Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Ransomeware eingefangen? + A Disk read error occured.

Ransomeware eingefangen? + A Disk read error occured.


Log-Analyse und Auswertung: Ransomeware eingefangen? + A Disk read error occured.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Thema geschlossen
Seite 1 von 2 1 2
Alt 25.07.2021, 11:16   #1
Polydoros
 
Ransomeware eingefangen? + A Disk read error occured. - Standard

Ransomeware eingefangen? + A Disk read error occured.


Hallo liebes Trojaner-Board,

ich hab wahrscheinlich großen Bockmist gebaut und mir nicht früh genug Hilfe bei euch gesucht. Es handelt sich um meinen privaten Rechner.

Am 21.6. wollte ich eine Software installieren, hab diese im Internet gesucht und scheinbar eine korrumpierte Datei erwischt.
Als ich die Datei ausführte passierte grafisch auf dem PC gar nichts, jedoch ging der PC in den vollen Leistungsmodus und CPU/RAM sprangen sofort auf 100 % (nur Windows + Internet lief).
Das Spiel schaute ich mir 30s lang an (es ging kein Fenster auf von der Installation die ich erwartete) und trennte den PC sofort vom Strom.

Nach dem Restart meldete sich sofort der Windows Defender, ich googelte die Fehlermeldungen und sah dort das es wohlbekannte Ransomware war.
Der Defender selbst konnte die Bedrohung auch nicht in Quarantäne verschieben.
Ich griff also zu Malwarebytes und auch dieser fand die Bedrohung und konnte Sie entfernen. Außerdem fand er noch komische Dateien in meinem Dokumente Ordner, diese löschte ich manuell.
Im Anschluss kontrollierte ich noch die Programme und Features Liste, sortiert nach Installationsdatum und fand dort zwei Programme, die ich nicht aktiv installiert habe + einen Falscheintrag? von dem Programm, was ich eigentlich installieren wollte.
Ich deinstallierte alles und dachte, das Problem sei erst mal behoben, Malwarebytes war auch friedlich und erkannte bei einem Rescan keine Fehler mehr.

Dann kamen privat Probleme dazu und zusätzlich ein paar wilde Wochen, in denen ich merkte, das mein PC grundsätzlich lauter lief als üblich, Lüfter habe ich direkt gereinigt, die Lautstärke blieb.
Außerdem bemerkte ich Lags, wo vorher keine waren, egal ob im Internet oder im Spiel, mein Rechner fühlte sich nicht gesund an, ich hatte keine gar keine Zeit, mich auch noch um das Problem zu kümmern.

Gestern Abend habe ich dann mal Zeit gefunden, bin nach langer Zeit hier im Forum ein bisschen rumgesurft und habe mir gedacht:
Komm jag noch mal Malwarebytes drüber, dein PC lief vor 4 Wochen einfach besser als jetzt.
Also habe ich Malwarebytes über Nacht laufen lassen und zusätzlich mit der Anleitung hier im Forum FRST Logs angelegt.

Heute Morgen hat Malwarebytes dann die 5 Bedrohungen gefunden und ich habe diesen Log zum Glück gespeichert.
Anschließend die Bedrohungen in Quarantäne schieben lassen und den Rechner wie gewünscht neu gestartet.
Zack "A Disk read error occured" - Fehler.

Daraufhin habe ich meine alte Möhre von Laptop rausgeholt und versucht, meinen PC wieder zu retten - mit vorläufigem Erfolg -
Rechner ist wieder an, aber ich traue dem Braten überhaupt nicht und wäre sehr froh, wenn wir meinen Rechner einmal begutachten und ggf. zu seiner "alten" Leistung bringen.

Zeitlicher Ablauf seit gestern:
25.07. ~0:00Uhr
- FRST Logs angelegt gemäß der Anleitung im Forum.
- Malwarebytes einen Scan von Festplatte C: & D: machen lassen. (C = Windows, D= Partition der selben körperlichen Festplatte)
- Scan über Nacht laufen lassen, Malwarebytes findet 5 Bedrohungen

25.07. ~9:00Uhr
- Malwarebytes Log gesichert (Danke ans Forum) und die Bedrohungen in Quarantäne geschoben.
- Malywarebytes möchte PC neustarten, darf es auch.
-Fehlermeldung:
A Disk read error occured.
Press CTRL + ALT + DEL to restart

Durchgeführte Aktionen:
1. Windows Media Creation Tool verwendet um Windows 10 Installationsdatei auf einem USB Stick zu installieren
2. Installation gestartet und über Eingabeaufforderung die Befehle
bootrec /fixmbr
bootrec /fixboot
eingegeben, beim ersten Mal ohne Fehler.
3. PC normal gestartet, selbe Fehlermeldung.
4. Schritt 2 nochmal wieder holt, jetzt kam bei /fixboot die Meldung Zugriff verweigert.
5. Rechner neugestartet, Eingabeaufforderung chkdsk c:/r durchlaufen lassen.
6. Rechner startet wieder, Windows lädt und "funktioniert". (25.07 ~11:00Uhr)
Info: auf einen weiteren Malwarebytes Scan hab ich verzichtet, da müssen die Profis vom TB dran, ich mache hier nur kaputt

LOGS:
VOR CRASH:
Malwarebytes vor Crash
Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 24.07.21
Scan-Zeit: 23:47
Protokolldatei: c896823a-ecc8-11eb-8cfd-94de802d2ecb.json

-Softwaredaten-
Version: 4.4.0.117
Komponentenversion: 1.0.1344
Version des Aktualisierungspakets: 1.0.43488
Lizenz: Kostenlos

-Systemdaten-
Betriebssystem: Windows 10 (Build 19043.1052)
CPU: x64
Dateisystem: NTFS
Benutzer: Home-PC\user

-Scan-Übersicht-
Scan-Typ: Benutzerdefinierter Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 841115
Erkannte Bedrohungen: 5
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 6 Std., 53 Min., 34 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 1
Spyware.PasswordStealer, HKU\S-1-5-21-2579833569-30274321-2403803918-1000\SOFTWARE\ffdroider, Keine Aktion durch Benutzer, 554, 954910, 1.0.43488, , ame, , , 

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 1
Legit.MisusedLegit.E, C:\PROGRAMDATA\48, Keine Aktion durch Benutzer, 3833, 955226, 1.0.43488, , ame, , , 

Datei: 3
Rootkit.Agent, C:\WINDOWS\System32\drivers\d61WW2cl0.sys, Keine Aktion durch Benutzer, 510, 954997, 0.0.0, , ame, , CCAB60F7E008939FE05E10275F73EEF3, C0CF73B4842071DAC991A051FA2FB247E4A1F3FF039DD48ADED8ED9B65ACC73E
Legit.MisusedLegit.E, C:\PROGRAMDATA\48\SQLITE3.DLL, Keine Aktion durch Benutzer, 3833, 955226, 1.0.43488, , ame, , E477A96C8F2B18D6B5C27BDE49C990BF, 16574F51785B0E2FC29C2C61477EB47BB39F714829999511DC8952B43AB17660
Trojan.MalPack, C:\USERS\USER\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCACHE\IE\IMSC0FSH\FILE2[1].EXE, Keine Aktion durch Benutzer, 541, 952446, 1.0.43488, 99554C3B7EF3AC555B54C00F, dds, 01347619, 07F31E7B55AA8356C2094436C4F59502, 50762D9A72DB84AC08DA5B2B4AB3E62B3D581697C087F6C8991AE83C951F6F96

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)
FRST vor Crash
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 19-07-2021 01
durchgeführt von user (Administrator) auf HOME-PC (25-07-2021 00:34:19)
Gestartet von D:\Benutzer\user\Downloads
Geladene Profile: user
Platform: Windows 10 Home Version 21H1 19043.1052 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

() [Datei ist nicht signiert] D:\Program Files (x86)\RocketDock\RocketDock.exe
() [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
(CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Discord Inc. -> Discord Inc.) C:\Users\user\AppData\Local\Discord\app-1.0.9002\Discord.exe <6>
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Electronic Arts, Inc. -> Electronic Arts) D:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [Datei ist nicht signiert] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Ludicrous Speed LLC -> jah@raider.io) D:\Program Files\RaiderIO\RaiderIO.exe <5>
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2105.19601.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\NVDisplay.Container.exe <2>
(pdfforge GmbH -> © pdfforge GmbH.) C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Run: [TSMApplication] => D:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2021-06-29] () [Datei ist nicht signiert]
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Run: [RocketDock] => D:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () [Datei ist nicht signiert]
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Run: [Discord] => C:\Users\user\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Run: [RaiderIO] => D:\Program Files\RaiderIO\RaiderIO.exe [131130784 2021-07-12] (Ludicrous Speed LLC -> jah@raider.io)
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Run: [4K Stogram] => E:\Program Files\4KDownload\4kstogram\4kstogram.exe [35037288 2021-06-21] (Open Media LLC -> Open Media LLC) [Datei ist nicht signiert]
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Run: [mfbot] => D:\Benutzer\user\Desktop\V Server Daten\sf_bot\MFBot.exe [30963200 2020-10-31] (mfbot.de) [Datei ist nicht signiert]
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\MountPoints2: {127c30e0-7213-11eb-839d-94de802d2ecb} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\MountPoints2: {5467c86e-ddb0-11eb-83b3-94de802d2ecb} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\MountPoints2: {9d7a4a31-eabc-11ea-8384-94de802d2ecb} - "H:\HiSuiteDownLoader.exe" 
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116224 2017-07-14] (pdfforge GmbH) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.164\Installer\chrmstp.exe [2021-07-20] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2021-04-08]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy\User: Beschränkung ? <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {09330061-6634-495C-991E-B25E91CFA719} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {09E0422A-8536-4C07-8886-1EE3745133ED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0DC5C887-E37A-4EC9-B475-8CAD4A852DCD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {0FCA54E6-F449-4C8A-8D0A-DDA13CDE6B37} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1511D088-A694-480D-B763-AA0449D958DB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {19BC29F4-0193-4EDF-9415-EE1F36359E77} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {19BDD71D-F623-4DCA-B384-E3B18459EC7E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {2D63ADD2-5469-4E7C-849C-ED563EE9837D} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => D:\Programme (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe
Task: {2F45C8AD-72E2-4DA5-826D-9C1B8FFC2358} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {378D1815-5E71-4704-8B06-1DDC2C746773} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {4038B3D9-1A43-4A4B-B409-70CAF1D25FEA} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {47EB6065-ED67-4DEB-893D-EB2DB973A647} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4BCFD516-6394-4F22-AEA1-791B167435D3} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5AB5DD3B-53D8-4FE0-B86B-36CF2E9EE073} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {6790EDDA-7DC6-41B9-BC07-3412A1895E33} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {738090EC-26F5-4064-9A82-45041BFE9127} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {73A5A3D2-E097-4FF0-87EC-2477998EFB11} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {78D1C236-CB61-4EF3-8482-4E355F4F08C4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7EE4E874-EBCE-4DF6-99FE-C980E4729AE8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208216 2021-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {81AC556B-0896-4D9E-AFBA-4D9BEDA0DCD1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {929D223C-5FF7-4321-B6D1-ED3088284C6C} - \Microsoft\Windows\Setup\EOSNotify -> Keine Datei <==== ACHTUNG
Task: {95C8EF2E-423B-4BE9-A5A2-40AA9FDB12CA} - \Microsoft\Windows\Setup\EOSNotify2 -> Keine Datei <==== ACHTUNG
Task: {9F610F07-9D0C-4A4E-89AF-1D86D27B5888} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9F919A76-5D57-472B-98E0-36EAA84EA535} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1A1FF90-9748-4B69-A30F-269C9C7FB099} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1C2A07E-C757-4A4A-8AA7-62CBA9590E7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {A254AA92-ACAF-4CDC-9BD0-E50C409D6132} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563208 2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2A196D6-DA80-4148-8A0E-0A7C56F28A84} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {A5ACBDF0-DB03-4B80-8254-3D59744A1400} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A65167F7-58EA-4537-B651-3552D3069B8E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A7EB71A7-8D30-4934-BF15-60940D310FC0} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B0E3FD1D-7453-4AA7-9BEA-8404498C3AC6} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B6725EA9-582B-4E20-9272-001291F5A853} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563208 2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {B82857BC-BC10-4363-A80B-EEB84379A517} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BC08E8DA-566D-4F31-9EA4-2205791973AD} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {C0A35703-385D-4844-BCAF-C5B5698B22DD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C7C03417-EB80-4EAC-A602-2805D534A0C0} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CE8BD891-1689-4B21-847B-748DD541777E} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D1399B06-7930-4304-8AC4-0E3C2D509636} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-07-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {D6884AAB-ECA3-4371-918A-D8467E913624} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DD8E96C5-E385-4AC7-A9B0-107980976525} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DEFF90BC-FB73-4B2A-A2E8-C2A11A5DB9E4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512736 2021-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {E78D2438-592A-4549-A053-281971115CCA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {EF57CEB2-854F-40E2-8474-A8759D5A855A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {F097A801-A729-4447-8AC1-E2F944F363FA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208216 2021-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F381F6C4-7BE6-4287-9C23-BD7EF5E1CF1A} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F5268221-48AB-456B-B9FC-DEE158C9523C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512736 2021-07-17] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F65D90C0-CE55-4802-A363-66C369DD5169}: [DhcpNameServer] 192.168.178.1

Edge: 
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-22]

FireFox:
========
FF DefaultProfile: d8idc29k.default
FF ProfilePath: C:\Users\user\AppData\Roaming\TomTom\HOME\Profiles\8mwhvg18.default [2017-09-10]
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default [2021-07-25]
FF Session Restore: Mozilla\Firefox\Profiles\d8idc29k.default -> ist aktiviert.
FF Notifications: Mozilla\Firefox\Profiles\d8idc29k.default -> hxxps://www.instagram.com; hxxps://web.whatsapp.com; hxxps://de.xhamsterlive.com; hxxps://top.gg
FF Extension: (Facebook Container) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default\Extensions\@contain-facebook.xpi [2021-05-07]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2021-07-09]
FF Extension: (Patreon Helper) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default\Extensions\{2af3d10e-9f62-46cc-9840-9391564da4f6}.xpi [2021-06-02]
FF Extension: (Download All Images) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default\Extensions\{32af1358-428a-446d-873e-5f8eb5f2a72e}.xpi [2021-07-05]
FF Extension: (MediaPlayer - Video and Audio Player) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default\Extensions\{9051e1b5-f28b-48d2-af1c-b1cbd8a3d0e0}.xpi [2021-05-22]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-05-19]
FF Extension: (Unpaywall) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default\Extensions\{f209234a-76f0-4735-9920-eb62507a54cd}.xpi [2021-07-15]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2021-07-23]
CHR StartupUrls: Default -> "hxxp://sc2.searchpo.com/searcher/bingsearch"
CHR DefaultSearchURL: Default -> hxxp://sc1.searchpo.com/search/{searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Extension: (Präsentationen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-22]
CHR Extension: (MEGA) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2021-07-22]
CHR Extension: (Chrome IG Story) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojgejgifofondahckoaahkilneffhmf [2019-02-15]
CHR Extension: (IG Downloader) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpgaheeihidjmolbakklolchdplenjai [2021-07-22]
CHR Extension: (Tabellen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-22]
CHR Extension: (Google Docs Offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-22]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-07-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-10]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-22]
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-03-19]
CHR Extension: (Google Präsentationen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-28]
CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-28]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-28]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-28]
CHR Extension: (Google Tabellen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-28]
CHR Extension: (Google Docs Offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-28]
CHR Extension: (Avast Online Security) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-11-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-28]
CHR Extension: (Google Mail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-28]
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\System Profile [2017-03-19]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [122728 2017-09-04] (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5745672 2018-05-08] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9482696 2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-14] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2021-06-10] (Dropbox, Inc -> Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [392168 2016-08-31] (Digital Wave Ltd -> Digital Wave Ltd.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-11-29] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [610464 2018-01-18] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-05-06] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2019-05-06] (GOG Sp. z o.o. -> GOG.com)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-08-17] (Huawei Technologies Co., Ltd. -> )
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-08-18] (Logitech Inc -> Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-30] (Malwarebytes Inc -> Malwarebytes)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-06-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; D:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-06-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (pdfforge GmbH -> © pdfforge GmbH.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe [493792 2017-11-07] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [120096 2017-11-08] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [57360 2020-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ACHTUNG (kein ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ACHTUNG (kein ServiceDLL)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ampa; C:\Windows\system32\ampa.sys [38320 2016-12-26] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-12-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-12-14] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-08-18] (Logitech Inc -> Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-07-05] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-30] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-22] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl6aadbb34; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{716E3692-E2ED-4FAE-AF21-F5AF0540FA8E}\MpKslDrv.sys [107752 2021-07-23] (Microsoft Windows -> Microsoft Corporation)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2020-01-07] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-07-10] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425192 2021-07-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-10] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-07-25 00:33 - 2021-07-25 00:36 - 000000000 ____D C:\FRST
2021-07-24 23:47 - 2021-07-24 23:55 - 000000000 ____D C:\Users\user\AppData\LocalLow\IGDump
2021-07-23 18:18 - 2021-07-23 18:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-07-22 20:35 - 2021-07-22 20:35 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-07-17 09:32 - 2021-07-17 09:32 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-07-16 18:51 - 2021-07-16 18:51 - 000003630 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-16 18:51 - 2021-07-16 18:51 - 000003506 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-10 18:30 - 2021-07-10 18:30 - 000000000 ____D C:\Users\user\.m2
2021-07-10 18:30 - 2021-07-10 18:30 - 000000000 ____D C:\Users\user\.lemminx
2021-07-10 18:26 - 2021-07-10 18:26 - 000000000 ____D C:\Users\user\AppData\Local\Eclipse
2021-07-10 18:09 - 2021-07-10 18:09 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eclipse
2021-07-10 18:03 - 2021-07-10 18:39 - 000000000 ____D C:\Users\user\.p2
2021-07-10 18:03 - 2021-07-10 18:26 - 000000000 ____D C:\Users\user\.eclipse
2021-07-05 18:45 - 2021-07-05 18:45 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-07-05 18:44 - 2021-07-05 18:44 - 019136512 ____N C:\WINDOWS\system32\config\SYSTEM
2021-06-30 18:38 - 2021-06-30 18:38 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-06-30 18:37 - 2021-06-21 10:43 - 000037664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-06-30 18:36 - 2021-06-22 03:25 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-06-30 18:36 - 2021-06-22 03:25 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-06-30 18:36 - 2021-06-22 03:25 - 001474336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-06-30 18:36 - 2021-06-22 03:25 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-06-30 18:36 - 2021-06-22 03:25 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-06-30 18:36 - 2021-06-22 03:25 - 001212192 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-06-30 18:36 - 2021-06-22 03:25 - 001097832 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-06-30 18:36 - 2021-06-22 03:25 - 001097832 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-06-30 18:36 - 2021-06-22 03:25 - 000951912 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-06-30 18:36 - 2021-06-22 03:25 - 000951912 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-06-30 18:36 - 2021-06-22 03:21 - 001519384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-06-30 18:36 - 2021-06-22 03:21 - 001170224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-06-30 18:36 - 2021-06-22 03:21 - 000715568 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-06-30 18:36 - 2021-06-22 03:21 - 000675088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-06-30 18:36 - 2021-06-22 03:21 - 000641328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-06-30 18:36 - 2021-06-22 03:21 - 000575792 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-06-30 18:36 - 2021-06-22 03:21 - 000563992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-06-30 18:36 - 2021-06-22 03:20 - 002111264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-06-30 18:36 - 2021-06-22 03:20 - 001594656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-06-30 18:36 - 2021-06-22 03:20 - 000917280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-06-30 18:36 - 2021-06-22 03:20 - 000704792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-06-30 18:36 - 2021-06-22 03:19 - 008852760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-06-30 18:36 - 2021-06-22 03:19 - 007918872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-06-30 18:36 - 2021-06-22 03:19 - 004986648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-06-30 18:36 - 2021-06-22 03:19 - 002924304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-06-30 18:36 - 2021-06-22 03:19 - 000446744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-06-30 18:36 - 2021-06-22 03:18 - 000848672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-06-30 18:36 - 2021-06-22 03:17 - 006215312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-06-30 18:36 - 2021-06-21 10:43 - 000082968 _____ C:\WINDOWS\system32\nvinfo.pb
2021-06-25 18:19 - 2021-07-23 18:18 - 000000250 _____ C:\WINDOWS\wininit.ini

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-07-25 00:38 - 2019-08-29 21:19 - 000000000 ____D C:\Users\user\AppData\Roaming\RaiderIO
2021-07-25 00:36 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-25 00:29 - 2017-06-15 21:22 - 000000000 ____D C:\Users\user\AppData\Roaming\discord
2021-07-25 00:28 - 2017-06-15 21:22 - 000000000 ____D C:\Users\user\AppData\Local\Discord
2021-07-24 23:57 - 2016-11-27 14:51 - 000000000 ____D C:\Program Files (x86)\Google
2021-07-24 20:30 - 2020-06-19 16:48 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-24 20:30 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-24 20:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-24 19:48 - 2018-12-24 12:05 - 000000000 ____D C:\Users\user\AppData\Local\Spotify
2021-07-24 19:48 - 2017-04-28 17:30 - 000000000 ____D C:\Users\user\AppData\Local\Battle.net
2021-07-24 17:29 - 2020-11-08 12:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-24 16:12 - 2018-12-24 12:05 - 000000000 ____D C:\Users\user\AppData\Roaming\Spotify
2021-07-24 16:07 - 2017-01-08 18:23 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2021-07-24 10:11 - 2019-04-18 17:39 - 000000000 ____D C:\ProgramData\Mozilla
2021-07-24 10:10 - 2017-09-27 06:27 - 000000000 ____D C:\Users\user\AppData\LocalLow\Mozilla
2021-07-24 02:37 - 2016-11-26 18:33 - 000000000 ____D C:\ProgramData\NVIDIA
2021-07-23 18:18 - 2017-11-02 02:32 - 000000943 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-07-22 16:00 - 2017-03-19 11:24 - 000000000 ____D C:\Users\user\AppData\Local\Packages
2021-07-21 23:00 - 2016-11-27 16:35 - 000000000 ____D C:\Users\user\AppData\Roaming\KeePass
2021-07-21 18:17 - 2016-11-27 16:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-07-21 00:00 - 2016-11-26 18:20 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-07-20 22:53 - 2021-06-21 18:04 - 006708624 _____ C:\WINDOWS\system32\Drivers\d61WW2cl0.sys
2021-07-17 09:32 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-07-17 09:31 - 2019-12-31 12:53 - 000000000 ____D C:\Program Files\Microsoft Office
2021-07-11 23:12 - 2017-11-30 09:19 - 000000000 ____D C:\Users\user\AppData\Roaming\obs-studio
2021-07-11 21:33 - 2020-03-14 15:52 - 000000000 ____D C:\Users\user\AppData\Roaming\vlc
2021-07-11 10:18 - 2016-12-05 16:17 - 000000000 ____D C:\Users\user\AppData\Local\Microsoft Help
2021-07-10 18:26 - 2018-04-29 14:43 - 000000000 ____D C:\Users\user\.cache
2021-07-10 15:04 - 2020-07-04 02:28 - 000010752 _____ C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-07-10 09:36 - 2019-12-30 21:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-07-05 18:52 - 2020-11-08 12:33 - 001886424 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-05 18:52 - 2019-12-07 16:50 - 000785596 _____ C:\WINDOWS\system32\perfh007.dat
2021-07-05 18:52 - 2019-12-07 16:50 - 000167710 _____ C:\WINDOWS\system32\perfc007.dat
2021-07-05 18:52 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-07-05 18:45 - 2020-11-08 12:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-05 18:45 - 2020-11-08 12:22 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-05 18:45 - 2017-11-13 21:20 - 000000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2021-07-05 18:45 - 2017-11-13 21:20 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2021-07-05 18:44 - 2021-06-21 18:06 - 019398656 _____ C:\WINDOWS\system32\C_32770.NLS
2021-07-05 18:44 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-06-30 18:42 - 2017-11-06 13:21 - 000000000 ____D C:\Users\user\AppData\Local\NVIDIA
2021-06-30 18:24 - 2021-06-22 07:13 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-06-30 18:24 - 2021-06-22 07:13 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b5b9e570dbf8
2021-06-29 19:31 - 2016-11-28 16:30 - 000000000 ____D C:\ProgramData\Origin

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2021-06-21 18:04 - 2021-06-21 18:04 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll
2018-01-15 13:50 - 2018-01-15 13:51 - 000000132 _____ () C:\Users\user\AppData\Roaming\Adobe BMP-Format CC - Voreinstellungen
2017-03-07 17:10 - 2021-02-17 20:22 - 000000132 _____ () C:\Users\user\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2017-03-07 17:02 - 2021-06-21 20:22 - 000001456 _____ () C:\Users\user\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2020-07-04 02:28 - 2021-07-10 15:04 - 000010752 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-06-14 06:39 - 2018-07-02 13:14 - 000000600 _____ () C:\Users\user\AppData\Local\PUTTY.RND
2020-06-21 18:00 - 2020-06-21 18:00 - 000007601 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg

