevo\Cloudevo.exe () Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\josef\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evorim\Cloudevo\Cloudevo.lnk -> C:\Program Files\Evorim\Cloudevo\Cloudevo.exe () Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) Shortcut: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\maxim\Links\Desktop.lnk -> C:\Users\maxim\Desktop () Shortcut: C:\Users\maxim\Links\Downloads.lnk -> D:\download () Shortcut: C:\Users\maxim\Desktop\Binomialverteilung.lnk -> D:\Maximilian\Binomialverteilung.xlsx () Shortcut: C:\Users\maxim\Desktop\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) Shortcut: C:\Users\maxim\Desktop\Cloudevo.lnk -> C:\Program Files\Evorim\Cloudevo\Cloudevo.exe () Shortcut: C:\Users\maxim\Desktop\Microsoft Excel 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe () Shortcut: C:\Users\maxim\Desktop\Microsoft PowerPoint 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe () Shortcut: C:\Users\maxim\Desktop\Microsoft Word 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe () Shortcut: C:\Users\maxim\Desktop\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Word\Textbeschreibung%20%20zu%20Schule306921733876313431\Textbeschreibung%20%20zu%20Schule.docx.lnk -> O:\Textbeschreibung zu Schule.docx (Keine Datei) Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\maxim\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evorim\Cloudevo\Cloudevo.lnk -> C:\Program Files\Evorim\Cloudevo\Cloudevo.exe () Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Total Commander 64 bit.lnk -> C:\Program Files\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH) Shortcut: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\Public\Documents\MAGIX\Photostory Deluxe COMPUTER BILD-Edition\Dokumentation\MAGIX Photostory Deluxe COMPUTER BILD-Edition Handbuch.lnk -> C:\Program Files\MAGIX\Photostory Deluxe COMPUTER BILD-Edition\2019\Fotos_dlx_DE.pdf () Shortcut: C:\Users\Public\Desktop\1&1 Upload-Manager.lnk -> C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE (1&1 Internet AG) Shortcut: C:\Users\Public\Desktop\BlueStacks.lnk -> C:\ProgramData\BlueStacks\Client\Bluestacks.exe (BlueStack Systems, Inc.) Shortcut: C:\Users\Public\Desktop\OBS Studio.lnk -> C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS) Shortcut: C:\Users\Public\Desktop\PDF-XChange Editor.lnk -> C:\Program Files\Tracker Software\PDF Editor\PDFXEdit.exe (Tracker Software Products (Canada) Ltd.) Shortcut: C:\Users\Public\Desktop\Streamlabs OBS.lnk -> C:\Program Files\Streamlabs OBS\Streamlabs OBS.exe (General Workings, Inc.) Shortcut: C:\Users\Public\Desktop\VMware Horizon Client.lnk -> C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe (VMware, Inc.) Shortcut: C:\Users\Public\Desktop\XSplit VCam.lnk -> C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs) Shortcut: C:\Users\sandr\Links\Desktop.lnk -> C:\Users\sandr\Desktop () Shortcut: C:\Users\sandr\Links\Downloads.lnk -> D:\download () Shortcut: C:\Users\sandr\Desktop\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) Shortcut: C:\Users\sandr\Desktop\Cloudevo.lnk -> C:\Program Files\Evorim\Cloudevo\Cloudevo.exe () Shortcut: C:\Users\sandr\Desktop\fritz.box.lnk -> \\fritz.box\FritzBox7490\CBMV88-CBMV88-01\Benutzer Shortcut: C:\Users\sandr\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) Shortcut: C:\Users\sandr\Desktop\OneDrive.lnk -> C:\Users\sandr\OneDrive (Keine Datei) Shortcut: C:\Users\sandr\Desktop\Scanner.lnk -> D:\Sandra\Scanner () Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Word\Impfkomplikation%20Ha,%20A307901781495616539\Impfkomplikation%20Ha,%20A.docx.lnk -> M:\Impfkomplikation Ha, A.docx (Keine Datei) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\sandr\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre7.lnk -> C:\Program Files (x86)\PhotoFiltre 7\PhotoFiltre7.exe (PhotoFiltre) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evorim\Cloudevo\Cloudevo.lnk -> C:\Program Files\Evorim\Cloudevo\Cloudevo.exe () Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\IJ Scan Utility.lnk -> C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe (Keine Datei) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Excel 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe () Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft PowerPoint 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe () Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Word 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe () Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Total Commander 64 bit.lnk -> C:\Program Files\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH) Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\WinTV 8.5.lnk -> C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe (Hauppauge Computer Works, Inc.) Shortcut: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\Videos\Musik - Verknüpfung.lnk -> C:\Users\thoma\Music () Shortcut: C:\Users\thoma\Links\Desktop.lnk -> C:\Users\thoma\Desktop () Shortcut: C:\Users\thoma\Links\Downloads.lnk -> D:\download () Shortcut: C:\Users\thoma\Desktop\1&1 Verschlüsselung.lnk -> C:\Program Files\1&1 Verschlüsselung\1&1 Verschluesselung.exe () Shortcut: C:\Users\thoma\Desktop\AIOZ Node.lnk -> C:\Users\thoma\AppData\Local\Programs\aioz_worker_node\AIOZ Node.exe (AIOZ Company) Shortcut: C:\Users\thoma\Desktop\Autostart.lnk -> C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup () Shortcut: C:\Users\thoma\Desktop\DeepL.lnk -> C:\Users\thoma\AppData\Local\DeepL\DeepL.exe (DeepL GmbH) Shortcut: C:\Users\thoma\Desktop\DesktopOK.lnk -> C:\Program Files\DesktopOK\DesktopOK_x64.exe (Nenad Hrg SoftwareOK) Shortcut: C:\Users\thoma\Desktop\MicroSIP.lnk -> C:\Users\thoma\AppData\Local\MicroSIP\microsip.exe (www.microsip.org) Shortcut: C:\Users\thoma\Desktop\RStudio.lnk -> C:\Program Files\RStudio\bin\rstudio.exe (RStudio, PBC) Shortcut: C:\Users\thoma\Desktop\Signal.lnk -> C:\Users\thoma\AppData\Local\Programs\signal-desktop\Signal.exe (Open Whisper Systems) Shortcut: C:\Users\thoma\Desktop\Skype for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\Desktop\Slack.lnk -> C:\Users\thoma\AppData\Local\slack\slack.exe (Slack Technologies Inc.) Shortcut: C:\Users\thoma\Desktop\Telegram.lnk -> C:\Users\thoma\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC) Shortcut: C:\Users\thoma\Desktop\W & W.lnk -> M:\W & W () Shortcut: C:\Users\thoma\Desktop\System\Avast Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) Shortcut: C:\Users\thoma\Desktop\System\Dual-boot Repair.lnk -> C:\Program Files (x86)\Visual BCD\DualBootRepair.exe (BoYans) Shortcut: C:\Users\thoma\Desktop\System\EasyBCD 2.4.lnk -> C:\Program Files (x86)\NeoSmart Technologies\EasyBCD\EasyBCD.exe (NeoSmart Technologies) Shortcut: C:\Users\thoma\Desktop\System\Eraser.lnk -> C:\Program Files\Eraser\Eraser.exe (The Eraser Project) Shortcut: C:\Users\thoma\Desktop\System\IObit Software Updater.lnk -> C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe (IObit) Shortcut: C:\Users\thoma\Desktop\System\MEGAsync.lnk -> C:\Users\thoma\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited) Shortcut: C:\Users\thoma\Desktop\System\MiniTool Partition Wizard.lnk -> C:\Program Files\MiniTool Partition Wizard 12\partitionwizard.exe (MiniTool Software Limited) Shortcut: C:\Users\thoma\Desktop\System\MiniTool ShadowMaker.lnk -> C:\Program Files\MiniTool ShadowMaker\system_backup_gui.exe (MiniTool) Shortcut: C:\Users\thoma\Desktop\System\OkayFreedom.lnk -> C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe (Keine Datei) Shortcut: C:\Users\thoma\Desktop\System\UFRaw.lnk -> C:\Program Files (x86)\UFRaw\bin\ufraw.exe () Shortcut: C:\Users\thoma\Desktop\System\Ultimate Settings Panel.lnk -> C:\Windows\Installer\{2F0E2793-E444-4851-A4FC-61EC635326CF}\_806681F0577CE5C659DED3.exe () Shortcut: C:\Users\thoma\Desktop\System\Visual BCD Editor.lnk -> C:\Program Files (x86)\Visual BCD\VisualBcd.exe (mail: 'boyans.gm@gmail.com') Shortcut: C:\Users\thoma\Desktop\System\Wi-Fi Scanner.lnk -> C:\Program Files (x86)\LizardSystems\Wi-Fi Scanner\wifiscanner.exe (LizardSystems) Shortcut: C:\Users\thoma\Desktop\Programme\AusweisApp2.lnk -> C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG) Shortcut: C:\Users\thoma\Desktop\Programme\BlueStacks Multi-Instance Manager.lnk -> C:\Program Files (x86)\BlueStacks\HD-MultiInstanceManager.exe () Shortcut: C:\Users\thoma\Desktop\Programme\Cloudevo.lnk -> C:\Program Files\Evorim\Cloudevo\Cloudevo.exe () Shortcut: C:\Users\thoma\Desktop\Programme\Gigaset QuickSync.lnk -> C:\Program Files (x86)\Gigaset QuickSync\Gqs.UI.exe (Gigaset Communications GmbH) Shortcut: C:\Users\thoma\Desktop\Programme\MediaHuman YouTube to MP3 Converter.lnk -> C:\Program Files (x86)\MediaHuman\YouTube to MP3 Converter\YouTubeToMP3.exe () Shortcut: C:\Users\thoma\Desktop\Programme\PDF24.lnk -> C:\Program Files (x86)\PDF24\pdf24-Launcher.exe (Keine Datei) Shortcut: C:\Users\thoma\Desktop\Programme\Samsung DeX.lnk -> C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics Co., Ltd.) Shortcut: C:\Users\thoma\Desktop\Programme\VideoProc.lnk -> C:\Program Files (x86)\Digiarty\VideoProc\VideoProc.exe () Shortcut: C:\Users\thoma\Desktop\Multimedia\AnyMusic.lnk -> C:\Program Files\AnyMusic\AnyMusic.exe (AmoyShare Technology Company) Shortcut: C:\Users\thoma\Desktop\Multimedia\Olive.lnk -> C:\Program Files\Olive\olive-editor.exe (Olive Team) Shortcut: C:\Users\thoma\Desktop\Multimedia\onlineTV 15.lnk -> C:\Program Files (x86)\concept design\onlineTV 15\onlineTV.exe (concept/design GmbH) Shortcut: C:\Users\thoma\Desktop\Multimedia\Recordify.lnk -> C:\Program Files (x86)\Recordify\AbLauncher.exe () Shortcut: C:\Users\thoma\Desktop\Games\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.) Shortcut: C:\Users\thoma\Desktop\Games\TeamSpeak 3 Client.lnk -> C:\Users\thoma\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe (TeamSpeak Systems GmbH) Shortcut: C:\Users\thoma\Desktop\Games\Twitch.lnk -> C:\Users\thoma\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.) Shortcut: C:\Users\thoma\Desktop\ADS\ADS.lnk -> M:\aktuar\ADS (Keine Datei) Shortcut: C:\Users\thoma\Desktop\ADS\KNIME Analytics Platform.lnk -> C:\Program Files\KNIME\knime.exe () Shortcut: C:\Users\thoma\Desktop\ADS\MongoDBCompass.lnk -> C:\Users\thoma\AppData\Local\MongoDBCompass\MongoDBCompass.exe (MongoDB Inc) Shortcut: C:\Users\thoma\Desktop\ADS\Neo4j Desktop.lnk -> C:\Program Files\Neo4j Desktop\Neo4j Desktop.exe (Neo4j Inc.) Shortcut: C:\Users\thoma\Desktop\ADS\PyCharm Community Edition 2019.3.3.lnk -> C:\Program Files\JetBrains\PyCharm Community Edition 2019.3.3\bin\pycharm64.exe (JetBrains s.r.o.) Shortcut: C:\Users\thoma\Desktop\ADS\redis-cli.lnk -> C:\Program Files\Redis\redis-cli.exe () Shortcut: C:\Users\thoma\Desktop\ADS\redis-server.lnk -> C:\Program Files\Redis\redis-server.exe () Shortcut: C:\Users\thoma\Desktop\ADS\RStudio.lnk -> C:\Program Files\RStudio\bin\rstudio.exe (RStudio, PBC) Shortcut: C:\Users\thoma\Desktop\ADS\Studio 3T.lnk -> C:\Program Files\3T Software Labs\Studio 3T\Studio 3T.exe () Shortcut: C:\Users\thoma\AppData\Roaming\SplitmediaLabs\XSplit VCam 2.1.2101.0603\install\808E021\x64\XSplitVCam.lnk -> D:\Program Files (x86)\SplitmediaLabs\XSplit VCam\x64\XSplitVCam.exe (Keine Datei) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\FreeMind.lnk -> C:\Program Files (x86)\FreeMind\FreeMind.exe () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe Connect.lnk -> C:\Users\thoma\AppData\Roaming\Adobe\Connect\connect.exe (Adobe Systems, Inc.) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AIOZ Node.lnk -> C:\Users\thoma\AppData\Local\Programs\aioz_worker_node\AIOZ Node.exe (AIOZ Company) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music.lnk -> C:\Users\thoma\AppData\Local\Amazon Music\Amazon Music.exe (Amazon.com Services LLC) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk -> D:\download\ESETOnlineScanner_DEU.exe (Keine Datei) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IOTA Wallet.lnk -> C:\Users\thoma\AppData\Local\Programs\iota\IOTA Wallet.exe (IOTA Foundation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Neo4j Desktop.lnk -> C:\Program Files\Neo4j Desktop\Neo4j Desktop.exe (Neo4j Inc.) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\thoma\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roger Router.lnk -> C:\Program Files (x86)\Roger Router\roger.exe (Keine Datei) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Signal.lnk -> C:\Users\thoma\AppData\Local\Programs\signal-desktop\Signal.exe (Open Whisper Systems) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\simpleos.lnk -> C:\Users\thoma\AppData\Local\Programs\simpleos\simpleos.exe (EOSRio) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SplitCam.lnk -> C:\Users\thoma\AppData\Roaming\Microsoft\Installer\{C04D8FAF-1AA0-4B3E-B549-E31BE1E6BC7B}\_47A728F2C26004D7DE03E9.exe () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqrl.lnk -> C:\Users\thoma\AppData\Local\Programs\Sqrl\Sqrl.exe (Telos Foundation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk -> C:\Users\thoma\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe (TeamSpeak Systems GmbH) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trinity.lnk -> C:\Users\thoma\AppData\Local\Programs\trinity-desktop\Trinity.exe (IOTA Foundation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk -> C:\Users\thoma\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Zoom.lnk -> C:\Users\thoma\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xournal++\Uninstall.lnk -> C:\Program Files\Xournal++\Uninstall.exe () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xournal++\Xournal++.lnk -> C:\Program Files\Xournal++\bin\xournalpp.exe () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code\Visual Studio Code.lnk -> C:\Users\thoma\AppData\Local\Programs\Microsoft VS Code\Code.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Telegram entfernen.lnk -> C:\Users\thoma\AppData\Roaming\Telegram Desktop\unins000.exe (Telegram FZ-LLC ) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Telegram.lnk -> C:\Users\thoma\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z\TechPowerUp GPU-Z.lnk -> C:\Program Files (x86)\GPU-Z\GPU-Z.exe (techPowerUp (www.techpowerup.com)) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z\Uninstall.lnk -> C:\Program Files (x86)\GPU-Z\uninstall.exe () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\Help and HOW-TO.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.chm () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\Release info.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.txt () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\Uninstall SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\uninstall.exe () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc\Slack.lnk -> C:\Users\thoma\AppData\Local\slack\slack.exe (Slack Technologies Inc.) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.5.0-2-x64\Uninstall Ruby 2.5.0-2-x64.lnk -> C:\Program Files\Ruby25-x64\unins000.exe () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.5.0-2-x64\Documentation\Ruby 2.5.0 API Reference.lnk -> C:\Program Files\Ruby25-x64\share\doc\ruby\html\index.html () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rossmann Fotowelt Software\Rossmann Fotowelt Software.lnk -> C:\Program Files (x86)\Rossmann Fotowelt Software\Rossmann Fotowelt Software.exe (ORWO Net GmbH, Bitterfeld-Wolfen, Germany, hxxp://www.orwonet.de) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rossmann Fotowelt Software\Setup.lnk -> C:\Program Files (x86)\Rossmann Fotowelt Software\maintenancetool.exe () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.8\Python 3.8 (32-bit).lnk -> C:\Users\thoma\AppData\Local\Programs\Python\Python38-32\python.exe (Python Software Foundation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ProRealTime\ProRealTime.lnk -> C:\Users\thoma\AppData\Local\IT-Finance\ProRealTime\ProRealTime.exe () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7\PhotoFiltre 7 information.lnk -> C:\Program Files (x86)\PhotoFiltre 7\PhotoFiltre7.htm () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7\PhotoFiltre 7.lnk -> C:\Program Files (x86)\PhotoFiltre 7\PhotoFiltre7.exe (PhotoFiltre) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7\PhotoMasque information.lnk -> C:\Program Files (x86)\PhotoFiltre 7\PhotoMasque.htm () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7\Uninstall PhotoFiltre 7.lnk -> C:\Program Files (x86)\PhotoFiltre 7\Uninst.exe () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Olive\Olive.lnk -> C:\Program Files\Olive\olive-editor.exe (Olive Team) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Olive\Uninstall Olive.lnk -> C:\Program Files\Olive\uninstall.exe () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MongoDB Inc\MongoDBCompass.lnk -> C:\Users\thoma\AppData\Local\MongoDBCompass\MongoDBCompass.exe (MongoDB Inc) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiKTeX\MiKTeX Console.lnk -> C:\Users\thoma\AppData\Local\Programs\MiKTeX\miktex\bin\x64\miktex-console.exe (MiKTeX.org) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiKTeX\TeXworks.lnk -> C:\Users\thoma\AppData\Local\Programs\MiKTeX\miktex\bin\x64\miktex-texworks.exe (TeX Users Group) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroSIP\License.lnk -> C:\Users\thoma\AppData\Local\MicroSIP\License.txt () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroSIP\MicroSIP Website.lnk -> C:\Users\thoma\AppData\Local\MicroSIP\MicroSIP Website.url () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroSIP\MicroSIP.lnk -> C:\Users\thoma\AppData\Local\MicroSIP\microsip.exe (www.microsip.org) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroSIP\Uninstall.lnk -> C:\Users\thoma\AppData\Local\MicroSIP\Uninstall.exe (www.microsip.org) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync\MEGA Website.lnk -> C:\Users\thoma\AppData\Local\MEGAsync\MEGA Website.url () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync\MEGAsync.lnk -> C:\Users\thoma\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync\Uninstall.lnk -> C:\Users\thoma\AppData\Local\MEGAsync\uninst.exe (MEGA Limited) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeeForm\Uninstall KeeForm for KeePass 2.0.lnk -> C:\Users\thoma\AppData\Local\KeeForm\KeeForm Uninstaller\unins000.exe () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\About IrfanView.lnk -> C:\Program Files\IrfanView\i_about.txt () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Available Languages.lnk -> C:\Program Files\IrfanView\i_languages.txt () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Available PlugIns.lnk -> C:\Program Files\IrfanView\i_plugins.txt () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Command line Options.lnk -> C:\Program Files\IrfanView\i_options.txt () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView 64 4.57.lnk -> C:\Program Files\IrfanView\i_view64.exe (Irfan Skiljan) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView Help.lnk -> C:\Program Files\IrfanView\i_view32.chm () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\What's New.lnk -> C:\Program Files\IrfanView\i_changes.txt () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMAPSize\IMAPSize on the Web.lnk -> C:\Program Files (x86)\IMAPSize\imapsize.url () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMAPSize\IMAPSize.lnk -> C:\Program Files (x86)\IMAPSize\imapsize.exe (Broobles) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMAPSize\Uninstall IMAPSize.lnk -> C:\Program Files (x86)\IMAPSize\unins000.exe (Jordan Russell) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evorim\Cloudevo\Cloudevo.lnk -> C:\Program Files\Evorim\Cloudevo\Cloudevo.exe () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum ABC\Electrum ABC.lnk -> C:\Program Files (x86)\Electrum ABC\ElectrumABC.exe () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum ABC\Uninstall.lnk -> C:\Program Files (x86)\Electrum ABC\Uninstall.exe (Electrum ABC) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electron Cash\Electron Cash.lnk -> C:\Program Files (x86)\Electron Cash\Electron-Cash.exe () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electron Cash\Uninstall.lnk -> C:\Program Files (x86)\Electron Cash\Uninstall.exe (Electron Cash) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\easyHDR 2\easyHDR 2.lnk -> C:\Program Files (x86)\easyHDR 2\easyHDR_2.exe (BRTKSOFT Bartlomiej Okonek) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\easyHDR 2\Uninstall.lnk -> C:\Program Files (x86)\easyHDR 2\uninstall.exe (BRTKSOFT Bartlomiej Okonek) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 11\DeinstalliertDVDFab.lnk -> C:\Program Files (x86)\DVDFab 11\uninstall.exe (Keine Datei) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 11\DVDFab 11 Mini.lnk -> C:\Program Files (x86)\DVDFab 11\DVDFab.exe (Keine Datei) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 11\DVDFab 11.lnk -> C:\Program Files (x86)\DVDFab 11\DVDFab.exe (Keine Datei) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeepL GmbH\DeepL.lnk -> C:\Users\thoma\AppData\Local\DeepL\DeepL.exe (DeepL GmbH) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\concept design\onlineTV 15\onlineTV 15.lnk -> C:\Program Files (x86)\concept design\onlineTV 15\onlineTV.exe (concept/design GmbH) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\concept design\onlineTV 15\onlineTV @ Android.lnk -> C:\Program Files (x86)\concept design\onlineTV 15\onlineTVAndroid.url () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\concept design\onlineTV 15\Ressource\Weitere Sender.lnk -> C:\Program Files (x86)\concept design\onlineTV 15\onlineTVRes.url () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design\DaVinci Resolve\Resolve.lnk -> C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty. Ltd.) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AusweisApp2\AusweisApp2.lnk -> C:\Program Files (x86)\AusweisApp2 1.14.0\AusweisApp2.exe (Governikus GmbH & Co. KG) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music\Amazon Music.lnk -> C:\Users\thoma\AppData\Local\Amazon Music\Amazon Music.exe (Amazon.com Services LLC) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music\Uninstall Amazon Music.lnk -> C:\Users\thoma\AppData\Local\Amazon Music\Uninstall.exe (Amazon) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Network Shortcuts\1&1 Thomas\target.lnk -> \\sd2dav.1und1.de@SSL\DavWWWRoot Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\1&1 Upload-Manager.lnk -> C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE (1&1 Internet AG) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions 4.5.lnk -> C:\Program Files (x86)\Adobe\Adobe Digital Editions 4.5\DigitalEditions.exe (Adobe Systems Incorporated) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ApowerMirror.lnk -> C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe (Apowersoft) |
27.06.2021, 20:41 | #6 |
| Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt Shortcut Teil 2 Code:
ATTFilter Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BeCyPDFMetaEdit.lnk -> C:\Program Files (x86)\BeCyPDFMetaEdit\BeCyPDFMetaEdit.exe (Benjamin Bentmann) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GlassWire 2.3.lnk -> C:\Program Files (x86)\GlassWire\GlassWire.exe (SecureMix LLC) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Passbild-Generator.lnk -> C:\Program Files (x86)\Passbild-Generator\Passbild-Generator.exe () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Soda PDF Desktop.lnk -> C:\Program Files\Soda PDF Desktop\soda.exe (LULU Software) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\UFRaw.lnk -> C:\Program Files (x86)\UFRaw\bin\ufraw.exe () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\UltraEdit.lnk -> C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\Uedit32.exe (IDM Computer Solutions, Inc.) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Uninstall Manager.lnk -> C:\Program Files (x86)\Martin Fuchs\uninstmgr.exe (Martin Fuchs) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VideoProc.lnk -> C:\Program Files (x86)\Digiarty\VideoProc\VideoProc.exe () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\XMind 8 Update 8.lnk -> C:\Program Files (x86)\XMind\XMind.exe () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\EXCEL - Verknüpfung.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP Solution Center.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqdirec.exe (Hewlett-Packard Company) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\IJ Scan Utility.lnk -> C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe (Keine Datei) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\IObit Software Updater.lnk -> C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe (IObit) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\KeePass 2.lnk -> C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft PowerPoint 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe () Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Word.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Thunderbird (2).lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Total Commander 64 bit.lnk -> C:\Program Files\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\UltraEdit.lnk -> C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\Uedit32.exe (IDM Computer Solutions, Inc.) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\VeraCrypt.lnk -> C:\Program Files\VeraCrypt\VeraCrypt.exe (IDRIX) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\VMware Workstation 16 Player.lnk -> C:\Program Files (x86)\VMware\VMware Player\vmplayer.exe (VMware, Inc.) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\WinTV 8.5.lnk -> C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe (Hauppauge Computer Works, Inc.) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\XMind.lnk -> C:\Program Files\XMind ZEN\XMind.exe (XMind Ltd.) Shortcut: C:\Users\thoma\AppData\Local\SageMath 8.8\runtime\opt\sagemath-8.8\local\share\giac\doc\el\casinter\casinter.lnk -> [LF../en/casinterc:\xcas\doc\en\en\casinter] (Keine Datei) Shortcut: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\thoma\AppData\Local\Amazon Music\Uninstall Amazon Music.lnk -> C:\Users\thoma\AppData\Local\Amazon Music\Uninstall.exe (Amazon) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Install Additional Tools for Node.js.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /d /c "C:\Program Files\nodejs\install_tools.bat" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js command prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files\nodejs\nodevars.bat" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (Anaconda3).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\ProgramData\Anaconda3\Scripts\activate.bat C:\ProgramData\Anaconda3 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (r_env).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\ProgramData\Anaconda3\Scripts\activate.bat C:\Users\thoma\.conda\envs\r_env ShortcutWithArgument: C:\Users\thoma\Desktop\ADS\Anaconda Prompt (Anaconda3).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\ProgramData\Anaconda3\Scripts\activate.bat C:\ProgramData\Anaconda3 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk -> C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software) -> --check-run=src=tile ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAServiceHelper.exe (Intel) -> installstartup ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonic Radar 3.lnk -> C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe (ASUSTeK COMPUTER INC.) -> /start SonicRadarSystray /command SonicRadarSystray OpenUI ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xerox PowerENGAGE\Xerox PowerENGAGE.lnk -> C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe (Aviata Inc) -> /LSRC=StartMenu ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Weka 3.8.4\Weka 3.8.4 (with console).lnk -> C:\Program Files\Weka-3-8-4\jre\zulu11.35.15-ca-fx-jre11.0.5-win_x64\bin\java.exe (Azul Systems Inc.) -> -classpath "C:\Program Files\Weka-3-8-4" RunWeka -i "C:\Program Files\Weka-3-8-4\RunWeka.ini" -w "C:\Program Files\Weka-3-8-4\weka.jar" -c console -jre-path "C:\Program Files\Weka-3-8-4\jre\zulu11.35.15-ca-fx-jre11.0.5-win_x64" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Weka 3.8.4\Weka 3.8.4.lnk -> C:\Program Files\Weka-3-8-4\jre\zulu11.35.15-ca-fx-jre11.0.5-win_x64\bin\javaw.exe (Azul Systems Inc.) -> -classpath "C:\Program Files\Weka-3-8-4" RunWeka -i "C:\Program Files\Weka-3-8-4\RunWeka.ini" -w "C:\Program Files\Weka-3-8-4\weka.jar" -jre-path "C:\Program Files\Weka-3-8-4\jre\zulu11.35.15-ca-fx-jre11.0.5-win_x64" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware\Command Prompt for vctl.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k set PATH=C:\Program Files (x86)\VMware\VMware Player\;%PATH% && vctl.exe -h ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual BCD\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {436D50FF-8FA1-4FDD-A9C9-48B52A990F57} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software\PDF-XChange Lite\PDF-XChange Lite pdfSaver.lnk -> C:\Program Files\Tracker Software\PDF-XChange Lite\pdfSaverL.exe (Tracker Software Products (Canada) Ltd.) -> /Show ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soda PDF Desktop\Uninstall or Modify Soda PDF Desktop.lnk -> C:\ProgramData\Soda PDF Desktop\Installation\Soda_PDF_Desktop_Installer.exe (LULU Software) -> /uninstall ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soda PDF Desktop\Uninstall Soda PDF Desktop.lnk -> C:\ProgramData\Soda PDF Desktop\Installation\Soda_PDF_Desktop_Installer.exe (LULU Software) -> /uninstall ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\SeaTools for Windows\SeaTools for Windows.lnk -> C:\Program Files (x86)\Seagate\SeaTools for Windows\SeaToolsforWindows.exe (Seagate Technology) -> C:\Program Files (x86)\Seagate\SeaTools for Windows\Seagate_Logo.ico ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R\R i386 3.6.2.lnk -> C:\Program Files\R\R-3.6.2\bin\i386\Rgui.exe () -> --cd-to-userdocs ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R\R i386 4.0.3.lnk -> C:\Program Files\R\R-4.0.3\bin\i386\Rgui.exe () -> --cd-to-userdocs ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R\R x64 3.6.2.lnk -> C:\Program Files\R\R-3.6.2\bin\x64\Rgui.exe () -> --cd-to-userdocs ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R\R x64 4.0.3.lnk -> C:\Program Files\R\R-4.0.3\bin\x64\Rgui.exe () -> --cd-to-userdocs ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.9\IDLE (Python 3.9 64-bit).lnk -> C:\Python39\pythonw.exe (Python Software Foundation) -> "C:\Python39\Lib\idlelib\idle.pyw" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.9\Python 3.9 Manuals (64-bit).lnk -> C:\Windows\hh.exe (Microsoft Corporation) -> C:\Python39\Doc\python394.chm ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.9\Python 3.9 Module Docs (64-bit).lnk -> C:\Python39\python.exe (Python Software Foundation) -> -m pydoc -b ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill\Uninstall PDFill Package.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {26037138-C111-4BC5-88E8-DD2B2F2460C7} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\Nsight Systems 2020.4.3\Uninstall NVIDIA Nsight Systems 2020.4.3.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {8A00392B-A561-4D04-990C-4D1741A5CDDE} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\Nsight Compute 2020.3.1\Uninstall NVIDIA Nsight Compute 2020.3.1.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {1259B3DA-CFC4-4BEE-8DBD-B497981D2047} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Uninstall Node.js.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {140389EF-5573-4B66-9218-B739F767AFBD} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Connect\MAGIX Connect.lnk -> C:\Program Files\Common Files\MAGIX Services\QMxNetworkSync\QMxNetworkSync.exe (MAGIX) -> -show ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Auf Updates prüfen.lnk -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\javacpl.exe (Oracle Corporation) -> -tab update ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Info zu Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\javacpl.exe (Oracle Corporation) -> -tab about ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView - Thumbnails.lnk -> C:\Program Files\IrfanView\i_view64.exe (Irfan Skiljan) -> /thumbs ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart Essential\Deinstallieren.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {EB21A812-671B-4D08-B974-2A347F0D8F70} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV\Erweiterte Optionen.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> C:\Program Files (x86)\WinTV\WinTV8\Erweiterte Optionen\ ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git\Git Bash.lnk -> C:\Program Files\Git\git-bash.exe (The Git Development Community) -> --cd-to-home ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git\Git CMD.lnk -> C:\Program Files\Git\git-cmd.exe (The Git Development Community) -> --cd-to-home ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript\Ghostscript 9.53.3.LNK -> C:\Program Files\gs\gs9.53.3\bin\gswin64.exe () -> "-IC:\Program Files\gs\gs9.53.3\lib;C:\Program Files\gs\gs9.53.3\..\fonts" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EventReporter\Uninstall EventReporter.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {E03F80A2-8024-4C2D-BC36-9EACD6E660BF} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Hilfe.lnk -> C:\Program Files (x86)\ElsterFormular\bin\hilfepica.exe (Digia Plc and/or its subsidiary(-ies)) -> -collectionFile "C:\Program Files (x86)\ElsterFormular\/hilfe/elfo.bedienung.qhc" -showUrl "qthelp://elfo.bedienung/hilfe/bed_kap01/910000.html" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Installationsverwaltung.lnk -> C:\Program Files (x86)\ElsterFormular\bin\installationsverwaltung.exe () -> --zeigeDlg ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Integritätsprüfer.lnk -> C:\Program Files (x86)\ElsterFormular\bin\integritaetspruefer.exe () -> -path "C:\Program Files (x86)\ElsterFormular\ ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Screenreadermodus.lnk -> C:\Program Files (x86)\ElsterFormular\bin\pica.exe () -> --sehbehindertenmodus ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EIZO\Screen InStyle\Screen InStyle.lnk -> C:\Program Files (x86)\EIZO\Screen InStyle\ScreenInStyle.exe (EIZO Corporation) -> /m ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia\Dia.lnk -> C:\Program Files (x86)\Dia\bin\diaw.exe () -> --integrated ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AI Suite 3\Uninstall AI Suite 3.lnk -> C:\ProgramData\ASUS\AI Suite III\Setup.exe () -> -u ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Navigator (Anaconda3).lnk -> C:\ProgramData\Anaconda3\pythonw.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\ProgramData\Anaconda3 C:\ProgramData\Anaconda3\pythonw.exe C:\ProgramData\Anaconda3\Scripts\anaconda-navigator-script.py ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Navigator.lnk -> C:\ProgramData\Anaconda3\pythonw.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\ProgramData\Anaconda3 C:\ProgramData\Anaconda3\pythonw.exe C:\ProgramData\Anaconda3\Scripts\anaconda-navigator-script.py ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Powershell Prompt (Anaconda3).lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -ExecutionPolicy ByPass -NoExit -Command "& 'C:\ProgramData\Anaconda3\shell\condabin\conda-hook.ps1' ; conda activate 'C:\ProgramData\Anaconda3' " ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Jupyter Notebook (Anaconda3).lnk -> C:\ProgramData\Anaconda3\python.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\ProgramData\Anaconda3 C:\ProgramData\Anaconda3\python.exe C:\ProgramData\Anaconda3\Scripts\jupyter-notebook-script.py "%USERPROFILE%/" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Jupyter Notebook (r_env).lnk -> C:\ProgramData\Anaconda3\python.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\Users\thoma\.conda\envs\r_env C:\Users\thoma\.conda\envs\r_env\python.exe C:\Users\thoma\.conda\envs\r_env\Scripts\jupyter-notebook-script.py "%USERPROFILE%/" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Reset Spyder Settings (Anaconda3).lnk -> C:\ProgramData\Anaconda3\python.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\ProgramData\Anaconda3 C:\ProgramData\Anaconda3\python.exe C:\ProgramData\Anaconda3\Scripts\spyder-script.py --reset ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Spyder (Anaconda3).lnk -> C:\ProgramData\Anaconda3\pythonw.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\ProgramData\Anaconda3 C:\ProgramData\Anaconda3\pythonw.exe C:\ProgramData\Anaconda3\Scripts\spyder-script.py ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\josef\Desktop\Monitor Power OFF.lnk -> C:\Program Files (x86)\EIZO\Screen InStyle\ScreenInStyle.exe (EIZO Corporation) -> /off ShortcutWithArgument: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\josef\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\josef\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\josef\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto ShortcutWithArgument: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\maxim\Desktop\Monitor Power OFF.lnk -> C:\Program Files (x86)\EIZO\Screen InStyle\ScreenInStyle.exe (EIZO Corporation) -> /off ShortcutWithArgument: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto ShortcutWithArgument: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\Public\Videos\WinTV v8 Aufnahmen.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> C:\Users\Public\Videos\ ShortcutWithArgument: C:\Users\sandr\Desktop\Monitor Power OFF.lnk -> C:\Program Files (x86)\EIZO\Screen InStyle\ScreenInStyle.exe (EIZO Corporation) -> /off ShortcutWithArgument: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Google Notizen – Notizen & Listen.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki ShortcutWithArgument: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Notes in Google™ Keep.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=bnekgeakipbeljnpdnoggpakknfifdjf ShortcutWithArgument: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto ShortcutWithArgument: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Avast Secure Browser.lnk -> C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software) -> --check-run=src=quicklaunch ShortcutWithArgument: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Avast Secure Browser.lnk -> C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software) -> --check-run=src=taskbar ShortcutWithArgument: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default ShortcutWithArgument: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\sandr\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default ShortcutWithArgument: C:\Users\thoma\Desktop\Amazon Backup.lnk -> C:\Users\thoma\AppData\Local\Amazon Drive\AmazonPhotos.exe (Amazon.com Inc.) -> --source-desktop --show-status-window ShortcutWithArgument: C:\Users\thoma\Desktop\Discord.lnk -> C:\Users\thoma\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe ShortcutWithArgument: C:\Users\thoma\Desktop\Microsoft Teams.lnk -> C:\Users\thoma\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe" ShortcutWithArgument: C:\Users\thoma\Desktop\Monitor Power OFF.lnk -> C:\Program Files (x86)\EIZO\Screen InStyle\ScreenInStyle.exe (EIZO Corporation) -> /off ShortcutWithArgument: C:\Users\thoma\Desktop\Out of Milk.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> -json "{""app_icon_url"": """", ""app_name"": ""Out of Milk"", ""app_url"": """", ""app_pkg"": ""com.capigami.outofmilk""}" ShortcutWithArgument: C:\Users\thoma\Desktop\Screen InStyle.lnk -> C:\Program Files (x86)\EIZO\Screen InStyle\ScreenInStyle.exe (EIZO Corporation) -> /m ShortcutWithArgument: C:\Users\thoma\Desktop\Programme\Amazon Alexa.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> -json "{""app_icon_url"": """", ""app_name"": ""Amazon Alexa"", ""app_url"": """", ""app_pkg"": ""com.amazon.dee.app""}" ShortcutWithArgument: C:\Users\thoma\Desktop\Programme\Kasa.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> -json "{""app_icon_url"": """", ""app_name"": ""Kasa"", ""app_url"": """", ""app_pkg"": ""com.tplink.kasa_android""}" ShortcutWithArgument: C:\Users\thoma\Desktop\Programme\XDA.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> -json "{""app_icon_url"": """", ""app_name"": ""XDA"", ""app_url"": """", ""app_pkg"": ""com.xda.labs.play""}" ShortcutWithArgument: C:\Users\thoma\Desktop\Mathe\SageMath 8.8 Notebook.lnk -> C:\Users\thoma\AppData\Local\SageMath 8.8\runtime\bin\mintty.exe (Andy Koppe / Thomas Wolff) -> -t 'SageMath 8.8 Notebook Server' -i sagemath.ico /bin/bash --login -c '/opt/sagemath-8.8/sage --notebook jupyter' ShortcutWithArgument: C:\Users\thoma\Desktop\Mathe\SageMath 8.8 Shell.lnk -> C:\Users\thoma\AppData\Local\SageMath 8.8\runtime\bin\mintty.exe (Andy Koppe / Thomas Wolff) -> -t 'SageMath 8.8 Shell' -i sagemath.ico /bin/bash --login -c '/opt/sagemath-8.8/sage -sh' ShortcutWithArgument: C:\Users\thoma\Desktop\ADS\Anaconda Navigator (Anaconda3).lnk -> C:\ProgramData\Anaconda3\pythonw.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\ProgramData\Anaconda3 C:\ProgramData\Anaconda3\pythonw.exe C:\ProgramData\Anaconda3\Scripts\anaconda-navigator-script.py ShortcutWithArgument: C:\Users\thoma\Desktop\ADS\Anaconda Powershell Prompt (Anaconda3).lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -ExecutionPolicy ByPass -NoExit -Command "& 'C:\ProgramData\Anaconda3\shell\condabin\conda-hook.ps1' ; conda activate 'C:\ProgramData\Anaconda3' " ShortcutWithArgument: C:\Users\thoma\Desktop\ADS\Jupyter Notebook (Anaconda3).lnk -> C:\ProgramData\Anaconda3\python.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\ProgramData\Anaconda3 C:\ProgramData\Anaconda3\python.exe C:\ProgramData\Anaconda3\Scripts\jupyter-notebook-script.py "%USERPROFILE%/" ShortcutWithArgument: C:\Users\thoma\Desktop\ADS\R x64 3.6.2.lnk -> C:\Program Files\R\R-3.6.2\bin\x64\Rgui.exe () -> --cd-to-userdocs ShortcutWithArgument: C:\Users\thoma\Desktop\ADS\Reset Spyder Settings (Anaconda3).lnk -> C:\ProgramData\Anaconda3\python.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\ProgramData\Anaconda3 C:\ProgramData\Anaconda3\python.exe C:\ProgramData\Anaconda3\Scripts\spyder-script.py --reset ShortcutWithArgument: C:\Users\thoma\Desktop\ADS\Spyder (Anaconda3).lnk -> C:\ProgramData\Anaconda3\pythonw.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\ProgramData\Anaconda3 C:\ProgramData\Anaconda3\pythonw.exe C:\ProgramData\Anaconda3\Scripts\spyder-script.py ShortcutWithArgument: C:\Users\thoma\Desktop\ADS\Weka 3.8.4 (with console).lnk -> C:\Program Files\Weka-3-8-4\jre\zulu11.35.15-ca-fx-jre11.0.5-win_x64\bin\java.exe (Azul Systems Inc.) -> -classpath "C:\Program Files\Weka-3-8-4" RunWeka -i "C:\Program Files\Weka-3-8-4\RunWeka.ini" -w "C:\Program Files\Weka-3-8-4\weka.jar" -c console -jre-path "C:\Program Files\Weka-3-8-4\jre\zulu11.35.15-ca-fx-jre11.0.5-win_x64" ShortcutWithArgument: C:\Users\thoma\Desktop\ADS\Weka 3.8.4.lnk -> C:\Program Files\Weka-3-8-4\jre\zulu11.35.15-ca-fx-jre11.0.5-win_x64\bin\javaw.exe (Azul Systems Inc.) -> -classpath "C:\Program Files\Weka-3-8-4" RunWeka -i "C:\Program Files\Weka-3-8-4\RunWeka.ini" -w "C:\Program Files\Weka-3-8-4\weka.jar" -jre-path "C:\Program Files\Weka-3-8-4\jre\zulu11.35.15-ca-fx-jre11.0.5-win_x64" ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Photos.lnk -> C:\Users\thoma\AppData\Local\Amazon Drive\AmazonPhotos.exe (Amazon.com Inc.) -> --source-startmenu ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk -> C:\Users\thoma\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe" ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) -> /tsr ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\thoma\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Video Communications, Inc.) -> /uninstall ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MicroSIP.lnk -> C:\Users\thoma\AppData\Local\MicroSIP\microsip.exe (www.microsip.org) -> /minimized ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SageMath 8.8\SageMath 8.8 Notebook.lnk -> C:\Users\thoma\AppData\Local\SageMath 8.8\runtime\bin\mintty.exe (Andy Koppe / Thomas Wolff) -> -t 'SageMath 8.8 Notebook Server' -i sagemath.ico /bin/bash --login -c '/opt/sagemath-8.8/sage --notebook jupyter' ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SageMath 8.8\SageMath 8.8 Shell.lnk -> C:\Users\thoma\AppData\Local\SageMath 8.8\runtime\bin\mintty.exe (Andy Koppe / Thomas Wolff) -> -t 'SageMath 8.8 Shell' -i sagemath.ico /bin/bash --login -c '/opt/sagemath-8.8/sage -sh' ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SageMath 8.8\SageMath 8.8.lnk -> C:\Users\thoma\AppData\Local\SageMath 8.8\runtime\bin\mintty.exe (Andy Koppe / Thomas Wolff) -> -t 'SageMath 8.8 Console' -i sagemath.ico /bin/bash --login -c '/opt/sagemath-8.8/sage' ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.5.0-2-x64\Interactive Ruby.lnk -> C:\Program Files\Ruby25-x64\bin\irb.cmd () -> -rirb/completion ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.5.0-2-x64\RubyGems Documentation Server.lnk -> C:\Program Files\Ruby25-x64\bin\gem.cmd () -> server --launch ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.5.0-2-x64\Start Command Prompt with Ruby.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /E:ON /K C:\Program Files\Ruby25-x64\bin\setrbvars.cmd ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.8\IDLE (Python 3.8 32-bit).lnk -> C:\Users\thoma\AppData\Local\Programs\Python\Python38-32\pythonw.exe (Python Software Foundation) -> "C:\Users\thoma\AppData\Local\Programs\Python\Python38-32\Lib\idlelib\idle.pyw" ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.8\Python 3.8 Module Docs (32-bit).lnk -> C:\Users\thoma\AppData\Local\Programs\Python\Python38-32\python.exe (Python Software Foundation) -> -m pydoc -b ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSYS2 64bit\MSYS2 MinGW 32-bit.lnk -> C:\Program Files\msys2\msys2_shell.cmd () -> -mingw32 ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSYS2 64bit\MSYS2 MinGW 64-bit.lnk -> C:\Program Files\msys2\msys2_shell.cmd () -> -mingw64 ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSYS2 64bit\MSYS2 MSYS.lnk -> C:\Program Files\msys2\msys2_shell.cmd () -> -msys ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView - Thumbnails.lnk -> C:\Program Files\IrfanView\i_view64.exe (Irfan Skiljan) -> /thumbs ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum ABC\Electrum ABC (Software OpenGL).lnk -> C:\Program Files (x86)\Electrum ABC\ElectrumABC.exe () -> --qt_opengl software ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum ABC\Electrum ABC Testnet.lnk -> C:\Program Files (x86)\Electrum ABC\ElectrumABC.exe () -> --testnet ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electron Cash\Electron Cash (Software OpenGL).lnk -> C:\Program Files (x86)\Electron Cash\Electron-Cash.exe () -> --qt_opengl software ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electron Cash\Electron Cash Scalenet.lnk -> C:\Program Files (x86)\Electron Cash\Electron-Cash.exe () -> --scalenet ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electron Cash\Electron Cash Testnet.lnk -> C:\Program Files (x86)\Electron Cash\Electron-Cash.exe () -> --testnet ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electron Cash\Electron Cash Testnet4.lnk -> C:\Program Files (x86)\Electron Cash\Electron-Cash.exe () -> --testnet4 ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord.lnk -> C:\Users\thoma\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AusweisApp2\Uninstall AusweisApp2.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {27284E9D-0BCF-441A-82B9-5B96F5C09701} ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Reset Spyder Settings (r_env).lnk -> C:\ProgramData\Anaconda3\python.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\Users\thoma\.conda\envs\r_env C:\Users\thoma\.conda\envs\r_env\python.exe C:\Users\thoma\.conda\envs\r_env\Scripts\spyder-script.py --reset ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Spyder (r_env).lnk -> C:\ProgramData\Anaconda3\pythonw.