==================== FLock ==============================

2021-07-05 18:44 C:\WINDOWS\system32\config\SYSTEM
2021-07-20 22:53 C:\WINDOWS\system32\Drivers\d61WW2cl0.sys

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
Shortcut vor Crash
Code:
ATTFilter
Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 19-07-2021 01
durchgeführt von user (25-07-2021 00:46:27)
Gestartet von D:\Benutzer\user\Downloads
Start-Modus: Normal

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Stogram.lnk -> E:\Program Files\4KDownload\4kstogram\4kstogram.exe (Open Media LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> D:\Program Files (x86)\Audacity\audacity.exe (Audacity Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk -> E:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk -> D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass.lnk -> D:\Program Files (x86)\KeePass Password Safe\KeePass.exe (Dominik Reichl)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk -> C:\Program Files\Notepad++\notepad++.exe (Don HO don.h@free.fr)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk -> C:\Program Files\paint.net\PaintDotNet.exe (dotPDN LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaiderIO Client.lnk -> D:\Program Files\RaiderIO\RaiderIO.exe (jah@raider.io)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk -> C:\Program Files\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs OBS.lnk -> D:\Program Files\Streamlabs OBS\Streamlabs OBS.exe (General Workings, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk -> D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tukui Client.lnk -> C:\Windows\Installer\{FFA451DC-1551-445D-BCBE-45C207527B74}\_7003953B7910B60F867FF4.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft\World of Warcraft.lnk -> D:\Program Files (x86)\World of Warcraft\World of Warcraft Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> D:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> D:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> D:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> D:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS\VEGAS Pro 16.0\VEGAS Pro 16.0 Liesmich.lnk -> D:\Program Files\VEGAS\VEGAS Pro 16.0\readme\Vegas_readme_deu.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS\VEGAS Pro 16.0\VEGAS Pro 16.0.lnk -> D:\Program Files\VEGAS\VEGAS Pro 16.0\vegas160.exe (MAGIX Computer Products Intl. Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TradeSkillMaster Application\TSMApplication.lnk -> D:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> D:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snaz\Snaz.lnk -> E:\Snaz\Snaz.exe (JimsApps)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimilarImages\SimilarImages.lnk -> D:\Program Files (x86)\SimilarImages\SimImages.exe (Nils Maier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimilarImages\Uninstall SimilarImages.lnk -> D:\Program Files (x86)\SimilarImages\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimilarImages\Docs\Manual.lnk -> D:\Program Files (x86)\SimilarImages\Docs\SimImages.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimilarImages\Docs\SimilarImages Release Notes.lnk -> D:\Program Files (x86)\SimilarImages\Docs\Notes.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Smart Switch.lnk -> C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe (Samsung)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\roomeon\roomeon 3D-Planer.lnk -> E:\Program Files (x86)\roomeon GmbH\roomeon 3D-Planer\roomeon.exe (roomeon GmbH"; hxxp://www.roomeon.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\roomeon\roomeon Portal.lnk -> E:\Program Files (x86)\roomeon GmbH\roomeon 3D-Planer\roomeon Portal.URL ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock\PunkSoftware.com.lnk -> D:\Program Files (x86)\RocketDock\PunkSoftware.com.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock\RocketDock Documentation.lnk -> D:\Program Files (x86)\RocketDock\Help\English\index.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock\RocketDock entfernen.lnk -> D:\Program Files (x86)\RocketDock\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock\RocketDock.lnk -> D:\Program Files (x86)\RocketDock\RocketDock.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator Hilfe.lnk -> C:\Program Files\PDFCreator\PDFCreator_german.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator im Internet.lnk -> C:\Program Files\PDFCreator\PDFCreator.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator.lnk -> C:\Program Files\PDFCreator\PDFCreator.exe (pdfforge)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Spende für den PDFCreator.lnk -> C:\Program Files\PDFCreator\Spende für den PDFCreator.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch\Overwatch.lnk -> E:\Overwatch\Overwatch Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (32bit).lnk -> C:\Program Files (x86)\obs-studio\bin\32bit\obs32.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (64bit).lnk -> C:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe (OBS)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\Uninstall.lnk -> C:\Program Files (x86)\obs-studio\uninstall.exe (obsproject.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk -> C:\Program Files\Notepad++\notepad++.exe (Don HO don.h@free.fr)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1\Forum.lnk -> C:\Program Files\MyDefrag v4.3.1\Forum.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1\Manual.lnk -> C:\Program Files\MyDefrag v4.3.1\Manual.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1\MyDefrag.lnk -> C:\Program Files\MyDefrag v4.3.1\MyDefrag.exe (J.C. Kessels)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1\Uninstall.lnk -> C:\Program Files\MyDefrag v4.3.1\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1\Website.lnk -> C:\Program Files\MyDefrag v4.3.1\Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Aufzeichnungs-Manager von Skype for Business.lnk -> C:\Program Files\Microsoft Office\root\Office16\OcPubMgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office-Spracheinstellungen.lnk -> C:\Program Files\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetriedashboard für Office.lnk -> C:\Program Files\Microsoft Office\root\Office16\msotd.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetrieprotokoll für Office.lnk -> C:\Program Files\Microsoft Office\root\Office16\msoev.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Gaming Software 8.96.lnk -> C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Management Engine Components\Intel(R) Management and Security Status.lnk -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite\HiSuite.lnk -> C:\Program Files (x86)\HiSuite\HiSuite.exe (Huawei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite\Uninstall.lnk -> C:\Program Files (x86)\HiSuite\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher Adventure Game\The Witcher Adventure Game.lnk -> E:\GOG\The Witcher Adventure Game\TheWitcherAdventureGame.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher Adventure Game\Uninstall The Witcher Adventure Game.lnk -> E:\GOG\The Witcher Adventure Game\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\GOG Galaxy\GOG Galaxy.lnk -> C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe (GOG.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GetFoldersize\GetFoldersize Lizenzvertrag.lnk -> C:\Program Files (x86)\GetFoldersize\Lizenzvertrag.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GetFoldersize\GetFoldersize Webseite.lnk -> C:\Program Files (x86)\GetFoldersize\GetFoldersize Webseite.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GetFoldersize\GetFoldersize.lnk -> C:\Program Files (x86)\GetFoldersize\GetFoldersize.exe (Michael Thummerer Software Design)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GetFoldersize\Uninstall GetFoldersize.lnk -> C:\Program Files (x86)\GetFoldersize\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\The Witcher Adventure Game.lnk -> [LF6"pH,R GFSIH8FEuɪUThe Witcher Adventure Game(1SPSXFL8C&m]
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\FileZilla.lnk -> C:\Program Files\FileZilla FTP Client\filezilla.exe (FileZilla Project)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\Uninstall.lnk -> C:\Program Files\FileZilla FTP Client\uninstall.exe (Tim Kosse)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\DVDVideoSoft Free Studio.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\FreeStudioManager.exe (Digital Wave Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free Video Flip and Rotate.lnk -> C:\Program Files (x86)\DVDVideoSoft\Free Video Flip and Rotate\FreeVideoFlipAndRotate.exe (Digital Wave Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Log Report.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVSSysReport.exe (DVDVideoSoft Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Premium Membership.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\PremiumMembershipOffer.exe (DVDVideoSoft Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Uninstall.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Diablo III.lnk -> E:\Diablo III\Diablo III Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo\CrystalDiskInfo.lnk -> C:\Program Files (x86)\CrystalDiskInfo\DiskInfo32.exe (Crystal Dew World)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\CCCP Settings (64bit).lnk -> C:\Program Files\Combined Community Codec Pack 64bit\CCCP-Settings.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\CCCP Uninstall (64bit).lnk -> C:\Program Files\Combined Community Codec Pack 64bit\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\Media Player Classic Home Cinema (64bit).lnk -> C:\Program Files\Combined Community Codec Pack 64bit\MPC\mpc-hc64.exe (MPC-HC Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Black Ops Cold War\Call of Duty Black Ops Cold War.lnk -> E:\Call of Duty Black Ops Cold War\Black Ops Cold War Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blizzard App\Blizzard App.lnk -> D:\Program Files (x86)\Blizzard App\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Standard Edition 6.5\AOMEI Partition Assistant Standard Edition 6.5.lnk -> C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.5\PartAssist.exe (AOMEI Technology Co., Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Standard Edition 6.5\Uninstall AOMEI Partition Assistant.lnk -> C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.5\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper\AOMEI Backupper Standard.lnk -> C:\Program Files (x86)\AOMEI Backupper\Backupper.exe (AOMEI Tech Co., Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper\Uninstall AOMEI Backupper.lnk -> C:\Program Files (x86)\AOMEI Backupper\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper\User Manual (PDF).lnk -> C:\Program Files (x86)\AOMEI Backupper\UserManual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Agent Ransack\Agent Ransack Help.lnk -> C:\Program Files\Mythicsoft\Agent Ransack\help\en\index.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Agent Ransack\Agent Ransack.lnk -> C:\Program Files\Mythicsoft\Agent Ransack\AgentRansack.exe (Mythicsoft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\user\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\4K Stogram.lnk -> E:\Program Files\4KDownload\4kstogram\4kstogram.exe (Open Media LLC)
Shortcut: C:\Users\Public\Desktop\roomeon 3D-Planer.lnk -> E:\Program Files (x86)\roomeon GmbH\roomeon 3D-Planer\roomeon.exe (roomeon GmbH"; hxxp://www.roomeon.com)
Shortcut: C:\Users\Public\Desktop\roomeon Portal.lnk -> E:\Program Files (x86)\roomeon GmbH\roomeon 3D-Planer\roomeon Portal.URL ()
Shortcut: C:\Users\user\Desktop\LingoMAXX.lnk -> D:\Program Files (x86)\LingoMAXX\LingoMAXX.exe (Keine Datei)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4K Stogram.lnk -> E:\Program Files\4KDownload\4kstogram\4kstogram.exe (Open Media LLC)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC.lnk -> G:\Adobe\Adobe Photoshop CC\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CurseBreaker.lnk -> D:\Program Files (x86)\World of Warcraft\_retail_\CurseBreaker.exe ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MFBot.lnk -> D:\Benutzer\user\Desktop\V Server Daten\sf_bot\MFBot.exe (mfbot.de)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\user\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RenameMaster.lnk -> E:\Program Files (x86)\Rename Master\RenameMaster.exe ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Users\user\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TreeSizeFree.lnk -> C:\Program Files (x86)\JAM Software\TreeSize Free\TreeSizeFree.exe (JAM Software)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk -> C:\Users\user\AppData\Roaming\uTorrent Web\utweb.exe (Keine Datei)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft Logs Uploader.lnk -> C:\Users\user\AppData\Local\Programs\Warcraft Logs Uploader\Warcraft Logs Uploader.exe (warcraftlogs)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool\Windows 7 USB DVD Download Tool.lnk -> C:\Users\user\AppData\Local\Apps\Windows 7 USB DVD Download Tool\Windows7-USB-DVD-Download-Tool.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\Help and HOW-TO.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.chm ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\Release info.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.txt ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\Uninstall SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\uninstall.exe ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2 Deinstallationsprogramm.lnk -> E:\JDownloader v2.0\Uninstall JDownloader.exe (AppWork GmbH)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2 Update & Rescue.lnk -> E:\JDownloader v2.0\JDownloader2Update.exe (AppWork GmbH)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2.lnk -> E:\JDownloader v2.0\JDownloader2.exe (AppWork GmbH)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 2\HyperCam 2 Help.lnk -> C:\Program Files (x86)\HyperCam 2\HyCam2.chm ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 2\HyperCam 2.lnk -> C:\Program Files (x86)\HyperCam 2\HyCam2.exe (Hyperionics)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 2\Read about HyperCam 2.lnk -> C:\Program Files (x86)\HyperCam 2\readme.txt ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 2\Uninstall HyperCam 2.lnk -> C:\Program Files (x86)\HyperCam 2\HcUnInst.exe ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eclipse\Eclipse IDE for Enterprise Java and Web Developers - 2021-06.lnk -> D:\Users\user\eclipse\jee-2021-06\eclipse\eclipse.exe ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beat Hazard Ultra\Beat Hazard Classic.lnk -> E:\Program Files (x86)\Beat Hazard Ultra\BHClassic\BeatHazardClassic.exe ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beat Hazard Ultra\Beat Hazard.lnk -> E:\Program Files (x86)\Beat Hazard Ultra\BeatHazard.exe ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beat Hazard Ultra\Uninstall.lnk -> E:\Program Files (x86)\Beat Hazard Ultra\TDU.exe ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\SendTo\Dropbox.lnk -> C:\Users\user\Dropbox ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\JDownloader 2.lnk -> E:\JDownloader v2.0\JDownloader2.exe (AppWork GmbH)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\KeePass 2.lnk -> D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\KeePass.lnk -> D:\Program Files (x86)\KeePass Password Safe\KeePass.exe (Dominik Reichl)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SimilarImages.lnk -> D:\Program Files (x86)\SimilarImages\SimImages.exe (Nils Maier)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk -> C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe (Samsung)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Excel.lnk -> C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\KeePass 2.lnk -> D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Magical Fidget Bot.lnk -> D:\Benutzer\user\Desktop\V Server Daten\sf_bot\MFBot.exe (mfbot.de)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Spotify.lnk -> C:\Users\user\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Streamlabs OBS.lnk -> D:\Program Files\Streamlabs OBS\Streamlabs OBS.exe (General Workings, Inc.)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Thunderbird (2).lnk -> D:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Thunderbird.lnk -> D:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Adobe Photoshop CC.lnk -> G:\Adobe\Adobe Photoshop CC\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\FileZilla.lnk -> C:\Program Files\FileZilla FTP Client\filezilla.exe (FileZilla Project)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\KeePass 2.lnk -> D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\RenameMaster.lnk -> E:\Program Files (x86)\Rename Master\RenameMaster.exe ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Tombstones\Microsoft Excel 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-1000-0000000FF1CE}\xlicons.exe (Keine Datei)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7111c0ce965b7246\Battle.net.lnk -> D:\Program Files (x86)\Blizzard App\Battle.net.exe (Blizzard Entertainment)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\512c904ca96ecd5c\League of Legends.lnk -> D:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc.)
Shortcut: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> D:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> D:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Uninstall Smart Switch.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}\setup.exe (Samsung Electronics Co., Ltd.) -> /removeonly
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\roomeon\roomeon 3D-Planer deinstallieren.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {E94EF5B3-85D9-40C0-97DB-FA2BB29814E5}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT\Kone XTD Mouse\Kone XTD Driver.lnk -> C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.exe (ROCCAT GmbH) -> 1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT\Kone XTD Mouse\Uninstall Driver.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{7133137D-DF48-4522-AD88-13C82B7D0A63}\Setup.exe"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT\Isku Keyboard\Isku Driver.lnk -> C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe (ROCCAT GmbH) -> 1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT\Isku Keyboard\Uninstall Driver.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}\Setup.exe"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games\League of Legends.lnk -> D:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=league_of_legends --launch-patchline=live
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Database Compare.lnk -> C:\Program Files\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Office16\DCF\DATABASECOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office Upload Center.lnk -> C:\Program Files\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files\Microsoft Office\Root\Office16\MSOUC.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Spreadsheet Compare.lnk -> C:\Program Files\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Office16\DCF\SPREADSHEETCOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\Filters\LAV Audio Settings (64bit).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\Combined Community Codec Pack 64bit\Filters\LAVFilters\LAVAudio.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\Filters\LAV Splitter Settings (64bit).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\Combined Community Codec Pack 64bit\Filters\LAVFilters\LAVSplitter.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\Filters\LAV Video Settings (64bit).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\Combined Community Codec Pack 64bit\Filters\LAVFilters\LAVVideo.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\Filters\VSFilter Configuration (64bit).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\Combined Community Codec Pack 64bit\Filters\vsfilter.dll",DirectVobSub
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Burning Crusade Classic\Burning Crusade Classic.lnk -> D:\Program Files (x86)\World of Warcraft\World of Warcraft Launcher.exe (Blizzard Entertainment) -> --productcode=wow_classic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Agent Ransack\Uninstall Agent Ransack.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {C4A498C9-A668-462D-8E54-9DD68A87DFAD}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk -> C:\Users\user\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe"
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool\Uninstall Windows 7 USB DVD Download Tool.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {CCF298AF-9CE1-4B26-B251-486E98A34789}
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) -> /tsr
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc\Discord.lnk -> C:\Users\user\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beat Hazard Ultra\Beat Hazard Ultra.lnk -> E:\Program Files (x86)\Beat Hazard Ultra\BeatHazard.exe () -> -app>49604
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Discord.lnk -> C:\Users\user\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Discord.lnk -> C:\Users\user\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\user\AppData\Local\Google\Chrome\User Data\Chrome App Launcher.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --show-app-list


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TradeSkillMaster Application\TradeSkillMaster.com.url -> URL: hxxp://www.tradeskillmaster.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher Adventure Game\Documents\Support.url -> URL: hxxp://www.gog.com/support/witcher_adventure_game
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> 
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\CCCP Playback FAQ.url -> URL: hxxp://www.cccp-project.net/wiki/index.php?title=Main_Page
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\CCCP Website.url -> URL: hxxp://www.cccp-project.net/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Standard Edition 6.5\User Help - German.url -> URL: hxxp://www.disk-partition.com/de/manual.html
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Standard Edition 6.5\Visit our website - German.url -> URL: hxxp://www.disk-partition.com/de
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper\Visit our website - German.url -> URL: hxxp://www.backup-utility.com
InternetURL: C:\Users\MarieSilvester\Favorites\Windows Live\Windows Live Gallery.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\MarieSilvester\Favorites\Windows Live\Windows Live Ideas.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72700
InternetURL: C:\Users\MarieSilvester\Favorites\Windows Live\Windows Live Mail.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72681
InternetURL: C:\Users\MarieSilvester\Favorites\Windows Live\Windows Live Spaces.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72682
InternetURL: C:\Users\MarieSilvester\Favorites\MSN-Websites\MSN Auto.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72680
InternetURL: C:\Users\MarieSilvester\Favorites\MSN-Websites\MSN Fernsehen.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72659
InternetURL: C:\Users\MarieSilvester\Favorites\MSN-Websites\MSN Money.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72640
InternetURL: C:\Users\MarieSilvester\Favorites\MSN-Websites\MSN Nachrichten.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72636
InternetURL: C:\Users\MarieSilvester\Favorites\MSN-Websites\MSN Sport.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72635
InternetURL: C:\Users\MarieSilvester\Favorites\MSN-Websites\MSN.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72630
InternetURL: C:\Users\MarieSilvester\Favorites\Microsoft-Websites\IE-Site auf Microsoft.com.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72186
InternetURL: C:\Users\MarieSilvester\Favorites\Microsoft-Websites\Microsoft Deutschland GmbH.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72520
InternetURL: C:\Users\MarieSilvester\Favorites\Microsoft-Websites\Microsoft Store.url -> URL: hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\MarieSilvester\Favorites\Microsoft-Websites\Microsoft Windows - Start.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72629
InternetURL: C:\Users\MarieSilvester\Favorites\Microsoft-Websites\Microsoft zu Hause.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72406
InternetURL: C:\Users\MarieSilvester\Favorites\Microsoft-Websites\Microsoft.com durchsuchen.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72893
InternetURL: C:\Users\MarieSilvester\Favorites\Microsoft-Websites\Site für IE Add-Ons.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\MarieSilvester\Favorites\Links\Web Slice-Katalog.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\user\Dropbox\Get Started with Dropbox Paper.url -> URL: hxxps://www.dropbox.com/login?_tk=dropbox_desktop_urlfile&cont=https%3A%2F%2Fpaper.dropbox.com%2Fpad%2Fopen-or-create-sample%2Fintro&register_cont=https%3A%2F%2Fpaper.dropbox.com%2Fpad%2Fopen-or-create-sample%2Fintro

==================== Ende vom Shortcut.txt =============================
Weitere Logs weiter unten als Code, aber auch als ZIP in Anhang, da Zeichenlimit erreicht.
Angehängte Dateien
Dateityp: zip Logs vorCrash.zip (43,0 KB, 18x aufgerufen)
Dateityp: zip Logs nachCrash.zip (42,0 KB, 16x aufgerufen)

Alt 25.07.2021, 11:19   #2
Polydoros
 
Ransomeware eingefangen? + A Disk read error occured. - Standard

weitere Logs


Addition vorCrash
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 19-07-2021 01
durchgeführt von user (25-07-2021 00:40:16)
Gestartet von D:\Benutzer\user\Downloads
Windows 10 Home Version 21H1 19043.1052 (X64) (2020-11-08 10:28:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-2579833569-30274321-2403803918-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2579833569-30274321-2403803918-503 - Limited - Disabled)
Gast (S-1-5-21-2579833569-30274321-2403803918-501 - Limited - Disabled)
user (S-1-5-21-2579833569-30274321-2403803918-1000 - Administrator - Enabled) => C:\Users\user
WDAGUtilityAccount (S-1-5-21-2579833569-30274321-2403803918-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4K Stogram (HKLM\...\{4F7C8AC4-DEF5-47D7-BA92-72BFBABD94E1}) (Version: 3.3.2.3490 - Open Media LLC)
Active Directory Authentication Library für SQL Server (HKLM\...\{DCF8CB30-F4CE-476A-AB02-E8D620FADC70}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library für SQL Server (x86) (HKLM-x32\...\{03D2027B-6335-4822-89ED-CD99D2F4CE43}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Agent Ransack x64 (HKLM\...\{C4A498C9-A668-462D-8E54-9DD68A87DFAD}) (Version: 8.0.865.1 - Mythicsoft Ltd)
AlienFX for KoneXTD (HKLM\...\{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.02 - Roccat GmbH) Hidden
AlienFX for KoneXTD (HKLM-x32\...\InstallShield_{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.02 - Roccat GmbH)
AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version:  - AOMEI Technology Co., Ltd.)
AOMEI Partition Assistant Standard Edition 6.5 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Burning Crusade Classic (HKLM-x32\...\Burning Crusade Classic) (Version:  - Blizzard Entertainment)
Call of Duty Black Ops Cold War (HKLM-x32\...\Call of Duty Black Ops Cold War) (Version:  - Blizzard Entertainment)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
CrystalDiskInfo 8.1.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.1.0 - Crystal Dew World)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0221 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 124.4.4912 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden
Epic Games Launcher (HKLM-x32\...\{50D3E17D-0AFC-4617-AB00-DDE3099545FA}) (Version: 1.1.183.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{FD639F4D-1460-42E6-B32D-FEC1745D0BDC}) (Version: 13.0.1601.5 - Microsoft Corporation)
FileZilla Client 3.39.0 (HKLM-x32\...\FileZilla Client) (Version: 3.39.0 - Tim Kosse)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Video Flip and Rotate (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 1.1.35.831 - Digital Wave Ltd)
GetFoldersize 3.1.10 (HKLM-x32\...\GetFoldersize_is1) (Version: 3.1.10 - Michael Thummerer Software Design)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.164 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.99 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 10.1.1.500 - Huawei Technologies Co., Ltd.)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.29.01 - Hyperionics Technology LLC)
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KeePass Password Safe 1.32 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.32 - Dominik Reichl)
KeePass Password Safe 2.43 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.43 - Dominik Reichl)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.81 - Logitech Inc.)
Malwarebytes version 4.4.0.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 - Malwarebytes)
Manager (HKLM-x32\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.55 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (German) (HKLM-x32\...\{90120000-00D1-0407-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Volume - de-de) (Version: 16.0.10376.20033 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\OneDriveSetup.exe) (Version: 21.109.0530.0001 - Microsoft Corporation)
Microsoft Report Viewer 2015 Runtime (HKLM-x32\...\{3ECE8FC7-7020-4756-A71C-C345D4725B77}) (Version: 12.0.2402.15 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{13146756-9716-4843-84CA-053916D2FCF9}) (Version: 11.3.6538.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB  (HKLM\...\{C555970C-4C94-4A20-9869-AE7E2F84748F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{264B070C-82D7-4C9C-B1CE-A0B124BCC787}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service  (HKLM-x32\...\{4EFF12AE-599C-42A2-ACFA-0D95C3B11A19}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom  (HKLM\...\{E8F3D249-7DE6-4422-AC86-1CE7D5CCFA0F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.60519.0) (HKLM-x32\...\{9F367648-EC0C-4F97-B351-D12A51E38F96}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2016 Management Objects  (HKLM-x32\...\{35A7B00B-4F9C-4B4D-919C-86FFFEE46AD6}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Teams) (Version: 1.3.00.12058 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{48BF289B-F3FA-4023-9251-80ABF7B726F9}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 90.0.2 (x64 de)) (Version: 90.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla)
Mozilla Thunderbird 45.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.5.0 (x86 de)) (Version: 45.5.0 - Mozilla)
Mozilla Thunderbird 78.12.0 (x86 de) (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Mozilla Thunderbird 78.12.0 (x86 de)) (Version: 78.12.0 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.8.2 - Notepad++ Team)
NVIDIA Grafiktreiber 471.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.11 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.1.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10376.20033 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10376.20033 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.10376.20033 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.101.48500 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
paint.net (HKLM\...\{B998B716-4001-4919-BA90-BA14B51DFEB5}) (Version: 4.1.6 - dotPDN LLC)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.3 - pdfforge GmbH)
RaiderIO 2.1.8 (HKLM\...\ea53c16d-4ef5-533f-83dc-5b0c5bb40cb2) (Version: 2.1.8 - jah@raider.io)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6738 - Realtek Semiconductor Corp.)
Rename Master (HKLM-x32\...\Rename Master_is1) (Version:  - )
ROCCAT Isku Keyboard Driver (HKLM-x32\...\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}) (Version:  - Roccat GmbH)
ROCCAT Kone XTD Mouse Driver (HKLM-x32\...\{7133137D-DF48-4522-AD88-13C82B7D0A63}) (Version:  - Roccat GmbH)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
roomeon 3D-Planer (HKLM-x32\...\{E94EF5B3-85D9-40C0-97DB-FA2BB29814E5}) (Version: 1.6.2 - roomeon GmbH)
Roslyn Language Services - x86 (HKLM-x32\...\{6970C7E1-F99D-388D-8903-DF8FCE677FED}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
SimilarImages (HKLM-x32\...\SimilarImages) (Version: 2013.11 - Nils Maier)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
Snaz Version 1.12.7.0 (HKLM-x32\...\{70A76031-FDC6-4F9B-BB5C-33776703F45A}_is1) (Version: 1.12.7.0 - JimsApps)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Spotify) (Version: 1.1.62.583.gdac868ed - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.22.3 - General Workings, Inc.)
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (HKLM-x32\...\{7A95671A-759E-3B83-B763-4289D1D24D73}) (Version: 14.102.25619 - Microsoft) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Witcher Adventure Game (HKLM-x32\...\1207666883_is1) (Version: 2.7.0.24 - GOG.com)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
TreeSize Free V4.4.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.4.2 - JAM Software)
Tukui Client (HKLM-x32\...\{FFA451DC-1551-445D-BCBE-45C207527B74}) (Version: 3.2.7 - Tukui)
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{BA5762C7-D35F-4725-A4BD-525854127018}) (Version: 1.8.36.0 - Microsoft Corporation) Hidden
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
VEGAS Pro 16.0 (HKLM\...\{0A450A0F-A098-11E8-A36D-00155D6302F2}) (Version: 16.0.248 - VEGAS)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Warcraft Logs Uploader 4.7.0 (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\{bcc11bd8-bf2f-5f00-925b-921594bc2ca4}) (Version: 4.7.0 - warcraftlogs)
Warcraft Logs Uploader 5.5.1 (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\bcc11bd8-bf2f-5f00-925b-921594bc2ca4) (Version: 5.5.1 - warcraftlogs)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

Packages:
=========
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-31] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-01] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-20] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-06-30] (NVIDIA Corp.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2579833569-30274321-2403803918-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2579833569-30274321-2403803918-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2579833569-30274321-2403803918-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\user\Dropbox [2019-02-14 20:49]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-01-17] (Notepad++ -> )
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2017-01-31] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\nvshext.dll [2021-06-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2_S-1-5-21-2579833569-30274321-2403803918-1000: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\Agent Ransack\ShellExt.dll [2016-10-19] (Mythicsoft Ltd -> Mythicsoft Ltd)
ContextMenuHandlers4_S-1-5-21-2579833569-30274321-2403803918-1000: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\Agent Ransack\ShellExt.dll [2016-10-19] (Mythicsoft Ltd -> Mythicsoft Ltd)
ContextMenuHandlers5_S-1-5-21-2579833569-30274321-2403803918-1000: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\Agent Ransack\ShellExt.dll [2016-10-19] (Mythicsoft Ltd -> Mythicsoft Ltd)
ContextMenuHandlers6_S-1-5-21-2579833569-30274321-2403803918-1000: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\Agent Ransack\ShellExt.dll [2016-10-19] (Mythicsoft Ltd -> Mythicsoft Ltd)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2017-12-22] (Beepa P/L) [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2017-12-22] (Beepa P/L) [Datei ist nicht signiert]

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2016-11-27 16:41 - 2007-09-02 14:57 - 000069632 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\RocketDock\RocketDock.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000053760 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\_bz2.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000084992 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\_ctypes.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000783360 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\_hashlib.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000137216 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\_lzma.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000047104 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\_socket.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000039424 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\psutil._psutil_windows.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 001861120 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtCore.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 002002944 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtGui.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 004101120 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtWidgets.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000009728 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\select.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000075264 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\sip.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000758784 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\unicodedata.pyd
2021-06-10 18:20 - 2021-07-12 23:23 - 002821120 _____ () [Datei ist nicht signiert] D:\Program Files\RaiderIO\ffmpeg.dll
2021-06-10 18:20 - 2021-07-12 23:23 - 000446464 _____ () [Datei ist nicht signiert] D:\Program Files\RaiderIO\libegl.dll
2021-06-10 18:20 - 2021-07-12 23:23 - 007900160 _____ () [Datei ist nicht signiert] D:\Program Files\RaiderIO\libglesv2.dll
2020-11-08 12:25 - 2020-11-08 12:25 - 000065536 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll
2019-12-31 12:53 - 2019-12-31 12:53 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2019-12-31 12:53 - 2019-12-31 12:53 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2017-12-19 15:39 - 2017-09-27 18:30 - 000489984 _____ (Newtonsoft) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\Newtonsoft.Json.dll
2017-07-14 18:55 - 2017-07-14 18:55 - 000116224 _____ (pdfforge GmbH) [Datei ist nicht signiert] C:\WINDOWS\System32\pdfcmon.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 002741248 _____ (Python Software Foundation) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\python34.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000848896 _____ (The ICU Project) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\icudt53.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 001580032 _____ (The ICU Project) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\icuin53.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 001079296 _____ (The ICU Project) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\icuuc53.dll
2016-11-28 16:32 - 2020-04-08 16:17 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\LIBEAY32.dll
2016-11-28 16:32 - 2020-04-08 16:18 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\ssleay32.dll
2016-11-28 16:32 - 2019-08-29 14:44 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-06-29 19:31 - 2019-08-29 14:44 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5Core.dll
2021-06-29 19:31 - 2019-08-29 14:44 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5Gui.dll
2021-06-29 19:31 - 2019-08-29 14:44 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5Network.dll
2021-06-29 19:31 - 2019-08-29 14:45 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-06-29 19:31 - 2019-08-29 14:45 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-06-29 19:31 - 2019-08-29 14:45 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5Xml.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000036352 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qdds.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000022016 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qgif.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000029184 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qicns.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000022016 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qico.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000381952 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjp2.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000206848 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjpeg.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000218624 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qmng.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000016384 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtga.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000308736 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtiff.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000015360 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwbmp.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000287232 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwebp.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000991744 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\platforms\qwindows.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 004182528 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Core.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 004877312 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Gui.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 004490752 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Widgets.dll
2017-12-19 15:39 - 2017-11-07 17:37 - 000088064 _____ (Wondershare) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppCollect.dll
2017-12-19 15:39 - 2017-11-07 17:37 - 000200192 _____ (Wondershare) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppCommon.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [226]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKU\S-1-5-21-2579833569-30274321-2403803918-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-11-19 01:53 - 000003469 _____ C:\WINDOWS\system32\drivers\etc\hosts
173.0.14.249 d1.proxpn.com
173.0.14.249 d1.proxpn.biz
173.0.14.249 d1.proxpn.org
173.0.14.249 d1.proxpn.me
107.6.100.5 pptp-d1.proxpn.com
107.6.100.5 pptp-d1.proxpn.biz
107.6.100.5 pptp-d1.proxpn.org
107.6.100.5 pptp-d1.proxpn.me
173.231.141.114 ny1.proxpn.com
173.231.141.114 ny1a.proxpn.biz
173.231.141.114 ny1a.proxpn.org
173.231.141.114 ny1a.proxpn.me
173.231.141.116 pptp-ny1a.proxpn.com
173.231.141.116 pptp-ny1a.proxpn.biz
173.231.141.116 pptp-ny1.proxpn.org
173.231.141.116 pptp-ny1.proxpn.me
216.18.231.179 se1.proxpn.com
216.18.231.179 se1.proxpn.biz
216.18.231.179 se1.proxpn.org
216.18.231.179 se1.proxpn.me
216.18.231.181 pptp-se1.proxpn.com
216.18.231.181 pptp-se1.proxpn.biz
216.18.231.181 pptp-se1.proxpn.org
216.18.231.181 pptp-se1.proxpn.me
64.27.29.67 la1.proxpn.com
64.27.29.67 la1.proxpn.biz
64.27.29.67 la1.proxpn.org
64.27.29.67 la1.proxpn.me
64.27.29.68 pptp-la1.proxpn.com
64.27.29.68 pptp-la1.proxpn.biz

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\AOMEI Backupper;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\Control Panel\Desktop\\Wallpaper -> D:\Benutzer\user\Eigene Bilder\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei)
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: Steam => "D:\Program Files (x86)\Steam\steam.exe" -silent

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{4A6E148B-989F-44C1-9A7A-DDDE8F8E088C}] => (Allow) E:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [{6DA249F2-1189-4D4D-B43D-14590E3F9239}] => (Allow) E:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{90199173-0506-4E4D-88CD-C79EEC856D92}D:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) D:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{D5B3A047-5529-47AD-B36B-28DDCDB89F28}D:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) D:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{CD0AB3DC-A410-44DA-87B0-08B35902E06C}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => Keine Datei
FirewallRules: [{A9889C33-2A62-4F9E-B0DD-18AC86A1EE26}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => Keine Datei
FirewallRules: [UDP Query User{E06468E0-98B0-4491-86B7-6F6C90864756}E:\steamlibrary\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe => Keine Datei
FirewallRules: [TCP Query User{E1B46380-71CC-4331-BCA7-6DECD8A8258D}E:\steamlibrary\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{7BBB7DF8-D6C7-44D0-9EA5-4614C36A36C1}C:\users\user\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\user\appdata\local\programs\blitz\blitz.exe => Keine Datei
FirewallRules: [TCP Query User{BC0CFFD8-D507-449E-9B70-0D1551CDDE35}C:\users\user\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\user\appdata\local\programs\blitz\blitz.exe => Keine Datei
FirewallRules: [UDP Query User{26F71397-CBF4-466A-8595-CF734D0E2CF5}C:\users\user\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\user\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{EF3EBD27-65FF-4CCB-93C6-E8048E274EAC}C:\users\user\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\user\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{CD721D75-23DF-49B9-A453-C241CD404BD8}C:\users\user\appdata\local\blitz\current\blitz.exe] => (Allow) C:\users\user\appdata\local\blitz\current\blitz.exe => Keine Datei
FirewallRules: [TCP Query User{8DF1D4FB-1850-4EB6-9E42-B0C5B11E6D3A}C:\users\user\appdata\local\blitz\current\blitz.exe] => (Allow) C:\users\user\appdata\local\blitz\current\blitz.exe => Keine Datei
FirewallRules: [{001C0D1A-2552-4463-A16E-72B72EC26B29}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => Keine Datei
FirewallRules: [{500C6985-4DB1-47DF-960A-9D0EDA2990BC}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => Keine Datei
FirewallRules: [{437C337B-7540-46E6-A4DD-A1F51EFC54C2}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => Keine Datei
FirewallRules: [{327F6E00-8137-4A78-A6A3-F51971DB9EBE}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => Keine Datei
FirewallRules: [{E8233E25-EF07-4D43-8A12-3025C6B0DFE2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D2E02427-6686-4762-B0C6-410FD7943037}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{34354047-A99B-487E-A167-3D89CEA316D6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{53C4D91A-20A9-4069-8B9F-5B3CC216E03D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8B6D41A7-5D8E-421C-998A-2E3456C66D94}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{645892EA-372F-4D43-8C92-CE7BCDC88602}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe => Keine Datei
FirewallRules: [{CB0F98E5-3516-4C26-9CB2-2354190F1D6B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe => Keine Datei
FirewallRules: [{4E831682-08D2-4B0E-B324-240658B57250}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => Keine Datei
FirewallRules: [{9D22EB54-8DE8-466E-9B45-E37CFFCF3F0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe => Keine Datei
FirewallRules: [{6219D0A0-5282-4C85-914D-1E2FE3388DCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe => Keine Datei
FirewallRules: [{ECA95E8D-64B0-423D-A08C-1D4C1CCC8F0F}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{28FF2450-6226-4612-8F9C-394BE8FBC52E}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9FE82643-1380-4E45-8907-3D42E65CECF5}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{80EA1FC5-DE45-4F1F-A864-92C2E78EF09F}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{90A61087-67B9-4211-9A6A-EF9983652A4B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4B6B3CF8-11F4-43BB-8EAB-5C7EE8E90519}] => (Allow) LPort=2869
FirewallRules: [{91834D8E-BF68-434A-8DD1-F5A4A20BD329}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{4AE65574-6C6F-4455-892E-F737DC4D2362}E:\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) E:\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [UDP Query User{1B1EF4AD-628B-4A66-8827-FBE92DFF2494}E:\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) E:\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [TCP Query User{25630A57-B7EE-48BA-B2D9-0465ABA1495C}E:\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe] => (Allow) E:\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [UDP Query User{3546140E-876E-4E18-9BF1-8D88F3AF4F4A}E:\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe] => (Allow) E:\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [TCP Query User{18D80B2F-8405-4F9C-873E-14BC6935C2E8}E:\overwatch\overwatch.exe] => (Allow) E:\overwatch\overwatch.exe => Keine Datei
FirewallRules: [UDP Query User{A8E7A4FB-03B3-4D27-A19A-4640A8459857}E:\overwatch\overwatch.exe] => (Allow) E:\overwatch\overwatch.exe => Keine Datei
FirewallRules: [{D09DCB6F-DF75-46E5-A6F5-27401051E44E}] => (Allow) C:\Users\user\AppData\Local\Temp\andy-x64\Setup.exe => Keine Datei
FirewallRules: [{96F37A3F-C18D-47DC-ABE4-908961378B01}] => (Allow) C:\Users\user\AppData\Local\Temp\andy-x64\Setup.exe => Keine Datei
FirewallRules: [{490D8786-E36B-46EF-85DA-5A6E255B84F2}] => (Allow) C:\Program Files\Andy\andy.exe => Keine Datei
FirewallRules: [{852D0C27-64AF-43AD-BD9D-6992F2A730CF}] => (Allow) C:\Program Files\Andy\andy.exe => Keine Datei
FirewallRules: [{2500D083-69C3-46A4-978E-C0870245764F}] => (Allow) C:\Program Files\Andy\AndyConsole.exe => Keine Datei
FirewallRules: [{FCD75FD3-BDAE-43F5-8B9D-E2DD3C58ACA9}] => (Allow) C:\Program Files\Andy\AndyConsole.exe => Keine Datei
FirewallRules: [{CD2B06F1-34E4-450E-B6A0-C4441259FFBF}] => (Allow) C:\Program Files\Andy\HandyAndy.exe => Keine Datei
FirewallRules: [{002514EE-2676-4F7D-92FB-AAA143B12CA3}] => (Allow) C:\Program Files\Andy\HandyAndy.exe => Keine Datei
FirewallRules: [{59E7B9F1-1FD3-48C7-B35C-6CB488D54218}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe => Keine Datei
FirewallRules: [{379A5A9C-415E-485D-8C77-46A121DF76DB}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe => Keine Datei
FirewallRules: [{4290E391-36C6-4AEB-A569-E715A16EFE82}] => (Allow) C:\Users\user\AppData\Local\Temp\RemoveTemp.exe => Keine Datei
FirewallRules: [{D40C5F2F-55DA-4535-97D4-2778BBB54041}] => (Allow) C:\Users\user\AppData\Local\Temp\RemoveTemp.exe => Keine Datei
FirewallRules: [{836E9BE2-E01D-4A44-A38C-B168998FED1A}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe => Keine Datei
FirewallRules: [{2B94FF74-5C6F-4374-8E85-9E50CF9A5045}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe => Keine Datei
FirewallRules: [{49D6DF34-3858-487C-9795-73A18858075F}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe => Keine Datei
FirewallRules: [{2B22F4AB-1E91-4CBF-8597-FB6CC84644A8}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe => Keine Datei
FirewallRules: [TCP Query User{3E8D9AAD-B8E6-4A31-BE6E-47B402AEC12B}E:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) E:\program files\rockstar games\grand theft auto v\gta5.exe => Keine Datei
FirewallRules: [UDP Query User{F3177FED-A5E5-4A86-9928-8AD289C80396}E:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) E:\program files\rockstar games\grand theft auto v\gta5.exe => Keine Datei
FirewallRules: [TCP Query User{52447431-39D5-4DA7-AB9E-F076BD20DD02}D:\program files\teamspeak 3 client\ts3client_win64.exe] => (Allow) D:\program files\teamspeak 3 client\ts3client_win64.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [UDP Query User{25913D96-0447-416C-8015-F06857EC78C7}D:\program files\teamspeak 3 client\ts3client_win64.exe] => (Allow) D:\program files\teamspeak 3 client\ts3client_win64.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [{0E5A8359-22D1-40A5-B892-E289639170A4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{06B67D62-3F1C-484A-A69C-A6C8A2CFCCD2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{DCD22A10-EBE3-4E77-850D-1A3AA73EC764}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{DEAAD606-F120-48C4-9522-7B4314F7839F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{DA65F31F-99FA-4641-8DA1-74F186830C0F}E:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) E:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [UDP Query User{5ED2F346-43A5-461B-B961-1D200A397A64}E:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) E:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [{60406519-4E1C-4DD8-BC1A-ABD566C45B3D}] => (Block) E:\Program Files\Rockstar Games\Grand Theft Auto V\GTAVLauncher.exe => Keine Datei
FirewallRules: [TCP Query User{972EE226-F87D-464E-8C57-400D562CFFEE}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{C17D4A5F-3C8E-4D48-A1B6-EC7F3BA0115C}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{0719B81F-8660-4FCF-91B1-280185975292}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{3F46F757-53FF-4916-B41F-B5F7E10A3628}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{4DABD2DB-5DB3-4F0C-9505-A4C302AD7106}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{40C39E61-F0C4-481C-B371-5B87A951A6EB}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{465E303A-33B2-4B3F-A0D7-2E4388D2F41C}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{33AD6841-103B-4C00-9124-5D51E90E2583}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{39EDCB2A-0EAA-4E1E-A9EC-6AE691CDCAED}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{207D158A-9DB2-4310-991D-1E1E9B7CB78D}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{06F7425F-135A-4246-A813-4FBBFC4F7325}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{9D5A9055-97DE-4640-AE1F-69F7DACBF2B1}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{8733FF72-EE46-46BA-94CD-0C6DD1D2027E}E:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) E:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{A7E00E1E-C258-4D1F-A8C5-AA4D254C6476}E:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) E:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{B174D0CD-D5F4-4CD7-AB31-AA27328510FA}E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3C76CB0A-A2D0-4FB8-926D-0F423C96C71D}E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{AF4191D3-39C3-46DE-A548-BCABC0164232}E:\program files (x86)\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\program files (x86)\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{CF8123C0-8573-41B6-873D-46354C9C58B0}E:\program files (x86)\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\program files (x86)\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Keine Datei
FirewallRules: [{479CAC48-460C-4F85-8083-3D242B28EB1E}] => (Allow) C:\Users\user\AppData\Roaming\Streamlabs\Streamlabs Chatbot\Streamlabs Chatbot.exe => Keine Datei
FirewallRules: [{49AF226E-C4A2-4F51-900B-D7E49BF1BDD5}] => (Allow) C:\Users\user\AppData\Roaming\Streamlabs\Streamlabs Chatbot\Streamlabs Chatbot.exe => Keine Datei
FirewallRules: [{4E16179E-E83E-475D-86EB-91713A355E15}] => (Allow) C:\Users\user\AppData\Roaming\Streamlabs\Streamlabs Chatbot\Streamlabs Chatbot.exe => Keine Datei
FirewallRules: [{B74A4902-09A0-45F5-8196-41134B17460E}] => (Allow) C:\Users\user\AppData\Roaming\Streamlabs\Streamlabs Chatbot\Streamlabs Chatbot.exe => Keine Datei
FirewallRules: [TCP Query User{913384C0-B5A9-4372-8CE1-01FC50CF866F}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{66ED06BE-74F8-4ABA-B4FA-2BEC35EBAA67}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{C4B879DF-AADC-4A37-AF28-3E1BCE0AB49E}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{EE63598F-7151-455F-BB69-2570EEC7E731}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{F9F5F0A6-D1F9-48A2-9224-10026823ABF2}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{4FAEC4DC-D319-495E-842D-AF8B7D725AD1}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{AA9ED216-C389-48B5-8A31-369D2B47A718}E:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) E:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe => Keine Datei
FirewallRules: [UDP Query User{80FB710F-7D9D-4166-A9F8-93AEAE42C820}E:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) E:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe => Keine Datei
FirewallRules: [TCP Query User{620EC0E5-AFEF-4BC9-9295-BF332737B1AB}E:\jdownloader v2.0\jdownloader2.exe] => (Allow) E:\jdownloader v2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [UDP Query User{F160744B-471A-4BA2-8A22-D4B0391B5DF1}E:\jdownloader v2.0\jdownloader2.exe] => (Allow) E:\jdownloader v2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [TCP Query User{7F5B0FA5-B941-4E30-91B1-D4FC145CB920}E:\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) E:\games\the sims 4\game\bin\ts4_x64.exe => Keine Datei
FirewallRules: [UDP Query User{04A3EA83-0E68-4D3B-970C-C7241E32C43E}E:\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) E:\games\the sims 4\game\bin\ts4_x64.exe => Keine Datei
FirewallRules: [TCP Query User{CA8CA4EE-2381-4E0D-AD50-966D032E5A22}E:\games\the sims 4\game\bin\ts4.exe] => (Allow) E:\games\the sims 4\game\bin\ts4.exe => Keine Datei
FirewallRules: [UDP Query User{2D4DBB37-B576-490D-AC5A-DA00A90A53F6}E:\games\the sims 4\game\bin\ts4.exe] => (Allow) E:\games\the sims 4\game\bin\ts4.exe => Keine Datei
FirewallRules: [TCP Query User{EAC675E0-ACAC-4BBD-BA7E-72A3FFABD559}D:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe => Keine Datei
FirewallRules: [UDP Query User{FDE20F4F-494B-45D4-ADAB-E4B2FA97E1CB}D:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe => Keine Datei
FirewallRules: [{B9EC7B50-785F-4F37-B6D0-2A4CE447689C}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D264CDE4-1B79-48BD-ACBA-077BBBB534F1}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{ADC664A4-1E77-45EF-8C74-3A58896E50B8}D:\benutzer\user\downloads\utox_win64.exe] => (Allow) D:\benutzer\user\downloads\utox_win64.exe => Keine Datei
FirewallRules: [UDP Query User{99182E19-EA0C-403C-8B90-CD444E32273B}D:\benutzer\user\downloads\utox_win64.exe] => (Allow) D:\benutzer\user\downloads\utox_win64.exe => Keine Datei
FirewallRules: [{122119B4-105A-4D05-AFFD-66C9F9BC3366}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe (Firaxis Games) [Datei ist nicht signiert]
FirewallRules: [{E01261B2-7BA2-4088-9CC9-65A17F2E8831}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe (Firaxis Games) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{E21FF858-1EDB-4575-B1C2-229776450DAC}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{E3272ED8-4FFA-4631-834E-E0300BC31BCA}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{87FBA020-3F5A-47D4-BC3F-D2C7ED5E7F58}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{87B1062E-9E8C-4C81-B8D5-1C273BBEA439}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{32C9F1D6-B82C-4916-A4CC-450EE13B130B}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{50BF5346-EA5E-4818-BD24-ACEFCDFCD03A}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{3A6CCCD8-C4D0-4BA2-B5FE-22ADD3206A7E}E:\diablo iii\x64\diablo iii64.exe] => (Allow) E:\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{5FE912CC-6DAC-4772-ACDA-E1143C48F49E}E:\diablo iii\x64\diablo iii64.exe] => (Allow) E:\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{599497F7-C4CE-4FB1-87B4-39BFCE218FAC}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{1C55F239-39C6-41FE-8E00-13F45F0DCBD1}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{490ABA47-D019-44C6-8ED2-CE34FD5CE948}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{D3B4543B-7B9A-42FA-AB88-AA99DB620D21}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{E46F05A8-2610-4FD3-9C5B-8C8DCB3A5A45}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{E8C4EC46-FD45-43C4-8E79-FE035EA4D68A}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{91C080B1-8594-454E-9467-B1B938301511}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{CA619507-B0D2-4C5A-B2DA-4851B3061E8D}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{294B0418-47FD-41F1-8FA8-9E7A8A689686}] => (Allow) D:\Program Files (x86)\Sidify Music Converter Free\Sidify Music Converter Free.exe.exe => Keine Datei
FirewallRules: [TCP Query User{DE5A6191-EA16-43E6-959E-3B7770FC7EC0}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{0DD7FCA2-37CD-4347-BFDB-9F86E1F05B5A}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{55F01C71-F10D-459C-9F03-0F6AA1632F06}D:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{4D63B839-2C47-4C3C-BB06-174994747797}D:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{54F46A0A-6877-43FC-9F5B-08536031FBE9}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{20726450-26F9-4D7D-9F05-C3491723B4ED}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{DFD9B37A-4CF8-4A08-9262-DD96FC9CFDF2}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{B31A81F7-5EF7-44A9-82A0-3FD9B2D01AA2}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{489A26CB-4983-4AB6-888B-E6DFAA571647}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{2C89F74F-D7D0-4913-A141-4603E433A0D9}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{756F276C-61A9-4586-9E5B-F3FACBF902AD}D:\benutzer\user\downloads\utox_win64.exe] => (Block) D:\benutzer\user\downloads\utox_win64.exe => Keine Datei
FirewallRules: [UDP Query User{0CA54C5D-AB4A-40D0-9843-E2E909A5A0D4}D:\benutzer\user\downloads\utox_win64.exe] => (Block) D:\benutzer\user\downloads\utox_win64.exe => Keine Datei
FirewallRules: [TCP Query User{BBE687B0-C0FF-49BD-A8DB-987DC06E38D5}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{3FFD0217-A45D-4E29-8BDA-85768F528567}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{EC26DC2D-8441-400C-8C50-EE54D11FEA48}E:\program files (x86)\beat hazard ultra\beathazard.exe] => (Allow) E:\program files (x86)\beat hazard ultra\beathazard.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{7C35F32D-4E09-4C6E-AD5E-AC4902B179B1}E:\program files (x86)\beat hazard ultra\beathazard.exe] => (Allow) E:\program files (x86)\beat hazard ultra\beathazard.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{2C790E31-ADEC-4450-A335-4843E02357D9}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{6A1EFE6D-512D-470D-AA1C-D81BD0B6565E}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{A40CF6D2-9357-4AA5-92AE-0D9897F30E7B}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{3C84A94F-F518-463B-BDEF-9C209EC170EE}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{EC820E90-E7F5-4881-B4B6-BCBB5B2E7734}E:\destiny 2\destiny2.exe] => (Allow) E:\destiny 2\destiny2.exe => Keine Datei
FirewallRules: [UDP Query User{E877C03E-4FB8-4748-B0F9-6C48F51C9063}E:\destiny 2\destiny2.exe] => (Allow) E:\destiny 2\destiny2.exe => Keine Datei
FirewallRules: [TCP Query User{AD2599C8-902C-4B19-A504-9D65710A10FD}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{AF83634B-79D7-45B0-AB7D-9E6E3136809D}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{FE099CEF-952D-4B37-9AD2-EA88CF638771}E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe => Keine Datei
FirewallRules: [UDP Query User{2C6C6456-173C-4B04-B60C-86A376A18698}E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe => Keine Datei
FirewallRules: [TCP Query User{7A0DE15D-F7AA-44BB-9E95-A7CB22147641}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{E1E37D5D-C3BC-4240-831D-488DBCA7E533}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{51F23693-B25E-4EB9-864E-D685E6EEBC07}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{65B7A698-F709-4B3B-92AA-96D9D6093ED4}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{19B7F8EA-C00C-4431-981B-20939423710B}E:\program files (x86)\subnautica\subnautica.exe] => (Allow) E:\program files (x86)\subnautica\subnautica.exe => Keine Datei
FirewallRules: [UDP Query User{25DDD6FF-C6F7-433D-8994-4C0B85FDA874}E:\program files (x86)\subnautica\subnautica.exe] => (Allow) E:\program files (x86)\subnautica\subnautica.exe => Keine Datei
FirewallRules: [TCP Query User{19FDAF38-B115-443F-A8BB-E008DAAEFF13}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{EA425FF4-F25F-4651-8F4A-79232F4EE778}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{BC7964D6-3CF3-4592-8F6F-03469D069FEC}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{C0DDEF69-E64E-4113-94A4-645CE3C151AA}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{D3C9FA19-67C5-4D53-9628-7E397856D245}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{3078E517-A467-402D-8116-8DFD42692D4E}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{925398ED-8968-454D-BACC-A3519294E8F2}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{2426DAE1-AB8E-47AB-B476-D6C3157ADF41}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{A6E4C5AB-EA62-4F19-A79A-74C50E20C4FC}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{9DE502FF-4E9C-4537-8D2F-3027A6B34F7C}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{45F555BA-46DC-42F0-93C3-920DD25DF865}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{8C2DA87B-DD2F-46B3-9797-CA403C310446}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{925D9BC2-467D-4720-965E-A6FB90936463}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{99AC887E-D4EB-49D5-88EE-67D98F5092C0}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{60A18536-CA9A-4D4C-8588-7182260A6517}E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{5259AD36-7AD6-4FBE-8FE9-DB62DE0499D4}E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{DED585C5-1FB0-4923-8328-BB4A6ABEA935}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{DADE906A-4F11-445C-A99D-956E248E44E5}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{3AABF6C2-4ECD-40FE-997E-CEACF7DD2DCF}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{82345648-871C-4975-9B69-1924A981C1C1}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{65E09242-0899-44CE-9F68-2DE78F2688E8}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{2947C4AD-A66B-48BC-B813-2DF162BBFAFA}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{D0C29E8E-B606-4C9B-964D-DA6AF8FC91C7}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{BCC1E50F-FD53-4767-970E-8A7914BD4479}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{D0ED8964-BE69-48C7-8CF3-BECBE206E781}E:\program files (x86)\epic games\satisfactoryearlyaccess\factorygame\binaries\win64\factorygame-win64-shipping.exe] => (Allow) E:\program files (x86)\epic games\satisfactoryearlyaccess\factorygame\binaries\win64\factorygame-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{5CB18286-2D41-4446-BCC2-E0053DC7312E}E:\program files (x86)\epic games\satisfactoryearlyaccess\factorygame\binaries\win64\factorygame-win64-shipping.exe] => (Allow) E:\program files (x86)\epic games\satisfactoryearlyaccess\factorygame\binaries\win64\factorygame-win64-shipping.exe => Keine Datei
FirewallRules: [TCP Query User{FD348760-751D-42DE-BBD0-34B111075290}E:\overwatch\_retail_\overwatch.exe] => (Allow) E:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{1DFC251E-B356-4339-8268-5AE3FE31326D}E:\overwatch\_retail_\overwatch.exe] => (Allow) E:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{BB81DD00-A925-43E6-B4EB-EA6178F491E4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [Datei ist nicht signiert]
FirewallRules: [{CF96C901-3D71-410E-A959-9EC4F4C37E36}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{12CE5B8B-02B8-41B3-8729-A973607F1E56}D:\benutzer\user\downloads\neuer ordner\utox_win64.exe] => (Allow) D:\benutzer\user\downloads\neuer ordner\utox_win64.exe => Keine Datei
FirewallRules: [UDP Query User{67226083-8B5E-4479-84B4-ADFF9CCE98DD}D:\benutzer\user\downloads\neuer ordner\utox_win64.exe] => (Allow) D:\benutzer\user\downloads\neuer ordner\utox_win64.exe => Keine Datei
FirewallRules: [TCP Query User{CC134E2B-2670-456D-9B77-8746DA70D5A3}D:\program files (x86)\blizzard app\battle.net.exe] => (Allow) D:\program files (x86)\blizzard app\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{BE89E264-65AE-47FF-9BEB-440A0359650B}D:\program files (x86)\blizzard app\battle.net.exe] => (Allow) D:\program files (x86)\blizzard app\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{41461476-67F8-4CA8-BAD0-D016D87AB69A}E:\program files (x86)\epic games\satisfactoryexperimental\factorygame\binaries\win64\factorygame-win64-shipping.exe] => (Allow) E:\program files (x86)\epic games\satisfactoryexperimental\factorygame\binaries\win64\factorygame-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{8E5F634D-0A18-4114-A31F-5BDA3CF54497}E:\program files (x86)\epic games\satisfactoryexperimental\factorygame\binaries\win64\factorygame-win64-shipping.exe] => (Allow) E:\program files (x86)\epic games\satisfactoryexperimental\factorygame\binaries\win64\factorygame-win64-shipping.exe => Keine Datei
FirewallRules: [{39BCCF57-4E33-4204-9C47-776E16DB33CC}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{470D3F1C-F79A-4904-92A8-2DDF6F38225F}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{BB7E8AF4-9CFF-485F-99CE-054F6FDD02E4}] => (Allow) E:\SteamLibrary\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [{2A24642E-150F-41F3-98B6-A929EA0925F5}] => (Allow) E:\SteamLibrary\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [{C1E0741B-2828-4C9B-A2C3-137D822846A9}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{1907455D-4DAB-4086-8BF4-49A2A0D0AE6F}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{AD8E354F-DB8D-4166-A4FC-4A78DB3EC33F}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => Keine Datei
FirewallRules: [{775CA9C4-41DB-4390-9041-4946C4D43174}] => (Allow) E:\SteamLibrary\steamapps\common\For The King\FTK.exe () [Datei ist nicht signiert]
FirewallRules: [{39FA0940-7E2B-4A4E-AD0B-BE0029FCE2B9}] => (Allow) E:\SteamLibrary\steamapps\common\For The King\FTK.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{081E422C-898D-4AE5-9225-436B1E51DDED}E:\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) E:\call of duty black ops cold war\blackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [UDP Query User{0F4B7199-3A5C-4038-BEFC-E78068E8CBD1}E:\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) E:\call of duty black ops cold war\blackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [{44D93574-D36C-4FC3-9690-3165B1E6E2AD}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Datei ist nicht signiert]
FirewallRules: [{46952959-F1A0-463F-871A-0A2BFF20D924}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Datei ist nicht signiert]
FirewallRules: [{F3415333-43E5-4653-8F98-B9A8E7DB1537}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{99FB018F-1499-43BE-BEAE-EE93CFDCAB9F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B766BDD3-A4BB-4B59-BC26-70C4327ACBFA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{17A84433-E17D-4FA5-9558-99B7BFE4A882}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9FC8C70F-FCF7-4E32-8C88-F104A72378EB}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{56D719BD-5413-4F2E-8946-EB6AA14FB439}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Wiederherstellungspunkte =========================