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\Users\thoma\.conda\envs\r_env C:\Users\thoma\.conda\envs\r_env\pythonw.exe C:\Users\thoma\.conda\envs\r_env\Scripts\spyder-script.py ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\SendTo\WinSCP (zum Hochladen).lnk -> C:\Program Files (x86)\WinSCP\WinSCP.exe (Martin Prikryl) -> /upload ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Avast Secure Browser.lnk -> C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software) -> --check-run=src=quicklaunch ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE (Microsoft Corporation) -> /recycle ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Avast Secure Browser.lnk -> C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software) -> --check-run=src=taskbar ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default ShortcutWithArgument: C:\Users\thoma\AppData\Local\SageMath 8.8\SageMath 8.8 Notebook.lnk -> C:\Users\thoma\AppData\Local\SageMath 8.8\runtime\bin\mintty.exe (Andy Koppe / Thomas Wolff) -> -t 'SageMath 8.8 Notebook Server' -i sagemath.ico /bin/bash --login -c '/opt/sagemath-8.8/sage --notebook jupyter' ShortcutWithArgument: C:\Users\thoma\AppData\Local\SageMath 8.8\SageMath 8.8 Shell.lnk -> C:\Users\thoma\AppData\Local\SageMath 8.8\runtime\bin\mintty.exe (Andy Koppe / Thomas Wolff) -> -t 'SageMath 8.8 Shell' -i sagemath.ico /bin/bash --login -c '/opt/sagemath-8.8/sage -sh' ShortcutWithArgument: C:\Users\thoma\AppData\Local\SageMath 8.8\SageMath 8.8.lnk -> C:\Users\thoma\AppData\Local\SageMath 8.8\runtime\bin\mintty.exe (Andy Koppe / Thomas Wolff) -> -t 'SageMath 8.8 Console' -i sagemath.ico /bin/bash --login -c '/opt/sagemath-8.8/sage' ShortcutWithArgument: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\thoma\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode 64bit\XMedia Recode 64bit im Internet.url -> URL: hxxp://www.xmedia-recode.de/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual BCD\Visit Visual BCD site.url -> URL: hxxp://boyans.my3gb.com InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeraCrypt\VeraCrypt Website.url -> URL: hxxps://www.veracrypt.fr InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill\Visit PDFill Home Page.url -> URL: hxxp://www.PDFill.com InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\obs-websocket\obs-websocket on the Web.url -> URL: hxxp://github.com/Palakis/obs-websocket InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js documentation.url -> URL: hxxps://nodejs.org/download/release/v14.17.0/docs/api/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js website.url -> URL: hxxps://nodejs.org/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool ShadowMaker\MiniTool Web site.url -> URL: hxxps://www.minitool.com/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12\MiniTool Partition Wizard im Internet.url -> URL: hxxp://www.partitionwizard.com InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LizardSystems\Wi-Fi Scanner\Wi-Fi Scanner on the Web.url -> URL: hxxps://lizardsystems.com InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KNIME\Additional resources\How to update KNIME Analytics Platform.url -> URL: hxxps://www.knime.com/downloads/update InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KNIME\Additional resources\KNIME Analytics Platform on the Web.url -> URL: hxxps://www.knime.com InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KNIME\Additional resources\KNIME Forum.url -> URL: hxxps://www.knime.com/forum InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KNIME\Additional resources\Learning hub.url -> URL: hxxps://www.knime.com/learning-hub InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Besuchen Sie Java.com.url -> URL: hxxps://java.com/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Hilfe aufrufen.url -> URL: hxxps://java.com/help InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape\Inkscape Homepage.url -> URL: hxxps://inkscape.org InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HBCI-Modul für Money 99 Version 2000\Online-FAQ von Gerald Vogt.url -> URL: hxxps://money.gvogt.de/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuCash\Fehlerbericht einsenden für GnuCash (online, engl.).url -> URL: hxxps://bugs.gnucash.org/enter_bug.cgi?product=GnuCash InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuCash\GnuCash Häufige Fragen (online, engl.).url -> URL: hxxp://wiki.gnucash.org/wiki/FAQ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git\Git FAQs (Frequently Asked Questions).url -> URL: hxxps://github.com/git-for-windows/git/wiki/FAQ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis\HDR projects 4\Webseite - HDR projects 4.url -> URL: hxxp://www.hdr-projects.de InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management\Get Involved.url -> URL: hxxps://calibre-ebook.com/get-involved InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management\User Manual.url -> URL: hxxps://manual.calibre-ebook.com/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft\ApowerMirror\ApowerMirror im Internet.url -> URL: hxxps://www.apowersoft.com/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Any Video Recorder\Any Video Recorder im Internet.url -> URL: hxxp://www.anvsoft.com/ InternetURL: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch Games\Darksiders II Deathinitive Edition.url -> URL: twitch://fuel-launch/790f3b07-fc9c-4efe-bb66-32bd348a9d23 InternetURL: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch Games\Double Cross.url -> URL: twitch://fuel-launch/e3bc3283-5464-4946-80b8-8ac1401f7b16 InternetURL: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch Games\Planet Alpha.url -> URL: twitch://fuel-launch/fe19ef5f-a1e0-4caf-96b4-590b2c022b15 InternetURL: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch Games\Sword Legacy Omen.url -> URL: twitch://fuel-launch/25071895-d6cb-49ce-98fe-4a2c3c92b9fc InternetURL: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch Games\Turmoil.url -> URL: twitch://fuel-launch/9f710b74-9960-4411-bdfc-3cd846ca812c InternetURL: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Source SDK Base 2007.url -> URL: steam://rungameid/218 InternetURL: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeeForm\KeeForm help.url -> URL: hxxps://keeform.org/keepass/keeform-faq InternetURL: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box\FRITZ!Box USB-Fernanschluss Onlineunterstützung.url -> BASEURL: hxxps://avm.de/ URL: hxxps://avm.de/ InternetURL: C:\Users\thoma\AppData\Local\MicroSIP\MicroSIP Website.url -> URL: hxxp://www.microsip.org/ InternetURL: C:\Users\thoma\AppData\Local\MEGAsync\MEGA Website.url -> URL: hxxp://www.mega.nz InternetURL: C:\Users\thoma\.conda\pkgs\m2w64-gettext-0.19.7-2\Library\mingw-w64\share\gettext\projects\TP\teams.url -> InternetURL: C:\Users\thoma\.conda\pkgs\m2w64-gettext-0.19.7-2\Library\mingw-w64\share\gettext\projects\KDE\teams.url -> InternetURL: C:\Users\thoma\.conda\pkgs\m2w64-gettext-0.19.7-2\Library\mingw-w64\share\gettext\projects\GNOME\teams.url -> InternetURL: C:\Users\thoma\.conda\envs\r_env\Library\mingw-w64\share\gettext\projects\TP\teams.url -> InternetURL: C:\Users\thoma\.conda\envs\r_env\Library\mingw-w64\share\gettext\projects\KDE\teams.url -> InternetURL: C:\Users\thoma\.conda\envs\r_env\Library\mingw-w64\share\gettext\projects\GNOME\teams.url -> ==================== Ende vom Shortcut.txt ============================= Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 26-06-2021 durchgeführt von thoma (27-06-2021 20:51:53) Gestartet von D:\download\+++ troyaner +++ Windows 10 Pro Version 21H1 19043.1081 (X64) (2020-09-06 13:20:58) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-4198695647-2910091461-4277131257-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-4198695647-2910091461-4277131257-503 - Limited - Disabled) Gast (S-1-5-21-4198695647-2910091461-4277131257-501 - Limited - Disabled) josef (S-1-5-21-4198695647-2910091461-4277131257-1010 - Limited - Enabled) => C:\Users\josef maxim (S-1-5-21-4198695647-2910091461-4277131257-1005 - Limited - Enabled) => C:\Users\maxim sandr (S-1-5-21-4198695647-2910091461-4277131257-1003 - Limited - Enabled) => C:\Users\sandr thoma (S-1-5-21-4198695647-2910091461-4277131257-1001 - Administrator - Enabled) => C:\Users\thoma WDAGUtilityAccount (S-1-5-21-4198695647-2910091461-4277131257-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 1&1 Upload-Manager (HKLM-x32\...\1&1 Upload-Manager) (Version: 2.0.676 - 1&1 Internet AG) 1&1 Verschlüsselung 1.0.4 (HKLM\...\{1und1Tresor}}_is1) (Version: 1.0.4 - 1&1 Telecom GmbH) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) Adobe Acrobat 8 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 8 Professional - English, Français, Deutsch) (Version: 8.0.0 - Adobe Systems) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated) Adobe Connect (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Adobe Connect App) (Version: 2018.7.10.32 - Adobe Systems Inc.) Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated) AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.01.74 - ASUSTeK Computer Inc.) AIOZ Node 0.6.0 (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\{1f0f3aff-318d-51e5-9646-f552872d8302}) (Version: 0.6.0 - AIOZ Company) Amazon Music (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Amazon Amazon Music) (Version: 7.9.2.2161 - Amazon Services LLC) Amazon Photos (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Amazon Photos) (Version: 6.3.4 - Amazon.com, Inc.) Anaconda3 2019.10 (Python 3.7.4 64-bit) (HKLM\...\Anaconda3 2019.10 (Python 3.7.4 64-bit)) (Version: 2019.10 - Anaconda, Inc.) ANT Drivers Installer x64 (HKLM\...\{16BA964D-698D-4663-8FA7-B9613DA7958B}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Any Video Recorder Version 1.0.4 (HKLM-x32\...\{17D86E62-4849-49BC-83D2-FA369CEEA9D9}_is1) (Version: 1.0.4 - anvsoft, Inc.) AnyMusic 7.0.1 (HKLM\...\4e5f07cb-57d0-511b-8d72-f92e9ac978dd) (Version: 7.0.1 - AmoyShare Technology Company) ApowerMirror V1.2.6 (HKLM-x32\...\{a9482532-9c34-478c-80c3-85bdccbb981f}_is1) (Version: 1.2.6 - APOWERSOFT LIMITED) Ashampoo Burning Studio 2017 (HKLM-x32\...\{91B33C97-C878-6579-69BA-23E5405C7AAB}_is1) (Version: 18.0.6 - Ashampoo GmbH & Co. KG) Ashampoo Home Design 5 (HKLM\...\{6FE137BD-F8A3-4995-B812-04928FFD3D73}_is1) (Version: 5.0.0 - Ashampoo GmbH & Co. KG) Assassin's Creed II (HKLM-x32\...\Uplay Install 4) (Version: - Ubisoft) Asus ProductDaemonSetup (HKLM\...\{36606417-B1C4-42C2-B5C1-67972DA63DAB}) (Version: 3.6.2001 - ASUSTeK COMPUTER INC) Hidden Asus Sonic Radar 3 (HKLM-x32\...\{03578a87-5019-45bd-995a-0f27d579a180}) (Version: 3.6.20.45572 - ASUSTeK COMPUTER INC) Asus SonicRadar3Setup (HKLM\...\{E71A86BF-6EA5-42D2-A735-F41C603FB180}) (Version: 3.6.20.45572 - ASUSTeK COMPUTER INC) Hidden Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team) Audacity 3.0.0 (HKLM-x32\...\Audacity_is1) (Version: 3.0.0 - Audacity Team) Audials 2021 (HKLM-x32\...\{AB220426-B935-4321-BEEE-C463F0EB7A94}) (Version: 21.0.135.0 - Audials AG) Audials Music Tube 2020 (HKLM-x32\...\{C713B2DF-BAF9-4A3C-96FF-1390589EF4C3}) (Version: 20.2.5.0 - Audials AG) Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber) AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.05.25 - ASUSTeK Computer Inc.) Aurora HDR 2018 (HKLM\...\{BB7ADD89-7C4D-430B-9D3C-8597736DFB4E}) (Version: 1.2.0.2114 - Skylum) Hidden Aurora HDR 2018 (HKLM-x32\...\{66060156-f85d-49d2-a414-29e2b65b7e27}) (Version: 1.2.0.2114 - Skylum) AusweisApp2 (HKLM-x32\...\{27284E9D-0BCF-441A-82B9-5B96F5C09701}) (Version: 1.14.0 - Governikus GmbH & Co. KG) AusweisApp2 (HKLM-x32\...\{F08F1F50-C989-4E8B-A74C-A2FFABF590FB}) (Version: 1.20.1 - Governikus GmbH & Co. KG) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.4.2464 - Avast Software) Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 91.0.10364.115 - Die Avast Secure Browser-Autoren) BeCyPDFMetaEdit (HKLM-x32\...\BeCyPDFMetaEdit) (Version: 2.37.0 - Benjamin Bentmann) BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.200.0.5201 - BlueStack Systems, Inc.) Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 91.1.26.67 - Die Brave-Autoren) calibre 64bit (HKLM\...\{839721E4-35F6-4563-A3A0-931603356771}) (Version: 5.17.0 - Kovid Goyal) Cloudevo 3.5.4 (HKLM\...\Cloudevo) (Version: 3.5.4 - Evorim) concept/design onlineTV 15 (HKLM-x32\...\{C9F7D843-78C5-4A81-A350-D39F00E80178}_is1) (Version: 15.19.9.21 - concept/design GmbH) ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper) Corsair LINK 4 (HKLM-x32\...\{7fcaaab1-7a64-4d52-b622-00a41e3a5641}) (Version: 4.9.0.57 - Corsair Components, Inc.) Corsair LINK 4 (HKLM-x32\...\{C636E92F-74DD-42A1-B614-64BC42D2DA3A}) (Version: 4.9.0.57 - Corsair Components, Inc.) Hidden CPUID CPU-Z 1.81 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.81 - ) <==== ACHTUNG Cryptomator (HKLM\...\{Cryptomator}}_is1) (Version: 1.4.0 - cryptomator.org) Cryptomator (HKLM\...\Cryptomator_is1) (Version: 1.5.11 - cryptomator.org) Cut Out pro 4.0 (HKLM\...\Cut Out pro 4_is1) (Version: - Franzis.de) CyberLink PhotoDirector 9 (HKLM-x32\...\{90BB14DB-2494-40fe-AE58-4930B3CFB4BD}) (Version: 9.0.3913.0 - CyberLink Corp.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Darksiders II Deathinitive Edition (HKLM-x32\...\{790F3B07-FC9C-4EFE-BB66-32BD348A9D23}) (Version: - DVG Nordic Games) darktable (HKLM\...\darktable) (Version: 2.6.0 - the darktable project) DaVinci Resolve (HKLM\...\{DA0D6D0F-D6C0-4718-81F7-4C49B1A2517B}) (Version: 14.0.1008 - Blackmagic Design) DaVinci Resolve Panels (HKLM\...\{6A8DCCDF-BC76-4964-B429-D74E5FC11E98}) (Version: 1.1.1.0 - Blackmagic Design) DB Browser for SQLite (HKLM-x32\...\DB Browser for SQLite) (Version: 3.10.1 - DB Browser for SQLite Team) DDBAC (HKLM-x32\...\{3D339F02-6D1F-41D8-B315-F104815AF293}) (Version: 5.8.3.0 - B+S Banksysteme Aktiengesellschaft) DDBAC (HKLM-x32\...\{6289552C-70E8-4537-A808-31A94324F81F}) (Version: 5.7.85.0 - B+S Banksysteme Aktiengesellschaft) DDBAC (HKLM-x32\...\{9C3AE26C-7641-420B-B2AC-E737324D6567}) (Version: 5.8.4.0 - B+S Banksysteme Aktiengesellschaft) DeepL (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\DeepL) (Version: 2.5.1 - DeepL GmbH) DFUDriverSetupX64Setup (HKLM-x32\...\{D662C345-04FD-4F6C-AB68-B9BC6D6A5D2F}) (Version: 7.0.32822.0 - GN Netcom A/S) Hidden Dia (nur entfernen) (HKLM-x32\...\Dia) (Version: - ) Discord (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Discord) (Version: 0.0.309 - Discord Inc.) Dokan Library 1.4.0.1000 (x64) (HKLM\...\{65A3A964-3DC3-0104-0000-200601191219}) (Version: 1.4.0.1000 - Dokany Project) Double Cross (HKLM-x32\...\{E3BC3283-5464-4946-80B8-8AC1401F7B16}) (Version: - Graffiti Games) EasyBCD 2.4 (HKLM-x32\...\EasyBCD) (Version: 2.4 - NeoSmart Technologies) easyHDR 2 (HKLM-x32\...\easyHDR_2) (Version: 2.30.6 - BRTKSOFT Bartlomiej Okonek) Electron Cash (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Electron Cash) (Version: 4.2.3 - Electron Cash LLC) Electrum ABC (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Electrum ABC) (Version: 4.3.2 - Bitcoin ABC) Elevated Installer (HKLM-x32\...\{877496C2-70B0-42F1-835A-FAFE2CF0199C}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries) Hidden ElsterFormular (HKLM-x32\...\{E87F334F-CD4E-47F3-AFCD-19EBFCFFA6A3}) (Version: 21.2 - Thüringer Landesamt für Finanzen) Epic Games Launcher (HKLM-x32\...\{F25ACB37-FF26-467D-B5DA-15E81F4A1771}) (Version: 1.1.257.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Eraser 6.2.0.2991 (HKLM\...\{D13C63B1-1968-466D-A3C4-AE78BDDF35D2}) (Version: 6.2.2991 - The Eraser Project) Eudora (HKLM-x32\...\{4D6F8246-E01D-4877-ACA7-949E5CC7D04A}) (Version: 7.0 - ) EventReporter 16.0 - Build 421 (HKLM-x32\...\{CC20E766-AFD3-4150-9410-8C24B9D1E728}) (Version: 16.0.0.421 - Adiscon GmbH) Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated) FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - ) Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.94.416 - Digital Wave Ltd) FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - ) FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\195fa74437467f40) (Version: 2.3.4.0 - AVM Berlin) GameFirst IV (HKLM-x32\...\{3A6CC7B3-FD9C-48C1-A1EC-46A5B677E739}) (Version: 1.6.6.0 - ASUSTeK COMPUTER INC.) Hidden GameFirst IV (HKLM-x32\...\GameFirst IV 1.6.6.0) (Version: 1.6.6.0 - ASUSTeK COMPUTER INC.) Garmin Express (HKLM-x32\...\{235f2ee5-7383-44df-a298-01221caa5532}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries) Garmin Express (HKLM-x32\...\{E944FA32-8BCF-474F-BFB2-D1EF24555873}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries) Hidden GeoGebra Graphing (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\GeoGebra_Graphing) (Version: 6.0.387 - International GeoGebra Institute) Gigaset QuickSync (HKLM\...\{8029c171-7eda-4dec-8d67-e7f1b33c8861}) (Version: 8.6.0876.3 - Gigaset Communications GmbH) GIMP 2.10.24 (HKLM\...\GIMP-2_is1) (Version: 2.10.24 - The GIMP Team) Git version 2.31.1 (HKLM\...\Git_is1) (Version: 2.31.1 - The Git Development Community) GlassWire 2.3 (remove only) (HKLM-x32\...\GlassWire 2.3) (Version: 2.3.318 - SecureMix LLC) GNU Privacy Guard (HKLM-x32\...\GnuPG) (Version: 2.2.27 - The GnuPG Project) GnuCash 4.4 (HKLM-x32\...\GnuCash_is1) (Version: - GnuCash Development Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.124 - Google LLC) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden GoTo Opener (HKLM-x32\...\{2C183CF0-3077-43D0-B001-F93AC5E68942}) (Version: 1.0.487 - LogMeIn, Inc.) GoToMeeting 10.15.0.19228 (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\GoToMeeting) (Version: 10.15.0.19228 - LogMeIn, Inc.) Gpg4win (3.1.15) (HKLM-x32\...\Gpg4win) (Version: 3.1.15 - The Gpg4win Project) GPL Ghostscript (HKLM\...\GPL Ghostscript 9.53.3) (Version: 9.53.3 - Artifex Software Inc.) gsview (HKLM\...\gsview 6.0) (Version: 6.0 - Artifex Software Inc.) HackCheck 2018 (HKLM-x32\...\f9a6b7ed-0223-427f-8e72-61c38d4aa8f1_is1) (Version: 1.08 - Abelssoft) Hauppauge WinTV 8.5 (HKLM-x32\...\Hauppauge WinTV 8.5) (Version: v8.5.36354 (Premium) - Hauppauge Computer Works) HBCIFM99 - Service-Update 1.1.1.20 (HKLM-x32\...\HBCIFM99 - Service-Update_is1) (Version: 1.1.1.20 - Dr. Ulrich Amann) HBCI-Modul für Money 99 Version 2000 (HKLM-x32\...\{8A13EBF6-6249-4C0D-92BE-F8497C922311}_is1) (Version: 5.1.0.17 - Dr. Ulrich Amann) HDR projects 4 (64-Bit) (HKLM\...\HDR_PROJECTS_4_2_3BF7CE82_is1) (Version: 4.41 - Franzis Verlag GmbH) HP Imaging Device Functions 9.0 (HKLM\...\HP Imaging Device Functions) (Version: 9.0 - HP) HP OCR Software 9.0 (HKLM\...\HPOCR) (Version: 9.0 - HP) HP Photosmart Essential (HKLM-x32\...\{EB21A812-671B-4D08-B974-2A347F0D8F70}) (Version: 1.12.0.46 - HP) HP Scanjet 8270 9.0 (HKLM\...\{FF149BEA-287F-4cf6-A1EC-9AB6E9CF1399}) (Version: 9.0 - HP) HP Solution Center 9.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 9.0 - HP) IMAPSize 0.3.7 (HKLM-x32\...\IMAPSize_is1) (Version: - Broobles) Inkscape (HKLM-x32\...\Inkscape) (Version: 1.0.0-rc1 - Inkscape) Intel Driver && Support Assistant (HKLM-x32\...\{C38DE4F8-DF58-4B5D-9D4C-1F68773A2AE2}) (Version: 21.3.21.5 - Intel) Hidden Intel(R) Computing Improvement Program (HKLM\...\{50883721-017E-40C5-9B65-F11F20DE8B45}) (Version: 2.4.07630 - Intel Corporation) Intel(R) Network Connections 22.4.16.0 (HKLM\...\PROSetDX) (Version: 22.4.16.0 - Intel) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation) Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden Intel® Driver & Support Assistant (HKLM-x32\...\{9360c8cc-b617-469a-bb35-829c13e21d97}) (Version: 21.3.21.5 - Intel) IObit Software Updater (HKLM-x32\...\IObit Software Updater_is1) (Version: 3.6.0.2072 - IObit) IOTA Wallet 2.5.6 (only current user) (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\85125e2a-0211-5c49-9018-9358da1074b1) (Version: 2.5.6 - IOTA Foundation) IrfanView 4.57 (64-bit) (HKLM\...\IrfanView64) (Version: 4.57 - Irfan Skiljan) Jabra Direct (HKLM-x32\...\{999d698d-2e2a-4018-ac07-3e90c78e5327}) (Version: 5.5.37716 - GN Audio A/S) Jabra Direct (HKLM-x32\...\{CB9B5476-F6A2-49BD-A87C-7B9B16729B69}) (Version: 5.5.37716 - GN Audio A/S) Hidden Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation) KeeForm 4.1.0 thoma (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\KeeForm3KP2 thoma_is1) (Version: 4.1.0 - keeform.org) KeePass Password Safe 2.48.1 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.48.1 - Dominik Reichl) KeePassXC (HKLM\...\{ECCC6E1C-C5D1-4B71-94B0-B2F713AF9036}) (Version: 2.4.1 - KeePassXC Team) Kite (HKLM\...\Kite) (Version: - Manhattan Engineering Inc) KNIME Analytics Platform (HKLM\...\{61835C86-6D51-497F-A6BD-F0B4A8F0014A}_is1) (Version: 4.1.1 - KNIME AG) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 14.0.0.0 - EditShare) Luminar 2018 (HKLM\...\{935AB8A6-0E0A-41E4-BAC3-5EBDCDC7F766}) (Version: 1.3.2.2677 - Skylum) Hidden Luminar 2018 (HKLM-x32\...\{cef6a17e-c579-49aa-beec-ea478a12248e}) (Version: 1.3.2.2677 - Skylum) Luminar 3 (HKLM\...\Luminar 3) (Version: 3.2.0.5246 - Skylum) Macrium Reflect Free Edition (HKLM\...\{E10EA502-8814-4DA4-8989-A8B1B38600A5}) (Version: 7.3.5321 - Paramount Software (UK) Ltd.) Hidden Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 7.3 - Paramount Software (UK) Ltd.) MAGIX Cloud Import (HKLM\...\{E2EC0850-84BF-4A86-842E-4A100473FB22}) (Version: 0.1.0.5 - MAGIX Software GmbH) Hidden MAGIX Cloud Import (HKLM\...\MX.{E2EC0850-84BF-4A86-842E-4A100473FB22}) (Version: 0.1.0.5 - MAGIX Software GmbH) MAGIX Connect (HKLM\...\{B0C73D27-EB3E-4D0E-B40D-0141DAF708CC}) (Version: 3.0.0.1 - MAGIX Software GmbH) Hidden MAGIX Connect (HKLM\...\MX.{B0C73D27-EB3E-4D0E-B40D-0141DAF708CC}) (Version: 3.0.0.1 - MAGIX Software GmbH) MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Photostory Deluxe COMPUTER BILD-Edition (HKLM\...\{C612F6E2-77DD-4C3D-A13E-ACBEF750C451}) (Version: 18.1.1.53 - MAGIX Software GmbH) Hidden MAGIX Photostory Deluxe COMPUTER BILD-Edition (HKLM\...\MX.{C612F6E2-77DD-4C3D-A13E-ACBEF750C451}) (Version: 18.1.1.53 - MAGIX Software GmbH) MAGIX Soundpool Music Maker - Feel good (HKLM\...\{DFEE4333-B802-4E27-9521-2D9E970B7813}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Speed burnR (HKLM\...\{370FD2B5-6A2F-4BB9-8B5F-F5CE6F0C01E5}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden MAGIX Speed burnR (HKLM-x32\...\MX.{370FD2B5-6A2F-4BB9-8B5F-F5CE6F0C01E5}) (Version: 7.0.2.6 - MAGIX Software GmbH) MAGIX Video deluxe COMPUTER BILD-Edition (HKLM\...\{BA25FF95-1BE8-4F11-9598-32F3755CDE31}) (Version: 18.0.1.209 - MAGIX Software GmbH) Hidden MAGIX Video deluxe COMPUTER BILD-Edition (HKLM\...\MX.{BA25FF95-1BE8-4F11-9598-32F3755CDE31}) (Version: 18.0.1.209 - MAGIX Software GmbH) Malwarebytes version 4.4.0.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 - Malwarebytes) MediaHuman YouTube to MP3 Converter 3.9.9.36 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.9.36 - MediaHuman) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) MicroSIP (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\MicroSIP) (Version: 3.20.6 - www.microsip.org) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.59 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 91.0.864.59 - Microsoft Corporation) Microsoft Money 99 (HKLM-x32\...\MSMONEYV70) (Version: - ) Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4198695647-2910091461-4277131257-1003\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4198695647-2910091461-4277131257-1005\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4198695647-2910091461-4277131257-1010\...\OneDriveSetup.exe) (Version: 19.152.0801.0007 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{82f2609e-68ba-408d-963f-530ad8809435}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.60724 - Microsoft Corporation) Microsoft Visual Studio Code (User) (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.53.2 - Microsoft Corporation) MiKTeX (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\MiKTeX) (Version: 21.2 - MiKTeX.org) MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org) MiniTool MovieMaker (HKLM-x32\...\{MT-39B9213B-B182-41FB-B149-CD1016372F9C}_is1) (Version: 2.5 - MiniTool) MiniTool Partition Wizard Free 12 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Software Limited) MiniTool ShadowMaker PW Edition (HKLM-x32\...\MT-75D7C412-925B-4AD0-90DC-5E4FEE22EAE1_is1) (Version: 3.6 - MiniTool Software Limited) Money-Browser für Money 99 Version 2000 3.1.1.1 (HKLM-x32\...\{E9E9FCFC-9F1A-4EDC-8400-2EAB5A9DEB4F}_is1) (Version: 3.1.1.1 - Dr. Ulrich Amann) MongoDB 4.4.1 2008R2Plus SSL (64 bit) (HKLM\...\{B14F9AE3-91C5-4D56-A2E4-0DE06F6DFD36}) (Version: 4.4.1 - MongoDB Inc.) MongoDB Compass (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\MongoDBCompass) (Version: 1.22.1 - MongoDB Inc) Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden MovieJack free (HKLM-x32\...\{13a69dfb-9889-4340-8dd7-5855426ffcc7}) (Version: 4.0.7026.23051 - Engelmann Software) MovieJack free (HKLM-x32\...\{3A66BE6E-7F93-4949-9FCF-431309676FC0}) (Version: 4.0.7026.22792 - Engelmann Software) Hidden Mozilla Firefox 89.0.2 (x64 de) (HKLM\...\Mozilla Firefox 89.0.2 (x64 de)) (Version: 89.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.0 - Mozilla) Mozilla Thunderbird 68.12.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 68.12.1 (x86 de)) (Version: 68.12.1 - Mozilla) Mozilla Thunderbird 78.11.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 78.11.0 (x86 de)) (Version: 78.11.0 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSYS2 64bit (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\{fe30c1e5-3249-4a26-b3ff-ab923261cff0}) (Version: 20161025 - The MSYS2 Developers) Music Maker (HKLM\...\{D5FF45D3-3AE3-4490-85DE-04D059606382}) (Version: 25.0.2.44 - MAGIX Software GmbH) Hidden Music Maker (HKLM-x32\...\MX.{D5FF45D3-3AE3-4490-85DE-04D059606382}) (Version: 25.0.2.44 - MAGIX Software GmbH) NAPS2 5.3.1 (HKLM-x32\...\NAPS2 (Not Another PDF Scanner 2)_is1) (Version: - Ben Olden-Cooligan) Neo4j Desktop 1.3.8 (HKLM\...\14c7e06f-6a3b-5e4e-9e0c-ebe055b1b752) (Version: 1.3.8 - Neo4j Inc.) Node.js (HKLM\...\{140389EF-5573-4B66-9218-B739F767AFBD}) (Version: 14.17.0 - Node.js Foundation) NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation) NVIDIA Nsight Compute 2020.3.1 (HKLM\...\{1259B3DA-CFC4-4BEE-8DBD-B497981D2047}) (Version: 20.3.1.0 - NVIDIA Corporation) NVIDIA Nsight Systems 2020.4.3 (HKLM\...\{8A00392B-A561-4D04-990C-4D1741A5CDDE}) (Version: 20.4.3.7 - NVIDIA Corporation) NVIDIA Nsight Visual Studio Edition 2020.3.1.21012 (HKLM\...\{52E1BC67-764B-4A86-B794-3BDBA8E4E885}) (Version: 20.3.1.21012 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVIDIA Tools Extension SDK (NVTX) - 64 bit (HKLM\...\{B56D2F88-8865-40FD-B7AC-F074EE4D201D}) (Version: 1.00.00.00 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project) obs-websocket version 4.9.1 (HKLM-x32\...\{117EE44F-48E1-49E5-A381-CC8D9195CF35}_is1) (Version: 4.9.1 - Stephane Lepin) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14026.20308 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20308 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.1.7 (HKLM-x32\...\{81D7585D-3E44-4984-B99B-911492419D3E}) (Version: 4.17.9800 - Apache Software Foundation) paint.net (HKLM\...\{39136CF7-E6F5-4DE0-9AB6-EFB45F464590}) (Version: 4.2.4 - dotPDN LLC) Paragon Festplatten Manager™ 25 Jahre Limitierte Jubiläumsedition (HKLM-x32\...\{f541ba6a-92bf-466b-b956-5efa58ffe017}) (Version: 17.10.2.5049 - Paragon Software GmbH) Paragon Hard Disk Manager™ 25 Anniversary LE (HKLM\...\{14EEF044-2FC6-40AA-9285-F430B3D90EF6}) (Version: 17.10.2.5049 - Paragon Software) Hidden Paragon UIM (HKLM\...\{06B4D67B-9ECB-41E5-B4C1-92F529BB703D}) (Version: 24.65.0.487 - Paragon Software) Hidden Passbild-Generator v4.0b (HKLM-x32\...\Passbild-Generator_is1) (Version: - Passbild-Generator) PDF24 Creator 10.0.12 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.0.12 - PDF24.org) PDFill FREE PDF Editor Basic (HKLM\...\{26037138-C111-4BC5-88E8-DD2B2F2460C7}) (Version: 15.0 - PlotSoft LLC) PDFtk - The PDF Toolkit version 2.02 (HKLM-x32\...\{C65EA7B8-FC21-4896-AD44-9CE952BB1255}_is1) (Version: 2.02 - PDF Labs) PDF-XChange Editor (HKLM\...\{D9768EA7-98DE-4260-A55E-28DD9C4AFD04}) (Version: 9.0.354.0 - Tracker Software Products (Canada) Ltd.) Hidden PDF-XChange Editor (HKLM-x32\...\{ce6c8945-b029-4ebe-b3d4-96f6f0081e71}) (Version: 9.0.354.0 - Tracker Software Products (Canada) Ltd.) PhotoFiltre 7 (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\PhotoFiltre 7) (Version: - ) Planet Alpha (HKLM-x32\...\{FE19EF5F-A1E0-4CAF-96B4-590B2C022B15}) (Version: - Team17 Digital Ltd) ProRealTime (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\ProRealTime_is1) (Version: 1.16 - IT-Finance) PuTTY release 0.73 (64-bit) (HKLM\...\{44F7642C-AB7E-4468-B028-E8D08A0CBB0E}) (Version: 0.73.0.0 - Simon Tatham) PyCharm Community Edition 2019.3.3 (HKLM-x32\...