20-06-2021 09:32:55 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (07/24/2021 04:07:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 4kstogram.exe, Version: 3.4.2.3620, Zeitstempel: 0x60ccae62
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.1023, Zeitstempel: 0x7977b9de
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ff199
ID des fehlerhaften Prozesses: 0x3958
Startzeit der fehlerhaften Anwendung: 0x01d78061f005e67d
Pfad der fehlerhaften Anwendung: E:\Program Files\4KDownload\4kstogram\4kstogram.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 9c478cec-92a6-4239-9341-2b387a038e9b
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/22/2021 11:21:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 4kstogram.exe, Version: 3.4.2.3620, Zeitstempel: 0x60ccae62
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.1023, Zeitstempel: 0x7977b9de
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ff199
ID des fehlerhaften Prozesses: 0xe14
Startzeit der fehlerhaften Anwendung: 0x01d77eeb41d6512b
Pfad der fehlerhaften Anwendung: E:\Program Files\4KDownload\4kstogram\4kstogram.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 2b8ba86b-1f7e-4dae-8064-4e73e4c167c5
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/19/2021 11:17:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 4kstogram.exe, Version: 3.4.2.3620, Zeitstempel: 0x60ccae62
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.1023, Zeitstempel: 0x7977b9de
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ff199
ID des fehlerhaften Prozesses: 0x232c
Startzeit der fehlerhaften Anwendung: 0x01d77cbf64cc0c9a
Pfad der fehlerhaften Anwendung: E:\Program Files\4KDownload\4kstogram\4kstogram.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 36a282e4-d0f2-4f68-9f7b-22dcf9131baa
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/14/2021 07:47:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 4kstogram.exe, Version: 3.4.2.3620, Zeitstempel: 0x60ccae62
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.1023, Zeitstempel: 0x7977b9de
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ff199
ID des fehlerhaften Prozesses: 0x1f50
Startzeit der fehlerhaften Anwendung: 0x01d778cc892ce10c
Pfad der fehlerhaften Anwendung: E:\Program Files\4KDownload\4kstogram\4kstogram.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 4e6dcfc2-5ad6-47fd-a41e-ced2993ea943
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/11/2021 11:28:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 4kstogram.exe, Version: 3.4.2.3620, Zeitstempel: 0x60ccae62
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.1023, Zeitstempel: 0x7977b9de
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ff199
ID des fehlerhaften Prozesses: 0x3204
Startzeit der fehlerhaften Anwendung: 0x01d7767c55a466e3
Pfad der fehlerhaften Anwendung: E:\Program Files\4KDownload\4kstogram\4kstogram.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: caa3ce56-ab2f-4ad7-8464-8f27fcea9884
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/03/2021 05:15:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 4.0.0.1023, Zeitstempel: 0x60be8692
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.1023, Zeitstempel: 0x7977b9de
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ff199
ID des fehlerhaften Prozesses: 0x1e54
Startzeit der fehlerhaften Anwendung: 0x01d7701e42d172e4
Pfad der fehlerhaften Anwendung: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: e0c30c01-796a-4df4-ad61-f7dfa6cacdb0
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/30/2021 06:39:43 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (06/30/2021 06:39:43 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]


Systemfehler:
=============
Error: (07/25/2021 12:27:37 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{E60687F7-01A1-40AA-86AC-DB1CBF673334}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/25/2021 12:25:37 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "wuauserv" wurde mit folgendem Fehler beendet: 
Das System kann die angegebene Datei nicht finden.

Error: (07/25/2021 12:25:37 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{E60687F7-01A1-40AA-86AC-DB1CBF673334}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/25/2021 12:23:37 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "wuauserv" wurde mit folgendem Fehler beendet: 
Das System kann die angegebene Datei nicht finden.

Error: (07/24/2021 11:47:21 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{E60687F7-01A1-40AA-86AC-DB1CBF673334}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/24/2021 11:45:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "wuauserv" wurde mit folgendem Fehler beendet: 
Das System kann die angegebene Datei nicht finden.

Error: (07/24/2021 11:45:21 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{E60687F7-01A1-40AA-86AC-DB1CBF673334}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/24/2021 11:43:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "wuauserv" wurde mit folgendem Fehler beendet: 
Das System kann die angegebene Datei nicht finden.


Windows Defender:
================
Date: 2021-07-10 19:24:55
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {129A94E0-F360-40E0-9DB1-690D0CAD5BE7}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-06-22 07:19:01
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/AgentTesla!ml&threatid=2147760503&enterprise=0
Name: Trojan:Win32/AgentTesla!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_D:\$RECYCLE.BIN\S-1-5-21-2579833569-30274321-2403803918-1000\$RYMNQ53.exe; file:_D:\$RECYCLE.BIN\S-1-5-21-2579833569-30274321-2403803918-1000\$RZYRMCR.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: Home-PC\user
Prozessname: C:\Windows\explorer.exe
Sicherheitsversion: AV: 1.341.1171.0, AS: 1.341.1171.0, NIS: 1.341.1171.0
Modulversion: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-06-22 07:19:01
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/AgentTesla!ml&threatid=2147760503&enterprise=0
Name: Trojan:Win32/AgentTesla!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_D:\$RECYCLE.BIN\S-1-5-21-2579833569-30274321-2403803918-1000\$RZYRMCR.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: Home-PC\user
Prozessname: C:\Windows\explorer.exe
Sicherheitsversion: AV: 1.341.1171.0, AS: 1.341.1171.0, NIS: 1.341.1171.0
Modulversion: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-06-22 07:18:59
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0
Name: Trojan:Win32/Wacatac.B!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: containerfile:_D:\$RECYCLE.BIN\S-1-5-21-2579833569-30274321-2403803918-1000\$RNJY1D5.exe; file:_D:\$RECYCLE.BIN\S-1-5-21-2579833569-30274321-2403803918-1000\$RNJY1D5.exe->[lowcase_mzpe]
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: Home-PC\user
Prozessname: C:\Windows\explorer.exe
Sicherheitsversion: AV: 1.341.1171.0, AS: 1.341.1171.0, NIS: 1.341.1171.0
Modulversion: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-06-22 07:18:55
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Phonzy.A!ml&threatid=2147772962&enterprise=0
Name: Trojan:Win32/Phonzy.A!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_D:\$RECYCLE.BIN\S-1-5-21-2579833569-30274321-2403803918-1000\$REATWW9.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: Home-PC\user
Prozessname: C:\Windows\explorer.exe
Sicherheitsversion: AV: 1.341.1171.0, AS: 1.341.1171.0, NIS: 1.341.1171.0
Modulversion: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-07-24 16:30:09
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.343.1529.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.18300.4
Fehlercode: 0x80080005
Fehlerbeschreibung: Starten des Servers fehlgeschlagen 

Date: 2021-07-22 13:53:17
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.343.1390.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.18300.4
Fehlercode: 0x80080005
Fehlerbeschreibung: Starten des Servers fehlgeschlagen 

Date: 2021-07-18 19:17:52
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.343.1188.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.18300.4
Fehlercode: 0x80080005
Fehlerbeschreibung: Starten des Servers fehlgeschlagen 

Date: 2021-07-16 19:14:40
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.343.1089.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.18300.4
Fehlercode: 0x80080005
Fehlerbeschreibung: Starten des Servers fehlgeschlagen 

Date: 2021-07-10 09:50:32
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.343.729.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.18300.4
Fehlercode: 0x80080005
Fehlerbeschreibung: Starten des Servers fehlgeschlagen 

CodeIntegrity:
===============
Date: 2021-07-25 00:42:29
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. F10 10/23/2012
Hauptplatine: Gigabyte Technology Co., Ltd. B75M-D3V
Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 68%
Installierter physikalischer RAM: 16330.13 MB
Verfügbarer physikalischer RAM: 5096.83 MB
Summe virtueller Speicher: 33381.08 MB
Verfügbarer virtueller Speicher: 14495.63 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:199.43 GB) (Free:86.98 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Programme) (Fixed) (Total:276.94 GB) (Free:54.59 GB) NTFS
Drive e: (Anwendungen) (Fixed) (Total:465.76 GB) (Free:220.06 GB) NTFS
Drive g: (Elements) (Fixed) (Total:4657.4 GB) (Free:620.94 GB) NTFS

\\?\Volume{0473faaa-0000-0000-0000-a0db31000000}\ () (Fixed) (Total:0.57 GB) (Free:0.12 GB) NTFS

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 0473FAAA)
Partition 1: (Active) - (Size=199.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=582 MB) - (Type=27)
Partition 3: (Not Active) - (Size=276.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 532A1B20)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 4657.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================
__________________
Alt 25.07.2021, 11:20   #3
Polydoros
 
Ransomeware eingefangen? + A Disk read error occured. - Standard

weitere Logs nach Crash


FRST nachCrash

FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 19-07-2021 01
durchgeführt von user (Administrator) auf HOME-PC (25-07-2021 11:21:10)
Gestartet von D:\Benutzer\user\Downloads
Geladene Profile: user
Platform: Windows 10 Home Version 21H1 19043.1052 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

() [Datei ist nicht signiert] D:\Program Files (x86)\RocketDock\RocketDock.exe
() [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
(CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Discord Inc. -> Discord Inc.) C:\Users\user\AppData\Local\Discord\app-1.0.9002\Discord.exe <6>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\127.4.4265\QtWebEngineProcess.exe <2>
(Electronic Arts, Inc. -> Electronic Arts) D:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [Datei ist nicht signiert] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Ludicrous Speed LLC -> jah@raider.io) D:\Program Files\RaiderIO\RaiderIO.exe <5>
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(mfbot.de) [Datei ist nicht signiert] D:\Benutzer\user\Desktop\V Server Daten\sf_bot\MFBot.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2105.19601.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe <2>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\NVDisplay.Container.exe <2>
(Open Media LLC -> ) E:\Program Files\4KDownload\4kstogram\crashpad_handler.exe
(Open Media LLC -> Open Media LLC) [Datei ist nicht signiert] E:\Program Files\4KDownload\4kstogram\4kstogram.exe
(pdfforge GmbH -> © pdfforge GmbH.) C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8107808 2021-07-17] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Run: [TSMApplication] => D:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2021-06-29] () [Datei ist nicht signiert]
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Run: [RocketDock] => D:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () [Datei ist nicht signiert]
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Run: [Discord] => C:\Users\user\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Run: [RaiderIO] => D:\Program Files\RaiderIO\RaiderIO.exe [131130784 2021-07-12] (Ludicrous Speed LLC -> jah@raider.io)
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Run: [4K Stogram] => E:\Program Files\4KDownload\4kstogram\4kstogram.exe [35037288 2021-06-21] (Open Media LLC -> Open Media LLC) [Datei ist nicht signiert]
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Run: [mfbot] => D:\Benutzer\user\Desktop\V Server Daten\sf_bot\MFBot.exe [30963200 2020-10-31] (mfbot.de) [Datei ist nicht signiert]
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\MountPoints2: {127c30e0-7213-11eb-839d-94de802d2ecb} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\MountPoints2: {5467c86e-ddb0-11eb-83b3-94de802d2ecb} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\MountPoints2: {9d7a4a31-eabc-11ea-8384-94de802d2ecb} - "H:\HiSuiteDownLoader.exe" 
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116224 2017-07-14] (pdfforge GmbH) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.164\Installer\chrmstp.exe [2021-07-20] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2021-04-08]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy\User: Beschränkung ? <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {09330061-6634-495C-991E-B25E91CFA719} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {09E0422A-8536-4C07-8886-1EE3745133ED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0DC5C887-E37A-4EC9-B475-8CAD4A852DCD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {0FCA54E6-F449-4C8A-8D0A-DDA13CDE6B37} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1511D088-A694-480D-B763-AA0449D958DB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {19BC29F4-0193-4EDF-9415-EE1F36359E77} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {19BDD71D-F623-4DCA-B384-E3B18459EC7E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {2D63ADD2-5469-4E7C-849C-ED563EE9837D} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => D:\Programme (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe
Task: {2F45C8AD-72E2-4DA5-826D-9C1B8FFC2358} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {378D1815-5E71-4704-8B06-1DDC2C746773} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {4038B3D9-1A43-4A4B-B409-70CAF1D25FEA} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {47EB6065-ED67-4DEB-893D-EB2DB973A647} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4BCFD516-6394-4F22-AEA1-791B167435D3} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5AB5DD3B-53D8-4FE0-B86B-36CF2E9EE073} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {6790EDDA-7DC6-41B9-BC07-3412A1895E33} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {738090EC-26F5-4064-9A82-45041BFE9127} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {73A5A3D2-E097-4FF0-87EC-2477998EFB11} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {78D1C236-CB61-4EF3-8482-4E355F4F08C4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7EE4E874-EBCE-4DF6-99FE-C980E4729AE8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208216 2021-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {81AC556B-0896-4D9E-AFBA-4D9BEDA0DCD1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {929D223C-5FF7-4321-B6D1-ED3088284C6C} - \Microsoft\Windows\Setup\EOSNotify -> Keine Datei <==== ACHTUNG
Task: {92B66D62-F28B-414E-9D25-7D5B84EAE4A4} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {95C8EF2E-423B-4BE9-A5A2-40AA9FDB12CA} - \Microsoft\Windows\Setup\EOSNotify2 -> Keine Datei <==== ACHTUNG
Task: {9F610F07-9D0C-4A4E-89AF-1D86D27B5888} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9F919A76-5D57-472B-98E0-36EAA84EA535} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1A1FF90-9748-4B69-A30F-269C9C7FB099} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1C2A07E-C757-4A4A-8AA7-62CBA9590E7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {A254AA92-ACAF-4CDC-9BD0-E50C409D6132} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563208 2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2A196D6-DA80-4148-8A0E-0A7C56F28A84} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {A5ACBDF0-DB03-4B80-8254-3D59744A1400} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A65167F7-58EA-4537-B651-3552D3069B8E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A7EB71A7-8D30-4934-BF15-60940D310FC0} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B0E3FD1D-7453-4AA7-9BEA-8404498C3AC6} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B6725EA9-582B-4E20-9272-001291F5A853} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563208 2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {B82857BC-BC10-4363-A80B-EEB84379A517} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BC08E8DA-566D-4F31-9EA4-2205791973AD} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {C0A35703-385D-4844-BCAF-C5B5698B22DD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C7C03417-EB80-4EAC-A602-2805D534A0C0} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CE8BD891-1689-4B21-847B-748DD541777E} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D1399B06-7930-4304-8AC4-0E3C2D509636} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-07-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {D6884AAB-ECA3-4371-918A-D8467E913624} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DD8E96C5-E385-4AC7-A9B0-107980976525} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DEFF90BC-FB73-4B2A-A2E8-C2A11A5DB9E4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512736 2021-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {E78D2438-592A-4549-A053-281971115CCA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {EF57CEB2-854F-40E2-8474-A8759D5A855A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {F097A801-A729-4447-8AC1-E2F944F363FA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208216 2021-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F381F6C4-7BE6-4287-9C23-BD7EF5E1CF1A} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F5268221-48AB-456B-B9FC-DEE158C9523C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512736 2021-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F88C09D9-FB49-4A6B-AA45-EE2CE9D058C2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-14] (Dropbox, Inc -> Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F65D90C0-CE55-4802-A363-66C369DD5169}: [DhcpNameServer] 192.168.178.1

Edge: 
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-22]

FireFox:
========
FF DefaultProfile: d8idc29k.default
FF ProfilePath: C:\Users\user\AppData\Roaming\TomTom\HOME\Profiles\8mwhvg18.default [2017-09-10]
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default [2021-07-25]
FF Session Restore: Mozilla\Firefox\Profiles\d8idc29k.default -> ist aktiviert.
FF Notifications: Mozilla\Firefox\Profiles\d8idc29k.default -> hxxps://www.instagram.com; hxxps://web.whatsapp.com; hxxps://de.xhamsterlive.com; hxxps://top.gg
FF Extension: (Facebook Container) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default\Extensions\@contain-facebook.xpi [2021-05-07]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2021-07-09]
FF Extension: (Patreon Helper) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default\Extensions\{2af3d10e-9f62-46cc-9840-9391564da4f6}.xpi [2021-06-02]
FF Extension: (Download All Images) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default\Extensions\{32af1358-428a-446d-873e-5f8eb5f2a72e}.xpi [2021-07-05]
FF Extension: (MediaPlayer - Video and Audio Player) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default\Extensions\{9051e1b5-f28b-48d2-af1c-b1cbd8a3d0e0}.xpi [2021-05-22]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-05-19]
FF Extension: (Unpaywall) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default\Extensions\{f209234a-76f0-4735-9920-eb62507a54cd}.xpi [2021-07-15]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2021-07-23]
CHR StartupUrls: Default -> "hxxp://sc2.searchpo.com/searcher/bingsearch"
CHR DefaultSearchURL: Default -> hxxp://sc1.searchpo.com/search/{searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Extension: (Präsentationen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-22]
CHR Extension: (MEGA) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2021-07-22]
CHR Extension: (Chrome IG Story) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojgejgifofondahckoaahkilneffhmf [2019-02-15]
CHR Extension: (IG Downloader) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpgaheeihidjmolbakklolchdplenjai [2021-07-22]
CHR Extension: (Tabellen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-22]
CHR Extension: (Google Docs Offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-22]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-07-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-10]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-22]
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-03-19]
CHR Extension: (Google Präsentationen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-28]
CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-28]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-28]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-28]
CHR Extension: (Google Tabellen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-28]
CHR Extension: (Google Docs Offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-28]
CHR Extension: (Avast Online Security) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-11-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-28]
CHR Extension: (Google Mail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-28]
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\System Profile [2017-03-19]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [122728 2017-09-04] (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5745672 2018-05-08] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9482696 2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-14] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2021-07-17] (Dropbox, Inc -> Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [392168 2016-08-31] (Digital Wave Ltd -> Digital Wave Ltd.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-11-29] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [610464 2018-01-18] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-05-06] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2019-05-06] (GOG Sp. z o.o. -> GOG.com)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-08-17] (Huawei Technologies Co., Ltd. -> )
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-08-18] (Logitech Inc -> Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-30] (Malwarebytes Inc -> Malwarebytes)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-06-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; D:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-06-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (pdfforge GmbH -> © pdfforge GmbH.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe [493792 2017-11-07] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [120096 2017-11-08] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [57360 2020-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ACHTUNG (kein ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ACHTUNG (kein ServiceDLL)
S3 GoogleChromeElevationService; "C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\elevation_service.exe" [X]
S3 MicrosoftEdgeElevationService; "C:\Program Files (x86)\Microsoft\Edge\Application\91.0.864.64\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ampa; C:\Windows\system32\ampa.sys [38320 2016-12-26] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-12-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-12-14] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-08-18] (Logitech Inc -> Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-07-25] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-30] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-22] (Malwarebytes Inc -> Malwarebytes)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2020-01-07] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-07-10] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425192 2021-07-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-10] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-07-25 12:08 - 2021-07-25 12:08 - 000000000 _____ C:\Recovery.txt
2021-07-25 11:18 - 2021-07-25 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-07-25 11:11 - 2021-07-25 11:11 - 000004270 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-07-25 11:11 - 2021-07-25 11:11 - 000004038 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-07-25 11:09 - 2021-07-25 11:09 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-07-25 00:33 - 2021-07-25 11:21 - 000000000 ____D C:\FRST
2021-07-23 18:18 - 2021-07-23 18:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-07-22 20:35 - 2021-07-22 20:35 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-07-17 16:58 - 2021-07-17 16:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-07-17 16:58 - 2021-07-17 16:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-07-17 16:58 - 2021-07-17 16:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-07-17 16:58 - 2021-07-17 16:58 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-07-17 09:32 - 2021-07-17 09:32 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-07-16 18:51 - 2021-07-16 18:51 - 000003630 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-16 18:51 - 2021-07-16 18:51 - 000003506 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-10 18:30 - 2021-07-10 18:30 - 000000000 ____D C:\Users\user\.m2
2021-07-10 18:30 - 2021-07-10 18:30 - 000000000 ____D C:\Users\user\.lemminx
2021-07-10 18:26 - 2021-07-10 18:26 - 000000000 ____D C:\Users\user\AppData\Local\Eclipse
2021-07-10 18:09 - 2021-07-10 18:09 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eclipse
2021-07-10 18:03 - 2021-07-10 18:39 - 000000000 ____D C:\Users\user\.p2
2021-07-10 18:03 - 2021-07-10 18:26 - 000000000 ____D C:\Users\user\.eclipse
2021-07-05 18:44 - 2021-07-05 18:44 - 019136512 _____ C:\WINDOWS\system32\config\SYSTEM
2021-06-30 18:38 - 2021-06-30 18:38 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-06-30 18:37 - 2021-06-21 10:43 - 000037664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-06-30 18:36 - 2021-06-22 03:25 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-06-30 18:36 - 2021-06-22 03:25 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-06-30 18:36 - 2021-06-22 03:25 - 001474336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-06-30 18:36 - 2021-06-22 03:25 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-06-30 18:36 - 2021-06-22 03:25 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-06-30 18:36 - 2021-06-22 03:25 - 001212192 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-06-30 18:36 - 2021-06-22 03:25 - 001097832 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-06-30 18:36 - 2021-06-22 03:25 - 001097832 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-06-30 18:36 - 2021-06-22 03:25 - 000951912 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-06-30 18:36 - 2021-06-22 03:25 - 000951912 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-06-30 18:36 - 2021-06-22 03:21 - 001519384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-06-30 18:36 - 2021-06-22 03:21 - 001170224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-06-30 18:36 - 2021-06-22 03:21 - 000715568 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-06-30 18:36 - 2021-06-22 03:21 - 000675088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-06-30 18:36 - 2021-06-22 03:21 - 000641328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-06-30 18:36 - 2021-06-22 03:21 - 000575792 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-06-30 18:36 - 2021-06-22 03:21 - 000563992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-06-30 18:36 - 2021-06-22 03:20 - 002111264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-06-30 18:36 - 2021-06-22 03:20 - 001594656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-06-30 18:36 - 2021-06-22 03:20 - 000917280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-06-30 18:36 - 2021-06-22 03:20 - 000704792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-06-30 18:36 - 2021-06-22 03:19 - 008852760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-06-30 18:36 - 2021-06-22 03:19 - 007918872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-06-30 18:36 - 2021-06-22 03:19 - 004986648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-06-30 18:36 - 2021-06-22 03:19 - 002924304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-06-30 18:36 - 2021-06-22 03:19 - 000446744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-06-30 18:36 - 2021-06-22 03:18 - 000848672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-06-30 18:36 - 2021-06-22 03:17 - 006215312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-06-30 18:36 - 2021-06-21 10:43 - 000082968 _____ C:\WINDOWS\system32\nvinfo.pb
2021-06-25 18:19 - 2021-07-23 18:18 - 000000250 _____ C:\WINDOWS\wininit.ini

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-07-25 11:19 - 2019-08-29 21:19 - 000000000 ____D C:\Users\user\AppData\Roaming\RaiderIO
2021-07-25 11:18 - 2019-02-14 20:48 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-07-25 11:15 - 2020-11-08 12:33 - 001886424 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-25 11:15 - 2019-12-07 16:50 - 000785596 _____ C:\WINDOWS\system32\perfh007.dat
2021-07-25 11:15 - 2019-12-07 16:50 - 000167710 _____ C:\WINDOWS\system32\perfc007.dat
2021-07-25 11:15 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-07-25 11:11 - 2019-04-18 17:39 - 000000000 ____D C:\ProgramData\Mozilla
2021-07-25 11:11 - 2019-02-14 20:48 - 000001210 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-07-25 11:11 - 2019-02-14 20:48 - 000001206 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-07-25 11:11 - 2016-11-27 14:51 - 000000000 ____D C:\Program Files (x86)\Google
2021-07-25 11:10 - 2017-09-27 06:27 - 000000000 ____D C:\Users\user\AppData\LocalLow\Mozilla
2021-07-25 11:09 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-25 11:09 - 2017-06-15 21:22 - 000000000 ____D C:\Users\user\AppData\Roaming\discord
2021-07-25 11:09 - 2017-06-15 21:22 - 000000000 ____D C:\Users\user\AppData\Local\Discord
2021-07-25 11:08 - 2020-11-08 12:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-25 11:08 - 2020-11-08 12:22 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-25 11:08 - 2020-11-08 12:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-25 11:08 - 2017-11-13 21:20 - 000000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2021-07-25 11:08 - 2017-11-13 21:20 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2021-07-25 11:08 - 2016-11-26 18:33 - 000000000 ____D C:\ProgramData\NVIDIA
2021-07-25 08:49 - 2019-12-30 21:47 - 000000000 ____D C:\Users\user\AppData\Local\D3DSCache
2021-07-24 20:30 - 2020-06-19 16:48 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-24 20:30 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-24 20:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-24 19:48 - 2018-12-24 12:05 - 000000000 ____D C:\Users\user\AppData\Local\Spotify
2021-07-24 19:48 - 2017-04-28 17:30 - 000000000 ____D C:\Users\user\AppData\Local\Battle.net
2021-07-24 16:12 - 2018-12-24 12:05 - 000000000 ____D C:\Users\user\AppData\Roaming\Spotify
2021-07-24 16:07 - 2017-01-08 18:23 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2021-07-23 18:18 - 2017-11-02 02:32 - 000000943 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-07-22 16:00 - 2017-03-19 11:24 - 000000000 ____D C:\Users\user\AppData\Local\Packages
2021-07-21 23:00 - 2016-11-27 16:35 - 000000000 ____D C:\Users\user\AppData\Roaming\KeePass
2021-07-21 18:17 - 2016-11-27 16:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-07-21 00:00 - 2016-11-26 18:20 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-07-17 09:32 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-07-17 09:31 - 2019-12-31 12:53 - 000000000 ____D C:\Program Files\Microsoft Office
2021-07-11 23:12 - 2017-11-30 09:19 - 000000000 ____D C:\Users\user\AppData\Roaming\obs-studio
2021-07-11 21:33 - 2020-03-14 15:52 - 000000000 ____D C:\Users\user\AppData\Roaming\vlc
2021-07-11 10:18 - 2016-12-05 16:17 - 000000000 ____D C:\Users\user\AppData\Local\Microsoft Help
2021-07-10 18:26 - 2018-04-29 14:43 - 000000000 ____D C:\Users\user\.cache
2021-07-10 15:04 - 2020-07-04 02:28 - 000010752 _____ C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-07-10 09:36 - 2019-12-30 21:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-07-05 18:44 - 2021-06-21 18:06 - 019398656 _____ C:\WINDOWS\system32\C_32770.NLS
2021-07-05 18:44 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-06-30 18:42 - 2017-11-06 13:21 - 000000000 ____D C:\Users\user\AppData\Local\NVIDIA
2021-06-30 18:24 - 2021-06-22 07:13 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-06-30 18:24 - 2021-06-22 07:13 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b5b9e570dbf8
2021-06-29 19:31 - 2016-11-28 16:30 - 000000000 ____D C:\ProgramData\Origin

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2021-06-21 18:04 - 2021-06-21 18:04 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll
2018-01-15 13:50 - 2018-01-15 13:51 - 000000132 _____ () C:\Users\user\AppData\Roaming\Adobe BMP-Format CC - Voreinstellungen
2017-03-07 17:10 - 2021-02-17 20:22 - 000000132 _____ () C:\Users\user\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2017-03-07 17:02 - 2021-06-21 20:22 - 000001456 _____ () C:\Users\user\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2020-07-04 02:28 - 2021-07-10 15:04 - 000010752 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-06-14 06:39 - 2018-07-02 13:14 - 000000600 _____ () C:\Users\user\AppData\Local\PUTTY.RND
2020-06-21 18:00 - 2020-06-21 18:00 - 000007601 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
--- --- ---


Shortcut nach Crash
Code:
ATTFilter
Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 19-07-2021 01
durchgeführt von user (25-07-2021 11:23:52)
Gestartet von D:\Benutzer\user\Downloads
Start-Modus: Normal

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Stogram.lnk -> E:\Program Files\4KDownload\4kstogram\4kstogram.exe (Open Media LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> D:\Program Files (x86)\Audacity\audacity.exe (Audacity Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk -> E:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk -> D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass.lnk -> D:\Program Files (x86)\KeePass Password Safe\KeePass.exe (Dominik Reichl)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk -> C:\Program Files\Notepad++\notepad++.exe (Don HO don.h@free.fr)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk -> C:\Program Files\paint.net\PaintDotNet.exe (dotPDN LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaiderIO Client.lnk -> D:\Program Files\RaiderIO\RaiderIO.exe (jah@raider.io)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk -> C:\Program Files\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs OBS.lnk -> D:\Program Files\Streamlabs OBS\Streamlabs OBS.exe (General Workings, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk -> D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tukui Client.lnk -> C:\Windows\Installer\{FFA451DC-1551-445D-BCBE-45C207527B74}\_7003953B7910B60F867FF4.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft\World of Warcraft.lnk -> D:\Program Files (x86)\World of Warcraft\World of Warcraft Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> D:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> D:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> D:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> D:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS\VEGAS Pro 16.0\VEGAS Pro 16.0 Liesmich.lnk -> D:\Program Files\VEGAS\VEGAS Pro 16.0\readme\Vegas_readme_deu.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS\VEGAS Pro 16.0\VEGAS Pro 16.0.lnk -> D:\Program Files\VEGAS\VEGAS Pro 16.0\vegas160.exe (MAGIX Computer Products Intl. Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TradeSkillMaster Application\TSMApplication.lnk -> D:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> D:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snaz\Snaz.lnk -> E:\Snaz\Snaz.exe (JimsApps)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimilarImages\SimilarImages.lnk -> D:\Program Files (x86)\SimilarImages\SimImages.exe (Nils Maier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimilarImages\Uninstall SimilarImages.lnk -> D:\Program Files (x86)\SimilarImages\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimilarImages\Docs\Manual.lnk -> D:\Program Files (x86)\SimilarImages\Docs\SimImages.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimilarImages\Docs\SimilarImages Release Notes.lnk -> D:\Program Files (x86)\SimilarImages\Docs\Notes.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Smart Switch.lnk -> C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe (Samsung)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\roomeon\roomeon 3D-Planer.lnk -> E:\Program Files (x86)\roomeon GmbH\roomeon 3D-Planer\roomeon.exe (roomeon GmbH"; hxxp://www.roomeon.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\roomeon\roomeon Portal.lnk -> E:\Program Files (x86)\roomeon GmbH\roomeon 3D-Planer\roomeon Portal.URL ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock\PunkSoftware.com.lnk -> D:\Program Files (x86)\RocketDock\PunkSoftware.com.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock\RocketDock Documentation.lnk -> D:\Program Files (x86)\RocketDock\Help\English\index.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock\RocketDock entfernen.lnk -> D:\Program Files (x86)\RocketDock\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock\RocketDock.lnk -> D:\Program Files (x86)\RocketDock\RocketDock.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator Hilfe.lnk -> C:\Program Files\PDFCreator\PDFCreator_german.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator im Internet.lnk -> C:\Program Files\PDFCreator\PDFCreator.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator.lnk -> C:\Program Files\PDFCreator\PDFCreator.exe (pdfforge)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Spende für den PDFCreator.lnk -> C:\Program Files\PDFCreator\Spende für den PDFCreator.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch\Overwatch.lnk -> E:\Overwatch\Overwatch Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (32bit).lnk -> C:\Program Files (x86)\obs-studio\bin\32bit\obs32.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (64bit).lnk -> C:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe (OBS)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\Uninstall.lnk -> C:\Program Files (x86)\obs-studio\uninstall.exe (obsproject.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk -> C:\Program Files\Notepad++\notepad++.exe (Don HO don.h@free.fr)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1\Forum.lnk -> C:\Program Files\MyDefrag v4.3.1\Forum.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1\Manual.lnk -> C:\Program Files\MyDefrag v4.3.1\Manual.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1\MyDefrag.lnk -> C:\Program Files\MyDefrag v4.3.1\MyDefrag.exe (J.C. Kessels)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1\Uninstall.lnk -> C:\Program Files\MyDefrag v4.3.1\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1\Website.lnk -> C:\Program Files\MyDefrag v4.3.1\Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Aufzeichnungs-Manager von Skype for Business.lnk -> C:\Program Files\Microsoft Office\root\Office16\OcPubMgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office-Spracheinstellungen.lnk -> C:\Program Files\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetriedashboard für Office.lnk -> C:\Program Files\Microsoft Office\root\Office16\msotd.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetrieprotokoll für Office.lnk -> C:\Program Files\Microsoft Office\root\Office16\msoev.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Gaming Software 8.96.lnk -> C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Management Engine Components\Intel(R) Management and Security Status.lnk -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite\HiSuite.lnk -> C:\Program Files (x86)\HiSuite\HiSuite.exe (Huawei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite\Uninstall.lnk -> C:\Program Files (x86)\HiSuite\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher Adventure Game\The Witcher Adventure Game.lnk -> E:\GOG\The Witcher Adventure Game\TheWitcherAdventureGame.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher Adventure Game\Uninstall The Witcher Adventure Game.lnk -> E:\GOG\The Witcher Adventure Game\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\GOG Galaxy\GOG Galaxy.lnk -> C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe (GOG.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GetFoldersize\GetFoldersize Lizenzvertrag.lnk -> C:\Program Files (x86)\GetFoldersize\Lizenzvertrag.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GetFoldersize\GetFoldersize Webseite.lnk -> C:\Program Files (x86)\GetFoldersize\GetFoldersize Webseite.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GetFoldersize\GetFoldersize.lnk -> C:\Program Files (x86)\GetFoldersize\GetFoldersize.exe (Michael Thummerer Software Design)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GetFoldersize\Uninstall GetFoldersize.lnk -> C:\Program Files (x86)\GetFoldersize\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\The Witcher Adventure Game.lnk -> [LF6"pH,R GFSIH8FEuɪUThe Witcher Adventure Game(1SPSXFL8C&m]
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\FileZilla.lnk -> C:\Program Files\FileZilla FTP Client\filezilla.exe (FileZilla Project)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\Uninstall.lnk -> C:\Program Files\FileZilla FTP Client\uninstall.exe (Tim Kosse)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\DVDVideoSoft Free Studio.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\FreeStudioManager.exe (Digital Wave Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free Video Flip and Rotate.lnk -> C:\Program Files (x86)\DVDVideoSoft\Free Video Flip and Rotate\FreeVideoFlipAndRotate.exe (Digital Wave Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Log Report.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVSSysReport.exe (DVDVideoSoft Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Premium Membership.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\PremiumMembershipOffer.exe (DVDVideoSoft Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Uninstall.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Diablo III.lnk -> E:\Diablo III\Diablo III Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo\CrystalDiskInfo.lnk -> C:\Program Files (x86)\CrystalDiskInfo\DiskInfo32.exe (Crystal Dew World)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\CCCP Settings (64bit).lnk -> C:\Program Files\Combined Community Codec Pack 64bit\CCCP-Settings.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\CCCP Uninstall (64bit).lnk -> C:\Program Files\Combined Community Codec Pack 64bit\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\Media Player Classic Home Cinema (64bit).lnk -> C:\Program Files\Combined Community Codec Pack 64bit\MPC\mpc-hc64.exe (MPC-HC Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Black Ops Cold War\Call of Duty Black Ops Cold War.lnk -> E:\Call of Duty Black Ops Cold War\Black Ops Cold War Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blizzard App\Blizzard App.lnk -> D:\Program Files (x86)\Blizzard App\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Standard Edition 6.5\AOMEI Partition Assistant Standard Edition 6.5.lnk -> C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.5\PartAssist.exe (AOMEI Technology Co., Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Standard Edition 6.5\Uninstall AOMEI Partition Assistant.lnk -> C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.5\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper\AOMEI Backupper Standard.lnk -> C:\Program Files (x86)\AOMEI Backupper\Backupper.exe (AOMEI Tech Co., Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper\Uninstall AOMEI Backupper.lnk -> C:\Program Files (x86)\AOMEI Backupper\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper\User Manual (PDF).lnk -> C:\Program Files (x86)\AOMEI Backupper\UserManual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Agent Ransack\Agent Ransack Help.lnk -> C:\Program Files\Mythicsoft\Agent Ransack\help\en\index.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Agent Ransack\Agent Ransack.lnk -> C:\Program Files\Mythicsoft\Agent Ransack\AgentRansack.exe (Mythicsoft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\user\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\4K Stogram.lnk -> E:\Program Files\4KDownload\4kstogram\4kstogram.exe (Open Media LLC)
Shortcut: C:\Users\Public\Desktop\roomeon 3D-Planer.lnk -> E:\Program Files (x86)\roomeon GmbH\roomeon 3D-Planer\roomeon.exe (roomeon GmbH"; hxxp://www.roomeon.com)
Shortcut: C:\Users\Public\Desktop\roomeon Portal.lnk -> E:\Program Files (x86)\roomeon GmbH\roomeon 3D-Planer\roomeon Portal.URL ()
Shortcut: C:\Users\user\Desktop\LingoMAXX.lnk -> D:\Program Files (x86)\LingoMAXX\LingoMAXX.exe (Keine Datei)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4K Stogram.lnk -> E:\Program Files\4KDownload\4kstogram\4kstogram.exe (Open Media LLC)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC.lnk -> G:\Adobe\Adobe Photoshop CC\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CurseBreaker.lnk -> D:\Program Files (x86)\World of Warcraft\_retail_\CurseBreaker.exe ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MFBot.lnk -> D:\Benutzer\user\Desktop\V Server Daten\sf_bot\MFBot.exe (mfbot.de)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\user\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RenameMaster.lnk -> E:\Program Files (x86)\Rename Master\RenameMaster.exe ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Users\user\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TreeSizeFree.lnk -> C:\Program Files (x86)\JAM Software\TreeSize Free\TreeSizeFree.exe (JAM Software)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk -> C:\Users\user\AppData\Roaming\uTorrent Web\utweb.exe (Keine Datei)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft Logs Uploader.lnk -> C:\Users\user\AppData\Local\Programs\Warcraft Logs Uploader\Warcraft Logs Uploader.exe (warcraftlogs)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool\Windows 7 USB DVD Download Tool.lnk -> C:\Users\user\AppData\Local\Apps\Windows 7 USB DVD Download Tool\Windows7-USB-DVD-Download-Tool.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\Help and HOW-TO.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.chm ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\Release info.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.txt ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\Uninstall SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\uninstall.exe ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2 Deinstallationsprogramm.lnk -> E:\JDownloader v2.0\Uninstall JDownloader.exe (AppWork GmbH)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2 Update & Rescue.lnk -> E:\JDownloader v2.0\JDownloader2Update.exe (AppWork GmbH)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2.lnk -> E:\JDownloader v2.0\JDownloader2.exe (AppWork GmbH)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 2\HyperCam 2 Help.lnk -> C:\Program Files (x86)\HyperCam 2\HyCam2.chm ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 2\HyperCam 2.lnk -> C:\Program Files (x86)\HyperCam 2\HyCam2.exe (Hyperionics)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 2\Read about HyperCam 2.lnk -> C:\Program Files (x86)\HyperCam 2\readme.txt ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 2\Uninstall HyperCam 2.lnk -> C:\Program Files (x86)\HyperCam 2\HcUnInst.exe ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eclipse\Eclipse IDE for Enterprise Java and Web Developers - 2021-06.lnk -> D:\Users\user\eclipse\jee-2021-06\eclipse\eclipse.exe ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beat Hazard Ultra\Beat Hazard Classic.lnk -> E:\Program Files (x86)\Beat Hazard Ultra\BHClassic\BeatHazardClassic.exe ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beat Hazard Ultra\Beat Hazard.lnk -> E:\Program Files (x86)\Beat Hazard Ultra\BeatHazard.exe ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beat Hazard Ultra\Uninstall.lnk -> E:\Program Files (x86)\Beat Hazard Ultra\TDU.exe ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\SendTo\Dropbox.lnk -> C:\Users\user\Dropbox ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\JDownloader 2.lnk -> E:\JDownloader v2.0\JDownloader2.exe (AppWork GmbH)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\KeePass 2.lnk -> D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\KeePass.lnk -> D:\Program Files (x86)\KeePass Password Safe\KeePass.exe (Dominik Reichl)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SimilarImages.lnk -> D:\Program Files (x86)\SimilarImages\SimImages.exe (Nils Maier)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk -> C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe (Samsung)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Excel.lnk -> C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\KeePass 2.lnk -> D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Magical Fidget Bot.lnk -> D:\Benutzer\user\Desktop\V Server Daten\sf_bot\MFBot.exe (mfbot.de)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Spotify.lnk -> C:\Users\user\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Streamlabs OBS.lnk -> D:\Program Files\Streamlabs OBS\Streamlabs OBS.exe (General Workings, Inc.)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Thunderbird (2).lnk -> D:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Thunderbird.lnk -> D:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Adobe Photoshop CC.lnk -> G:\Adobe\Adobe Photoshop CC\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\FileZilla.lnk -> C:\Program Files\FileZilla FTP Client\filezilla.exe (FileZilla Project)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\KeePass 2.lnk -> D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\RenameMaster.lnk -> E:\Program Files (x86)\Rename Master\RenameMaster.exe ()
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Tombstones\Microsoft Excel 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-1000-0000000FF1CE}\xlicons.exe (Keine Datei)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7111c0ce965b7246\Battle.net.lnk -> D:\Program Files (x86)\Blizzard App\Battle.net.exe (Blizzard Entertainment)
Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\512c904ca96ecd5c\League of Legends.lnk -> D:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc.)
Shortcut: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> D:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> D:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Uninstall Smart Switch.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}\setup.exe (Samsung Electronics Co., Ltd.) -> /removeonly
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\roomeon\roomeon 3D-Planer deinstallieren.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {E94EF5B3-85D9-40C0-97DB-FA2BB29814E5}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT\Kone XTD Mouse\Kone XTD Driver.lnk -> C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.exe (ROCCAT GmbH) -> 1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT\Kone XTD Mouse\Uninstall Driver.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{7133137D-DF48-4522-AD88-13C82B7D0A63}\Setup.exe"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT\Isku Keyboard\Isku Driver.lnk -> C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe (ROCCAT GmbH) -> 1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT\Isku Keyboard\Uninstall Driver.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}\Setup.exe"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games\League of Legends.lnk -> D:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=league_of_legends --launch-patchline=live
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Database Compare.lnk -> C:\Program Files\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Office16\DCF\DATABASECOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office Upload Center.lnk -> C:\Program Files\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files\Microsoft Office\Root\Office16\MSOUC.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Spreadsheet Compare.lnk -> C:\Program Files\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Office16\DCF\SPREADSHEETCOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\Filters\LAV Audio Settings (64bit).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\Combined Community Codec Pack 64bit\Filters\LAVFilters\LAVAudio.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\Filters\LAV Splitter Settings (64bit).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\Combined Community Codec Pack 64bit\Filters\LAVFilters\LAVSplitter.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\Filters\LAV Video Settings (64bit).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\Combined Community Codec Pack 64bit\Filters\LAVFilters\LAVVideo.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\Filters\VSFilter Configuration (64bit).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\Combined Community Codec Pack 64bit\Filters\vsfilter.dll",DirectVobSub
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Burning Crusade Classic\Burning Crusade Classic.lnk -> D:\Program Files (x86)\World of Warcraft\World of Warcraft Launcher.exe (Blizzard Entertainment) -> --productcode=wow_classic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Agent Ransack\Uninstall Agent Ransack.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {C4A498C9-A668-462D-8E54-9DD68A87DFAD}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk -> C:\Users\user\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe"
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool\Uninstall Windows 7 USB DVD Download Tool.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {CCF298AF-9CE1-4B26-B251-486E98A34789}
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) -> /tsr
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc\Discord.lnk -> C:\Users\user\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beat Hazard Ultra\Beat Hazard Ultra.lnk -> E:\Program Files (x86)\Beat Hazard Ultra\BeatHazard.exe () -> -app>49604
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Discord.lnk -> C:\Users\user\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Discord.lnk -> C:\Users\user\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\user\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\user\AppData\Local\Google\Chrome\User Data\Chrome App Launcher.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --show-app-list