\PyCharm Community Edition 2019.3.3) (Version: 193.6494.30 - JetBrains s.r.o.) Python 3.8.1 (32-bit) (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\{4e3c79d9-fd08-4d23-ba50-d6f19553b0ee}) (Version: 3.8.1150.0 - Python Software Foundation) Python 3.8.1 Core Interpreter (32-bit) (HKLM-x32\...\{03976998-4294-4FA5-9BE9-3E01B1DBEDC3}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 Development Libraries (32-bit) (HKLM-x32\...\{0211E4D2-E2F6-422D-AEC9-46AD4CC583DD}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 Documentation (32-bit) (HKLM-x32\...\{4408F4FC-AFC1-483E-A744-D61491A8AB85}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 Executables (32-bit) (HKLM-x32\...\{F4F906AC-DFDB-4DA2-86C4-D116EAB497FA}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 pip Bootstrap (32-bit) (HKLM-x32\...\{34B7C438-99B2-4876-8F3A-5295A7DA2AE0}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 Standard Library (32-bit) (HKLM-x32\...\{81CC98E6-C3E9-41EE-9ECC-30A6952AF726}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 Tcl/Tk Support (32-bit) (HKLM-x32\...\{F97C2D8A-7ED6-4BA9-BAA7-036878A8AC5B}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 Test Suite (32-bit) (HKLM-x32\...\{656BF6D9-2710-466C-8F82-88135B8EAF00}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 Utility Scripts (32-bit) (HKLM-x32\...\{EE756009-EBAF-4C88-A99B-2E30FD1FA5DC}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.9.4 (64-bit) (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\{e300c142-10a9-46f4-a195-bd40cb90a84f}) (Version: 3.9.4150.0 - Python Software Foundation) Python 3.9.4 Add to Path (64-bit) (HKLM\...\{D5076D33-101B-4402-AAC0-001C6D74D9AB}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden Python 3.9.4 Core Interpreter (64-bit) (HKLM\...\{DE09AD3C-F617-4EAF-B4F5-943473CB00DA}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden Python 3.9.4 Development Libraries (64-bit) (HKLM\...\{CCD8CD39-7BDE-46B9-9222-336226D0C346}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden Python 3.9.4 Documentation (64-bit) (HKLM\...\{C625291F-C4B5-45A7-B946-FFAB8535A64A}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden Python 3.9.4 Executables (64-bit) (HKLM\...\{A8C63C1D-BCF8-4446-AFAA-AE21DDA1DBEF}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden Python 3.9.4 pip Bootstrap (64-bit) (HKLM\...\{2E65BC05-C532-4BD6-ACDD-3CFDE86F5E36}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden Python 3.9.4 Standard Library (64-bit) (HKLM\...\{D8D430E7-0DCE-418C-A937-735F329C1AD8}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden Python 3.9.4 Tcl/Tk Support (64-bit) (HKLM\...\{E4228F0E-C40C-403A-9533-29BA5A9F9E99}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden Python 3.9.4 Test Suite (64-bit) (HKLM\...\{86FD19A0-F018-465C-B8C9-02EA01D35A4B}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden Python 3.9.4 Utility Scripts (64-bit) (HKLM\...\{0C0FBC09-C0AA-4B66-92BF-E321BC8C9FA5}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{12B4CAFF-F2FA-422B-B30C-2265217D8CF8}) (Version: 3.9.7398.0 - Python Software Foundation) R for Windows 3.6.2 (HKLM\...\R for Windows 3.6.2_is1) (Version: 3.6.2 - R Core Team) R for Windows 4.0.3 (HKLM\...\R for Windows 4.0.3_is1) (Version: 4.0.3 - R Core Team) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8273 - Realtek Semiconductor Corp.) Recordify 2018 (HKLM-x32\...\{E25B0FAA-66E5-4D2E-9B48-3B85B31543BF}_is1) (Version: 3.11 - Abelssoft) Rossmann Fotowelt Software (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\{a50de2e8-8e5a-4b46-9681-e170843e51c4}) (Version: 5.8.4-4070 - ORWO Net GmbH Bitterfeld-Wolfen) RStudio (HKLM-x32\...\RStudio) (Version: 1.4.1103 - RStudio) Rtools 4.0 (4.0.0.28) (64-bit) (HKLM\...\Rtools_is1) (Version: 4.0 - The R Foundation) Rtools Version 3.5 (HKLM-x32\...\Rtools_is1) (Version: 3.5 - The R Foundation) Ruby 2.5.0-2-x64 (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\RubyInstaller-2.5-x64-mingw32_is1) (Version: 2.5.0-2 - RubyInstaller Team) SageMath version 8.8 (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\SageMath-8.8_is1) (Version: 8.8 - SageMath) Samsung DeX (HKLM-x32\...\{743e3ecf-e674-4aae-973b-0e784ca38803}) (Version: 2.0.0.15 - Samsung Electronics Co., Ltd.) Samsung DeX (HKLM-x32\...\{E35C3F1D-91A9-4FED-A915-0F913BFD780D}) (Version: 2.0.0.15 - Samsung Electronics Co., Ltd.) Hidden Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.43.0 - Samsung Electronics Co., Ltd.) Screen InStyle (HKLM-x32\...\{B249FBDB-FAFA-4EED-8833-3073A0FC829F}_is1) (Version: 1.1.1.3 - EIZO Corporation) SeaTools for Windows 1.4.0.7 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.7 - Seagate Technology) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service-Update für HBCIFM99 Version 1.0 (HKLM-x32\...\Service-Update für HBCIFM99_is1) (Version: 1.0 - Dr. Ulrich Amann) Setup-Loader für das HBCI-Modul für Money 99 Version 2000 3.4 (HKLM-x32\...\Setup-Loader für das HBCI-Modul für Money 99 Version 2000_is1) (Version: 3.4 - Dr. Ulrich Amann) Signal 5.1.0 (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 5.1.0 - Open Whisper Systems) SILKYPIX Developer Studio 7 Deutsch (HKLM-x32\...\{2A20420A-B8CE-4423-BBFC-D93AB4CC23EA}) (Version: 7 - Ichikawa Soft Laboratory) simpleos 0.7.2 (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\0f54e2df-ead3-54dc-968d-cd341ec34754) (Version: 0.7.2 - EOSRio) Skype for Business Basic 2016 - de-de (HKLM\...\SkypeforBusinessEntryRetail - de-de) (Version: 16.0.14026.20308 - Microsoft Corporation) Skype Meetings App (HKLM-x32\...\{BC1D9E47-8927-4AA1-A891-7763BC2475B7}) (Version: 16.2.0.511 - Microsoft Corporation) Slack (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\slack) (Version: 4.17.1 - Slack Technologies Inc.) Soda PDF Desktop (HKLM-x32\...\SodaDesktop) (Version: 9.0.30.31037 - LULU Software) Soda PDF Desktop Asian Fonts Pack (HKLM\...\{4C6D3090-D5D6-43E0-A0A5-3D4128D6E34B}) (Version: 9.3.17.38441 - LULU Software) Hidden Soda PDF Desktop Convert Module (HKLM\...\{F262EB22-4771-4E16-B29A-F5DD108D8804}) (Version: 9.3.17.38441 - LULU Software) Hidden Soda PDF Desktop Create Module (HKLM\...\{CE45B91C-E614-4020-B4C9-77EB5C650786}) (Version: 9.3.17.38441 - LULU Software) Hidden Soda PDF Desktop Edit Module (HKLM\...\{F8F6C1A0-1E0B-444E-9277-70C7CD6547FA}) (Version: 9.3.17.38441 - LULU Software) Hidden Soda PDF Desktop Forms Module (HKLM\...\{EED0CCB5-116F-40BA-A4A8-1E3F5891C496}) (Version: 9.3.17.38441 - LULU Software) Hidden Soda PDF Desktop Insert Module (HKLM\...\{C1A308CA-BFD2-4120-A84D-1182222A1EFB}) (Version: 9.3.17.38441 - LULU Software) Hidden Soda PDF Desktop OCR Module (HKLM\...\{0E3F8189-FACD-4269-B971-2A602CAB1FCC}) (Version: 9.3.17.38441 - LULU Software) Hidden Soda PDF Desktop Review Module (HKLM\...\{4C05CD7D-AEAD-413B-A056-059C57774B26}) (Version: 9.3.17.38441 - LULU Software) Hidden Soda PDF Desktop Secure Module (HKLM\...\{EC2F5976-634E-4A3B-AF8D-9D0E0F7EBE46}) (Version: 9.3.17.38441 - LULU Software) Hidden Soda PDF Desktop View Module (HKLM\...\{EAC5A155-2A9A-47AF-907F-67FCBB2CD659}) (Version: 9.3.17.38441 - LULU Software) Hidden SolarCoin version 2.1.8 (HKLM-x32\...\SolarCoin_is1) (Version: 2.1.8 - ) spacedesk Windows DRIVER (HKLM\...\{89592275-79DA-423A-91E1-8706EC312DF4}) (Version: 0.9.1046.0 - datronicsoft Inc.) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) SplitCam (HKLM\...\{C04D8FAF-1AA0-4B3E-B549-E31BE1E6BC7B}) (Version: 10.5.12 - SplitCam Co.) Sqrl 1.2.5 (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\f0769fd5-6da4-5ce4-9cbc-5dc6ab7c2a1b) (Version: 1.2.5 - Telos Foundation) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Streamlabs OBS 0.27.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.27.1 - General Workings, Inc.) Studio 3T (HKLM\...\8357-7994-5030-9105) (Version: 2020.8.0 - 3T Software Labs) Sword Legacy Omen (HKLM-x32\...\{25071895-D6CB-49CE-98FE-4A2C3C92B9FC}) (Version: - Team17 Digital Ltd) TeamSpeak 3 Client (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\TeamSpeak 3 Client) (Version: 3.5.3 - TeamSpeak Systems GmbH) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.17.7 - TeamViewer) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) Telegram Desktop version 2.7.4 (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.7.4 - Telegram FZ-LLC) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH) Trinity 1.6.1 (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\e2e246ce-857c-53ed-b9ad-26e0668b9510) (Version: 1.6.1 - IOTA Foundation) Turmoil (HKLM-x32\...\{9F710B74-9960-4411-BDFC-3CD846CA812C}) (Version: - Gamious) Twitch (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.) TWS API (HKLM-x32\...\{804183E3-553C-483F-A57F-9FE9AEB592F1}) (Version: 9.76.01 - IBG LLC) UFRaw 0.19.2 (HKLM-x32\...\UFRaw_is1) (Version: - Udi Fuchs) Ultimate Settings Panel (HKLM\...\{2F0E2793-E444-4851-A4FC-61EC635326CF}) (Version: 6.3.0 - TechyGeeksHome) UltraEdit 15.20 SE (HKLM-x32\...\{A8606865-6D52-44C1-82BD-A3C9A80222D4}) (Version: 15.20.1 - IDM Computer Solutions, Inc.) Uninstall Manager 5.3 (HKLM\...\{45BFB5F0-19B7-4564-B787-A3BAAA0E5AA1}_is1) (Version: 5.3 - Martin Fuchs) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation) Uplay (HKLM-x32\...\Uplay) (Version: 43.1 - Ubisoft) VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) VEGAS Pro 15.0 (HKLM\...\{994FA9EE-A214-11E7-A574-AE6259437B87}) (Version: 15.0.216 - VEGAS) VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.24-Update7 - IDRIX) VideoProc (HKLM-x32\...\VideoProc) (Version: 4.0 - Digiarty, Inc.) Visual BCD (HKLM-x32\...\{436D50FF-8FA1-4FDD-A9C9-48B52A990F57}) (Version: 0.9.3.1 - BoYans) Vita Concert Grand LE (HKLM\...\{BFA88ABE-D175-42C7-B374-92A2D9333CAB}) (Version: 2.4.0.95 - MAGIX Software GmbH) Hidden VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN) VMware Horizon Client (HKLM\...\{C6D1F545-F2F2-4379-9652-07696D8BED26}) (Version: 5.5.1.17068 - VMware, Inc.) Hidden VMware Horizon Client (HKLM-x32\...\{8ec9a3ad-734f-4995-84d7-8b2b7fd14d75}) (Version: 5.5.1.17068 - VMware, Inc.) VMware Horizon HTML5 Multimedia Redirection Client (HKLM\...\{2B1D0F22-6025-409A-A248-7C10783FD5F2}) (Version: 7.13.0 - VMware, Inc.) Hidden VMware Horizon Media Engine 11.0.0.614 (64-bit) (HKLM\...\{44E854B5-0ED7-4688-9246-628C86D3709C}) (Version: 11.0.0.614 - VMware, Inc.) Hidden VMware Horizon Media Redirection for Microsoft Teams (HKLM\...\{ADEA6187-E6C1-42E1-82A0-783EF1D4D4D5}) (Version: 7.13.0 - VMware, Inc.) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft) Weka 3.8.4 (HKLM\...\Weka 3.8.4) (Version: 3.8.4 - Machine Learning Group, University of Waikato, Hamilton, NZ) Wi-Fi Scanner version 21.01 (HKLM-x32\...\Wi-Fi Scanner_is1) (Version: 21.01 - LizardSystems) Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22514 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows-Treiberpaket - Corsair Components, Inc. (SIUSBXP) USB (07/14/2010 3.3) (HKLM\...\9D216BBD7DABB6A9E6F4F1D85E06CDFF9EA816FE) (Version: 07/14/2010 3.3 - Corsair Components, Inc.) Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows-Treiberpaket - FTDI CDM Driver Package - Bus/D2XX Driver (08/16/2017 2.12.28) (HKLM\...\321E9C3B7C8E360B434912ED44CC222F08280048) (Version: 08/16/2017 2.12.28 - FTDI) Windows-Treiberpaket - FTDI CDM Driver Package - VCP Driver (08/16/2017 2.12.28) (HKLM\...\018B67599606F0589EA4CA42AD4CC6B5C24388A0) (Version: 08/16/2017 2.12.28 - FTDI) Windows-Treiberpaket - MPP FTDI MPP FTDI D2XX (08/16/2017 2.12.28) (HKLM\...\75398BFF73C29C011146C84A6BDA6CA67A8B25E5) (Version: 08/16/2017 2.12.28 - MPP FTDI) Windows-Treiberpaket - MPP FTDI MPP FTDI VCP (08/16/2017 2.12.28) (HKLM\...\EBBD9947553A9582FD9EBC71BD40BAB80F35B2B1) (Version: 08/16/2017 2.12.28 - MPP FTDI) Windows-Treiberpaket - MPP USB CDC Virtual COM Port (05/23/2013 2.0.0) (HKLM\...\66DD18691EC6886B537A726978F65EF1E8D2D83C) (Version: 05/23/2013 2.0.0 - MPP) Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack) WinMerge 2.16.12.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.16.12.0 - Thingamahoochie Software) WinSCP 5.17.10 (HKLM-x32\...\winscp3_is1) (Version: 5.17.10 - Martin Prikryl) Wondershare Data Recovery(Build 6.5.1.5) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 6.5.1.5 - Wondershare Software Co.,Ltd.) Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare) Xerox Desktop Print Experience 5.0 (HKLM\...\{F69C2056-BC8D-EC77-49FB-E9F863F8C9AA}) (Version: 7.192.8.0 - Xerox Corporation) Xerox PowerENGAGE (HKLM-x32\...\{171BF116-713F-43AA-B236-D6188522E609}) (Version: 2.52.0016 - Xerox Inc.) Xerox Scanner Management Utility (HKLM\...\{247000A3-7D6D-44D6-B438-A21A87BF4210}) (Version: 7.0.52.0 - Xerox Corporation) XMedia Recode 64bit Version 3.5.2.7 (HKLM\...\{D31E6E69-4C6A-42CC-926F-CC7B186864EB}_is1) (Version: 3.5.2.7 - XMedia Recode 64bit) XMind 10.1.3 (HKLM\...\{fbd30ee5-8150-549e-9aed-fd9d444364fb}) (Version: 10.1.3 - XMind Ltd.) XMind 10.3.1 (HKLM\...\fbd30ee5-8150-549e-9aed-fd9d444364fb) (Version: 10.3.1 - XMind Ltd.) XMind 8 Update 8 (v3.7.8) (HKLM-x32\...\XMind_is1) (Version: 3.7.8.201807240049 - XMind Ltd.) XSplit VCam (HKLM\...\{24850C07-D3D6-4050-A0AE-25403AC88D67}) (Version: 2.3.2106.1406 - XSplit) Hidden XSplit VCam (HKLM\...\XSplit VCam 2.3.2106.1406) (Version: 2.3.2106.1406 - XSplit) Youtube-DLG Version 0.4 (HKLM-x32\...\{3C455028-FC99-4846-8E04-4FCD87D85613}_is1) (Version: 0.4 - Sotiris Papadopoulos) Zoom (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\ZoomUMX) (Version: 5.5.1 (12488.0202) - Zoom Video Communications, Inc.) Packages: ========= Arduino IDE -> C:\Program Files\WindowsApps\ArduinoLLC.ArduinoIDE_1.8.49.0_x86__mdqgnx93n4wtt [2021-05-16] (Arduino LLC) Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.) Best of Bing 2018 Exclusive -> C:\Program Files\WindowsApps\Microsoft.BestofBing2018Exclusive_1.0.0.0_neutral__8wekyb3d8bbwe [2019-01-01] (Microsoft Corporation) Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.8.1108.0_x64__rz1tebttyb220 [2021-05-30] (Dolby Laboratories) Drawboard PDF -> C:\Program Files\WindowsApps\Drawboard.DrawboardPDF_5.39.2.0_x64__gqbn7fs4pywxm [2021-06-18] (Drawboard) File Opener - Open Image,Document,Video,Audio -> C:\Program Files\WindowsApps\4846UtilitiesTools.FileOpener-OpenImageDocumentVid_1.1.10.0_x64__b17t1j31etq18 [2018-11-11] (Utilities Tools) Flight Unlimited 2K16 -> C:\Program Files\WindowsApps\FlightSystemsLLC.FlightUnlimited2K16_2.1.16.0_x64__gr0hpt7qkpqd0 [2020-08-02] (Flight Systems LLC) Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation) Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2019-08-01] (Keeper Security Inc) Lenovo Display Control Center -> C:\Program Files\WindowsApps\E046963F.LenovoDisplayControlCenter_1.0.29191.0_x86__k1h2ywk1493x8 [2021-05-30] (LENOVO INC.) Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-09] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-07] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-07] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-20] (Microsoft Studios) [MS Ad] Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_21.10503.5664.0_x64__8wekyb3d8bbwe [2021-06-09] (Microsoft Corporation) Mind Maps Pro -> C:\Program Files\WindowsApps\BallardAppCraftery.MindMapsPro2Beta_1.1.27.0_x64__epyrqhfctk40t [2019-02-09] (User Camp) Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.17.201.0_x64__8wekyb3d8bbwe [2021-06-26] (Microsoft Studios) MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation) myTube! -> C:\Program Files\WindowsApps\59750RYKENAPPS.435307C335C44_4.0.2.0_x64__zd92nzxdcatqw [2020-12-23] (Ryken Studio) OY - Youtube Floating Player -> C:\Program Files\WindowsApps\28583AppsUniversal.FloatingplayerforYoutube_1.1.3.0_x64__5mpx2adydqnqy [2018-01-07] (AppsUniversal) [MS Ad] Penbook -> C:\Program Files\WindowsApps\36376UserCamp.Penbook_2.1.30.0_x64__t7afzrbtd67z0 [2019-10-24] (User Camp) ProApp for GMail, Search, Hangouts, News -> C:\Program Files\WindowsApps\28583AppsUniversal.ProAppforGMailSearchHangoutsNew_1.1.5.0_x64__5mpx2adydqnqy [2018-01-15] (AppsUniversal) [MS Ad] Sketch 360 -> C:\Program Files\WindowsApps\Microsoft.Sketch360_3.0.96.0_x64__8wekyb3d8bbwe [2021-06-26] (Microsoft Corporation) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0 [2021-06-11] (Spotify AB) [Startup Task] Trello -> C:\Program Files\WindowsApps\45273LiamForsyth.PawsforTrello_2.12.1.0_x64__7pb5ddty8z1pa [2021-05-30] (Trello, Inc.) Vodafone Mobile Broadband -> C:\Program Files\WindowsApps\VodafoneGroupServices.VodafoneMobileBroadband_2.10.46.0_x64__cx08jceyq9bcp [2021-01-09] (Vodafone Group Services) Wunderlist: To-Do Liste -> C:\Program Files\WindowsApps\6Wunderkinder.Wunderlist_3.6.43.0_x64__b4cwydgxqx59r [2020-05-01] (6 Wunderkinder GmbH) Xerox Print and Scan Experience -> C:\Program Files\WindowsApps\XeroxCorp.PrintExperience_7.192.8.0_x64__f7egpvdyrs2a8 [2020-11-19] (Xerox Corp) XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2021-06-02] (New Work SE) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-4198695647-2910091461-4277131257-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\thoma\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4198695647-2910091461-4277131257-1001_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\thoma\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4198695647-2910091461-4277131257-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\thoma\AppData\Local\GoToMeeting\19228\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.) CustomCLSID: HKU\S-1-5-21-4198695647-2910091461-4277131257-1001_Classes\CLSID\{b5eedee0-c06e-11cf-8c56-444553540000}\InprocServer32 -> C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ue64ctmn.dll () [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-4198695647-2910091461-4277131257-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\thoma\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ Cloudevo (IconOverlayError)] -> {3037DE6C-D55E-4065-A3BE-02051FF42E33} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert] ShellIconOverlayIdentifiers: [ Cloudevo (IconOverlayPending)] -> {6E741565-B4E6-4E91-B7FB-35FD792E6032} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert] ShellIconOverlayIdentifiers: [ Cloudevo (IconOverlayPrivate)] -> {8F88E6F7-4314-4C3A-BF50-F7884C199A92} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert] ShellIconOverlayIdentifiers: [ Cloudevo (IconOverlaySynced)] -> {179E8FE1-82DD-436D-A608-22751924C614} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert] ShellIconOverlayIdentifiers: [ Cloudevo (IconOverlaySyncing)] -> {BA62F31B-D25E-41C0-A027-8B34280271AB} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert] ShellIconOverlayIdentifiers: [ Cloudevo (IconOverlayUnsynced)] -> {C82DF51A-03B7-485B-96D8-2494669F0BDB} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert] ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-20] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-20] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-20] (Mega Limited -> ) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-06-03] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers-x32: [ Cloudevo (IconOverlayError)] -> {3037DE6C-D55E-4065-A3BE-02051FF42E33} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert] ShellIconOverlayIdentifiers-x32: [ Cloudevo (IconOverlayPending)] -> {6E741565-B4E6-4E91-B7FB-35FD792E6032} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert] ShellIconOverlayIdentifiers-x32: [ Cloudevo (IconOverlayPrivate)] -> {8F88E6F7-4314-4C3A-BF50-F7884C199A92} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert] ShellIconOverlayIdentifiers-x32: [ Cloudevo (IconOverlaySynced)] -> {179E8FE1-82DD-436D-A608-22751924C614} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert] ShellIconOverlayIdentifiers-x32: [ Cloudevo (IconOverlaySyncing)] -> {BA62F31B-D25E-41C0-A027-8B34280271AB} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert] ShellIconOverlayIdentifiers-x32: [ Cloudevo (IconOverlayUnsynced)] -> {C82DF51A-03B7-485B-96D8-2494669F0BDB} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert] ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-20] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-20] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-20] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-06-03] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers1-x32: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Keine Datei |
27.06.2021, 20:41 | #7 |
| Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt Addition Teil 2 Code:
ATTFilter ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-06-03] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Keine Datei ContextMenuHandlers1: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2020-10-11] (Heidi Computers Ltd -> The Eraser Project) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-20] (Mega Limited -> ) ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-09-20] (Paramount Software UK Ltd -> Paramount Software UK Ltd) ContextMenuHandlers1: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2021-04-03] (hxxp://winmerge.org) [Datei ist nicht signiert] ContextMenuHandlers2: [1&1 SmartDrive] -> {62DF97A2-3635-4412-AE30-80B164BC88AD} => C:\Program Files (x86)\1&1\1&1 Upload-Manager\SHNDLERS64.DLL [2011-11-21] (1&1 Internet AG) [Datei ist nicht signiert] ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2020-10-11] (Heidi Computers Ltd -> The Eraser Project) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-20] (Mega Limited -> ) ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-09-20] (Paramount Software UK Ltd -> Paramount Software UK Ltd) ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Player\vmdkShellExt.dll [2021-04-30] (VMware, Inc. -> VMware, Inc.) ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Player\x64\vmdkShellExt64.dll [2021-04-30] (VMware, Inc. -> VMware, Inc.) ContextMenuHandlers2: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2021-04-03] (hxxp://winmerge.org) [Datei ist nicht signiert] ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-06-03] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [1&1 SmartDrive] -> {62DF97A2-3635-4412-AE30-80B164BC88AD} => C:\Program Files (x86)\1&1\1&1 Upload-Manager\SHNDLERS64.DLL [2011-11-21] (1&1 Internet AG) [Datei ist nicht signiert] ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-31] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-20] (Mega Limited -> ) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Keine Datei ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers4: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2020-10-11] (Heidi Computers Ltd -> The Eraser Project) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-20] (Mega Limited -> ) ContextMenuHandlers4: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2021-04-03] (hxxp://winmerge.org) [Datei ist nicht signiert] ContextMenuHandlers5: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2020-10-11] (Heidi Computers Ltd -> The Eraser Project) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\igfxDTCM.dll [2020-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2021-04-03] (hxxp://winmerge.org) [Datei ist nicht signiert] ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers6-x32: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-06-03] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Keine Datei ContextMenuHandlers6: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2020-10-11] (Heidi Computers Ltd -> The Eraser Project) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-31] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers1_S-1-5-21-4198695647-2910091461-4277131257-1001: [UltraEdit] -> {b5eedee0-c06e-11cf-8c56-444553540000} => C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ue64ctmn.dll [2010-11-26] () [Datei ist nicht signiert] ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Drivers32: [vidc.i420] => C:\Windows\System32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.) HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.) HKLM\...\Drivers32: [VIDC.LWLR] => C:\Windows\SysWOW64\RGBACodec.dll [37488 2017-04-03] (EditShare EMEA (X-Edit Limited) -> ) ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 11\BesuchtDVDFabWebsite.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab11&v=11.0.8. ShortcutWithArgument: C:\Users\thoma\Desktop\ADS\Anaconda Prompt (Anaconda3).