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TradeSkillMaster Application\TradeSkillMaster.com.url -> URL: hxxp://www.tradeskillmaster.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher Adventure Game\Documents\Support.url -> URL: hxxp://www.gog.com/support/witcher_adventure_game
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> 
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\CCCP Playback FAQ.url -> URL: hxxp://www.cccp-project.net/wiki/index.php?title=Main_Page
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\CCCP Website.url -> URL: hxxp://www.cccp-project.net/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Standard Edition 6.5\User Help - German.url -> URL: hxxp://www.disk-partition.com/de/manual.html
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Standard Edition 6.5\Visit our website - German.url -> URL: hxxp://www.disk-partition.com/de
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper\Visit our website - German.url -> URL: hxxp://www.backup-utility.com
InternetURL: C:\Users\MarieSilvester\Favorites\Windows Live\Windows Live Gallery.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\MarieSilvester\Favorites\Windows Live\Windows Live Ideas.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72700
InternetURL: C:\Users\MarieSilvester\Favorites\Windows Live\Windows Live Mail.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72681
InternetURL: C:\Users\MarieSilvester\Favorites\Windows Live\Windows Live Spaces.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72682
InternetURL: C:\Users\MarieSilvester\Favorites\MSN-Websites\MSN Auto.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72680
InternetURL: C:\Users\MarieSilvester\Favorites\MSN-Websites\MSN Fernsehen.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72659
InternetURL: C:\Users\MarieSilvester\Favorites\MSN-Websites\MSN Money.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72640
InternetURL: C:\Users\MarieSilvester\Favorites\MSN-Websites\MSN Nachrichten.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72636
InternetURL: C:\Users\MarieSilvester\Favorites\MSN-Websites\MSN Sport.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72635
InternetURL: C:\Users\MarieSilvester\Favorites\MSN-Websites\MSN.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72630
InternetURL: C:\Users\MarieSilvester\Favorites\Microsoft-Websites\IE-Site auf Microsoft.com.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72186
InternetURL: C:\Users\MarieSilvester\Favorites\Microsoft-Websites\Microsoft Deutschland GmbH.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72520
InternetURL: C:\Users\MarieSilvester\Favorites\Microsoft-Websites\Microsoft Store.url -> URL: hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\MarieSilvester\Favorites\Microsoft-Websites\Microsoft Windows - Start.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72629
InternetURL: C:\Users\MarieSilvester\Favorites\Microsoft-Websites\Microsoft zu Hause.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72406
InternetURL: C:\Users\MarieSilvester\Favorites\Microsoft-Websites\Microsoft.com durchsuchen.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72893
InternetURL: C:\Users\MarieSilvester\Favorites\Microsoft-Websites\Site für IE Add-Ons.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\MarieSilvester\Favorites\Links\Web Slice-Katalog.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\user\Dropbox\Get Started with Dropbox Paper.url -> URL: hxxps://www.dropbox.com/login?_tk=dropbox_desktop_urlfile&cont=https%3A%2F%2Fpaper.dropbox.com%2Fpad%2Fopen-or-create-sample%2Fintro&register_cont=https%3A%2F%2Fpaper.dropbox.com%2Fpad%2Fopen-or-create-sample%2Fintro

==================== Ende vom Shortcut.txt =============================
__________________
Alt 25.07.2021, 11:21   #4
Polydoros
 
Ransomeware eingefangen? + A Disk read error occured. - Standard

Addition nach Crash


Addition nach Crash

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 19-07-2021 01
durchgeführt von user (25-07-2021 11:22:17)
Gestartet von D:\Benutzer\user\Downloads
Windows 10 Home Version 21H1 19043.1052 (X64) (2020-11-08 10:28:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-2579833569-30274321-2403803918-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2579833569-30274321-2403803918-503 - Limited - Disabled)
Gast (S-1-5-21-2579833569-30274321-2403803918-501 - Limited - Disabled)
user (S-1-5-21-2579833569-30274321-2403803918-1000 - Administrator - Enabled) => C:\Users\user
WDAGUtilityAccount (S-1-5-21-2579833569-30274321-2403803918-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4K Stogram (HKLM\...\{4F7C8AC4-DEF5-47D7-BA92-72BFBABD94E1}) (Version: 3.3.2.3490 - Open Media LLC)
Active Directory Authentication Library für SQL Server (HKLM\...\{DCF8CB30-F4CE-476A-AB02-E8D620FADC70}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library für SQL Server (x86) (HKLM-x32\...\{03D2027B-6335-4822-89ED-CD99D2F4CE43}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Agent Ransack x64 (HKLM\...\{C4A498C9-A668-462D-8E54-9DD68A87DFAD}) (Version: 8.0.865.1 - Mythicsoft Ltd)
AlienFX for KoneXTD (HKLM\...\{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.02 - Roccat GmbH) Hidden
AlienFX for KoneXTD (HKLM-x32\...\InstallShield_{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.02 - Roccat GmbH)
AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version:  - AOMEI Technology Co., Ltd.)
AOMEI Partition Assistant Standard Edition 6.5 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Burning Crusade Classic (HKLM-x32\...\Burning Crusade Classic) (Version:  - Blizzard Entertainment)
Call of Duty Black Ops Cold War (HKLM-x32\...\Call of Duty Black Ops Cold War) (Version:  - Blizzard Entertainment)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
CrystalDiskInfo 8.1.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.1.0 - Crystal Dew World)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0221 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 127.4.4265 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.485.1 - Dropbox, Inc.) Hidden
Epic Games Launcher (HKLM-x32\...\{50D3E17D-0AFC-4617-AB00-DDE3099545FA}) (Version: 1.1.183.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{FD639F4D-1460-42E6-B32D-FEC1745D0BDC}) (Version: 13.0.1601.5 - Microsoft Corporation)
FileZilla Client 3.39.0 (HKLM-x32\...\FileZilla Client) (Version: 3.39.0 - Tim Kosse)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Video Flip and Rotate (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 1.1.35.831 - Digital Wave Ltd)
GetFoldersize 3.1.10 (HKLM-x32\...\GetFoldersize_is1) (Version: 3.1.10 - Michael Thummerer Software Design)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.164 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.99 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 10.1.1.500 - Huawei Technologies Co., Ltd.)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.29.01 - Hyperionics Technology LLC)
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KeePass Password Safe 1.32 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.32 - Dominik Reichl)
KeePass Password Safe 2.43 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.43 - Dominik Reichl)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.81 - Logitech Inc.)
Malwarebytes version 4.4.0.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 - Malwarebytes)
Manager (HKLM-x32\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.55 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (German) (HKLM-x32\...\{90120000-00D1-0407-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Volume - de-de) (Version: 16.0.10376.20033 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\OneDriveSetup.exe) (Version: 21.109.0530.0001 - Microsoft Corporation)
Microsoft Report Viewer 2015 Runtime (HKLM-x32\...\{3ECE8FC7-7020-4756-A71C-C345D4725B77}) (Version: 12.0.2402.15 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{13146756-9716-4843-84CA-053916D2FCF9}) (Version: 11.3.6538.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB  (HKLM\...\{C555970C-4C94-4A20-9869-AE7E2F84748F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{264B070C-82D7-4C9C-B1CE-A0B124BCC787}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service  (HKLM-x32\...\{4EFF12AE-599C-42A2-ACFA-0D95C3B11A19}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom  (HKLM\...\{E8F3D249-7DE6-4422-AC86-1CE7D5CCFA0F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.60519.0) (HKLM-x32\...\{9F367648-EC0C-4F97-B351-D12A51E38F96}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2016 Management Objects  (HKLM-x32\...\{35A7B00B-4F9C-4B4D-919C-86FFFEE46AD6}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Teams) (Version: 1.3.00.12058 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{48BF289B-F3FA-4023-9251-80ABF7B726F9}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 90.0.2 (x64 de)) (Version: 90.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla)
Mozilla Thunderbird 45.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.5.0 (x86 de)) (Version: 45.5.0 - Mozilla)
Mozilla Thunderbird 78.12.0 (x86 de) (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Mozilla Thunderbird 78.12.0 (x86 de)) (Version: 78.12.0 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.8.2 - Notepad++ Team)
NVIDIA Grafiktreiber 471.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.11 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.1.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10376.20033 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10376.20033 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.10376.20033 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.101.48500 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
paint.net (HKLM\...\{B998B716-4001-4919-BA90-BA14B51DFEB5}) (Version: 4.1.6 - dotPDN LLC)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.3 - pdfforge GmbH)
RaiderIO 2.1.8 (HKLM\...\ea53c16d-4ef5-533f-83dc-5b0c5bb40cb2) (Version: 2.1.8 - jah@raider.io)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6738 - Realtek Semiconductor Corp.)
Rename Master (HKLM-x32\...\Rename Master_is1) (Version:  - )
ROCCAT Isku Keyboard Driver (HKLM-x32\...\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}) (Version:  - Roccat GmbH)
ROCCAT Kone XTD Mouse Driver (HKLM-x32\...\{7133137D-DF48-4522-AD88-13C82B7D0A63}) (Version:  - Roccat GmbH)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
roomeon 3D-Planer (HKLM-x32\...\{E94EF5B3-85D9-40C0-97DB-FA2BB29814E5}) (Version: 1.6.2 - roomeon GmbH)
Roslyn Language Services - x86 (HKLM-x32\...\{6970C7E1-F99D-388D-8903-DF8FCE677FED}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
SimilarImages (HKLM-x32\...\SimilarImages) (Version: 2013.11 - Nils Maier)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
Snaz Version 1.12.7.0 (HKLM-x32\...\{70A76031-FDC6-4F9B-BB5C-33776703F45A}_is1) (Version: 1.12.7.0 - JimsApps)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Spotify) (Version: 1.1.62.583.gdac868ed - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.22.3 - General Workings, Inc.)
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (HKLM-x32\...\{7A95671A-759E-3B83-B763-4289D1D24D73}) (Version: 14.102.25619 - Microsoft) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Witcher Adventure Game (HKLM-x32\...\1207666883_is1) (Version: 2.7.0.24 - GOG.com)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
TreeSize Free V4.4.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.4.2 - JAM Software)
Tukui Client (HKLM-x32\...\{FFA451DC-1551-445D-BCBE-45C207527B74}) (Version: 3.2.7 - Tukui)
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{BA5762C7-D35F-4725-A4BD-525854127018}) (Version: 1.8.36.0 - Microsoft Corporation) Hidden
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
VEGAS Pro 16.0 (HKLM\...\{0A450A0F-A098-11E8-A36D-00155D6302F2}) (Version: 16.0.248 - VEGAS)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Warcraft Logs Uploader 4.7.0 (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\{bcc11bd8-bf2f-5f00-925b-921594bc2ca4}) (Version: 4.7.0 - warcraftlogs)
Warcraft Logs Uploader 5.5.1 (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\bcc11bd8-bf2f-5f00-925b-921594bc2ca4) (Version: 5.5.1 - warcraftlogs)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

Packages:
=========
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-31] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-01] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-20] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-06-30] (NVIDIA Corp.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2579833569-30274321-2403803918-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2579833569-30274321-2403803918-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2579833569-30274321-2403803918-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\user\Dropbox [2019-02-14 20:49]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-01-17] (Notepad++ -> )
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2017-01-31] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\nvshext.dll [2021-06-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2_S-1-5-21-2579833569-30274321-2403803918-1000: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\Agent Ransack\ShellExt.dll [2016-10-19] (Mythicsoft Ltd -> Mythicsoft Ltd)
ContextMenuHandlers4_S-1-5-21-2579833569-30274321-2403803918-1000: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\Agent Ransack\ShellExt.dll [2016-10-19] (Mythicsoft Ltd -> Mythicsoft Ltd)
ContextMenuHandlers5_S-1-5-21-2579833569-30274321-2403803918-1000: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\Agent Ransack\ShellExt.dll [2016-10-19] (Mythicsoft Ltd -> Mythicsoft Ltd)
ContextMenuHandlers6_S-1-5-21-2579833569-30274321-2403803918-1000: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\Agent Ransack\ShellExt.dll [2016-10-19] (Mythicsoft Ltd -> Mythicsoft Ltd)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2017-12-22] (Beepa P/L) [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2017-12-22] (Beepa P/L) [Datei ist nicht signiert]

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2016-11-27 16:41 - 2007-09-02 14:57 - 000069632 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\RocketDock\RocketDock.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000053760 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\_bz2.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000084992 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\_ctypes.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000783360 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\_hashlib.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000137216 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\_lzma.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000047104 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\_socket.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000039424 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\psutil._psutil_windows.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 001861120 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtCore.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 002002944 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtGui.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 004101120 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtWidgets.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000009728 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\select.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000075264 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\sip.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000758784 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\unicodedata.pyd
2021-06-10 18:20 - 2021-07-12 23:23 - 002821120 _____ () [Datei ist nicht signiert] D:\Program Files\RaiderIO\ffmpeg.dll
2021-06-10 18:20 - 2021-07-12 23:23 - 000446464 _____ () [Datei ist nicht signiert] D:\Program Files\RaiderIO\libegl.dll
2021-06-10 18:20 - 2021-07-12 23:23 - 007900160 _____ () [Datei ist nicht signiert] D:\Program Files\RaiderIO\libglesv2.dll
2020-11-08 12:25 - 2020-11-08 12:25 - 000065536 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll
2019-12-31 12:53 - 2019-12-31 12:53 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2019-12-31 12:53 - 2019-12-31 12:53 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2017-12-19 15:39 - 2017-09-27 18:30 - 000489984 _____ (Newtonsoft) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\Newtonsoft.Json.dll
2017-07-14 18:55 - 2017-07-14 18:55 - 000116224 _____ (pdfforge GmbH) [Datei ist nicht signiert] C:\WINDOWS\System32\pdfcmon.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 002741248 _____ (Python Software Foundation) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\python34.dll
2017-06-15 10:38 - 2017-06-15 10:38 - 000069120 _____ (SkinSoft) [Datei ist nicht signiert] C:\Users\user\AppData\Local\SkinSoft\VisualStyler\2.4.59444.6\x64\ssapihook.dll
2020-10-31 11:38 - 2021-07-25 11:09 - 001716224 _____ (SQLite Development Team) [Datei ist nicht signiert] D:\Benutzer\user\Desktop\V Server Daten\sf_bot\sqlite3.DLL
2021-06-29 20:02 - 2021-06-29 20:01 - 000848896 _____ (The ICU Project) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\icudt53.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 001580032 _____ (The ICU Project) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\icuin53.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 001079296 _____ (The ICU Project) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\icuuc53.dll
2016-11-28 16:32 - 2020-04-08 16:17 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\LIBEAY32.dll
2016-11-28 16:32 - 2020-04-08 16:18 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\ssleay32.dll
2016-11-28 16:32 - 2019-08-29 14:44 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-06-29 19:31 - 2019-08-29 14:44 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5Core.dll
2021-06-29 19:31 - 2019-08-29 14:44 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5Gui.dll
2021-06-29 19:31 - 2019-08-29 14:44 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5Network.dll
2021-06-29 19:31 - 2019-08-29 14:45 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-06-29 19:31 - 2019-08-29 14:45 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-06-29 19:31 - 2019-08-29 14:45 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5Xml.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000036352 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qdds.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000022016 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qgif.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000029184 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qicns.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000022016 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qico.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000381952 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjp2.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000206848 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjpeg.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000218624 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qmng.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000016384 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtga.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000308736 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtiff.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000015360 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwbmp.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000287232 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwebp.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000991744 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\platforms\qwindows.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 004182528 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Core.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 004877312 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Gui.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 004490752 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Widgets.dll
2017-12-19 15:39 - 2017-11-07 17:37 - 000088064 _____ (Wondershare) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppCollect.dll
2017-12-19 15:39 - 2017-11-07 17:37 - 000200192 _____ (Wondershare) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppCommon.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [226]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKU\S-1-5-21-2579833569-30274321-2403803918-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-11-19 01:53 - 000003469 _____ C:\WINDOWS\system32\drivers\etc\hosts
173.0.14.249 d1.proxpn.com
173.0.14.249 d1.proxpn.biz
173.0.14.249 d1.proxpn.org
173.0.14.249 d1.proxpn.me
107.6.100.5 pptp-d1.proxpn.com
107.6.100.5 pptp-d1.proxpn.biz
107.6.100.5 pptp-d1.proxpn.org
107.6.100.5 pptp-d1.proxpn.me
173.231.141.114 ny1.proxpn.com
173.231.141.114 ny1a.proxpn.biz
173.231.141.114 ny1a.proxpn.org
173.231.141.114 ny1a.proxpn.me
173.231.141.116 pptp-ny1a.proxpn.com
173.231.141.116 pptp-ny1a.proxpn.biz
173.231.141.116 pptp-ny1.proxpn.org
173.231.141.116 pptp-ny1.proxpn.me
216.18.231.179 se1.proxpn.com
216.18.231.179 se1.proxpn.biz
216.18.231.179 se1.proxpn.org
216.18.231.179 se1.proxpn.me
216.18.231.181 pptp-se1.proxpn.com
216.18.231.181 pptp-se1.proxpn.biz
216.18.231.181 pptp-se1.proxpn.org
216.18.231.181 pptp-se1.proxpn.me
64.27.29.67 la1.proxpn.com
64.27.29.67 la1.proxpn.biz
64.27.29.67 la1.proxpn.org
64.27.29.67 la1.proxpn.me
64.27.29.68 pptp-la1.proxpn.com
64.27.29.68 pptp-la1.proxpn.biz

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\AOMEI Backupper;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\Control Panel\Desktop\\Wallpaper -> D:\Benutzer\user\Eigene Bilder\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei)
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: Steam => "D:\Program Files (x86)\Steam\steam.exe" -silent