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\ProgramData\Anaconda3\Scripts\activate.bat C:\ProgramData\Anaconda3 ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2021-05-30 20:16 - 2021-05-30 20:16 - 001278976 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\CefSharp.BrowserSubprocess.Core.dll 2021-05-30 20:16 - 2021-05-30 20:16 - 001957888 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\CefSharp.Core.dll 2021-06-09 11:59 - 2021-06-09 11:59 - 001918976 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\Jabra\Direct4\resources\app.asar.unpacked\node_modules\@gnaudio\jabra-node-sdk\build\Release\sdkintegration.node 2021-06-09 11:59 - 2021-06-09 11:59 - 001701376 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\Jabra\Direct4\resources\app.asar.unpacked\node_modules\panacastapi\build\Release\panacastapi.node 2017-10-20 22:36 - 2016-12-14 22:48 - 000961536 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccToolHelper.dll 2017-10-20 22:37 - 2016-09-20 14:08 - 000241664 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll 2017-10-20 22:37 - 2016-07-14 16:09 - 000208896 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll 2017-10-20 22:37 - 2016-07-14 16:10 - 000621056 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\UIImprovmentHelper.dll 2017-10-20 22:37 - 2016-06-30 16:50 - 000684032 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\PhoneCtrlAPI.dll 2017-10-20 22:37 - 2016-06-30 16:50 - 000459776 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\WiFiGO_HookKey.dll 2017-10-20 22:37 - 2016-06-30 16:50 - 000753664 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\WiMoveHelp.dll 2018-09-09 15:48 - 2016-03-11 19:16 - 000211968 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\EIZO\Screen InStyle\libcolour.dll 2017-10-20 22:37 - 2016-06-30 16:50 - 000195584 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\InstallShield Installation Information\{924FB30F-AA59-453D-A921-39810BDD29C1}\CloudAPI\CloudAPI.dll 2021-04-22 08:31 - 2021-04-22 08:31 - 005745664 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module.dll 2021-06-09 11:58 - 2021-06-09 11:58 - 002608128 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Jabra\Direct4\ffmpeg.dll 2021-06-09 11:58 - 2021-06-09 11:58 - 000356352 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Jabra\Direct4\libegl.dll 2021-06-09 11:58 - 2021-06-09 11:58 - 008347648 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Jabra\Direct4\libglesv2.dll 2017-10-20 22:33 - 2017-09-22 11:36 - 000073728 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\LightingService\1.00.29\ClaymoreProtocol.dll 2017-10-20 22:33 - 2017-09-22 11:36 - 000053248 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\LightingService\1.00.29\cpuutil.dll 2017-10-20 22:33 - 2017-09-22 11:36 - 000519680 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\LightingService\1.00.29\RogNewmouseProtocol.dll 2017-10-20 22:33 - 2017-09-22 11:36 - 001746432 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\LightingService\1.00.29\Vender.dll 2017-10-19 01:48 - 2017-08-23 23:40 - 000025600 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServerps.dll 2017-10-19 01:48 - 2011-08-23 13:04 - 000057344 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\TVServer\libhdhomerun.dll 2020-10-21 17:45 - 2020-10-21 17:45 - 000685056 _____ () [Datei ist nicht signiert] C:\Program Files\Evorim\Cloudevo\CloudShell.dll 2021-03-27 20:21 - 2021-01-28 06:27 - 000097792 _____ () [Datei ist nicht signiert] C:\Program Files\MiniTool ShadowMaker\coresync.dll 2021-03-27 20:21 - 2019-08-15 06:52 - 000076800 _____ () [Datei ist nicht signiert] C:\Program Files\MiniTool ShadowMaker\SMTPEmail.dll 2021-05-30 20:16 - 2021-05-30 20:16 - 137093632 _____ () [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\libcef.dll 2021-05-30 20:16 - 2021-05-30 20:16 - 000396800 _____ () [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\libegl.dll 2021-05-30 20:16 - 2021-05-30 20:16 - 006338560 _____ () [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\libglesv2.dll 2019-10-01 22:23 - 2019-10-01 22:23 - 000865280 _____ () [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\MicroSIP\SDL2.dll 2017-10-22 22:30 - 2006-02-23 11:35 - 000020480 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\FritzColorPort64.dll 2017-10-22 22:30 - 2006-02-22 10:39 - 000020480 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\FritzPort64.dll 2011-11-21 12:50 - 2011-11-21 12:50 - 000524288 _____ (1&1 Internet AG) [Datei ist nicht signiert] C:\Program Files (x86)\1&1\1&1 Upload-Manager\BaseCom.dll 2011-11-21 12:53 - 2011-11-21 12:53 - 000049152 _____ (1&1 Internet AG) [Datei ist nicht signiert] C:\Program Files (x86)\1&1\1&1 Upload-Manager\ExplorerHook.dll 2011-11-21 12:49 - 2011-11-21 12:49 - 000180224 _____ (1&1 Internet AG) [Datei ist nicht signiert] C:\Program Files (x86)\1&1\1&1 Upload-Manager\RootCom.dll 2011-11-21 12:51 - 2011-11-21 12:51 - 000307200 _____ (1&1 Internet AG) [Datei ist nicht signiert] C:\Program Files (x86)\1&1\1&1 Upload-Manager\SettingsUI.dll 2011-11-21 12:54 - 2011-11-21 12:54 - 000297984 _____ (1&1 Internet AG) [Datei ist nicht signiert] C:\Program Files (x86)\1&1\1&1 Upload-Manager\SHNDLERS64.DLL 2011-11-21 12:51 - 2011-11-21 12:51 - 000323584 _____ (1&1 Internet AG) [Datei ist nicht signiert] C:\Program Files (x86)\1&1\1&1 Upload-Manager\Update.dll 2020-10-30 19:52 - 2011-11-21 12:52 - 000011776 _____ (1&1 Internet AG) [Datei ist nicht signiert] C:\WINDOWS\System32\ui11np.dll 2006-10-23 00:19 - 2006-10-23 00:19 - 000019968 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroTray.DEU 2006-10-23 00:10 - 2006-10-23 00:10 - 000019968 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroTray.FRA 2006-08-02 07:52 - 2006-08-02 07:52 - 000126976 ____R (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\asneu.dll 2006-09-14 23:20 - 2006-09-14 23:20 - 000212992 ____R (Adobe Systems Incorporated) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\adobe_epic.dll 2006-09-14 23:46 - 2006-09-14 23:46 - 000208896 ____R (Adobe Systems Incorporated) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\adobe_pcd.dll 2006-09-14 23:20 - 2006-09-14 23:20 - 000346112 ____R (Adobe Systems Incorporated) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\adobe_personalization.dll 2017-10-20 22:36 - 2015-06-05 13:00 - 000108544 _____ (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AAHM\1.00.30\ASACPI.DLL 2017-10-20 22:36 - 2016-04-20 15:17 - 000108544 _____ (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpi.dll 2017-10-20 22:33 - 2021-06-27 18:06 - 000046888 _____ (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AXSP\2.00.06\PEbiosinterface32.dll 2017-10-20 22:36 - 2016-04-20 15:17 - 000676864 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpiex.dll 2017-10-20 22:37 - 2016-06-30 16:50 - 003147776 _____ (ASUSTek COMPUTER INC.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\asusnatnl.dll 2017-10-20 22:36 - 2016-04-20 09:17 - 000676864 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsusFanControlService\1.09.08\asacpiex.dll 2017-10-20 22:33 - 2017-09-22 11:36 - 000080384 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\LightingService\1.00.29\AudioLEDCtrl.dll 2017-10-20 22:37 - 2016-06-30 16:50 - 000327680 _____ (AWIND Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\MirrorOpServiceSender.dll 2017-10-19 07:43 - 2012-09-20 05:00 - 000393728 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMXLMBL.DLL 2021-03-27 20:21 - 2021-01-28 06:27 - 000061952 _____ (Chengdu Speed Digital Technology Co..Ltd.) [Datei ist nicht signiert] C:\Program Files\MiniTool ShadowMaker\ChannelNetFileInfo.dll 2021-03-27 20:21 - 2021-01-28 06:27 - 000175104 _____ (Chengdu Speed Digital Technology Co..Ltd.) [Datei ist nicht signiert] C:\Program Files\MiniTool ShadowMaker\FileInfoCommon.dll 2018-09-09 15:48 - 2018-07-31 17:30 - 000928256 _____ (EIZO Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\EIZO\Screen InStyle\libemc.dll 2018-09-09 15:48 - 2018-07-31 17:30 - 000103936 _____ (EIZO Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\EIZO\Screen InStyle\libHIDmctrl.dll 2018-09-09 15:48 - 2017-08-25 10:07 - 000162816 _____ (EIZO Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\EIZO\Screen InStyle\libmctrl.dll 2018-09-09 15:48 - 2017-08-25 10:07 - 000091648 _____ (EIZO Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\EIZO\Screen InStyle\libmptag.dll 2018-09-09 15:48 - 2016-03-11 19:16 - 000080384 _____ (EIZO NANANO CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EIZO\Screen InStyle\libminfo.dll 2018-09-09 15:48 - 2016-03-11 19:16 - 000131072 _____ (EIZO NANAO CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EIZO\Screen InStyle\libDDCCImctrl.dll 2019-10-01 22:23 - 2019-10-01 22:23 - 004981774 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\MicroSIP\avcodec-57.dll 2019-10-01 22:23 - 2019-10-01 22:23 - 000353806 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\MicroSIP\avformat-57.dll 2019-10-01 22:23 - 2019-10-01 22:23 - 000668686 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\MicroSIP\avutil-55.dll 2019-10-01 22:23 - 2019-10-01 22:23 - 000506894 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\MicroSIP\swscale-4.dll 2021-06-09 11:59 - 2021-06-09 11:59 - 002257408 _____ (GN Audio A/S) [Datei ist nicht signiert] \\?\C:\Program Files (x86)\Jabra\Direct4\resources\app.asar.unpacked\node_modules\@gnaudio\jabra-node-sdk\build\Release\libjabra.dll 2016-09-02 13:19 - 2016-09-02 13:19 - 000097792 _____ (GN Netcom A/S) [Datei ist nicht signiert] [Datei wird verwendet] C:\PROGRAM FILES (X86)\JABRA\DIRECT4\AVAYAONEXV3INTEGRATION\GNDeviceInterface.dll 2017-10-19 01:48 - 2015-11-24 20:58 - 000130048 _____ (Hauppauge Computer Works) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\WinTV8\hcwTSAnalogTxt.ax 2017-10-19 01:48 - 2015-11-24 20:59 - 000134656 _____ (Hauppauge Computer Works) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\WinTV8\hcwtsfilter.ax 2017-10-19 01:48 - 2018-06-12 16:20 - 000113152 _____ (Hauppauge Computer Works) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\WinTV8\HCWTSWriter.ax 2017-10-19 01:48 - 2018-12-19 14:52 - 000332800 _____ (Hauppauge Computer Works, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\WinTV8\PsiParser.ax 2017-04-24 14:30 - 2017-04-24 14:30 - 000349696 _____ (Intel(R) Corporation) [Datei ist nicht signiert] C:\Windows\system32\NCS2Setp.dll 2006-09-15 13:58 - 2006-09-15 13:58 - 000934400 ____R (Macrovision Europe Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\FNP_Act_Installer.dll 2017-10-19 01:48 - 2008-11-12 18:50 - 000253952 _____ (MainConcept GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\WinTV8\SoftPVR\hcw_mcl2ae.ax 2017-10-19 01:48 - 2008-11-12 18:51 - 000372736 _____ (MainConcept GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\WinTV8\SoftPVR\hcw_mcm2ve.ax 2017-10-19 01:48 - 2008-11-12 18:54 - 000528384 _____ (MainConcept GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\WinTV8\SoftPVR\hcw_mcmpeg2mux.ax 2017-10-19 01:48 - 2008-11-12 18:37 - 000241664 _____ (MainConcept GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\WinTV8\SoftPVR\hcw_mcmpgaout.dll 2017-10-19 01:48 - 2008-11-12 18:39 - 002137600 _____ (MainConcept GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\WinTV8\SoftPVR\hcw_mcmpgvout.004 2017-10-19 01:48 - 2008-11-12 18:44 - 000017920 _____ (MainConcept GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\WinTV8\SoftPVR\hcw_mcmpgvout.dll 2011-06-03 15:15 - 2011-06-03 15:15 - 001047552 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\1&1\1&1 Upload-Manager\MFC71U.DLL 2011-06-03 15:15 - 2011-06-03 15:15 - 000499712 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\1&1\1&1 Upload-Manager\MSVCP71.dll 2011-06-03 15:15 - 2011-06-03 15:15 - 000348160 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\1&1\1&1 Upload-Manager\MSVCR71.dll 2020-09-06 15:13 - 2020-09-06 15:13 - 001654784 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL 2020-09-06 15:13 - 2020-09-06 15:13 - 000054272 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\MFC80DEU.DLL 2018-09-09 15:48 - 2016-03-15 19:00 - 001103360 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files (x86)\EIZO\Screen InStyle\x86\SQLite.Interop.dll 2021-05-21 08:12 - 2021-05-21 08:12 - 000130048 _____ (Sam Grogan) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Intel\Driver and Support Assistant\NotifyIconWin32.dll 2021-05-30 20:16 - 2021-05-30 20:16 - 001010176 _____ (The Chromium Authors) [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\chrome_elf.dll 2021-03-27 20:21 - 2017-09-14 15:40 - 000884736 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files\MiniTool ShadowMaker\sqldrivers\qsqlite.dll 2017-10-20 22:33 - 2017-09-22 11:36 - 001623552 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\LightingService\1.00.29\LED_DLL_forMB.dll 2017-10-20 22:33 - 2017-09-22 11:36 - 001624576 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\LightingService\1.00.29\VGA_Extra.dll 2021-03-27 20:21 - 2021-01-28 06:27 - 001485312 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files\MiniTool ShadowMaker\core7z.dll 2017-10-22 22:30 - 2006-02-23 12:16 - 000047616 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\WINDOWS\System32\AvmColorFax.dll 2017-10-22 22:30 - 2006-02-22 10:53 - 000043520 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\WINDOWS\System32\AvmFax.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP HKU\S-1-5-21-4198695647-2910091461-4277131257-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-30] (Microsoft Corporation -> Microsoft Corporation) BHO: Kein Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Keine Datei BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-05-30] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-05-03] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Soda PDF Desktop Helper -> {A2792EEC-6618-4C4C-8ECF-B51ECB5DC2A1} -> C:\Program Files (x86)\Soda PDF Desktop\creator\plugins\IEAddin\creator-ie-helper.dll [2018-06-04] (LULU Software -> LULU Software) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-05-03] (Oracle America, Inc. -> Oracle Corporation) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-30] (Microsoft Corporation -> Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\127.0.0.1 -> hxxp://127.0.0.1 ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2018-04-12 01:38 - 2020-12-28 21:40 - 000000923 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 view-localhost # view localhost server 127.0.0.1 tresor 127.0.0.1 cryptomator-vault 2017-10-19 22:57 - 2018-07-01 16:31 - 000000528 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 172.19.43.209 DESKTOP-HCA6LJN.mshome.net # 2023 6 5 30 14 31 5 973 10 830 192.168.137.1 DESKTOP-HCA6LJN.mshome.net # 2022 10 4 20 14 33 46 531 ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\VMware\VMware Player\bin\;C:\Python39\Scripts\;C:\Python39\;C:\Program Files (x86)\Rtools\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Ruby25-x64\bin;C:\ProgramData\Oracle\Java\javapath;C:\Windows\System32;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Calibre2\;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Windows\System32;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\PuTTY\;C:\Program Files\Inkscape\bin;C:\Program Files (x86)\Boxcryptor\bin\;C:\Program Files (x86)\Gpg4win\..\GnuPG\bin;C:\Program Files (x86)\PDFtk\bin\;C:\Program Files\NVIDIA Corporation\Nsight Compute 2020.3.1\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\chocolatey\bin;C:\Program Files\Git\cmd;C:\Program Files\nodejs\ HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\thoma\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\hintergrundbild der windows-fotoanzeige.jpg HKU\S-1-5-21-4198695647-2910091461-4277131257-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\sandr\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img1.jpg HKU\S-1-5-21-4198695647-2910091461-4277131257-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\maxim\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\p1050937.jpg HKU\S-1-5-21-4198695647-2910091461-4277131257-1010\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) ist aktiviert. Network Binding: ============= WLAN: VMware Bridge Protocol -> vmware_bridge (enabled) VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled) Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled) VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled) Ethernet 2: VMware Bridge Protocol -> vmware_bridge (enabled) ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKLM\...\StartupApproved\StartupFolder: => "Adobe Acrobat Speed Launcher.lnk" HKLM\...\StartupApproved\StartupFolder: => "AutoStart IR.lnk" HKLM\...\StartupApproved\Run: => "Eraser" HKLM\...\StartupApproved\Run: => "MTPW" HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\StartupApproved\Run: => "GarminExpress" HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\StartupApproved\Run: => "Amazon Photos" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{37F4C6B7-CB96-44C7-8C4D-27C65EA72E5B}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) FirewallRules: [{C6D8DF60-6E6D-48A4-8E01-0784E187F69A}] => (Allow) LPort=24727 FirewallRules: [{9BA25F6D-37AE-4544-B4C9-C43A89FA44AB}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) FirewallRules: [UDP Query User{79FD60F0-193B-4618-BC5E-D5EDF16B264D}C:\users\thoma\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\thoma\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{2EB4D38F-558D-4B01-878F-721AFEDBB595}C:\users\thoma\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\thoma\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6B89930B-80EB-4316-B79A-2DCA66107C16}] => (Allow) C:\Users\thoma\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei FirewallRules: [{17433C06-C9F4-4DE3-B8DC-D077599AF87B}] => (Allow) C:\Users\thoma\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [UDP Query User{7165D1AB-630F-4006-B774-1479AF383DFA}C:\program files\rstudio\bin\rsession.exe] => (Allow) C:\program files\rstudio\bin\rsession.exe (RStudio, PBC) [Datei ist nicht signiert] FirewallRules: [TCP Query User{E9D9BF03-BE2B-4038-884B-43FDADB7550F}C:\program files\rstudio\bin\rsession.exe] => (Allow) C:\program files\rstudio\bin\rsession.exe (RStudio, PBC) [Datei ist nicht signiert] FirewallRules: [{E897B64E-91BB-43DA-BE48-6C00EB74C646}] => (Allow) LPort=31931 FirewallRules: [{46A6EADE-C1BC-43A4-AD0E-49580E6110CE}] => (Allow) LPort=14714 FirewallRules: [{6EDF3FA6-E7B5-4221-B0D5-44286354A5D2}] => (Allow) LPort=12972 FirewallRules: [{5D062739-9639-46A1-991E-67585D6C9BD1}] => (Allow) C:\Program Files (x86)\Audials\MusicTube 2020\Audials.exe (Audials AG -> Audials AG) FirewallRules: [{7D42551C-A9FF-4E9E-9547-477556B1C677}] => (Allow) C:\Program Files (x86)\concept design\onlineTV 15\onlineTV.exe (concept/design GmbH -> concept/design GmbH) FirewallRules: [UDP Query User{BF9F99CA-DC1B-477B-883D-CBE9EF71923C}C:\program files (x86)\dvdfab 11\dvdfab.exe] => (Allow) C:\program files (x86)\dvdfab 11\dvdfab.exe => Keine Datei FirewallRules: [TCP Query User{5BCD0B25-DFEA-421E-97BF-1FE93604AC33}C:\program files (x86)\dvdfab 11\dvdfab.exe] => (Allow) C:\program files (x86)\dvdfab 11\dvdfab.exe => Keine Datei FirewallRules: [{3092A62F-87AC-4636-AAAC-228EC8389317}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei FirewallRules: [{B7C1E2CE-FACE-4CF4-9331-AAFC0E81A238}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei FirewallRules: [{53B6F849-F3D0-41D1-954E-2C688E5B0E4A}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei FirewallRules: [UDP Query User{A3ECD6CC-7278-479F-914C-9EF6875F04A9}C:\users\thoma\appdata\local\temp\temp3_sdi_r1909.zip\sdi_r1909.exe] => (Allow) C:\users\thoma\appdata\local\temp\temp3_sdi_r1909.zip\sdi_r1909.exe => Keine Datei FirewallRules: [TCP Query User{44DF1E9F-FDB8-484B-8C22-74819C478E71}C:\users\thoma\appdata\local\temp\temp3_sdi_r1909.zip\sdi_r1909.exe] => (Allow) C:\users\thoma\appdata\local\temp\temp3_sdi_r1909.zip\sdi_r1909.exe => Keine Datei FirewallRules: [UDP Query User{4EA34F38-4276-4653-8F9E-F4FF95AC428A}C:\users\thoma\appdata\local\temp\temp2_sdi_r1909.zip\sdi_r1909.exe] => (Allow) C:\users\thoma\appdata\local\temp\temp2_sdi_r1909.zip\sdi_r1909.exe => Keine Datei FirewallRules: [TCP Query User{DBCFC9EB-5AA9-466E-993D-B44D88E28B1C}C:\users\thoma\appdata\local\temp\temp2_sdi_r1909.zip\sdi_r1909.exe] => (Allow) C:\users\thoma\appdata\local\temp\temp2_sdi_r1909.zip\sdi_r1909.exe => Keine Datei FirewallRules: [UDP Query User{DF902C04-CE20-4BB0-9248-0DB35678BBEC}C:\users\thoma\desktop\sdi_r1909\sdi_x64_r1909.exe] => (Allow) C:\users\thoma\desktop\sdi_r1909\sdi_x64_r1909.exe => Keine Datei FirewallRules: [TCP Query User{6D16DA2C-0933-4B9B-9449-4B122F758893}C:\users\thoma\desktop\sdi_r1909\sdi_x64_r1909.exe] => (Allow) C:\users\thoma\desktop\sdi_r1909\sdi_x64_r1909.exe => Keine Datei FirewallRules: [UDP Query User{D9B3B97F-1140-4E15-BCB4-3A1886735A18}C:\users\thoma\desktop\sdi_r1909\sdi_r1909.exe] => (Allow) C:\users\thoma\desktop\sdi_r1909\sdi_r1909.exe => Keine Datei FirewallRules: [TCP Query User{0D7DFBD8-D1FD-46C4-812D-1822637D97B1}C:\users\thoma\desktop\sdi_r1909\sdi_r1909.exe] => (Allow) C:\users\thoma\desktop\sdi_r1909\sdi_r1909.exe => Keine Datei FirewallRules: [UDP Query User{B1C805DC-CC0C-47EF-BE8D-D54C60557B82}D:\download\aa\avm_capi_test.exe] => (Allow) D:\download\aa\avm_capi_test.exe => Keine Datei FirewallRules: [TCP Query User{191A0FC0-E7DF-45F5-940C-2D5CBFA82A1A}D:\download\aa\avm_capi_test.exe] => (Allow) D:\download\aa\avm_capi_test.exe => Keine Datei FirewallRules: [UDP Query User{B60EC78A-68A4-4721-8274-C73E0818A5DC}C:\users\thoma\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\thoma\appdata\local\temp\_istmp1.dir\_ins5576._mp => Keine Datei FirewallRules: [TCP Query User{E3CC2B46-DA47-421C-94E7-B5F8C2A9C5A8}C:\users\thoma\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\thoma\appdata\local\temp\_istmp1.dir\_ins5576._mp => Keine Datei FirewallRules: [{4783FAA5-ABA4-401B-A46E-1A88600F9C37}] => (Allow) C:\Program Files\MAGIX\Photostory Deluxe COMPUTER BILD-Edition\2019\Fotos_dlx.exe (MAGIX Software GmbH -> MAGIX Software GmbH) FirewallRules: [{EA4D69BF-593F-4CEA-883C-DDDC1B00025D}] => (Allow) C:\Program Files\MAGIX\Video deluxe COMPUTER BILD-Edition\2019\Videodeluxe.exe (MAGIX Software GmbH -> MAGIX Software GmbH) FirewallRules: [{220FC1F1-AA5D-49A4-90F7-BEB72EC3F91E}] => (Allow) C:\Program Files\Common Files\MAGIX Services\MxCloudSync\MxCloudSync.exe (MAGIX Software GmbH -> MAGIX) FirewallRules: [{0246CAB7-898D-4613-8066-A87B0FFFEC2A}] => (Allow) C:\Program Files\Common Files\MAGIX Services\QMxNetworkSync\QMxNetworkSync.exe (MAGIX Software GmbH -> MAGIX) FirewallRules: [{BC27A3A0-B844-4572-BB7C-DCA91257375A}] => (Allow) LPort=445 FirewallRules: [{F552658D-5996-4735-80B8-A1FD9E9A7332}] => (Allow) C:\Program Files\Docker\Docker\Resources\com.docker.proxy.exe => Keine Datei FirewallRules: [{3037AEF6-90C2-4D08-95CF-01F2322A9689}] => (Allow) LPort=1900 FirewallRules: [{9D31EB7E-9C31-4E29-92E6-76D2D41D3BF4}] => (Allow) LPort=2869 FirewallRules: [{21325355-53BA-439E-BA90-E69A2EBCCFDB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{F64F56DC-0E98-49E3-ACE3-F0BFB3759F8A}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{10F56322-A674-4BAA-A1EC-0185FD520052}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{85468114-A645-4268-A88D-E786DDE8A712}] => (Block) C:\program files\cryptomator\cryptomator.exe (Skymatic GmbH -> ) FirewallRules: [{368B7975-E3BB-4CFF-A458-28E6687F0E1C}] => (Block) C:\program files\cryptomator\cryptomator.exe (Skymatic GmbH -> ) FirewallRules: [UDP Query User{5EDFB555-659A-4CA5-9B69-A9FA64D3CA4C}C:\program files\cryptomator\cryptomator.exe] => (Allow) C:\program files\cryptomator\cryptomator.exe (Skymatic GmbH -> ) FirewallRules: [TCP Query User{57C2247D-A9FD-4115-9AFA-DD367B9C7DCD}C:\program files\cryptomator\cryptomator.exe] => (Allow) C:\program files\cryptomator\cryptomator.exe (Skymatic GmbH -> ) FirewallRules: [UDP Query User{D3D201C4-83CF-4DE2-A268-5B5789DEF7CB}C:\program files (x86)\wintv\wintv8\wintv8.exe] => (Allow) C:\program files (x86)\wintv\wintv8\wintv8.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc.) [Datei ist nicht signiert] FirewallRules: [TCP Query User{948D373A-D610-4BE6-BF50-3F42016CB4EC}C:\program files (x86)\wintv\wintv8\wintv8.exe] => (Allow) C:\program files (x86)\wintv\wintv8\wintv8.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc.) [Datei ist nicht signiert] FirewallRules: [{17213AF6-BFF8-4CCA-B0F6-3EB5BDA0F4A4}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC) FirewallRules: [{7C221779-0AC9-41AC-9476-DEA3EF5203B4}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC) FirewallRules: [{F2EB169D-AE61-481A-AFDB-C70BC27F4ECF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{7936B122-539C-474F-A831-055ED945C976}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{2F67176C-AB4C-4397-A22A-569DAC9C0D5F}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe => Keine Datei FirewallRules: [UDP Query User{807480DA-3336-49B4-87B6-C35D9CE01BB5}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe => Keine Datei FirewallRules: [TCP Query User{79C8B4D9-ED48-4377-88F8-75B141BF49E5}D:\download\avm_capi_test.exe] => (Allow) D:\download\avm_capi_test.exe => Keine Datei FirewallRules: [UDP Query User{586BBF26-F509-4B4C-ACC2-0F010459F090}D:\download\avm_capi_test.exe] => (Allow) D:\download\avm_capi_test.exe => Keine Datei FirewallRules: [{D64F71E3-0950-4590-82F0-29EBF001F077}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{048EF796-4D7A-4269-B2EB-553D474CEEA2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{6802EED4-09E6-45D1-BB46-5BBCADD205FA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{BA4497C0-1EFF-4771-A63E-7A283F0CAC58}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{CFB5D524-DD79-4B6C-94F8-01934ED9579F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe () [Datei ist nicht signiert] FirewallRules: [{5EAFD8E5-2992-482F-892B-9FFB2157C46E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe () [Datei ist nicht signiert] FirewallRules: [{0F1C08F3-80B1-41BD-9D89-021F3BEB6180}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment) FirewallRules: [{86D6FCE6-94AF-4D2E-A95A-9343BCC9EE67}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment) FirewallRules: [{3887A528-642B-49F7-AE9C-7666BBF3359D}] => (Allow) C:\Program Files\Lightworks\lightworks.exe (EditShare EMEA (X-Edit Limited) -> ) FirewallRules: [{039A0524-9176-4F83-99FF-C5DB71BA72AA}] => (Allow) C:\Program Files\Lightworks\lightworks.exe (EditShare EMEA (X-Edit Limited) -> ) FirewallRules: [{2B083EC3-E9D1-4F3D-B495-3A8A8D7A6979}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe (EditShare EMEA (X-Edit Limited) -> Editshare EMEA) FirewallRules: [{1BDC89BC-90C2-4666-9348-9151C4ACC094}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe (EditShare EMEA (X-Edit Limited) -> Editshare EMEA) FirewallRules: [{6C2ED52F-16D3-4D1B-9D13-2D222FA901AB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.) FirewallRules: [{009A93EE-1A85-4E87-8CA8-CBE64EDBBC47}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe () [Datei ist nicht signiert] FirewallRules: [{05C8229E-ED0E-464E-9C92-21F60374A0A2}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe () [Datei ist nicht signiert] FirewallRules: [{1F97BE78-FCA4-44C1-B381-ECD682A9B8BC}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe () [Datei ist nicht signiert] FirewallRules: [{4E0A7E95-913D-481A-B48E-370694AD4978}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe () [Datei ist nicht signiert] FirewallRules: [{30CCAACD-89C4-42BC-8E3B-46D444B1E55D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe () [Datei ist nicht signiert] FirewallRules: [{697DFF73-C8DC-453E-AEEA-CEC054697EA3}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe () [Datei ist nicht signiert] FirewallRules: [{B7DA265F-2310-41A7-B633-F9BF2A010F97}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe () [Datei ist nicht signiert] FirewallRules: [{A9CD180B-141C-4786-B4F9-E99326355120}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> ) FirewallRules: [{6F0F8AA8-2927-4986-AA37-AB5452783183}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => Keine Datei FirewallRules: [TCP Query User{D7FE86A1-6E85-4BD1-B598-1CC53C981C7C}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> ) FirewallRules: [UDP Query User{7B77F5EC-200F-4F98-8487-F7EC357CC0E2}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> ) FirewallRules: [TCP Query User{A7391BF6-BAC2-41FD-9D07-0D23310AFFFC}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.) FirewallRules: [UDP Query User{2DB15225-C550-4153-BCD2-E2A9A699B5F4}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.) FirewallRules: [{0964492B-5067-4F93-A81B-857A48247715}] => (Allow) C:\Program Files (x86)\MAGIX\Music Maker\25\MusicMaker.exe (MAGIX Software GmbH -> MAGIX Software GmbH) FirewallRules: [TCP Query User{9145BEA2-76BB-4161-BDDD-9EDCBABFAD80}C:\program files\windowsapps\arduinollc.arduinoide_1.8.10.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe] => (Allow) C:\program files\windowsapps\arduinollc.arduinoide_1.8.10.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe => Keine Datei FirewallRules: [UDP Query User{68C5D7AB-A3BC-4ACC-8FFA-A46F1C244357}C:\program files\windowsapps\arduinollc.arduinoide_1.8.10.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe] => (Allow) C:\program files\windowsapps\arduinollc.arduinoide_1.8.10.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe => Keine Datei FirewallRules: [{01292D08-00B6-4325-BB67-BA472EE389A4}] => (Block) C:\program files\windowsapps\arduinollc.arduinoide_1.8.10.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe => Keine Datei FirewallRules: [{07A0FE13-598E-43A9-9866-8B254ABB2D96}] => (Block) C:\program files\windowsapps\arduinollc.arduinoide_1.8.10.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe => Keine Datei FirewallRules: [{2AF9D575-462D-4D6D-9C0D-C5CE7C4DE08E}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe (Apowersoft Ltd -> Apowersoft) FirewallRules: [{0960CB8E-7675-46CB-9CD7-01BE81430405}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe (Apowersoft Ltd -> Apowersoft) FirewallRules: [TCP Query User{A604003E-10EB-4DE2-BEA1-29965A9C0187}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (OpenJS Foundation -> Node.js) FirewallRules: [UDP Query User{FF79249E-1188-44EB-9176-D73B923969C1}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (OpenJS Foundation -> Node.js) FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG) FirewallRules: [AusweisApp2-Firewall-Rule-In] => (Allow) C:\Program Files (x86)\AusweisApp2 1.14.0\AusweisApp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG) FirewallRules: [TCP Query User{8C016E5E-CEDB-488B-AAFC-94DEFB61FCD5}C:\program files\dvdfab 10\dvdfab64.exe] => (Allow) C:\program files\dvdfab 10\dvdfab64.exe => Keine Datei FirewallRules: [UDP Query User{17DF202F-F55D-4776-A053-220516D8146A}C:\program files\dvdfab 10\dvdfab64.exe] => (Allow) C:\program files\dvdfab 10\dvdfab64.exe => Keine Datei FirewallRules: [TCP Query User{CE293691-93E6-43F0-ABAA-731BF3732C99}C:\program files\ruby25-x64\bin\ruby.exe] => (Allow) C:\program files\ruby25-x64\bin\ruby.exe (hxxp://www.ruby-lang.org/) [Datei ist nicht signiert] FirewallRules: [UDP Query User{02061A6B-4877-4941-853F-0633343F033A}C:\program files\ruby25-x64\bin\ruby.exe] => (Allow) C:\program files\ruby25-x64\bin\ruby.exe (hxxp://www.ruby-lang.org/) [Datei ist nicht signiert] FirewallRules: [{EFC3F528-AFF2-4D4E-84EF-6F5E32BF5582}] => (Allow) C:\Users\thoma\AppData\Local\Apps\2.0\ER1KADGX.OEK\3Q153P43.PO1\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) FirewallRules: [{6BCC9560-D05D-4CB0-8ED9-D805E83CFED9}] => (Allow) C:\Users\thoma\AppData\Local\Apps\2.0\ER1KADGX.OEK\3Q153P43.PO1\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) FirewallRules: [{BF3B0539-DC6B-43D9-ACEB-286A9D1ABF27}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc.) [Datei ist nicht signiert] FirewallRules: [{56EB2A11-24FB-44E1-84A2-A0B9C8C26EB0}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc.) [Datei ist nicht signiert] FirewallRules: [{CA765333-82C0-4FB7-ABB3-E5402D8C9FC4}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc.) [Datei ist nicht signiert] FirewallRules: [{A8AABDF1-84EC-46E4-99B7-B7B7A5745C29}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc.) [Datei ist nicht signiert] FirewallRules: [{AFDC9808-8DAF-4EA0-B2C7-D9DB24EB93D7}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert] FirewallRules: [{6C5B4FA9-6170-456C-A36C-2A68AA4171AF}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert] FirewallRules: [{998D9583-8831-40AA-8349-C68A60BBD44D}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert] FirewallRules: [{82B0401F-F6B5-479F-8BA0-18CBE0FDEE98}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert] FirewallRules: [{25735172-7456-4756-9E22-2DA729524247}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert] [Datei wird verwendet] FirewallRules: [{0AED960D-DF39-4A82-8B11-80C58438C9EB}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert] [Datei wird verwendet] FirewallRules: [{02D0107B-499C-44D8-8F05-6F131CFC02A3}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert] [Datei wird verwendet] FirewallRules: [{E679284A-4FA4-40E3-B6C1-29105C524218}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert] [Datei wird verwendet] FirewallRules: [TCP Query User{D1EDC7BE-02F9-4938-8C98-C616C965897F}C:\program files (x86)\solarcoin\solarcoin-qt.exe] => (Block) C:\program files (x86)\solarcoin\solarcoin-qt.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{812F630C-5525-4893-83A8-00B9A5B7291D}C:\program files (x86)\solarcoin\solarcoin-qt.exe] => (Block) C:\program files (x86)\solarcoin\solarcoin-qt.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{EF052D73-E887-4C42-B38D-1421421E3959}C:\users\thoma\appdata\local\programs\simpleos\simpleos.exe] => (Allow) C:\users\thoma\appdata\local\programs\simpleos\simpleos.exe (EOSRio) [Datei ist nicht signiert] FirewallRules: [UDP Query User{8C4E498A-00B1-4384-A26C-F1C559136344}C:\users\thoma\appdata\local\programs\simpleos\simpleos.exe] => (Allow) C:\users\thoma\appdata\local\programs\simpleos\simpleos.exe (EOSRio) [Datei ist nicht signiert] FirewallRules: [{3B189224-19A7-4774-BE6F-8FD98236DED2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0105F134-7A85-40AF-BD3A-0DC3097BAA87}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{1BCC3FE5-CA03-42D6-B2F4-845A9D43E35F}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{3BFE3789-3F94-4A54-BC6B-18943AD6785D}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{26B3E283-C0EB-414C-9A56-523E11AC75AE}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{9894C12B-B0E8-4A8C-9B95-AAA450AA44A2}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{5C1804C5-2180-4B4C-AC5F-855F99355A3E}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{5010A225-A6EF-43EF-B5F5-ED32299B7EBE}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{73825360-27DD-45EE-B1B1-9252FDF7961E}] => (Allow) C:\WINDOWS\system32\spacedeskService.exe (Datronicsoft, Inc. -> ) FirewallRules: [TCP Query User{605FE964-E259-4AF0-8FB3-532681E446AC}C:\program files\redis\redis-server.exe] => (Allow) C:\program files\redis\redis-server.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{09A4ED22-6D51-442C-8B27-0C08CC289076}C:\program files\redis\redis-server.exe] => (Allow) C:\program files\redis\redis-server.exe () [Datei ist nicht signiert] FirewallRules: [{97A1540D-39ED-4A4E-BCCE-8784F64FE752}] => (Block) C:\program files\redis\redis-server.exe () [Datei ist nicht signiert] FirewallRules: [{00CE171C-3864-40BB-AB12-C86813E74C51}] => (Block) C:\program files\redis\redis-server.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{8CC18E3C-E199-4735-B4D0-AB06EAEB9F02}C:\program files\neo4j desktop\neo4j desktop.exe] => (Allow) C:\program files\neo4j desktop\neo4j desktop.exe (Neo4j, Inc. -> Neo4j Inc.) FirewallRules: [UDP Query User{D8359F38-2A83-4943-9437-EC7584E55EEC}C:\program files\neo4j desktop\neo4j desktop.exe] => (Allow) C:\program files\neo4j desktop\neo4j desktop.exe (Neo4j, Inc. -> Neo4j Inc.) FirewallRules: [{D706A190-041B-4735-B50A-EA75B88DC69C}] => (Block) C:\program files\neo4j desktop\neo4j desktop.exe (Neo4j, Inc. -> Neo4j Inc.) FirewallRules: [{81970878-436E-40E8-AE62-CCCF70B9A467}] => (Block) C:\program files\neo4j desktop\neo4j desktop.exe (Neo4j, Inc. -> Neo4j Inc.) FirewallRules: [{71FA467A-0769-40CB-9E7E-A0AEAEC5DD10}] => (Allow) D:\download\cloudevo-x32-setup.exe => Keine Datei FirewallRules: [TCP Query User{9D1096A4-A9B7-49BB-ABFF-D20F81B7B752}C:\program files\1&1 verschlüsselung\1&1 verschluesselung.exe] => (Allow) C:\program files\1&1 verschlüsselung\1&1 verschluesselung.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{AD88A7FE-BF84-4B9C-92B3-55E4AF0A3A81}C:\program files\1&1 verschlüsselung\1&1 verschluesselung.exe] => (Allow) C:\program files\1&1 verschlüsselung\1&1 verschluesselung.exe () [Datei ist nicht signiert] FirewallRules: [{100822C4-4DD1-4C08-A17F-577709A5BAFE}] => (Block) C:\program files\1&1 verschlüsselung\1&1 verschluesselung.exe () [Datei ist nicht signiert] FirewallRules: [{54617F60-4B69-4A0C-92FD-5BDCF437E73D}] => (Block) C:\program files\1&1 verschlüsselung\1&1 verschluesselung.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{F8C4E6E3-DC5A-4ED8-BC03-39FEABB7018D}C:\program files (x86)\roger router\roger.exe] => (Allow) C:\program files (x86)\roger router\roger.exe => Keine Datei FirewallRules: [UDP Query User{92E18DC9-4AD9-4949-8E0F-1E464028AFA4}C:\program files (x86)\roger router\roger.exe] => (Allow) C:\program files (x86)\roger router\roger.exe => Keine Datei FirewallRules: [TCP Query User{ADBAFC3E-16A4-4833-BCCF-90F503D7A904}C:\users\thoma\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\thoma\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{5A83EF16-2A38-4A13-A445-2784F88DD8A8}C:\users\thoma\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\thoma\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{327986EC-C24A-43AF-AAC5-1F55475A4CBA}C:\users\thoma\appdata\local\microsip\microsip.exe] => (Allow) C:\users\thoma\appdata\local\microsip\microsip.exe (MSIP Code Signing -> www.microsip.org) [Datei ist nicht signiert] FirewallRules: [UDP Query User{F3949733-E3B1-42F5-A249-598F4DE40E74}C:\users\thoma\appdata\local\microsip\microsip.exe] => (Allow) C:\users\thoma\appdata\local\microsip\microsip.exe (MSIP Code Signing -> www.microsip.org) [Datei ist nicht signiert] FirewallRules: [{15369BE4-CC89-4748-BC5B-E7D9DC2722BA}] => (Allow) C:\Users\thoma\AppData\Local\Programs\Opera\73.0.3856.329\opera.exe => Keine Datei FirewallRules: [{3AC6E6F1-138E-4795-B7A7-E1ACCC587B15}] => (Allow) C:\Users\thoma\AppData\Local\Programs\Opera\73.0.3856.344\opera.exe => Keine Datei FirewallRules: [{CC6AD911-E5C3-49F7-984E-4514010DE2B1}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) FirewallRules: [{31DEA2C3-1337-41EC-8B91-83AED48B256D}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) FirewallRules: [{AA2DEDA8-0A48-4021-8DC0-32BC66D1B0FB}] => (Allow) C:\Program Files (x86)\Audials\Audials 2021\Audials.exe (Audials AG -> Audials AG) FirewallRules: [{B6F19AF5-0BC8-434A-A463-8921346C547A}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.) FirewallRules: [{12548816-4D16-47DE-859C-AF10C52E9BB5}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.) FirewallRules: [{E4EF5DCD-81F7-4B95-BEE5-9F6918F9B28A}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.) FirewallRules: [{D29F4A6A-230C-43DA-AE0E-5827266BFF8B}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.) FirewallRules: [{9B12F4A0-200B-4F5A-9616-0AA6A1C7DD93}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.) FirewallRules: [{77AF9B99-906F-49CC-97EA-46F581AA9B63}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.) FirewallRules: [TCP Query User{F40F040F-5E72-4C4A-AC3D-6A02FB376724}C:\users\thoma\appdata\local\programs\aioz_worker_node\aioz node.exe] => (Allow) C:\users\thoma\appdata\local\programs\aioz_worker_node\aioz node.exe (AIOZ Pte. Ltd. -> AIOZ Company) FirewallRules: [UDP Query User{5E08B2E8-EBC1-4855-828B-3A7E297FAFAB}C:\users\thoma\appdata\local\programs\aioz_worker_node\aioz node.exe] => (Allow) C:\users\thoma\appdata\local\programs\aioz_worker_node\aioz node.exe (AIOZ Pte. Ltd. -> AIOZ Company) FirewallRules: [{7B9C4482-4D7C-4CD4-BD76-E44FE03FFF36}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{831CEDAF-FF2E-4A1D-B7CA-DC74DA139647}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{4983C192-A4C6-41F2-897E-DDC87A9B54AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{040CC7D9-A611-4340-B9FA-07965C51C0FA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{C7B6FC63-2911-449F-87FA-7E21804CB1CF}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC) FirewallRules: [{10C7C440-FF29-4965-8059-9808876436F8}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC) FirewallRules: [{9CA0EC33-A631-4B27-BA4A-C1DED43D778D}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.) FirewallRules: [{748ED390-DD7F-474C-8668-F717D941B226}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.) FirewallRules: [{B221106D-4425-4374-A18E-419BD6027B4A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{CDF46F33-BEEB-4768-85E1-1D8841A897E8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{FBC05E20-28F6-44AD-88F1-D69FB2FF74E4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{BE73FAAB-662B-4192-B1A2-0ADC03F2629D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{21238254-9B30-4847-9B6B-74B564F9084D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{F06D9240-80BD-4E39-A7A5-75E7C438C40A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A3EB4C60-C85F-4085-B405-BD43702386A0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{67CD1ED7-7596-4CFB-930E-29B07CA99D5A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{A2C10EAE-56A1-4985-A5A6-616A27C6FEC2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{2D4CFB98-15C5-4213-B7EB-536152AEDFAF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{52CB7ACC-B77B-4F95-A6F7-ED980B786EEE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{DB2E1FE5-3880-4ADC-825C-C33EE79D849B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{02E6A333-4B11-4D3A-9ECA-92674C71D13F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{744B6FDD-9CA3-4A26-865F-4BDF50AE415C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{59DD4529-F901-44EC-A9AB-6A53E99E85BE}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [{3A3F5297-D75E-401C-8530-08907C9CB6F9}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{130392B2-C94C-489D-A79E-9CA161E40AB3}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs) FirewallRules: [{4DB7EF25-E247-46DA-8934-63096927D5E6}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs) FirewallRules: [{E4EFEC18-8074-4EB9-BC5D-33FE70FA50A7}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs) FirewallRules: [{82987193-8FA3-4BE9-B229-6B2C34EBE815}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs) FirewallRules: [{DD9887F8-49F9-456C-B6E9-24894EDFDF08}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs) FirewallRules: [{2FDB15BC-AD28-463E-BA4E-E50F22D6F7D6}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs) FirewallRules: [{081033D6-6D30-4D08-88E4-0FA0A956E660}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\91.0.864.59\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{514D8199-5D1D-4659-8434-9907DF8512B9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{C3A6E00C-9867-4E59-87A1-8433116E512E}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> ) FirewallRules: [{510B2EAC-EC04-44B3-A9D8-71C2B1F059DF}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> ) FirewallRules: [{5D0D88A4-91C2-42CC-9DE3-72129BBEF6F7}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) FirewallRules: [{8C5311A4-DEF2-4DAB-8FC7-2B721E0A0A8D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) FirewallRules: [{C113D1E4-D83E-4095-8011-70B9B70A14E9}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\ASUSDMS.exe => Keine Datei FirewallRules: [{A64E2D51-9871-4D68-AF17-77DB825AF8C9}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\ASUSDMS.exe => Keine Datei ==================== Wiederherstellungspunkte ========================= 24-06-2021 08:56:45 Windows Modules Installer 24-06-2021 09:00:00 Windows Modules Installer 24-06-2021 09:00:23 Windows Modules Installer 27-06-2021 20:00:26 Windows Modules Installer ==================== Fehlerhafte Geräte im Gerätemanager ============ ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (06/27/2021 08:52:38 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Error: (06/27/2021 08:48:58 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Error: (06/27/2021 07:09:59 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Error: (06/27/2021 07:09:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: mbamtray.exe, Version: 4.0.0.1023, Zeitstempel: 0x60be8592 Name des fehlerhaften Moduls: Qt5Core.dll, Version: 5.14.1.0, Zeitstempel: 0x603971ce Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000219dc5 ID des fehlerhaften Prozesses: 0x2150 Startzeit der fehlerhaften Anwendung: 0x01d76b77268a4d3c Pfad der fehlerhaften Anwendung: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe Pfad des fehlerhaften Moduls: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll Berichtskennung: 861b3239-1604-434b-8a1f-a26e4a32ca7d Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (06/27/2021 06:58:25 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Error: (06/27/2021 06:46:35 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Error: (06/27/2021 06:41:50 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Error: (06/27/2021 06:38:09 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Systemfehler: ============= Error: (06/27/2021 06:25:36 PM) (Source: Ntfs) (EventID: 137) (User: ) Description: Auf dem Volume "Z:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten. Error: (06/27/2021 06:06:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Freemake Improver" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Error: (06/27/2021 06:06:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Freemake Improver erreicht. Error: (06/27/2021 06:06:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) TPM Provisioning Service erreicht. Error: (06/27/2021 06:06:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Adiscon EvntSLog" wurde mit folgendem Fehler beendet: Das System konnte die eingegebene Umgebungsoption nicht finden. Error: (06/27/2021 06:05:45 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ) Description: Für den Miniport "Qualcomm Atheros QCA61x4A Wireless Network Adapter, {b2fdbaf9-7801-4d7f-b29c-71fd5d746b40}" ist das Ereignis "71" aufgetreten. Error: (06/27/2021 06:05:45 PM) (Source: Qcamain10x64) (EventID: 5002) (User: ) Description: Qualcomm Atheros QCA61x4A Wireless Network Adapter : Fehlfunktion des Netzwerkadapters wurde ermittelt. Error: (06/27/2021 05:39:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Freemake Improver" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Windows Defender: ================ Date: 2021-06-27 20:21:05 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {52E96D86-BBFB-4D6F-9352-3E736766F206} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2021-06-27 20:00:28 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {D1F0FCDC-4921-4B15-AF42-C8BB394D8F08} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM CodeIntegrity: =============== Date: 2021-06-27 20:49:03 Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume8\Program Files (x86)\1&1\1&1 Upload-Manager\SHNDLERS64.DLL that did not meet the Microsoft signing level requirements. Date: 2021-06-27 20:12:54 Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume8\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. ==================== Speicherinformationen =========================== BIOS: American Megatrends Inc. 1301 03/14/2018 Hauptplatine: ASUSTeK COMPUTER INC. MAXIMUS IX FORMULA Prozessor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz Prozentuale Nutzung des RAM: 40% Installierter physikalischer RAM: 32628.76 MB Verfügbarer physikalischer RAM: 19451.36 MB Summe virtueller Speicher: 37492.76 MB Verfügbarer virtueller Speicher: 24364.71 MB ==================== Laufwerke ================================ Drive c: (SSD) (Fixed) (Total:428.24 GB) (Free:38.32 GB) NTFS Drive d: (DATEN) (Fixed) (Total:1862.97 GB) (Free:737 GB) NTFS Drive e: (BACKUP) (Fixed) (Total:1862.97 GB) (Free:18.62 GB) NTFS Drive f: (SOFTWARE) (Fixed) (Total:1862.97 GB) (Free:1200.67 GB) NTFS Drive g: (BACKUP) (Fixed) (Total:2794.39 GB) (Free:222.81 GB) NTFS Drive m: (DatenThomas) (Fixed) (Total:50 GB) (Free:15.8 GB) exFAT Drive s: (Daten Scan) (Fixed) (Total:20 GB) (Free:8.9 GB) exFAT Drive v: (AKTUAR) (Fixed) (Total:40 GB) (Free:10.21 GB) exFAT Drive z: (Mail) (Fixed) (Total:25 GB) (Free:8 GB) NTFS \\?\Volume{d1702751-8f2d-11eb-a3a9-107b4415ae9e}\ () (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS \\?\Volume{d170274f-8f2d-11eb-a3a9-107b4415ae9e}\ () (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ==================== Ende von Addition.txt ======================= |
27.06.2021, 20:53 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt Störende, veraltete oder unnötige Programme deinstallieren Bitte über Programme und Features (appwiz.cpl) deinstallieren: 1&1 Upload-Manager 1&1 Verschlüsselung 1.0.4 7-Zip 19.00 (x64) Adobe Acrobat 8 Professional Adobe Acrobat Reader DC Asus ProductDaemonSetup Asus Sonic Radar 3 Asus SonicRadar3Setup Audacity 2.1.3 Audacity 3.0.0 Avast Free Antivirus Avast Secure Browser Brave IObit Software Updater OpenOffice 4.1.7
__________________ Logfiles bitte immer in CODE-Tags posten |
27.06.2021, 21:18 | #9 | ||
| Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt Die Programme Zitat:
Zitat:
Die folgenden Programme nutze ich aktiv: - 1&1 Upload-Manager -> Daten in 1&1 Cloud laden - 1&1 Verschlüsselung 1.0.4 -> Verschlüsselung in 1&1 Cloud - 7-Zip 19.00 (x64) -> lt. Seite die aktuelle Version, es gibt nur eine neue alpha - Adobe Acrobat Reader DC -> wie soll ich sonst PDF Dateien anschauen? - Audacity 3.0.0 -> was kann ich für den Audioschnitt sonst nutzen - Avast Free Antivirus -> den PC wirklich ganz ohne Virenscanner betreiben? Der defender hat bisher noch nie gewarnt - OpenOffice 4.1.7 -> brauche ich zwingend, kann ich aber auf 4.1.10 updaten. OK? |
27.06.2021, 21:26 | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. adwcleaner zwecks Kontrolle bitte wiederholen, falls es Funde gab.
__________________ Logfiles bitte immer in CODE-Tags posten |
27.06.2021, 21:46 | #11 |
| Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt Adwcleaner habe ich laufen lassen, hat noch Reste von Iobit gefunden, in Quarantäne verschoben. AdwCleaner[S03].txt Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 8.2.0.0 # ------------------------------- # Build: 03-22-2021 # Database: 2021-05-17.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 06-27-2021 # Duration: 00:00:11 # OS: Windows 10 Pro # Scanned: 31980 # Detected: 1 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** PUP.Optional.AdvancedSystemCare C:\Users\thoma\AppData\Roaming\IObit\Advanced SystemCare ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** No Preinstalled Software found. AdwCleaner[S00].txt - [1729 octets] - [31/05/2021 08:04:27] AdwCleaner[C00].txt - [1737 octets] - [31/05/2021 08:05:26] AdwCleaner[S01].txt - [1647 octets] - [31/05/2021 08:05:54] AdwCleaner[C01].txt - [1848 octets] - [31/05/2021 08:06:23] AdwCleaner[S02].txt - [1649 octets] - [27/06/2021 19:08:06] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ########## Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 8.2.0.0 # ------------------------------- # Build: 03-22-2021 # Database: 2021-05-17.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 06-27-2021 # Duration: 00:00:00 # OS: Windows 10 Pro # Cleaned: 1 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Users\thoma\AppData\Roaming\IObit\Advanced SystemCare ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** No malicious registry entries cleaned. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [1729 octets] - [31/05/2021 08:04:27] AdwCleaner[C00].txt - [1737 octets] - [31/05/2021 08:05:26] AdwCleaner[S01].txt - [1647 octets] - [31/05/2021 08:05:54] AdwCleaner[C01].txt - [1848 octets] - [31/05/2021 08:06:23] AdwCleaner[S02].txt - [1649 octets] - [27/06/2021 19:08:06] AdwCleaner[S03].txt - [1771 octets] - [27/06/2021 22:35:25] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ########## Nach Neustart läuft Adwcleaner ohne Fehler durch. Das Problem ist aber leider noch nicht behoben. |
27.06.2021, 22:00 | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt Kontrollscans mit MBAM und RK Jetzt ist es an der Zeit für Kontrollscans mit Poste nach Abschluss der beiden Scans die Logs in CODE-Tags.