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{4A6E148B-989F-44C1-9A7A-DDDE8F8E088C}] => (Allow) E:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [{6DA249F2-1189-4D4D-B43D-14590E3F9239}] => (Allow) E:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{90199173-0506-4E4D-88CD-C79EEC856D92}D:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) D:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{D5B3A047-5529-47AD-B36B-28DDCDB89F28}D:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) D:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{CD0AB3DC-A410-44DA-87B0-08B35902E06C}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => Keine Datei
FirewallRules: [{A9889C33-2A62-4F9E-B0DD-18AC86A1EE26}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => Keine Datei
FirewallRules: [UDP Query User{E06468E0-98B0-4491-86B7-6F6C90864756}E:\steamlibrary\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe => Keine Datei
FirewallRules: [TCP Query User{E1B46380-71CC-4331-BCA7-6DECD8A8258D}E:\steamlibrary\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{7BBB7DF8-D6C7-44D0-9EA5-4614C36A36C1}C:\users\user\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\user\appdata\local\programs\blitz\blitz.exe => Keine Datei
FirewallRules: [TCP Query User{BC0CFFD8-D507-449E-9B70-0D1551CDDE35}C:\users\user\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\user\appdata\local\programs\blitz\blitz.exe => Keine Datei
FirewallRules: [UDP Query User{26F71397-CBF4-466A-8595-CF734D0E2CF5}C:\users\user\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\user\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{EF3EBD27-65FF-4CCB-93C6-E8048E274EAC}C:\users\user\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\user\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{CD721D75-23DF-49B9-A453-C241CD404BD8}C:\users\user\appdata\local\blitz\current\blitz.exe] => (Allow) C:\users\user\appdata\local\blitz\current\blitz.exe => Keine Datei
FirewallRules: [TCP Query User{8DF1D4FB-1850-4EB6-9E42-B0C5B11E6D3A}C:\users\user\appdata\local\blitz\current\blitz.exe] => (Allow) C:\users\user\appdata\local\blitz\current\blitz.exe => Keine Datei
FirewallRules: [{001C0D1A-2552-4463-A16E-72B72EC26B29}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => Keine Datei
FirewallRules: [{500C6985-4DB1-47DF-960A-9D0EDA2990BC}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => Keine Datei
FirewallRules: [{437C337B-7540-46E6-A4DD-A1F51EFC54C2}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => Keine Datei
FirewallRules: [{327F6E00-8137-4A78-A6A3-F51971DB9EBE}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => Keine Datei
FirewallRules: [{E8233E25-EF07-4D43-8A12-3025C6B0DFE2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D2E02427-6686-4762-B0C6-410FD7943037}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{34354047-A99B-487E-A167-3D89CEA316D6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{53C4D91A-20A9-4069-8B9F-5B3CC216E03D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8B6D41A7-5D8E-421C-998A-2E3456C66D94}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{645892EA-372F-4D43-8C92-CE7BCDC88602}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe => Keine Datei
FirewallRules: [{CB0F98E5-3516-4C26-9CB2-2354190F1D6B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe => Keine Datei
FirewallRules: [{4E831682-08D2-4B0E-B324-240658B57250}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => Keine Datei
FirewallRules: [{9D22EB54-8DE8-466E-9B45-E37CFFCF3F0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe => Keine Datei
FirewallRules: [{6219D0A0-5282-4C85-914D-1E2FE3388DCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe => Keine Datei
FirewallRules: [{ECA95E8D-64B0-423D-A08C-1D4C1CCC8F0F}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{28FF2450-6226-4612-8F9C-394BE8FBC52E}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9FE82643-1380-4E45-8907-3D42E65CECF5}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{80EA1FC5-DE45-4F1F-A864-92C2E78EF09F}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{90A61087-67B9-4211-9A6A-EF9983652A4B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4B6B3CF8-11F4-43BB-8EAB-5C7EE8E90519}] => (Allow) LPort=2869
FirewallRules: [{91834D8E-BF68-434A-8DD1-F5A4A20BD329}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{4AE65574-6C6F-4455-892E-F737DC4D2362}E:\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) E:\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [UDP Query User{1B1EF4AD-628B-4A66-8827-FBE92DFF2494}E:\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) E:\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [TCP Query User{25630A57-B7EE-48BA-B2D9-0465ABA1495C}E:\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe] => (Allow) E:\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [UDP Query User{3546140E-876E-4E18-9BF1-8D88F3AF4F4A}E:\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe] => (Allow) E:\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [TCP Query User{18D80B2F-8405-4F9C-873E-14BC6935C2E8}E:\overwatch\overwatch.exe] => (Allow) E:\overwatch\overwatch.exe => Keine Datei
FirewallRules: [UDP Query User{A8E7A4FB-03B3-4D27-A19A-4640A8459857}E:\overwatch\overwatch.exe] => (Allow) E:\overwatch\overwatch.exe => Keine Datei
FirewallRules: [{D09DCB6F-DF75-46E5-A6F5-27401051E44E}] => (Allow) C:\Users\user\AppData\Local\Temp\andy-x64\Setup.exe => Keine Datei
FirewallRules: [{96F37A3F-C18D-47DC-ABE4-908961378B01}] => (Allow) C:\Users\user\AppData\Local\Temp\andy-x64\Setup.exe => Keine Datei
FirewallRules: [{490D8786-E36B-46EF-85DA-5A6E255B84F2}] => (Allow) C:\Program Files\Andy\andy.exe => Keine Datei
FirewallRules: [{852D0C27-64AF-43AD-BD9D-6992F2A730CF}] => (Allow) C:\Program Files\Andy\andy.exe => Keine Datei
FirewallRules: [{2500D083-69C3-46A4-978E-C0870245764F}] => (Allow) C:\Program Files\Andy\AndyConsole.exe => Keine Datei
FirewallRules: [{FCD75FD3-BDAE-43F5-8B9D-E2DD3C58ACA9}] => (Allow) C:\Program Files\Andy\AndyConsole.exe => Keine Datei
FirewallRules: [{CD2B06F1-34E4-450E-B6A0-C4441259FFBF}] => (Allow) C:\Program Files\Andy\HandyAndy.exe => Keine Datei
FirewallRules: [{002514EE-2676-4F7D-92FB-AAA143B12CA3}] => (Allow) C:\Program Files\Andy\HandyAndy.exe => Keine Datei
FirewallRules: [{59E7B9F1-1FD3-48C7-B35C-6CB488D54218}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe => Keine Datei
FirewallRules: [{379A5A9C-415E-485D-8C77-46A121DF76DB}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe => Keine Datei
FirewallRules: [{4290E391-36C6-4AEB-A569-E715A16EFE82}] => (Allow) C:\Users\user\AppData\Local\Temp\RemoveTemp.exe => Keine Datei
FirewallRules: [{D40C5F2F-55DA-4535-97D4-2778BBB54041}] => (Allow) C:\Users\user\AppData\Local\Temp\RemoveTemp.exe => Keine Datei
FirewallRules: [{836E9BE2-E01D-4A44-A38C-B168998FED1A}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe => Keine Datei
FirewallRules: [{2B94FF74-5C6F-4374-8E85-9E50CF9A5045}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe => Keine Datei
FirewallRules: [{49D6DF34-3858-487C-9795-73A18858075F}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe => Keine Datei
FirewallRules: [{2B22F4AB-1E91-4CBF-8597-FB6CC84644A8}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe => Keine Datei
FirewallRules: [TCP Query User{3E8D9AAD-B8E6-4A31-BE6E-47B402AEC12B}E:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) E:\program files\rockstar games\grand theft auto v\gta5.exe => Keine Datei
FirewallRules: [UDP Query User{F3177FED-A5E5-4A86-9928-8AD289C80396}E:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) E:\program files\rockstar games\grand theft auto v\gta5.exe => Keine Datei
FirewallRules: [TCP Query User{52447431-39D5-4DA7-AB9E-F076BD20DD02}D:\program files\teamspeak 3 client\ts3client_win64.exe] => (Allow) D:\program files\teamspeak 3 client\ts3client_win64.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [UDP Query User{25913D96-0447-416C-8015-F06857EC78C7}D:\program files\teamspeak 3 client\ts3client_win64.exe] => (Allow) D:\program files\teamspeak 3 client\ts3client_win64.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [{0E5A8359-22D1-40A5-B892-E289639170A4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{06B67D62-3F1C-484A-A69C-A6C8A2CFCCD2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{DCD22A10-EBE3-4E77-850D-1A3AA73EC764}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{DEAAD606-F120-48C4-9522-7B4314F7839F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{DA65F31F-99FA-4641-8DA1-74F186830C0F}E:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) E:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [UDP Query User{5ED2F346-43A5-461B-B961-1D200A397A64}E:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) E:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [{60406519-4E1C-4DD8-BC1A-ABD566C45B3D}] => (Block) E:\Program Files\Rockstar Games\Grand Theft Auto V\GTAVLauncher.exe => Keine Datei
FirewallRules: [TCP Query User{972EE226-F87D-464E-8C57-400D562CFFEE}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{C17D4A5F-3C8E-4D48-A1B6-EC7F3BA0115C}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{0719B81F-8660-4FCF-91B1-280185975292}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{3F46F757-53FF-4916-B41F-B5F7E10A3628}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{4DABD2DB-5DB3-4F0C-9505-A4C302AD7106}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{40C39E61-F0C4-481C-B371-5B87A951A6EB}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{465E303A-33B2-4B3F-A0D7-2E4388D2F41C}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{33AD6841-103B-4C00-9124-5D51E90E2583}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{39EDCB2A-0EAA-4E1E-A9EC-6AE691CDCAED}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{207D158A-9DB2-4310-991D-1E1E9B7CB78D}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{06F7425F-135A-4246-A813-4FBBFC4F7325}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{9D5A9055-97DE-4640-AE1F-69F7DACBF2B1}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{8733FF72-EE46-46BA-94CD-0C6DD1D2027E}E:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) E:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{A7E00E1E-C258-4D1F-A8C5-AA4D254C6476}E:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) E:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{B174D0CD-D5F4-4CD7-AB31-AA27328510FA}E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3C76CB0A-A2D0-4FB8-926D-0F423C96C71D}E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{AF4191D3-39C3-46DE-A548-BCABC0164232}E:\program files (x86)\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\program files (x86)\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{CF8123C0-8573-41B6-873D-46354C9C58B0}E:\program files (x86)\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\program files (x86)\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Keine Datei
FirewallRules: [{479CAC48-460C-4F85-8083-3D242B28EB1E}] => (Allow) C:\Users\user\AppData\Roaming\Streamlabs\Streamlabs Chatbot\Streamlabs Chatbot.exe => Keine Datei
FirewallRules: [{49AF226E-C4A2-4F51-900B-D7E49BF1BDD5}] => (Allow) C:\Users\user\AppData\Roaming\Streamlabs\Streamlabs Chatbot\Streamlabs Chatbot.exe => Keine Datei
FirewallRules: [{4E16179E-E83E-475D-86EB-91713A355E15}] => (Allow) C:\Users\user\AppData\Roaming\Streamlabs\Streamlabs Chatbot\Streamlabs Chatbot.exe => Keine Datei
FirewallRules: [{B74A4902-09A0-45F5-8196-41134B17460E}] => (Allow) C:\Users\user\AppData\Roaming\Streamlabs\Streamlabs Chatbot\Streamlabs Chatbot.exe => Keine Datei
FirewallRules: [TCP Query User{913384C0-B5A9-4372-8CE1-01FC50CF866F}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{66ED06BE-74F8-4ABA-B4FA-2BEC35EBAA67}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{C4B879DF-AADC-4A37-AF28-3E1BCE0AB49E}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{EE63598F-7151-455F-BB69-2570EEC7E731}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{F9F5F0A6-D1F9-48A2-9224-10026823ABF2}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{4FAEC4DC-D319-495E-842D-AF8B7D725AD1}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{AA9ED216-C389-48B5-8A31-369D2B47A718}E:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) E:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe => Keine Datei
FirewallRules: [UDP Query User{80FB710F-7D9D-4166-A9F8-93AEAE42C820}E:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) E:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe => Keine Datei
FirewallRules: [TCP Query User{620EC0E5-AFEF-4BC9-9295-BF332737B1AB}E:\jdownloader v2.0\jdownloader2.exe] => (Allow) E:\jdownloader v2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [UDP Query User{F160744B-471A-4BA2-8A22-D4B0391B5DF1}E:\jdownloader v2.0\jdownloader2.exe] => (Allow) E:\jdownloader v2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [TCP Query User{7F5B0FA5-B941-4E30-91B1-D4FC145CB920}E:\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) E:\games\the sims 4\game\bin\ts4_x64.exe => Keine Datei
FirewallRules: [UDP Query User{04A3EA83-0E68-4D3B-970C-C7241E32C43E}E:\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) E:\games\the sims 4\game\bin\ts4_x64.exe => Keine Datei
FirewallRules: [TCP Query User{CA8CA4EE-2381-4E0D-AD50-966D032E5A22}E:\games\the sims 4\game\bin\ts4.exe] => (Allow) E:\games\the sims 4\game\bin\ts4.exe => Keine Datei
FirewallRules: [UDP Query User{2D4DBB37-B576-490D-AC5A-DA00A90A53F6}E:\games\the sims 4\game\bin\ts4.exe] => (Allow) E:\games\the sims 4\game\bin\ts4.exe => Keine Datei
FirewallRules: [TCP Query User{EAC675E0-ACAC-4BBD-BA7E-72A3FFABD559}D:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe => Keine Datei
FirewallRules: [UDP Query User{FDE20F4F-494B-45D4-ADAB-E4B2FA97E1CB}D:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe => Keine Datei
FirewallRules: [{B9EC7B50-785F-4F37-B6D0-2A4CE447689C}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D264CDE4-1B79-48BD-ACBA-077BBBB534F1}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{ADC664A4-1E77-45EF-8C74-3A58896E50B8}D:\benutzer\user\downloads\utox_win64.exe] => (Allow) D:\benutzer\user\downloads\utox_win64.exe => Keine Datei
FirewallRules: [UDP Query User{99182E19-EA0C-403C-8B90-CD444E32273B}D:\benutzer\user\downloads\utox_win64.exe] => (Allow) D:\benutzer\user\downloads\utox_win64.exe => Keine Datei
FirewallRules: [{122119B4-105A-4D05-AFFD-66C9F9BC3366}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe (Firaxis Games) [Datei ist nicht signiert]
FirewallRules: [{E01261B2-7BA2-4088-9CC9-65A17F2E8831}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe (Firaxis Games) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{E21FF858-1EDB-4575-B1C2-229776450DAC}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{E3272ED8-4FFA-4631-834E-E0300BC31BCA}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{87FBA020-3F5A-47D4-BC3F-D2C7ED5E7F58}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{87B1062E-9E8C-4C81-B8D5-1C273BBEA439}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{32C9F1D6-B82C-4916-A4CC-450EE13B130B}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{50BF5346-EA5E-4818-BD24-ACEFCDFCD03A}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{3A6CCCD8-C4D0-4BA2-B5FE-22ADD3206A7E}E:\diablo iii\x64\diablo iii64.exe] => (Allow) E:\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{5FE912CC-6DAC-4772-ACDA-E1143C48F49E}E:\diablo iii\x64\diablo iii64.exe] => (Allow) E:\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{599497F7-C4CE-4FB1-87B4-39BFCE218FAC}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{1C55F239-39C6-41FE-8E00-13F45F0DCBD1}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{490ABA47-D019-44C6-8ED2-CE34FD5CE948}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{D3B4543B-7B9A-42FA-AB88-AA99DB620D21}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{E46F05A8-2610-4FD3-9C5B-8C8DCB3A5A45}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{E8C4EC46-FD45-43C4-8E79-FE035EA4D68A}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{91C080B1-8594-454E-9467-B1B938301511}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{CA619507-B0D2-4C5A-B2DA-4851B3061E8D}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{294B0418-47FD-41F1-8FA8-9E7A8A689686}] => (Allow) D:\Program Files (x86)\Sidify Music Converter Free\Sidify Music Converter Free.exe.exe => Keine Datei
FirewallRules: [TCP Query User{DE5A6191-EA16-43E6-959E-3B7770FC7EC0}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{0DD7FCA2-37CD-4347-BFDB-9F86E1F05B5A}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{55F01C71-F10D-459C-9F03-0F6AA1632F06}D:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{4D63B839-2C47-4C3C-BB06-174994747797}D:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{54F46A0A-6877-43FC-9F5B-08536031FBE9}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{20726450-26F9-4D7D-9F05-C3491723B4ED}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{DFD9B37A-4CF8-4A08-9262-DD96FC9CFDF2}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{B31A81F7-5EF7-44A9-82A0-3FD9B2D01AA2}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{489A26CB-4983-4AB6-888B-E6DFAA571647}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{2C89F74F-D7D0-4913-A141-4603E433A0D9}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{756F276C-61A9-4586-9E5B-F3FACBF902AD}D:\benutzer\user\downloads\utox_win64.exe] => (Block) D:\benutzer\user\downloads\utox_win64.exe => Keine Datei
FirewallRules: [UDP Query User{0CA54C5D-AB4A-40D0-9843-E2E909A5A0D4}D:\benutzer\user\downloads\utox_win64.exe] => (Block) D:\benutzer\user\downloads\utox_win64.exe => Keine Datei
FirewallRules: [TCP Query User{BBE687B0-C0FF-49BD-A8DB-987DC06E38D5}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{3FFD0217-A45D-4E29-8BDA-85768F528567}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{EC26DC2D-8441-400C-8C50-EE54D11FEA48}E:\program files (x86)\beat hazard ultra\beathazard.exe] => (Allow) E:\program files (x86)\beat hazard ultra\beathazard.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{7C35F32D-4E09-4C6E-AD5E-AC4902B179B1}E:\program files (x86)\beat hazard ultra\beathazard.exe] => (Allow) E:\program files (x86)\beat hazard ultra\beathazard.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{2C790E31-ADEC-4450-A335-4843E02357D9}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{6A1EFE6D-512D-470D-AA1C-D81BD0B6565E}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{A40CF6D2-9357-4AA5-92AE-0D9897F30E7B}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{3C84A94F-F518-463B-BDEF-9C209EC170EE}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{EC820E90-E7F5-4881-B4B6-BCBB5B2E7734}E:\destiny 2\destiny2.exe] => (Allow) E:\destiny 2\destiny2.exe => Keine Datei
FirewallRules: [UDP Query User{E877C03E-4FB8-4748-B0F9-6C48F51C9063}E:\destiny 2\destiny2.exe] => (Allow) E:\destiny 2\destiny2.exe => Keine Datei
FirewallRules: [TCP Query User{AD2599C8-902C-4B19-A504-9D65710A10FD}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{AF83634B-79D7-45B0-AB7D-9E6E3136809D}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{FE099CEF-952D-4B37-9AD2-EA88CF638771}E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe => Keine Datei
FirewallRules: [UDP Query User{2C6C6456-173C-4B04-B60C-86A376A18698}E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe => Keine Datei
FirewallRules: [TCP Query User{7A0DE15D-F7AA-44BB-9E95-A7CB22147641}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{E1E37D5D-C3BC-4240-831D-488DBCA7E533}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{51F23693-B25E-4EB9-864E-D685E6EEBC07}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{65B7A698-F709-4B3B-92AA-96D9D6093ED4}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{19B7F8EA-C00C-4431-981B-20939423710B}E:\program files (x86)\subnautica\subnautica.exe] => (Allow) E:\program files (x86)\subnautica\subnautica.exe => Keine Datei
FirewallRules: [UDP Query User{25DDD6FF-C6F7-433D-8994-4C0B85FDA874}E:\program files (x86)\subnautica\subnautica.exe] => (Allow) E:\program files (x86)\subnautica\subnautica.exe => Keine Datei
FirewallRules: [TCP Query User{19FDAF38-B115-443F-A8BB-E008DAAEFF13}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{EA425FF4-F25F-4651-8F4A-79232F4EE778}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{BC7964D6-3CF3-4592-8F6F-03469D069FEC}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{C0DDEF69-E64E-4113-94A4-645CE3C151AA}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{D3C9FA19-67C5-4D53-9628-7E397856D245}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{3078E517-A467-402D-8116-8DFD42692D4E}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{925398ED-8968-454D-BACC-A3519294E8F2}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{2426DAE1-AB8E-47AB-B476-D6C3157ADF41}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{A6E4C5AB-EA62-4F19-A79A-74C50E20C4FC}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{9DE502FF-4E9C-4537-8D2F-3027A6B34F7C}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{45F555BA-46DC-42F0-93C3-920DD25DF865}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{8C2DA87B-DD2F-46B3-9797-CA403C310446}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{925D9BC2-467D-4720-965E-A6FB90936463}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{99AC887E-D4EB-49D5-88EE-67D98F5092C0}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{60A18536-CA9A-4D4C-8588-7182260A6517}E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{5259AD36-7AD6-4FBE-8FE9-DB62DE0499D4}E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{DED585C5-1FB0-4923-8328-BB4A6ABEA935}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{DADE906A-4F11-445C-A99D-956E248E44E5}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{3AABF6C2-4ECD-40FE-997E-CEACF7DD2DCF}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{82345648-871C-4975-9B69-1924A981C1C1}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{65E09242-0899-44CE-9F68-2DE78F2688E8}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{2947C4AD-A66B-48BC-B813-2DF162BBFAFA}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{D0C29E8E-B606-4C9B-964D-DA6AF8FC91C7}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{BCC1E50F-FD53-4767-970E-8A7914BD4479}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{D0ED8964-BE69-48C7-8CF3-BECBE206E781}E:\program files (x86)\epic games\satisfactoryearlyaccess\factorygame\binaries\win64\factorygame-win64-shipping.exe] => (Allow) E:\program files (x86)\epic games\satisfactoryearlyaccess\factorygame\binaries\win64\factorygame-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{5CB18286-2D41-4446-BCC2-E0053DC7312E}E:\program files (x86)\epic games\satisfactoryearlyaccess\factorygame\binaries\win64\factorygame-win64-shipping.exe] => (Allow) E:\program files (x86)\epic games\satisfactoryearlyaccess\factorygame\binaries\win64\factorygame-win64-shipping.exe => Keine Datei
FirewallRules: [TCP Query User{FD348760-751D-42DE-BBD0-34B111075290}E:\overwatch\_retail_\overwatch.exe] => (Allow) E:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{1DFC251E-B356-4339-8268-5AE3FE31326D}E:\overwatch\_retail_\overwatch.exe] => (Allow) E:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{BB81DD00-A925-43E6-B4EB-EA6178F491E4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [Datei ist nicht signiert]
FirewallRules: [{CF96C901-3D71-410E-A959-9EC4F4C37E36}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{12CE5B8B-02B8-41B3-8729-A973607F1E56}D:\benutzer\user\downloads\neuer ordner\utox_win64.exe] => (Allow) D:\benutzer\user\downloads\neuer ordner\utox_win64.exe => Keine Datei
FirewallRules: [UDP Query User{67226083-8B5E-4479-84B4-ADFF9CCE98DD}D:\benutzer\user\downloads\neuer ordner\utox_win64.exe] => (Allow) D:\benutzer\user\downloads\neuer ordner\utox_win64.exe => Keine Datei
FirewallRules: [TCP Query User{CC134E2B-2670-456D-9B77-8746DA70D5A3}D:\program files (x86)\blizzard app\battle.net.exe] => (Allow) D:\program files (x86)\blizzard app\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{BE89E264-65AE-47FF-9BEB-440A0359650B}D:\program files (x86)\blizzard app\battle.net.exe] => (Allow) D:\program files (x86)\blizzard app\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{41461476-67F8-4CA8-BAD0-D016D87AB69A}E:\program files (x86)\epic games\satisfactoryexperimental\factorygame\binaries\win64\factorygame-win64-shipping.exe] => (Allow) E:\program files (x86)\epic games\satisfactoryexperimental\factorygame\binaries\win64\factorygame-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{8E5F634D-0A18-4114-A31F-5BDA3CF54497}E:\program files (x86)\epic games\satisfactoryexperimental\factorygame\binaries\win64\factorygame-win64-shipping.exe] => (Allow) E:\program files (x86)\epic games\satisfactoryexperimental\factorygame\binaries\win64\factorygame-win64-shipping.exe => Keine Datei
FirewallRules: [{39BCCF57-4E33-4204-9C47-776E16DB33CC}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{470D3F1C-F79A-4904-92A8-2DDF6F38225F}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{BB7E8AF4-9CFF-485F-99CE-054F6FDD02E4}] => (Allow) E:\SteamLibrary\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [{2A24642E-150F-41F3-98B6-A929EA0925F5}] => (Allow) E:\SteamLibrary\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [{C1E0741B-2828-4C9B-A2C3-137D822846A9}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{1907455D-4DAB-4086-8BF4-49A2A0D0AE6F}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{AD8E354F-DB8D-4166-A4FC-4A78DB3EC33F}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => Keine Datei
FirewallRules: [{775CA9C4-41DB-4390-9041-4946C4D43174}] => (Allow) E:\SteamLibrary\steamapps\common\For The King\FTK.exe () [Datei ist nicht signiert]
FirewallRules: [{39FA0940-7E2B-4A4E-AD0B-BE0029FCE2B9}] => (Allow) E:\SteamLibrary\steamapps\common\For The King\FTK.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{081E422C-898D-4AE5-9225-436B1E51DDED}E:\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) E:\call of duty black ops cold war\blackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [UDP Query User{0F4B7199-3A5C-4038-BEFC-E78068E8CBD1}E:\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) E:\call of duty black ops cold war\blackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [{44D93574-D36C-4FC3-9690-3165B1E6E2AD}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Datei ist nicht signiert]
FirewallRules: [{46952959-F1A0-463F-871A-0A2BFF20D924}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Datei ist nicht signiert]
FirewallRules: [{F3415333-43E5-4653-8F98-B9A8E7DB1537}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{99FB018F-1499-43BE-BEAE-EE93CFDCAB9F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B766BDD3-A4BB-4B59-BC26-70C4327ACBFA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{17A84433-E17D-4FA5-9558-99B7BFE4A882}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EE7BCBEF-B89C-4135-BACE-FC04AE6C48F4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6FADDC1B-6482-47FF-9A1B-067F4D79B5BA}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (07/25/2021 11:18:31 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.

Error: (07/25/2021 11:18:31 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.

Error: (07/25/2021 07:41:59 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf Elements (G:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)

Error: (07/25/2021 07:34:02 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf Anwendungen (E:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)

Error: (07/24/2021 04:07:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 4kstogram.exe, Version: 3.4.2.3620, Zeitstempel: 0x60ccae62
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.1023, Zeitstempel: 0x7977b9de
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ff199
ID des fehlerhaften Prozesses: 0x3958
Startzeit der fehlerhaften Anwendung: 0x01d78061f005e67d
Pfad der fehlerhaften Anwendung: E:\Program Files\4KDownload\4kstogram\4kstogram.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 9c478cec-92a6-4239-9341-2b387a038e9b
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/22/2021 11:21:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 4kstogram.exe, Version: 3.4.2.3620, Zeitstempel: 0x60ccae62
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.1023, Zeitstempel: 0x7977b9de
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ff199
ID des fehlerhaften Prozesses: 0xe14
Startzeit der fehlerhaften Anwendung: 0x01d77eeb41d6512b
Pfad der fehlerhaften Anwendung: E:\Program Files\4KDownload\4kstogram\4kstogram.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 2b8ba86b-1f7e-4dae-8064-4e73e4c167c5
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/19/2021 11:17:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 4kstogram.exe, Version: 3.4.2.3620, Zeitstempel: 0x60ccae62
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.1023, Zeitstempel: 0x7977b9de
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ff199
ID des fehlerhaften Prozesses: 0x232c
Startzeit der fehlerhaften Anwendung: 0x01d77cbf64cc0c9a
Pfad der fehlerhaften Anwendung: E:\Program Files\4KDownload\4kstogram\4kstogram.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 36a282e4-d0f2-4f68-9f7b-22dcf9131baa
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/14/2021 07:47:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 4kstogram.exe, Version: 3.4.2.3620, Zeitstempel: 0x60ccae62
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.1023, Zeitstempel: 0x7977b9de
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ff199
ID des fehlerhaften Prozesses: 0x1f50
Startzeit der fehlerhaften Anwendung: 0x01d778cc892ce10c
Pfad der fehlerhaften Anwendung: E:\Program Files\4KDownload\4kstogram\4kstogram.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 4e6dcfc2-5ad6-47fd-a41e-ced2993ea943
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (07/25/2021 11:22:59 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "wuauserv" wurde mit folgendem Fehler beendet: 
Das System kann die angegebene Datei nicht finden.

Error: (07/25/2021 11:22:59 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{E60687F7-01A1-40AA-86AC-DB1CBF673334}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/25/2021 11:20:59 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "wuauserv" wurde mit folgendem Fehler beendet: 
Das System kann die angegebene Datei nicht finden.

Error: (07/25/2021 11:20:59 AM) (Source: DCOM) (EventID: 10010) (User: Home-PC)
Description: Der Server "{E60687F7-01A1-40AA-86AC-DB1CBF673334}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/25/2021 11:18:59 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "wuauserv" wurde mit folgendem Fehler beendet: 
Das System kann die angegebene Datei nicht finden.