__________________ Logfiles bitte immer in CODE-Tags posten |
27.06.2021, 22:35 | #13 |
| Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt Malwarebytes lieferte keine Fehler: Code:
ATTFilter Malwarebytes www.malwarebytes.com -Protokolldetails- Scan-Datum: 27.06.21 Scan-Zeit: 23:06 Protokolldatei: 8996c484-d78b-11eb-9016-107b4415ae9e.json -Softwaredaten- Version: 4.4.0.117 Komponentenversion: 1.0.1344 Version des Aktualisierungspakets: 1.0.42341 Lizenz: Kostenlos -Systemdaten- Betriebssystem: Windows 10 (Build 19043.1081) CPU: x64 Dateisystem: NTFS Benutzer: DESKTOP-HCA6LJN\thoma -Scan-Übersicht- Scan-Typ: Bedrohungs-Scan Scan gestartet von: Manuell Ergebnis: Abgeschlossen Gescannte Objekte: 495386 Erkannte Bedrohungen: 0 In die Quarantäne verschobene Bedrohungen: 0 Abgelaufene Zeit: 6 Min., 14 Sek. -Scan-Optionen- Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Erkennung PUM: Erkennung -Scan-Details- Prozess: 0 (keine bösartigen Elemente erkannt) Modul: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswert: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Datei: 0 (keine bösartigen Elemente erkannt) Physischer Sektor: 0 (keine bösartigen Elemente erkannt) WMI: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter RogueKiller Anti-Malware V15.0.3.0 (x64) [Jun 15 2021] (Free) von Adlice Software Mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Betriebssystem : Windows 10 (10.0.19043) 64 bits Gestartet in : Normaler Modus Benutzer : thoma [Administrator] Gestartet von : D:\download\+++ troyaner +++\RogueKiller_portable64.exe Signaturen : 20210625_090122, Treiber : Geladen Modus : Standard-Scan, Löschen -- Datum : 2021/06/27 23:26:01 (Dauer : 00:09:43) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Löschen ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [PUP.InnovativeSolutions (Potenziell bösartig)] HKEY_LOCAL_MACHINE\Software\Innovative Solutions -- -> Gelöscht [PUP.InnovativeSolutions (Potenziell bösartig)] HKEY_USERS\S-1-5-21-4198695647-2910091461-4277131257-1001\Software\Innovative Solutions -- -> Gelöscht [PUP.Gen1 (Potenziell bösartig)] HKEY_USERS\S-1-5-21-4198695647-2910091461-4277131257-1001\Software\simplitec -- -> Gelöscht [Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{A3ECD6CC-7278-479F-914C-9EF6875F04A9}C:\users\thoma\appdata\local\temp\temp3_sdi_r1909.zip\sdi_r1909.exe -- [%localappdata%\temp\temp3_sdi_r1909.zip\sdi_r1909.exe] -> Gelöscht [Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{44DF1E9F-FDB8-484B-8C22-74819C478E71}C:\users\thoma\appdata\local\temp\temp3_sdi_r1909.zip\sdi_r1909.exe -- [%localappdata%\temp\temp3_sdi_r1909.zip\sdi_r1909.exe] -> Gelöscht [Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{4EA34F38-4276-4653-8F9E-F4FF95AC428A}C:\users\thoma\appdata\local\temp\temp2_sdi_r1909.zip\sdi_r1909.exe -- [%localappdata%\temp\temp2_sdi_r1909.zip\sdi_r1909.exe] -> Gelöscht [Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{DBCFC9EB-5AA9-466E-993D-B44D88E28B1C}C:\users\thoma\appdata\local\temp\temp2_sdi_r1909.zip\sdi_r1909.exe -- [%localappdata%\temp\temp2_sdi_r1909.zip\sdi_r1909.exe] -> Gelöscht [Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{E3CC2B46-DA47-421C-94E7-B5F8C2A9C5A8}C:\users\thoma\appdata\local\temp\_istmp1.dir\_ins5576._mp -- [%localappdata%\temp\_istmp1.dir\_ins5576._mp] -> Gelöscht [Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{B60EC78A-68A4-4721-8274-C73E0818A5DC}C:\users\thoma\appdata\local\temp\_istmp1.dir\_ins5576._mp -- [%localappdata%\temp\_istmp1.dir\_ins5576._mp] -> Gelöscht [Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{8C4E498A-00B1-4384-A26C-F1C559136344}C:\users\thoma\appdata\local\programs\simpleos\simpleos.exe -- [%localappdata%\Programs\simpleos\simpleos.exe] -> Gelöscht [Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{EF052D73-E887-4C42-B38D-1421421E3959}C:\users\thoma\appdata\local\programs\simpleos\simpleos.exe -- [%localappdata%\Programs\simpleos\simpleos.exe] -> Gelöscht [PUP.InnovativeSolutions (Potenziell bösartig)] Innovative Solutions -- %_thoma_appdata%\Innovative Solutions -> Gelöscht [PUP.InnovativeSolutions (Potenziell bösartig)] Innovative Solutions -- %localappdata%\Innovative Solutions -> Gelöscht [PUP.InnovativeSolutions (Potenziell bösartig)] Innovative Solutions -- %programfiles(x86)%\Innovative Solutions -> Gelöscht [Adw.TopTools (Bösartig)] Tools -- %programfiles(x86)%\Tools -> Entfernt beim Neustart [91] Wahrscheinlich eine Fehlerkennung. |
27.06.2021, 22:38 | #14 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt Dann bitte neue FRST-Logs.
__________________ Logfiles bitte immer in CODE-Tags posten |
27.06.2021, 22:46 | #15 |
| Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt FRST.txt FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 26-06-2021 durchgeführt von thoma (Administrator) auf DESKTOP-HCA6LJN (27-06-2021 23:41:01) Gestartet von D:\download\+++ troyaner +++ Geladene Profile: thoma Platform: Windows 10 Pro Version 21H1 19043.1081 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: FF Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\S5WOW_App\ATHEROS\S5wow.exe () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\S5WOW_App\x64\S5wow_2005.exe (1 und 1 Internet AG -> 1&1 Internet AG) C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\ASUSRelayWS.exe (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\LightingService\1.00.29\AsRogAuraGpuDllServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.30\aaHMSvc.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.09.08\AsusFanControlService.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\2.00.06\atkexComSvc.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\1.00.29\LightingService.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <5> (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe (Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskService.exe (Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskServiceTray.exe (DeepL GmbH) [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\DeepL.exe (Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (EIZO Corporation -> EIZO Corporation) C:\Program Files (x86)\EIZO\Screen InStyle\ScreenInStyle.exe (FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe (FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe (FabulaTech, LLP -> VMware) C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2> (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE (GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe (GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe (GN AUDIO A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct4\jabra-direct.exe <4> (GN AUDIO A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct4\SoftphoneIntegrations.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe <2> (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (IDRIX SARL -> IDRIX) C:\Program Files\VeraCrypt\VeraCrypt.exe (IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe (Intel(R) INTELND1617S2 -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\igfxCUIService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\IntelCpHDCPSvc.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_778512ee63a728ec\RstMwService.exe (Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (LULU Software -> LULU Software) C:\Program Files\Soda PDF Desktop\creator\common\creator-ws.exe (LULU Software -> LULU Software) C:\Program Files\Soda PDF Desktop\updater-ws.exe (Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\kited.exe (Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\KiteService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe (MiniTool Software Limited -> ) C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe (MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8> (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (MSIP Code Signing -> www.microsip.org) [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\MicroSIP\microsip.exe (Nenad Hrg -> Nenad Hrg SoftwareOK) C:\Program Files\DesktopOK\DesktopOK_x64.exe (Open Source Developer, Dominik Reichl -> Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\thoma\AppData\Local\slack\app-4.17.1\slack.exe <5> (SplitmediaLabs Limited -> SplitmediaLabs Limited) C:\Program Files\XSplit\VCam\service\XSpltVidSvc.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (The CefSharp Authors) [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\CefSharp.BrowserSubprocess.exe <3> (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Xerox Corporation -> Xerox Corporation) C:\Program Files\Xerox\XeroxPrintExperience\CommonFiles\XeroxPrintJobEventManagerService.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-10-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [122592 2021-06-03] (Avast Software s.r.o. -> AVAST Software) HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [7580488 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd) HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1068624 2020-10-11] (Heidi Computers Ltd -> The Eraser Project) HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> ) HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3160256 2021-05-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl) HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [564928 2021-03-25] (geek software GmbH -> geek software GmbH) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288672 2021-05-21] (IDSA Production signing key 2021 -> Intel) HKLM-x32\...\Run: [Jabra Direct] => C:\Program Files (x86)\Jabra\Direct4\jabra-direct.exe [106801552 2021-06-09] (GN AUDIO A/S -> GN Audio A/S) HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31046640 2020-09-21] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [VeraCrypt] => C:\Program Files\VeraCrypt\VeraCrypt.exe [5928728 2020-10-11] (IDRIX SARL -> IDRIX) HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [1&1_1&1 Upload-Manager] => C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE [989264 2011-11-21] (1 und 1 Internet AG -> 1&1 Internet AG) HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [DeepL] => C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\DeepL.exe [133632 2021-05-30] (DeepL GmbH) [Datei ist nicht signiert] HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [Kite] => C:\Program Files\Kite\kited.exe [562179520 2021-06-10] (Manhattan Engineering Incorporated -> Kite) HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [DesktopOK] => C:\Program Files\DesktopOK\DesktopOK_x64.exe [921480 2021-03-16] (Nenad Hrg -> Nenad Hrg SoftwareOK) HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\GlassWire.exe [9242536 2021-05-14] (GlassWire -> SecureMix LLC) HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\thoma\AppData\Local\slack\slack.exe [308368 2021-06-06] (Slack Technologies, Inc. -> Slack Technologies Inc.) HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\MountPoints2: {1768b476-52b6-11eb-868b-107b4415ae9e} - "O:\AutoRun.exe" HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\MountPoints2: {6b500ea1-4a0e-11eb-867b-107b4415ae9e} - "O:\AutoRun.exe" HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\MountPoints2: {6b500f5d-4a0e-11eb-867b-107b4415ae9e} - "O:\setup.exe" AUTORUN=1 HKU\S-1-5-21-4198695647-2910091461-4277131257-1003\...\Run: [2FFD542F547A6A94419661128FD7298878C7A371._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8 HKU\S-1-5-21-4198695647-2910091461-4277131257-1003\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --auto-launch-onlogon --start-maximized --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session -- (Der Dateneintrag hat 70 mehr Zeichen). HKU\S-1-5-21-4198695647-2910091461-4277131257-1005\...\RunOnce: [Application Restart #0] => C:\Program Files\Macrium\Common\ReflectMonitor.exe [26150760 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd) HKU\S-1-5-21-4198695647-2910091461-4277131257-1005\...\RunOnce: [Application Restart #1] => C:\Program Files\Macrium\Common\ReflectUI.exe [7580488 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd) HKU\S-1-5-21-4198695647-2910091461-4277131257-1010\...\RunOnce: [Application Restart #0] => C:\Program Files\Macrium\Common\ReflectUI.exe [7580488 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd) HKU\S-1-5-21-4198695647-2910091461-4277131257-1010\...\RunOnce: [Application Restart #1] => C:\Program Files\Macrium\Common\ReflectMonitor.exe [26150760 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd) HKLM\...\Windows x64\Print Processors\TeamViewer_PrintProcessor: C:\Windows\System32\spool\prtprocs\x64\TeamViewer_PrintProcessor.dll [20208 2017-08-29] (TeamViewer GmbH -> ) HKLM\...\Print\Monitors\Adobe PDF Port: C:\Windows\SysWOW64\AdobePDF.dll [28248 2006-09-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MX920 series XPS: C:\Windows\System32\CNMXLMBL.DLL [393728 2012-09-20] (CANON INC.) [Datei ist nicht signiert] HKLM\...\Print\Monitors\FRITZ!fax Color Port Monitor: C:\Windows\System32\FritzColorPort64.dll [20480 2006-02-23] () [Datei ist nicht signiert] HKLM\...\Print\Monitors\FRITZ!fax Port Monitor: C:\Windows\System32\FritzPort64.dll [20480 2006-02-22] () [Datei ist nicht signiert] HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\WINDOWS\system32\pxcpmL.dll [2057488 2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) HKLM\...\Print\Monitors\PDFill Writer Monitor: C:\Program Files (x86)\PlotSoft\PDFill\PDFWriter\Driver\PDFillWriterMon.dll [38824 2020-08-23] (PlotSoft LLC -> Windows (R) Codename Longhorn DDK provider) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-06-26] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Screen InStyle.lnk [2018-09-09] ShortcutTarget: Screen InStyle.lnk -> C:\Program Files (x86)\EIZO\Screen InStyle\ScreenInStyle.exe (EIZO Corporation -> EIZO Corporation) Startup: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MicroSIP.lnk [2021-06-16] ShortcutTarget: MicroSIP.lnk -> C:\Users\thoma\AppData\Local\MicroSIP\microsip.exe (MSIP Code Signing -> www.microsip.org) [Datei ist nicht signiert] Startup: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mount_Veracrypt.cmd [2020-10-26] () [Datei ist nicht signiert] HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {005D84C2-EDA3-438D-AE0F-0FB0FAFE59C7} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - Periodic Refresh => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [393928 2020-10-30] (Xerox Corporation -> Xerox Corporation) Task: {105E52A6-D36D-48FD-B0E9-81D2EDAEC76A} - System32\Tasks\SS3svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe Task: {1AC165B8-E271-4985-A76D-0F53F4683552} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1112576 2017-05-19] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.) Task: {26C8469C-15C8-4782-B07D-4A9E084BEFB6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software) Task: {36873C61-2D8A-46EB-8B00-6F08E23D19A4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118104 2021-06-21] (Microsoft Corporation -> Microsoft Corporation) Task: {37AFCB71-04A4-4CFD-B0D9-0FF999AB1494} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754104 2021-01-07] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {3858C6E9-501D-4496-89F7-79F2CB232AD4} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-4198695647-2910091461-4277131257-1001 => C:\Users\thoma\AppData\Local\MEGAsync\MEGAupdater.exe [615672 2020-09-20] (Mega Limited -> Mega Limited) Task: {400FEC93-A76B-465F-9FF5-2409C8845D34} - System32\Tasks\G2MUploadTask-S-1-5-21-4198695647-2910091461-4277131257-1001 => C:\Users\thoma\AppData\Local\GoToMeeting\19228\g2mupload.exe [31320 2020-12-18] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {40820894-D3D8-453F-9638-D584DD1DF9B8} - System32\Tasks\Opera scheduled Autoupdate 1573333256 => C:\Users\thoma\AppData\Local\Programs\Opera\launcher.exe Task: {41EC6830-B92E-448B-9809-DAEF9B702842} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-19] (Google Inc -> Google Inc.) Task: {4768BAE1-518E-4A29-9969-55CFE764FCFC} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [1461200 2016-10-07] (ASUSTeK Computer Inc. -> ) Task: {4C058142-2FFD-4045-93C5-ADA908B4B609} - System32\Tasks\ASUS\AsRogAuraGpuDllServer => C:\Program Files (x86)\LightingService\1.00.29\AsRogAuraGpuDllServer.exe [247256 2017-09-22] (ASUSTeK Computer Inc. -> ) Task: {4CD90931-266C-4C0B-9E98-9E004A647A73} - System32\Tasks\G2MUpdateTask-S-1-5-21-4198695647-2910091461-4277131257-1001 => C:\Users\thoma\AppData\Local\GoToMeeting\19228\g2mupdate.exe [31320 2020-12-18] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {5135714E-030B-47A6-AE5E-866A1A560FC9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {52F61971-8A47-41A3-A297-12F0F1B20380} - System32\Tasks\Software Updater SkipUAC(sandr) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe <==== ACHTUNG Task: {5648571B-7BD1-4A03-82C7-FAC6869F1D3C} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1290200 2017-02-09] (ASUSTeK Computer Inc. -> ) Task: {5A520292-B468-42E9-A05D-4A0ED5DCDFEA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5B328278-0F03-458B-A576-D29414E41BA6} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4417496 2017-02-09] (ASUSTeK Computer Inc. -> TODO: <Company name>) Task: {5D401512-7328-48D0-AF35-4D64BCF4D2E9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124896 2021-06-21] (Microsoft Corporation -> Microsoft Corporation) Task: {629711A6-2BB3-4E6A-8641-B58D732CCC38} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {654FCFAA-1722-4954-A235-E0C20FB80BE7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-19] (Google Inc -> Google Inc.) Task: {668E4F81-18AF-4517-A7AF-8A03FE4AA593} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {6FA86AE2-51B5-4E3C-B7AF-CFFD2CE4542F} - System32\Tasks\Xerox\Xerox PowerENGAGE => C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe [117984 2016-09-13] (Aviata Inc -> Aviata Inc) Task: {710AAD34-E848-41D2-9CB2-C2309C09843D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118104 2021-06-21] (Microsoft Corporation -> Microsoft Corporation) Task: {7F79EC1F-9496-4D3D-A9B6-8B149818496A} - System32\Tasks\ASUS\ASUS File Transfer Server Launcher => C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server Launcher.exe [1898480 2016-09-21] (ASUSTeK Computer Inc. -> TODO: <Company name>) Task: {8277A3E4-ECA0-4132-9223-4FA0C2D4A733} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-06-26] (Mozilla Corporation -> Mozilla Foundation) Task: {8AF3B45E-EEE7-4BE9-BB6E-A773008DF0EF} - System32\Tasks\Xerox\Xerox PowerENGAGE Update => C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe [117984 2016-09-13] (Aviata Inc -> Aviata Inc) Task: {997A2699-5CB4-40B3-BEE1-CEB12890E80C} - System32\Tasks\SS3svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3svc64.exe Task: {AB0B23DB-4923-4FF3-AE82-8ECF5E00D829} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-09-21] (Garmin International, Inc. -> ) Task: {B46E811C-C114-4DEE-A6CF-3EE27C5D8083} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [1995736 2017-02-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) Task: {B52182A2-B47B-4EBA-B666-7EFCAE0627D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B6E72D07-8306-4149-B123-147034168A5A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124896 2021-06-21] (Microsoft Corporation -> Microsoft Corporation) Task: {BFD7E10A-CE58-46C0-8E09-4E213B5A51B0} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> ) Task: {C45FC55E-D980-4C28-A408-EF9E520429C3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C494B1F9-E781-4E2A-9025-6927DFF35D29} - System32\Tasks\Amazon Music Helper => C:\Users\thoma\AppData\Local\Amazon Music\Amazon Music Helper.exe [2091960 2020-01-10] (Amazon Services LLC -> Amazon.com Services LLC) Task: {CA2022A4-B81D-4010-9355-193A1B8F32E8} - System32\Tasks\Start CorsairLink4 => C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe [27067088 2017-09-08] (Corsair Components, Inc. -> Corsair Components, Inc.) Task: {D41EBB5B-37DF-49E1-85D6-D951987DCC05} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4808928 2021-06-03] (Avast Software s.r.o. -> AVAST Software) Task: {DDE652BF-3898-4A66-8CD4-D92C0089C2B8} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3074176 2021-04-15] (Intel(R) System Usage Report -> Intel Corporation) Task: {E06909C6-0A80-41E5-87AE-1F95D1B6C26E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3074176 2021-04-15] (Intel(R) System Usage Report -> Intel Corporation) Task: {E345DE8F-18F9-4C60-BC6B-C18B88BB50ED} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - New or Changed => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [393928 2020-10-30] (Xerox Corporation -> Xerox Corporation) Task: {E573A806-D442-4C3A-9A81-5DC052FC282C} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {E77DD0DB-B08E-43DD-96C5-9AA2A084D1CA} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {FDE19336-B182-4BA9-8557-48C100F6C152} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - User Logon => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [393928 2020-10-30] (Xerox Corporation -> Xerox Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4198695647-2910091461-4277131257-1001.job => C:\Users\thoma\AppData\Local\GoToMeeting\19228\g2mupdate.exe Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4198695647-2910091461-4277131257-1001.job => C:\Users\thoma\AppData\Local\GoToMeeting\19228\g2mupload.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{4767166f-faa3-49bd-bcaa-773a41ea516f}: [DhcpNameServer] 192.168.178.1 Edge: ======= DownloadDir: D:\download Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden] Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden] Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden] Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden] Edge DefaultProfile: Default Edge Profile: C:\Users\thoma\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-27] Edge DownloadDir: Default -> D:\download FireFox: ======== FF DefaultProfile: Mozilla Firefox FF ProfilePath: M:\Mozilla Firefox [2020-10-26] FF Homepage: M:\Mozilla Firefox -> hxxps://www.google.de/ FF Extension: (Firefox Lightbeam) - M:\Mozilla Firefox\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2018-02-17] FF Extension: (Dark YouTube Theme) - M:\Mozilla Firefox\Extensions\jid1-hDf2iQXGiUjzGQ@jetpack.xpi [2017-09-06] FF Extension: (MetaMask) - M:\Mozilla Firefox\Extensions\webextension@metamask.io.xpi [2018-03-07] FF Extension: (1-Click YouTube Video Downloader) - M:\Mozilla Firefox\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2018-04-13] FF Extension: (EPUBReader) - M:\Mozilla Firefox\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}.xpi [2020-06-23] FF Extension: (Flash- und Video-Download) - M:\Mozilla Firefox\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2018-08-31] FF Extension: (OkayFreedom) - M:\Mozilla Firefox\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2016-06-17] [UpdateUrl:hxxps://www.steganos.com/updates/okayfreedom/update_okayfreedom_ff.rdf] FF Extension: (Video DownloadHelper) - M:\Mozilla Firefox\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-12-17] FF Extension: (JSONView) - M:\Mozilla Firefox\Extensions\jsonview@brh.numbera.com.xpi [2021-01-06] FF Extension: (DownThemAll!) - M:\Mozilla Firefox\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2021-01-23] FF Extension: (Windscribe - Free Proxy and Ad Blocker) - M:\Mozilla Firefox\Extensions\@windscribeff.xpi [2021-02-08] FF Extension: (Ghostery – Datenschutzorientierter Werbeblocker) - M:\Mozilla Firefox\Extensions\firefox@ghostery.com.xpi [2021-03-03] FF Extension: (I don't care about cookies) - M:\Mozilla Firefox\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2021-04-19] FF Extension: (Kee - Password Manager) - M:\Mozilla Firefox\Extensions\keefox@chris.tomlinson.xpi [2021-05-06] FF Extension: (Web of Trust) - M:\Mozilla Firefox\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2021-05-10] FF Extension: (Python Notebook Viewer) - M:\Mozilla Firefox\Extensions\rushikesh988-5@gmail.com.xpi [2021-05-16] FF Extension: (Adblock Plus - kostenloser Adblocker) - M:\Mozilla Firefox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-05-19] FF Extension: (NoScript) - M:\Mozilla Firefox\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-06-26] FF SearchPlugin: M:\Mozilla Firefox\searchplugins\duckduckgo.xml [2013-08-15] FF SearchPlugin: M:\Mozilla Firefox\searchplugins\englische-ergebnisse.xml [2012-09-26] FF SearchPlugin: M:\Mozilla Firefox\searchplugins\gmx-suche.xml [2012-09-26] FF SearchPlugin: M:\Mozilla Firefox\searchplugins\lastminute.xml [2012-09-26] FF SearchPlugin: M:\Mozilla Firefox\searchplugins\webde-suche.xml [2012-09-26] FF ProfilePath: C:\Users\thoma\AppData\Roaming\Mozilla\Firefox\Profiles\f62kpuh7.default [2021-06-27] FF Extension: (OkayFreedom) - C:\Users\thoma\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2019-03-27] [UpdateUrl:hxxps://www.steganos.com/updates/okayfreedom/update_okayfreedom_ff.rdf] FF Extension: (KeeFox) - C:\Users\thoma\AppData\Roaming\Mozilla\Firefox\Profiles\f62kpuh7.default\Extensions\keefox@chris.tomlinson [2017-10-19] [] FF Extension: (Avast SafePrice | Vergleich, Angebote, Gutscheine) - C:\Users\thoma\AppData\Roaming\Mozilla\Firefox\Profiles\f62kpuh7.default\Extensions\sp@avast.com.xpi [2019-11-15] FF Extension: (Avast Online Security) - C:\Users\thoma\AppData\Roaming\Mozilla\Firefox\Profiles\f62kpuh7.default\Extensions\wrc@avast.com.xpi [2019-11-15] FF HKLM\...\Firefox\Extensions: [soda_pdf_desktop_conv@sodapdf.com] - C:\Program Files\Soda PDF Desktop\creator\plugins\FirefoxAddin\soda_pdf_desktop_conv@sodapdf.com.xpi FF Extension: (Soda PDF Desktop Creator) - C:\Program Files\Soda PDF Desktop\creator\plugins\FirefoxAddin\soda_pdf_desktop_conv@sodapdf.com.xpi [2018-06-04] [] FF HKLM\...\Firefox\Extensions: [soda_pdf_desktop_conv_v.2@sodapdf.com] - C:\Program Files\Soda PDF Desktop\creator\plugins\FirefoxAddin\soda_pdf_desktop_conv_v.2@sodapdf.com.xpi FF Extension: (Soda PDF Desktop Creator) - C:\Program Files\Soda PDF Desktop\creator\plugins\FirefoxAddin\soda_pdf_desktop_conv_v.2@sodapdf.com.xpi [2018-06-04] FF HKLM-x32\...\Firefox\Extensions: [soda_pdf_desktop_conv_v.2@sodapdf.com] - C:\Program Files\Soda PDF Desktop\creator\plugins\FirefoxAddin\soda_pdf_desktop_conv_v.2@sodapdf.com.xpi FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: Soda PDF Desktop -> C:\Program Files\Soda PDF Desktop\np-previewer.dll [2018-06-04] (LULU Software -> LULU Software) FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-03] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-03] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-30] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-30] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-4198695647-2910091461-4277131257-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-4198695647-2910091461-4277131257-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-4198695647-2910091461-4277131257-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-4198695647-2910091461-4277131257-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\thoma\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin HKU\S-1-5-21-4198695647-2910091461-4277131257-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\thoma\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default [2021-06-27] CHR DownloadDir: D:\download CHR Notifications: Default -> hxxps://web.whatsapp.com; hxxps://www.gympass.com; hxxps://www.pcwelt.de CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA CHR StartupUrls: Default -> "hxxp://www.google.de/" CHR Extension: (Google Übersetzer) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-19] CHR Extension: (Präsentationen) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-19] CHR Extension: (Talend API Tester - Free Edition) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aejoelaoggembcahagimdiliamlcdmfm [2021-06-26] CHR Extension: (Terra Station) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiifbnbfobpmeekipheeijimdpnlpgpp [2021-06-26] CHR Extension: (Docs) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20] CHR Extension: (Google Drive) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22] CHR Extension: (YouTube) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-20] CHR Extension: (KeeForm) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmhcphbkicakelgpchlhccaeljahoima [2021-06-26] CHR Extension: (Avira Password Manager) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-06-26] CHR Extension: (Avira Safe Shopping) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2021-06-26] CHR Extension: (KeePassHttp-Connector) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\dafgdjggglmmknipkhngniifhplpcldb [2020-05-01] CHR Extension: (Tabellen) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-19] CHR Extension: (Binance Chain Wallet) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbohimaelbohpjbbldcngcnapndodjp [2021-06-26] CHR Extension: (I don't care about cookies) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2021-04-22] CHR Extension: (Google Docs Offline) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-27] CHR Extension: (Plus for Trello (time track, reports)) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjjpophepkbhejnglcmkdnncmaanojkf [2021-05-22] CHR Extension: (Video DownloadHelper) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2021-03-05] CHR Extension: (Export for Trello) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhdelomnagopgaealggpgojkhcafhnin [2018-04-02] CHR Extension: (MetaMask) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2021-06-26] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-07] CHR Extension: (Google Mail) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22] CHR Extension: (Chrome Media Router) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-01] CHR Profile: C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-03-12] CHR Profile: C:\Users\thoma\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-12] CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 Adiscon EvntSLog; C:\Program Files (x86)\EventReporter\evntslog.exe [4614792 2018-04-27] (Adiscon GmbH -> Adiscon GmbH, Germany (info@adiscon.com, hxxp://www.adiscon.com)) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\2.00.06\atkexComSvc.exe [411456 2017-09-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.30\aaHMSvc.exe [975832 2017-01-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2016-04-20] (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.09.08\AsusFanControlService.exe [610776 2017-02-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8151120 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [622816 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [370400 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-06-21] (Microsoft Corporation -> Microsoft Corporation) R2 client_service; C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe [444632 2021-02-05] (VMware, Inc. -> VMware, Inc.) S3 CLink4Service; C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe [32976 2017-09-08] (Corsair Components, Inc. -> Corsair Components, Inc.) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [441664 2019-04-16] (Digital Wave Ltd -> Digital Wave Ltd.) S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1113864 2020-05-15] (Bayerisches Landesamt fuer Steuern -> ) S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-07-24] (Mixbyte Inc -> Freemake) R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [283760 2020-09-11] (FabulaTech, LLP -> ) R2 ftscanmgrhv; C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe [301680 2020-09-11] (FabulaTech, LLP -> ) R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [7174568 2021-05-14] (GlassWire -> SecureMix LLC) R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [594216 2018-12-20] (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert] S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-03-11] (Hewlett-Packard Co.) [Datei ist nicht signiert] R2 KiteService; C:\Program Files\Kite\KiteService.exe [140864 2021-06-10] (Manhattan Engineering Incorporated -> Kite) R2 LightingService; C:\Program Files (x86)\LightingService\1.00.29\LightingService.exe [1144792 2017-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [8929608 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-31] (Malwarebytes Inc -> Malwarebytes) R2 MTAgentService; C:\Program Files\MiniTool ShadowMaker\AgentService.exe [783344 2021-01-28] (MiniTool Software Limited -> ) R2 MTSchedulerService; C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe [226800 2021-01-28] (MiniTool Software Limited -> ) R2 PDF24; C:\Program Files\PDF24\pdf24.exe [564928 2021-03-25] (geek software GmbH -> geek software GmbH) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5395360 2021-06-24] (Microsoft Windows Publisher -> Microsoft Corporation) S3 Soda PDF Desktop; C:\Program Files\Soda PDF Desktop\ws.exe [2780400 2018-06-04] (LULU Software -> LULU Software) R2 Soda PDF Desktop Creator; C:\Program Files\Soda PDF Desktop\creator\common\creator-ws.exe [756464 2018-06-04] (LULU Software -> LULU Software) R2 Soda PDF Desktop Update Service; C:\Program Files\Soda PDF Desktop\updater-ws.exe [751344 2018-06-04] (LULU Software -> LULU Software) R2 spacedeskService; C:\WINDOWS\system32\spacedeskService.exe [1091488 2020-09-08] (Datronicsoft, Inc. -> ) S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [183816 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12871464 2021-04-29] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 vmwsprrdpwks; C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [480368 2020-09-22] (FabulaTech, LLP -> VMware) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation) R2 XeroxPrintJobEventManagerService; C:\Program Files\Xerox\XeroxPrintExperience\CommonFiles\XeroxPrintJobEventManagerService.exe [513920 2020-10-30] (Xerox Corporation -> Xerox Corporation) S3 XeroxProdRegManager; C:\Program Files (x86)\Xerox PowerENGAGE\EngageService.exe [293608 2016-09-13] (Aviata Inc -> Aviata, Inc.) S3 XSplit_VCam_Updater; C:\Program Files\XSplit\VCam\XSplit_VCam_Updater.exe [3194032 2021-06-14] (SplitmediaLabs Limited -> XSplit) R2 XSpltVidSvc; C:\Program Files\XSplit\VCam\service\XSpltVidSvc.exe [259248 2021-06-14] (SplitmediaLabs Limited -> SplitmediaLabs Limited) ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 anvsnddrv; C:\WINDOWS\system32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Co., Ltd. -> AnvSoft Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-09-21] (ASUSTeK Computer Inc. -> ) R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] (ASUSTeK Computer Inc. -> ) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35664 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [216360 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365536 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250336 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99296 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17328 2021-05-30] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41296 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [180944 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522864 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107792 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82856 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851144 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [471352 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215336 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-06-03] (Avast Software s.r.o. -> AVAST Software) R2 BlueStacksDrv; C:\Program Files (x86)\BlueStacks\BstkDrv_bgp.sys [315976 2020-04-07] (Bluestack Systems, Inc -> Bluestack System Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert] R3 Ch64USB; C:\WINDOWS\System32\drivers\Ch64USB.sys [150656 2014-10-10] (Microsoft Windows Hardware Compatibility Publisher -> ZF Friedrichshafen AG, Electronic Systems) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [161288 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [140280 2020-06-01] (ADAPP SASU -> Dokan Project) S3 GLCKIO; C:\Program Files (x86)\ASUS\AURA\690b33e1-0462-4e84-9bea-c7552b45432a.sys [14976 2017-10-22] (ASUSTeK Computer Inc. -> ) R1 gwdrv; C:\WINDOWS\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (GlassWire -> SecureMix LLC) R3 HCW85BDA; C:\WINDOWS\system32\drivers\HCW85BDA.sys [2259456 2021-01-18] (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works) R3 hcw85cir; C:\WINDOWS\system32\drivers\hcw85cir4.sys [61264 2019-03-08] (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc.) S3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [85504 2021-01-09] (Huawei Technologies Co., Ltd.) [Datei ist nicht signiert] S3 hwdatacard; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [121600 2021-01-09] (Huawei Technologies Co., Ltd.) [Datei ist nicht signiert] R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [35352 2017-01-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-31] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-26] (Malwarebytes Inc -> Malwarebytes) S3 MbswMailbox; C:\Program Files (x86)\ASUS\AI Suite III\690b33e1-0462-4e84-9bea-c7552b45432a.sys [17208 2017-10-22] (ASUSTeK Computer Inc. -> ) R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [79504 2017-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 PSMounterEx; C:\Windows\system32\drivers\psmounterex.sys [179416 2019-02-15] (Paramount Software UK Ltd -> Windows (R) Win 7 DDK provider) S3 psvolacc; C:\WINDOWS\system32\drivers\psvolacc.sys [34520 2018-12-06] (Paramount Software UK Ltd -> Windows (R) Win 7 DDK provider) R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> ) R3 scaudio; C:\WINDOWS\System32\drivers\scaudio.sys [54792 2020-06-05] (Brandmeister LLC -> ) S3 SCL01164; C:\WINDOWS\system32\DRIVERS\SCL01164.sys [72320 2010-05-07] (Microsoft Windows Hardware Compatibility Publisher -> SCM Microsystems Inc.) R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [133944 2020-01-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd) R3 spacedeskKtmInputMouse; C:\WINDOWS\System32\drivers\spacedeskKtmInputMouse.sys [35240 2020-08-27] (Datronicsoft, Inc. -> ) R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software) R3 splitcam_hd_driver; C:\WINDOWS\System32\drivers\splitcam_hd_driver.sys [38000 2020-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [168968 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [45064 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-12-10] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) R1 ui11rdr; C:\WINDOWS\System32\DRIVERS\ui11rdr.sys [199752 2011-11-21] (1&1 Internet AG -> 1&1 Internet AG) R1 UimBus; C:\WINDOWS\System32\drivers\uimbus.sys [109504 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH) R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uimdevim.sys [46016 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH) R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [831616 2020-10-11] (IDRIX SARL -> IDRIX) R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [60344 2020-11-17] (VMware, Inc. -> VMware, Inc.) R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [67072 2021-04-30] (VMware, Inc. -> VMware, Inc.) R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [105912 2020-08-11] (VMware, Inc. -> VMware, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-27] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-06-27] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-27] (Microsoft Windows -> Microsoft Corporation) R3 XSpltVid; C:\WINDOWS\system32\DRIVERS\XSpltVid.sys [118800 2020-09-16] (Microsoft Windows Hardware Compatibility Publisher -> SplitmediaLabs Limited) S3 ewusbnet; \SystemRoot\System32\drivers\ewusbnet.sys [X] S3 GPU-Z; \??\C:\Users\thoma\AppData\Local\Temp\GPU-Z.sys [X] <==== ACHTUNG ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2021-06-27 23:29 - 2021-06-27 23:29 - 000000000 ____D C:\WINDOWS\Panther 2021-06-27 23:27 - 2021-06-27 23:27 - 000008026 _____ C:\Users\thoma\Desktop\RogueKiller.txt 2021-06-27 23:13 - 2021-06-27 23:24 - 000000000 ____D C:\ProgramData\RogueKiller 2021-06-27 23:13 - 2021-06-27 23:13 - 000001421 _____ C:\Users\thoma\Desktop\MBAM.txt 2021-06-27 23:05 - 2021-06-27 23:05 - 000002024 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-06-27 23:05 - 2021-06-27 23:05 - 000002024 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2021-06-27 22:01 - 2021-06-27 22:01 - 000000000 ____D C:\ProgramData\FLEXnet 2021-06-27 19:13 - 2021-06-27 23:41 - 000000000 ____D C:\FRST 2021-06-27 17:55 - 2021-06-27 17:56 - 000000606 _____ C:\Users\thoma\AppData\Local\cbfsconnect2017-{B0031874-3D4F-4F60-8171-49DE03D3E003}.zip 2021-06-27 17:50 - 2021-06-27 17:50 - 122854203 _____ C:\Users\thoma\AppData\Local\Temp.zip 2021-06-27 02:27 - 2021-06-27 02:28 - 000000159 _____ C:\Users\thoma\Desktop\FeWo1.url 2021-06-26 22:11 - 2021-06-26 22:11 - 000000049 _____ C:\Users\thoma\OneDrive\Documents\.RData 2021-06-26 20:18 - 2021-06-26 20:18 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-06-26 20:10 - 2021-06-26 20:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-06-26 18:47 - 2021-06-27 10:01 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-06-24 11:33 - 2021-06-24 11:33 - 000001259 _____ C:\Users\Public\Desktop\XSplit VCam.lnk 2021-06-24 11:33 - 2021-06-24 11:33 - 000001259 _____ C:\ProgramData\Desktop\XSplit VCam.lnk 2021-06-24 11:33 - 2021-06-24 11:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit 2021-06-24 11:33 - 2021-06-24 11:33 - 000000000 ____D C:\Program Files\XSplit 2021-06-24 09:04 - 2021-06-24 09:04 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll 2021-06-24 09:04 - 2021-06-24 09:04 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-06-24 09:04 - 2021-06-24 09:04 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-06-24 09:04 - 2021-06-24 09:04 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-06-24 09:04 - 2021-06-24 09:04 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2021-06-24 09:04 - 2021-06-24 09:04 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2021-06-24 09:04 - 2021-06-24 09:04 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2021-06-24 09:04 - 2021-06-24 09:04 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2021-06-24 09:04 - 2021-06-24 09:04 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-06-24 09:04 - 2021-06-24 09:04 - 000011333 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-06-24 09:03 - 2021-06-24 09:03 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-06-24 09:03 - 2021-06-24 09:03 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-06-21 07:45 - 2021-06-21 07:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jabra 2021-06-20 16:42 - 2021-06-20 16:48 - 000000000 ____D C:\Users\thoma\AppData\Roaming\MPP-Engineering 2021-06-20 16:41 - 2021-06-20 16:49 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CarPort 2021-06-20 16:41 - 2021-06-20 16:41 - 000000000 ____D C:\Users\thoma\OneDrive\Documents\CarPort 2021-06-20 16:41 - 2021-06-20 16:41 - 000000000 ____D C:\Users\thoma\AppData\Local\MPP-Engineering 2021-06-20 16:40 - 2021-06-20 16:49 - 000000000 ____D C:\Program Files (x86)\CarPort 2021-06-20 16:40 - 2021-06-20 16:40 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Obsidium 2021-06-16 09:53 - 2021-06-24 23:22 - 000011820 _____ C:\Users\thoma\Desktop\Geburt_Patrick_2.xlsx 2021-06-13 23:48 - 2021-06-13 23:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\obs-websocket 2021-06-12 23:41 - 2021-06-26 21:01 - 000000000 ____D C:\Ubuntu_21_04 2021-06-12 22:25 - 2021-06-12 22:26 - 006632332 _____ C:\WINDOWS\Minidump\061221-16718-01.dmp 2021-06-12 22:25 - 2021-06-12 22:26 - 000000000 ____D C:\WINDOWS\Minidump 2021-06-12 22:25 - 2021-06-12 22:25 - 2283833209 _____ C:\WINDOWS\MEMORY.DMP 2021-06-10 08:27 - 2021-06-10 08:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-06-10 08:27 - 2021-06-10 08:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-06-10 08:27 - 2021-06-10 08:27 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll 2021-06-10 08:27 - 2021-06-10 08:27 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll 2021-06-10 08:27 - 2021-06-10 08:27 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2021-06-10 08:27 - 2021-06-10 08:27 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-06-10 08:27 - 2021-06-10 08:27 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2021-06-10 08:27 - 2021-06-10 08:27 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-06-10 08:27 - 2021-06-10 08:27 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2021-06-10 08:27 - 2021-06-10 08:27 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-06-10 08:27 - 2021-06-10 08:27 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-06-04 01:40 - 2021-06-04 22:10 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2021-06-03 18:50 - 2021-06-03 18:50 - 000000000 ____D C:\Users\maxim\AppData\Local\Avast Software 2021-06-03 11:14 - 2021-06-03 11:14 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2021-06-03 11:14 - 2021-06-03 11:14 - 000215336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2021-05-31 08:04 - 2021-05-31 08:05 - 000000000 ____D C:\AdwCleaner 2021-05-31 07:38 - 2021-06-27 23:05 - 000002036 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-05-31 07:38 - 2021-05-31 07:38 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-05-31 07:38 - 2021-05-31 07:38 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-05-31 07:38 - 2021-05-31 07:38 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-05-31 07:38 - 2021-05-31 07:38 - 000000000 ____D C:\Program Files\Malwarebytes 2021-05-30 21:56 - 2021-05-30 21:56 - 000000218 _____ C:\Users\thoma\AppData\Local\recently-used.xbel 2021-05-30 20:25 - 2021-05-30 20:25 - 000001473 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk 2021-05-30 20:24 - 2021-05-30 20:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24 2021-05-30 20:24 - 2021-05-30 20:24 - 000000000 ____D C:\Program Files\PDF24 2021-05-30 20:22 - 2021-05-30 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2021-05-30 20:16 - 2021-05-12 20:07 - 000041816 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys 2021-05-30 20:15 - 2021-05-30 20:15 - 000017328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2021-06-27 23:41 - 2019-09-08 21:06 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Slack 2021-06-27 23:40 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-06-27 23:36 - 2020-09-06 15:23 - 001732926 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-06-27 23:36 - 2019-12-07 16:51 - 000746436 _____ C:\WINDOWS\system32\perfh007.dat 2021-06-27 23:36 - 2019-12-07 16:51 - 000151384 _____ C:\WINDOWS\system32\perfc007.dat 2021-06-27 23:36 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-06-27 23:32 - 2017-10-19 01:39 - 000000000 ____D C:\Users\thoma\AppData\LocalLow\Mozilla 2021-06-27 23:31 - 2020-03-14 19:43 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Jabra Direct 2021-06-27 23:29 - 2020-09-06 15:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-06-27 23:29 - 2020-09-06 15:11 - 000008192 ___SH C:\DumpStack.log.tmp 2021-06-27 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-06-27 23:29 - 2019-11-15 08:09 - 000000000 ____D C:\ProgramData\AVAST Software 2021-06-27 23:29 - 2018-09-09 15:48 - 000002139 _____ C:\Users\thoma\Desktop\Monitor Power OFF.lnk 2021-06-27 23:29 - 2017-10-19 08:21 - 000000000 ____D C:\ProgramData\VMware 2021-06-27 23:29 - 2017-10-19 08:16 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-06-27 23:29 - 2017-10-19 01:48 - 000000000 ____D C:\ProgramData\Hauppauge 2021-06-27 23:29 - 2017-10-19 01:25 - 000000000 __SHD C:\Users\thoma\IntelGraphicsProfiles 2021-06-27 23:29 - 2017-10-19 01:25 - 000000000 ____D C:\Intel 2021-06-27 23:28 - 2019-12-07 11:03 - 001572864 _____ C:\WINDOWS\system32\config\BBI 2021-06-27 23:27 - 2017-10-19 01:38 - 000000000 ____D C:\Users\thoma\AppData\Roaming\KeePass 2021-06-27 23:10 - 2020-04-27 22:07 - 000000000 ____D C:\Users\thoma\AppData\Local\AVAST Software 2021-06-27 23:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-06-27 22:55 - 2021-04-11 17:18 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2021-06-27 22:55 - 2021-04-10 23:53 - 000002970 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 2021-06-27 22:55 - 2021-04-10 23:53 - 000002604 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon 2021-06-27 22:55 - 2021-03-27 20:21 - 000002464 _____ C:\WINDOWS\system32\Tasks\MiniToolPartitionWizard 2021-06-27 22:55 - 2021-03-21 12:14 - 000003314 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{5B4F6576-251A-43E1-A98E-A8FEBC528C28} 2021-06-27 22:55 - 2021-02-20 17:45 - 000003598 _____ C:\WINDOWS\system32\Tasks\Xerox XeroxPrintExperience Printer Configuration - User Logon 2021-06-27 22:55 - 2020-09-06 15:20 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-06-27 22:55 - 2020-09-06 15:20 - 000003558 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-06-27 22:55 - 2020-09-06 15:20 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2021-06-27 22:55 - 2020-09-06 15:20 - 000003468 _____ C:\WINDOWS\system32\Tasks\Xerox XeroxPrintExperience Printer Configuration - New or Changed 2021-06-27 22:55 - 2020-09-06 15:20 - 000003404 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-06-27 22:55 - 2020-09-06 15:20 - 000003334 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-06-27 22:55 - 2020-09-06 15:20 - 000003270 _____ C:\WINDOWS\system32\Tasks\Xerox XeroxPrintExperience Printer Configuration - Periodic Refresh 2021-06-27 22:55 - 2020-09-06 15:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2021-06-27 22:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-06-27 22:35 - 2019-12-04 01:06 - 000000000 ____D C:\Users\thoma\AppData\Roaming\IObit 2021-06-27 22:33 - 2020-09-06 15:11 - 000803320 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-06-27 22:02 - 2017-10-19 01:37 - 000000000 ____D C:\Users\thoma\AppData\Local\Adobe 2021-06-27 22:02 - 2017-10-19 01:37 - 000000000 ____D C:\Program Files (x86)\Adobe 2021-06-27 22:02 - 2017-10-19 01:36 - 000000000 ____D C:\ProgramData\Adobe 2021-06-27 21:59 - 2017-10-19 01:34 - 000000000 ____D C:\ProgramData\Package Cache 2021-06-27 21:57 - 2019-04-22 23:08 - 000000000 ____D C:\Users\thoma\AppData\Local\BraveSoftware 2021-06-27 21:57 - 2019-04-22 23:08 - 000000000 ____D C:\Program Files (x86)\BraveSoftware 2021-06-27 21:56 - 2017-10-19 08:13 - 000000000 ____D C:\Program Files (x86)\Audacity 2021-06-27 20:53 - 2019-12-07 16:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2021-06-27 20:52 - 2017-10-19 08:26 - 000000000 ____D C:\Users\thoma\AppData\Roaming\VMware 2021-06-27 20:29 - 2017-10-19 07:42 - 000000000 ____D C:\Program Files (x86)\Canon 2021-06-27 20:28 - 2017-10-22 16:12 - 000000000 ____D C:\Users\thoma\AppData\Local\Packages 2021-06-27 20:28 - 2017-10-20 21:36 - 000000000 ____D C:\Users\sandr\AppData\Roaming\Canon 2021-06-27 20:28 - 2017-10-19 07:52 - 000000000 ___HD C:\ProgramData\CanonIJScan 2021-06-27 20:25 - 2021-02-10 23:05 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Kite 2021-06-27 20:21 - 2020-09-06 15:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-06-27 19:59 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-06-27 19:30 - 2018-04-30 21:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-06-27 19:20 - 2019-04-12 21:10 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2021-06-27 19:19 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2021-06-27 19:07 - 2020-09-06 11:11 - 000000000 ____D C:\Users\thoma\AppData\Local\KeeForm 2021-06-27 18:47 - 2020-03-14 19:43 - 000000000 ____D C:\Users\thoma\AppData\Roaming\JabraSDK 2021-06-27 10:01 - 2017-10-19 01:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-06-26 23:25 - 2017-10-20 06:15 - 000000000 ____D C:\Users\thoma\AppData\Local\CrashDumps 2021-06-26 23:12 - 2020-02-16 16:09 - 000000000 ____D C:\Users\thoma\Desktop\ADS 2021-06-26 22:26 - 2021-04-24 01:55 - 000000000 ____D C:\Users\thoma\AppData\Local\RStudio 2021-06-26 22:26 - 2020-02-22 00:21 - 000000000 ____D C:\Users\thoma\AppData\Roaming\RStudio 2021-06-26 22:22 - 2020-02-22 00:21 - 000019443 _____ C:\Users\thoma\OneDrive\Documents\.Rhistory 2021-06-26 21:01 - 2017-10-19 08:26 - 000000000 ____D C:\Users\thoma\AppData\Local\VMware 2021-06-26 20:10 - 2017-10-19 01:39 - 000001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-06-26 18:50 - 2020-06-23 07:43 - 000002399 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-06-26 18:50 - 2017-10-19 01:41 - 000002256 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-06-24 11:34 - 2018-05-05 14:07 - 000000000 ____D C:\Users\thoma\AppData\Local\D3DSCache 2021-06-24 11:33 - 2021-05-16 20:45 - 000000000 ____D C:\ProgramData\XSplit 2021-06-24 11:33 - 2021-01-09 23:18 - 000000000 ____D C:\ProgramData\SplitmediaLabs 2021-06-24 11:29 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-06-24 08:55 - 2019-12-04 01:06 - 000000000 ____D C:\ProgramData\ProductData 2021-06-21 07:48 - 2017-10-19 23:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2021-06-21 07:45 - 2020-03-14 19:43 - 000000000 ____D C:\Program Files (x86)\Jabra 2021-06-20 16:41 - 2017-10-20 22:42 - 000000000 ____D C:\Program Files\DIFX 2021-06-17 23:36 - 2019-02-05 12:34 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Sqrl 2021-06-16 08:07 - 2021-02-10 23:04 - 000000000 ____D C:\Program Files\Kite 2021-06-16 08:07 - 2020-12-20 16:43 - 000001132 _____ C:\Users\thoma\Desktop\MicroSIP.lnk 2021-06-16 08:07 - 2020-12-20 16:43 - 000000000 ____D C:\Users\thoma\AppData\Local\MicroSIP 2021-06-14 15:12 - 2017-10-19 08:15 - 000000000 ____D C:\Users\thoma\AppData\Roaming\vlc 2021-06-14 15:04 - 2020-09-14 00:02 - 000000000 ____D C:\Users\thoma\AppData\Roaming\obs-studio 2021-06-14 00:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-06-13 23:48 - 2020-09-14 00:02 - 000000000 ____D C:\Program Files\obs-studio 2021-06-12 23:47 - 2021-01-02 23:56 - 000000000 ____D C:\Ubuntu_20_10 2021-06-12 22:26 - 2020-09-06 13:52 - 000000000 ____D C:\Users\thoma 2021-06-11 13:01 - 2021-02-17 21:21 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-06-10 08:20 - 2017-10-19 22:07 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-06-10 08:12 - 2017-10-19 22:06 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-06-09 16:10 - 2017-10-19 01:37 - 000002099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-06-06 16:38 - 2019-10-04 00:31 - 000000000 ____D C:\ProgramData\CanonIJPLM 2021-06-06 15:44 - 2021-02-18 23:17 - 000002206 _____ C:\Users\thoma\Desktop\Slack.lnk 2021-06-06 15:44 - 2021-02-18 23:17 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc 2021-06-06 15:44 - 2021-02-18 23:17 - 000000000 ____D C:\Users\thoma\AppData\Local\slack 2021-06-06 15:44 - 2017-10-19 08:12 - 000000000 ____D C:\Users\thoma\AppData\Local\SquirrelTemp 2021-06-04 22:11 - 2017-10-19 01:40 - 000001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2021-06-03 18:50 - 2020-04-30 07:10 - 000000000 ____D C:\Users\sandr\AppData\Local\AVAST Software 2021-06-03 11:16 - 2019-02-01 00:09 - 000000000 ____D C:\ProgramData\Mozilla 2021-06-03 11:14 - 2020-10-26 21:56 - 000180944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2021-06-03 11:14 - 2020-09-06 15:20 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2021-06-03 11:14 - 2020-04-20 20:52 - 000522864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys 2021-06-03 11:14 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-06-03 11:14 - 2019-11-15 08:10 - 000851144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2021-06-03 11:14 - 2019-11-15 08:10 - 000471352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2021-06-03 11:14 - 2019-11-15 08:10 - 000365536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys 2021-06-03 11:14 - 2019-11-15 08:10 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2021-06-03 11:14 - 2019-11-15 08:10 - 000250336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys 2021-06-03 11:14 - 2019-11-15 08:10 - 000216360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2021-06-03 11:14 - 2019-11-15 08:10 - 000107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2021-06-03 11:14 - 2019-11-15 08:10 - 000099296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys 2021-06-03 11:14 - 2019-11-15 08:10 - 000082856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2021-06-03 11:14 - 2019-11-15 08:10 - 000041296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2021-06-03 11:14 - 2019-11-15 08:10 - 000035664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys 2021-06-03 11:14 - 2017-12-25 23:33 - 000351544 _____ C:\WINDOWS\Macrium Reflect Patch Log.txt 2021-05-31 08:03 - 2021-01-04 00:27 - 000000000 ____D C:\Users\thoma\Desktop\Programme 2021-05-31 07:32 - 2019-11-09 23:01 - 000000000 ____D C:\Users\thoma\AppData\Local\Opera Software 2021-05-30 21:56 - 2019-03-02 00:25 - 000000000 ____D C:\Users\thoma\.dbus-keyrings 2021-05-30 20:25 - 2017-10-19 01:25 - 000000000 ____D C:\Program Files (x86)\Intel 2021-05-30 20:22 - 2018-09-04 21:15 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk 2021-05-30 20:16 - 2019-09-15 01:23 - 000002166 _____ C:\Users\thoma\Desktop\DeepL.lnk 2021-05-30 20:16 - 2019-09-15 01:23 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeepL GmbH 2021-05-30 20:16 - 2019-09-15 01:23 - 000000000 ____D C:\Users\thoma\AppData\Local\DeepL ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2020-10-04 17:19 - 2020-10-04 17:19 - 000000000 _____ () C:\Users\thoma\.mongorc.js 2020-11-27 09:35 - 2020-11-18 15:04 - 114459920 _____ (Microsoft Corporation) C:\Program Files\Teams_windows_x64.exe 2018-10-21 00:46 - 2017-10-25 03:31 - 007438336 _____ () C:\Program Files (x86)\WinAuth.exe 2018-02-10 21:14 - 2018-02-10 21:14 - 000000171 _____ () C:\Users\thoma\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f 2018-02-10 21:14 - 2018-10-14 18:06 - 000000904 _____ () C:\Users\thoma\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf 2019-12-04 08:33 - 2019-12-04 08:33 - 000000171 _____ () C:\Users\thoma\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0 2018-02-10 21:14 - 2018-02-10 21:14 - 000000175 _____ () C:\Users\thoma\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388 2017-10-19 08:13 - 2017-12-10 16:12 - 000000883 _____ () C:\Users\thoma\AppData\Roaming\gnuplot_history 2021-01-09 22:59 - 2021-01-13 19:59 - 000000016 _____ () C:\Users\thoma\AppData\Roaming\obs-virtualcam.txt 2018-07-22 15:03 - 2021-02-06 17:56 - 000000128 _____ () C:\Users\thoma\AppData\Roaming\winscp.rnd 2021-06-27 17:55 - 2021-06-27 17:56 - 000000606 _____ () C:\Users\thoma\AppData\Local\cbfsconnect2017-{B0031874-3D4F-4F60-8171-49DE03D3E003}.zip 2019-05-16 06:28 - 2020-09-26 09:37 - 000009728 _____ () C:\Users\thoma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2018-07-01 16:15 - 2018-07-01 16:15 - 000000600 _____ () C:\Users\thoma\AppData\Local\PUTTY.RND 2021-05-30 21:56 - 2021-05-30 21:56 - 000000218 _____ () C:\Users\thoma\AppData\Local\recently-used.xbel 2021-04-09 19:33 - 2021-04-09 19:33 - 000007609 _____ () C:\Users\thoma\AppData\Local\Resmon.ResmonCfg 2019-11-09 22:48 - 2019-11-09 22:48 - 000000000 _____ () C:\Users\thoma\AppData\Local\TaskMan.cmd.done 2019-11-09 22:48 - 2019-11-09 22:48 - 000000105 _____ () C:\Users\thoma\AppData\Local\TaskMan.cmd.errors 2021-06-27 17:50 - 2021-06-27 17:50 - 122854203 _____ () C:\Users\thoma\AppData\Local\Temp.zip ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
Themen zu Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt |
appdata, bytes, canon, datei, einloggen, exe, fenster, folge, folgende, login, malwarebytes, melde, meldet, microsoft, programm, roaming, start, startup, temp, troyaner, umgeleitet, virus, virustotal, windows, zahlen, öffnet |