Error: (07/25/2021 11:18:59 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{E60687F7-01A1-40AA-86AC-DB1CBF673334}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/25/2021 11:16:59 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "wuauserv" wurde mit folgendem Fehler beendet: 
Das System kann die angegebene Datei nicht finden.

Error: (07/25/2021 11:16:59 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{E60687F7-01A1-40AA-86AC-DB1CBF673334}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


Windows Defender:
================
Date: 2021-07-25 03:39:49
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {373488ED-7F44-4A77-8B53-C3BF160C1393}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-07-10 19:24:55
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {129A94E0-F360-40E0-9DB1-690D0CAD5BE7}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-06-22 07:19:01
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/AgentTesla!ml&threatid=2147760503&enterprise=0
Name: Trojan:Win32/AgentTesla!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_D:\$RECYCLE.BIN\S-1-5-21-2579833569-30274321-2403803918-1000\$RYMNQ53.exe; file:_D:\$RECYCLE.BIN\S-1-5-21-2579833569-30274321-2403803918-1000\$RZYRMCR.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: Home-PC\user
Prozessname: C:\Windows\explorer.exe
Sicherheitsversion: AV: 1.341.1171.0, AS: 1.341.1171.0, NIS: 1.341.1171.0
Modulversion: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-06-22 07:19:01
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/AgentTesla!ml&threatid=2147760503&enterprise=0
Name: Trojan:Win32/AgentTesla!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_D:\$RECYCLE.BIN\S-1-5-21-2579833569-30274321-2403803918-1000\$RZYRMCR.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: Home-PC\user
Prozessname: C:\Windows\explorer.exe
Sicherheitsversion: AV: 1.341.1171.0, AS: 1.341.1171.0, NIS: 1.341.1171.0
Modulversion: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-06-22 07:18:59
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0
Name: Trojan:Win32/Wacatac.B!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: containerfile:_D:\$RECYCLE.BIN\S-1-5-21-2579833569-30274321-2403803918-1000\$RNJY1D5.exe; file:_D:\$RECYCLE.BIN\S-1-5-21-2579833569-30274321-2403803918-1000\$RNJY1D5.exe->[lowcase_mzpe]
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: Home-PC\user
Prozessname: C:\Windows\explorer.exe
Sicherheitsversion: AV: 1.341.1171.0, AS: 1.341.1171.0, NIS: 1.341.1171.0
Modulversion: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-07-24 16:30:09
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.343.1529.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.18300.4
Fehlercode: 0x80080005
Fehlerbeschreibung: Starten des Servers fehlgeschlagen 

Date: 2021-07-22 13:53:17
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.343.1390.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.18300.4
Fehlercode: 0x80080005
Fehlerbeschreibung: Starten des Servers fehlgeschlagen 

Date: 2021-07-18 19:17:52
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.343.1188.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.18300.4
Fehlercode: 0x80080005
Fehlerbeschreibung: Starten des Servers fehlgeschlagen 

Date: 2021-07-16 19:14:40
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.343.1089.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.18300.4
Fehlercode: 0x80080005
Fehlerbeschreibung: Starten des Servers fehlgeschlagen 

Date: 2021-07-10 09:50:32
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.343.729.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.18300.4
Fehlercode: 0x80080005
Fehlerbeschreibung: Starten des Servers fehlgeschlagen 

CodeIntegrity:
===============
Date: 2021-07-25 06:24:33
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. F10 10/23/2012
Hauptplatine: Gigabyte Technology Co., Ltd. B75M-D3V
Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 16330.13 MB
Verfügbarer physikalischer RAM: 9485.53 MB
Summe virtueller Speicher: 32714.13 MB
Verfügbarer virtueller Speicher: 23663.15 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:199.43 GB) (Free:95.09 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Programme) (Fixed) (Total:276.94 GB) (Free:54.59 GB) NTFS
Drive e: (Anwendungen) (Fixed) (Total:465.76 GB) (Free:220.06 GB) NTFS
Drive g: (Elements) (Fixed) (Total:4657.4 GB) (Free:620.9 GB) NTFS

\\?\Volume{0473faaa-0000-0000-0000-a0db31000000}\ () (Fixed) (Total:0.57 GB) (Free:0.12 GB) NTFS

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 0473FAAA)
Partition 1: (Active) - (Size=199.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=582 MB) - (Type=27)
Partition 3: (Not Active) - (Size=276.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 532A1B20)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 4657.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================

Alt 25.07.2021, 14:11   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ransomeware eingefangen? + A Disk read error occured. - Standard

Ransomeware eingefangen? + A Disk read error occured.


Was hast du da von wo heruntergeladen? Zudem macht man erstens so oder so regelmäßig Backups und v.a. vor solchen Eingriffen ins System, klingt alles so als hättest du noch nie Backups gemacht.
Disk- oder Dateisystemfehler haben jedenfalls nichts mit Malware zu tun, mal so als Info bevor du dich da weiter verrennst. Malwarebefall und Dateisystemfehler sind also zwei separate Probleme. Bevor man da an WIndows herumschrauibt muss man also erstmal wissen ob die HDD/SSD noch ok ist:


Zustand der HDD/SSD ermitteln

Um den Zustand deiner internen HDD/SSD zu ermitteln, benötigen wir die sog. SMART-Werte. Gehe dazu bitte nach dieser Anleitung vor.

Das Log von Crystal Disk Info bitte in CODE-Tags posten.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 25.07.2021, 16:02   #6
Polydoros
 
Ransomeware eingefangen? + A Disk read error occured. - Standard

Ransomeware eingefangen? + A Disk read error occured.


Wollte eigentlich einen 3D Planer runterladen, hab aber nicht auf die Quelle geachtet, die Seite wirkte gut, war aber wohl fake. Link hab ich nicht mehr im Verlauf.

Backups hab ich noch nie wirklich richtig gemacht, wollte mir aber in Zukunft ein NAS anschaffen um keine persönlichen Daten mehr auf meinem Rechner zu haben.

Code:
ATTFilter
----------------------------------------------------------------------------
CrystalDiskInfo 8.1.0 (C) 2008-2019 hiyohiyo
                                Crystal Dew World : https://crystalmark.info/
----------------------------------------------------------------------------

    OS : Windows 10  [10.0 Build 19043] (x64)
  Date : 2021/07/25 16:56:55

-- Controller Map ----------------------------------------------------------
 + Standardmäßiger SATA AHCI- Controller [ATA]
   - Samsung SSD 850 PRO 512GB
   - TOSHIBA DT01ACA050
   - WDC WD50EZRZ-32RWYB1
   - ATAPI iHAS124   W
 - Microsoft-Controller für Speicherplätze [SCSI]
 - DAEMON Tools Lite Virtual SCSI Bus [SCSI]

-- Disk List ---------------------------------------------------------------
 (1) Samsung SSD 850 PRO 512GB : 512,1 GB [0/0/0, pd1] - sg
 (2) TOSHIBA DT01ACA050 : 500,1 GB [1/0/0, pd1]
 (3) WDC WD50EZRZ-32RWYB1 : 5000,9 GB [2/0/0, pd1] - wd

----------------------------------------------------------------------------
 (1) Samsung SSD 850 PRO 512GB
----------------------------------------------------------------------------
           Model : Samsung SSD 850 PRO 512GB
        Firmware : EXM02B6Q
   Serial Number : S39FNX0HA22189A
       Disk Size : 512,1 GB (8,4/137,4/512,1/512,1)
     Buffer Size : Unbekannt
     Queue Depth : 32
    # of Sectors : 1000215216
   Rotation Rate : ---- (SSD)
       Interface : Serial ATA
   Major Version : ACS-2
   Minor Version : ATA8-ACS version 4c
   Transfer Mode : SATA/600 | SATA/600
  Power On Hours : 10445 Std.
  Power On Count : 2965 mal
     Host Writes : 20441 GB
Wear Level Count : 113
     Temperature : 45 C (113 F)
   Health Status : Gut (100 %)
        Features : S.M.A.R.T., 48bit LBA, NCQ, TRIM, DevSleep
       APM Level : ----
       AAM Level : ----
    Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
05 100 100 _10 000000000000 Wiederzugewiesene Sektoren
09 _97 _97 __0 0000000028CD Betriebsstunden
0C _97 _97 __0 000000000B95 Geräte-Einschaltvorgänge
B1 _98 _98 __0 000000000071 Verschleißregulierung
B3 100 100 _10 000000000000 Benutzte reservierte Blöcke (gesamt)
B5 100 100 _10 000000000000 Programmfehler (gesamt)
B6 100 100 _10 000000000000 Löschfehler (gesamt)
B7 100 100 _10 000000000000 Laufzeit schlechter Blöcke (gesamt)
BB 100 100 __0 000000000000 Nicht korrigierbare Fehler
BE _55 _42 __0 00000000002D Luftstromtemperatur
C3 200 200 __0 000000000000 ECC-Fehlerrate
C7 100 100 __0 000000000000 CRC-Fehler
EB _99 _99 __0 000000000061 POR-Wiederherstellungszähler
F1 _99 _99 __0 0009FB236870 LBA geschrieben (gesamt)

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5333 3946 4E58 3048 4132 3231 3839 4120 2020 2020
020: 0000 0000 0000 4558 4D30 3242 3651 5361 6D73 756E
030: 6720 5353 4420 3835 3020 5052 4F20 3531 3247 4220
040: 2020 2020 2020 2020 2020 2020 2020 8001 4001 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0101
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0F10
070: 0000 0000 0000 0000 0000 001F 850E 00C6 016C 0060
080: 03FC 0039 746B 7D01 4163 7469 BC01 4163 207F 0001
090: 0001 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 12B0 3B9E 0000 0000 0000 0008 4000 0000 5002 538D
110: 4150 86E8 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0001
170: 2020 2020 2020 2020 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 107F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0800 0000 0000 0000 0000
240: 0000 0000 0000 4000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 C7A5

-- SMART_READ_DATA ---------------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 05 33 00 64 64 00 00 00 00 00 00 00 09 32
010: 00 61 61 CD 28 00 00 00 00 00 0C 32 00 61 61 95
020: 0B 00 00 00 00 00 B1 13 00 62 62 71 00 00 00 00
030: 00 00 B3 13 00 64 64 00 00 00 00 00 00 00 B5 32
040: 00 64 64 00 00 00 00 00 00 00 B6 32 00 64 64 00
050: 00 00 00 00 00 00 B7 13 00 64 64 00 00 00 00 00
060: 00 00 BB 32 00 64 64 00 00 00 00 00 00 00 BE 32
070: 00 37 2A 2D 00 00 00 00 00 00 C3 1A 00 C8 C8 00
080: 00 00 00 00 00 00 C7 3E 00 64 64 00 00 00 00 00
090: 00 00 EB 12 00 63 63 61 00 00 00 00 00 00 F1 32
0A0: 00 63 63 70 68 23 FB 09 00 00 00 00 00 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 53
170: 03 00 01 00 02 FF 00 09 01 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1A

-- SMART_READ_THRESHOLD ----------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 05 0A 00 00 00 00 00 00 00 00 00 00 09 00
010: 00 00 00 00 00 00 00 00 00 00 0C 00 00 00 00 00
020: 00 00 00 00 00 00 B1 00 00 00 00 00 00 00 00 00
030: 00 00 B3 0A 00 00 00 00 00 00 00 00 00 00 B5 0A
040: 00 00 00 00 00 00 00 00 00 00 B6 0A 00 00 00 00
050: 00 00 00 00 00 00 B7 0A 00 00 00 00 00 00 00 00
060: 00 00 BB 00 00 00 00 00 00 00 00 00 00 00 BE 00
070: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
080: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
090: 00 00 EB 00 00 00 00 00 00 00 00 00 00 00 F1 00
0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4E

----------------------------------------------------------------------------
 (2) TOSHIBA DT01ACA050
----------------------------------------------------------------------------
           Model : TOSHIBA DT01ACA050
        Firmware : MS1OA750
   Serial Number : Z28923WPS
       Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
     Buffer Size : 23652 KB
     Queue Depth : 32
    # of Sectors : 976773168
   Rotation Rate : 7200 RPM
       Interface : Serial ATA
   Major Version : ATA8-ACS
   Minor Version : ATA8-ACS version 4
   Transfer Mode : SATA/300 | SATA/600
  Power On Hours : 17150 Std.
  Power On Count : 4651 mal
     Temperature : 43 C (109 F)
   Health Status : Gut
        Features : S.M.A.R.T., APM, 48bit LBA, NCQ
       APM Level : 0000h [OFF]
       AAM Level : ----
    Drive Letter : E:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _16 000000000000 Lesefehlerrate
02 135 135 _54 00000000005E Datendurchsatz-Leistung
03 126 126 _24 000300B500B6 Mittlere Anlaufzeit
04 _99 _99 __0 0000000012F6 Start/Stopp-Zyklen der Spindel
05 100 100 __5 000000000000 Wiederzugewiesene Sektoren
07 100 100 _67 000000000000 Suchfehler
08 118 118 _20 000000000021 Güte der Suchoperationen
09 _98 _98 __0 0000000042FE Betriebsstunden
0A 100 100 _60 000000000000 Misslungene Spindelanläufe
0C _99 _99 __0 00000000122B Geräte-Einschaltvorgänge
C0 _96 _96 __0 000000001334 Ausschaltungsabbrüche
C1 _96 _96 __0 000000001334 Laden/Entladen-Zyklen
C2 139 139 __0 0036000A002B Temperatur
C4 100 100 __0 000000000000 Wiederzuweisungsereignisse
C5 100 100 __0 000000000000 Aktuell ausstehende Sektoren
C6 100 100 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 045A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 205A 3238 3932 3357 5053
020: 0003 B8C8 0038 4D53 314F 4137 3530 544F 5348 4942
030: 4120 4454 3031 4143 4130 3530 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 170E 0004 005E 0040
080: 01FC 0029 746B 7D69 4773 7469 BC41 4763 207F 0036
090: 0000 0000 FFFE 0000 0000 0008 00CA 00F9 2710 0000
100: 6030 3A38 0000 0000 00CA 0000 6003 5A87 5000 039F
110: F2D2 36D2 0000 0000 0000 0000 0000 0000 0000 409C
120: 409C 0000 0000 0000 0000 0000 0000 0000 0009 000B
130: 0000 0000 2180 0DF1 FA20 0001 4000 0404 0121 0000
140: 0000 0511 0611 0000 0000 0000 0000 0000 0000 0000
150: 0000 0005 5A4E 4237 0000 6802 0000 5DBD 7BC8 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 103F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 03E0 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 91A5

-- SMART_READ_DATA ---------------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 00 00 00 00 00 00 00 02 05
010: 00 87 87 5E 00 00 00 00 00 00 03 07 00 7E 7E B6
020: 00 B5 00 03 00 00 04 12 00 63 63 F6 12 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 0B
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 76 76 21
050: 00 00 00 00 00 00 09 12 00 62 62 FE 42 00 00 00
060: 00 00 0A 13 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 63 63 2B 12 00 00 00 00 00 C0 32 00 60 60 34
080: 13 00 00 00 00 00 C1 12 00 60 60 34 13 00 00 00
090: 00 00 C2 02 00 8B 8B 2B 00 0A 00 36 00 00 C4 32
0A0: 00 64 64 00 00 00 00 00 00 00 C5 22 00 64 64 00
0B0: 00 00 00 00 00 00 C6 08 00 64 64 00 00 00 00 00
0C0: 00 00 C7 0A 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 80 00 46 13 01 5B
170: 03 00 01 00 01 53 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0F

-- SMART_READ_THRESHOLD ----------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 10 00 00 00 00 00 00 00 00 00 00 02 36
010: 00 00 00 00 00 00 00 00 00 00 03 18 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 05 00 00 00 00 00 00 00 00 00 00 07 43
040: 00 00 00 00 00 00 00 00 00 00 08 14 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 3C 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 64

----------------------------------------------------------------------------
 (3) WDC WD50EZRZ-32RWYB1
----------------------------------------------------------------------------
           Model : WDC WD50EZRZ-32RWYB1
        Firmware : 80.00A80
   Serial Number : WD-WX31D25042NK
       Disk Size : 5000,9 GB (8,4/137,4/5000,9/5000,9)
     Buffer Size : Unbekannt
     Queue Depth : 32
    # of Sectors : 9767541168
   Rotation Rate : 5700 RPM
       Interface : Serial ATA
   Major Version : ACS-2
   Minor Version : ACS-3 Revision 3b
   Transfer Mode : SATA/300 | SATA/600
  Power On Hours : 11322 Std.
  Power On Count : 3301 mal
     Temperature : 46 C (114 F)
   Health Status : Gut
        Features : S.M.A.R.T., 48bit LBA, NCQ
       APM Level : ----
       AAM Level : ----
    Drive Letter : G:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Lesefehlerrate
03 216 191 _21 000000002008 Mittlere Anlaufzeit
04 _97 _97 __0 000000000EFD Start/Stopp-Zyklen der Spindel
05 200 200 140 000000000000 Wiederzugewiesene Sektoren
07 200 200 __0 000000000000 Suchfehler
09 _85 _85 __0 000000002C3A Betriebsstunden
0A 100 100 __0 000000000000 Misslungene Spindelanläufe
0B 100 100 __0 000000000000 Nnotwendige Rekalibrierungen
0C _97 _97 __0 000000000CE5 Geräte-Einschaltvorgänge
C0 200 200 __0 00000000008E Ausschaltungsabbrüche
C1 194 194 __0 000000004BA2 Laden/Entladen-Zyklen
C2 106 _94 __0 00000000002E Temperatur
C4 200 200 __0 000000000000 Wiederzuweisungsereignisse
C5 200 200 __0 000000000000 Aktuell ausstehende Sektoren
C6 200 200 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler
C8 200 200 __0 000000000000 Schreibfehlerrate

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 3331 4432 3530 3432 4E4B
020: 0000 0000 0000 3830 2E30 3041 3830 5744 4320 5744
030: 3530 455A 525A 2D33 3252 5759 4231 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0D00
070: 0000 0000 0000 0000 0000 001F 970E 0004 004C 0040
080: 03FE 001F 706B 7C61 4123 7069 BC41 4123 207F 0158
090: 0158 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: D9B0 4630 0002 0000 0000 0000 6003 0000 5001 4EE2
110: B6A9 EF29 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1644 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 2800 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 51A5

-- SMART_READ_DATA ---------------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 D8 BF 08 20 00 00 00 00 00 04 32 00 61 61 FD
020: 0E 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 55 55 3A 2C 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 61 61 E5 0C 00 00 00 00 00 C0 32
070: 00 C8 C8 8E 00 00 00 00 00 00 C1 32 00 C2 C2 A2
080: 4B 00 00 00 00 00 C2 22 00 6A 5E 2E 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 20 FD 01 7B
170: 03 00 01 00 02 FF 05 86 02 00 00 00 00 00 00 00
180: 00 00 01 0A 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 F0

-- SMART_READ_THRESHOLD ----------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 C8 C8 C8 C8 C8 C8 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 C8 C8 C8 C8 C8 C8 C8 C8 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 C8 C8 C8 C8 C8 C8 C8 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4D

Alt 25.07.2021, 16:18   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ransomeware eingefangen? + A Disk read error occured. - Standard

Ransomeware eingefangen? + A Disk read error occured.


Ein NAS als alleiniges Backupgerät ist eine sehr schlechte Idee. Denk mal an ransomware. Was man braucht ist ein offsite Backup, eine oder mehrere externe Platten, die man sicher im Schrank verwahrt oder meinetwegen auch in einem Bankschließfach.

Die HDDs/SSDs sehen okay aus, aber dein System scheint ziemlich zugemüllt zu sein, einiges an veralteten Programmen und vieles bestimmt auch unnötig - was sollen zB diese vielen verschiedenen/uralten SQL-Server?


Zitat:
C:\WINDOWS\system32\Drivers\d61WW2cl0.sys
Das bitte mal bei https://virustotal.com auswerten lassen und den Ergebnislink oder eine Prüfsumme der Datei dann posten.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 25.07.2021, 18:26   #8
Polydoros
 
Ransomeware eingefangen? + A Disk read error occured. - Standard

Ransomeware eingefangen? + A Disk read error occured.


Ich hoffe der Link ist richtig:
https://www.virustotal.com/gui/file/c0cf73b4842071dac991a051fa2fb247e4a1f3ff039dd48aded8ed9b65acc73e/detection

Malwarebytes hatte die Datei bereits in Quarantäne gesteckt, ich hab sie da rausgeholt, hochgeladen und direkt wieder reingesteckt

Alt 25.07.2021, 18:34   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ransomeware eingefangen? + A Disk read error occured. - Standard

Ransomeware eingefangen? + A Disk read error occured.


Meine Einschätzung: ich würde dieses System plattmachen und komplett neu installieren, mir persönlich ist das zu sehr zugemüllt. Siehe meinen Hinweis mit den vielen alten SQL-Servern. Deine Antwort dazu?

Willst du mit aller Gewalt das System bereinigen oder eine Neuinstallation machen?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 25.07.2021, 18:41   #10
Polydoros
 
Ransomeware eingefangen? + A Disk read error occured. - Standard

Ransomeware eingefangen? + A Disk read error occured.


Ich weiß nichtmal woher die SQL Server kommen? Bewusst installiert eher nicht, evtl. sind die bei Spielen dabei?
Ich würde ihn lieber mit aller Gewalt bereinigen, wahrscheinlich gibt es gegen Weihnachten erst einen neuen Rechner, dann möchte ich ab da erst von 0 starten, nach Trauerfall und Hochwasser, möchte ich jetzt nicht wieder anfangen mir Sachen/Programme/Einstellungen zusammen zu suchen.

Sicherheitsrelevante Sachen gerne lösen, optische oder sehr aufwendige Angelegenheiten ohne nennenswerten Profit von mir aus vernachlässigen.

Alt 25.07.2021, 18:48   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ransomeware eingefangen? + A Disk read error occured. - Standard

Ransomeware eingefangen? + A Disk read error occured.


SQL wird für Datenbanken benötigt. Hab ich noch nicht gesehen, dass Spiele sowas brauchen aber ich bin schon seit vielen Jahren kein Zocker mehr. Lassen wir den Krempel erstmal drauf.

adwCleaner

Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags.

adwcleaner zwecks Kontrolle bitte wiederholen, falls es Funde gab.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 26.07.2021, 17:32   #12
Polydoros
 
Ransomeware eingefangen? + A Disk read error occured. - Standard

Ransomeware eingefangen? + A Disk read error occured.


Es gab Funde:

Code:
ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build:    06-29-2021
# Database: 2021-06-29.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    07-26-2021
# Duration: 00:00:09
# OS:       Windows 10 Home
# Scanned:  31984
# Detected: 9


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Trojan.Agent                    C:\Windows\rss

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

PUP.Optional.Legacy             aniSearch.de
PUP.Optional.WarThunder         WarThunder-Wiki (en)

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.SamsungSmartSwitch   File   C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk 
Preinstalled.SamsungSmartSwitch   Folder   C:\Program Files (x86)\SAMSUNG\SMART SWITCH PC 
Preinstalled.SamsungSmartSwitch   Folder   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG\SMART SWITCH PC 
Preinstalled.SamsungSmartSwitch   Folder   C:\Users\user\AppData\Roaming\SAMSUNG\SMART SWITCH PC 
Preinstalled.SamsungSmartSwitch   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7} 
Preinstalled.SamsungSmartSwitch   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7} 



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Code:
ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build:    06-29-2021
# Database: 2021-06-29.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    07-26-2021
# Duration: 00:00:02
# OS:       Windows 10 Home
# Cleaned:  9
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Windows\rss

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted       WarThunder-Wiki (en)
Deleted       aniSearch.de

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.SamsungSmartSwitch   File   C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk
Deleted       Preinstalled.SamsungSmartSwitch   Folder   C:\Program Files (x86)\SAMSUNG\SMART SWITCH PC
Deleted       Preinstalled.SamsungSmartSwitch   Folder   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG\SMART SWITCH PC
Deleted       Preinstalled.SamsungSmartSwitch   Folder   C:\Users\user\AppData\Roaming\SAMSUNG\SMART SWITCH PC
Deleted       Preinstalled.SamsungSmartSwitch   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}
Deleted       Preinstalled.SamsungSmartSwitch   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2227 octets] - [26/07/2021 18:24:33]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Danach nochmal durchlaufen lassen:
Code:
ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build:    06-29-2021
# Database: 2021-06-29.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    07-26-2021
# Duration: 00:00:10
# OS:       Windows 10 Home
# Scanned:  31987
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [2227 octets] - [26/07/2021 18:24:33]
AdwCleaner[C00].txt - [2435 octets] - [26/07/2021 18:26:00]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Alt 26.07.2021, 19:22   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ransomeware eingefangen? + A Disk read error occured. - Standard

Ransomeware eingefangen? + A Disk read error occured.


Dann bitte ne neue FRST.txt und Additon.txt
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 26.07.2021, 21:58   #14
Polydoros
 
Ransomeware eingefangen? + A Disk read error occured. - Standard

Ransomeware eingefangen? + A Disk read error occured.


FRST:

FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 19-07-2021 01
durchgeführt von user (Administrator) auf HOME-PC (26-07-2021 22:52:56)
Gestartet von D:\Benutzer\user\Downloads
Geladene Profile: user
Platform: Windows 10 Home Version 21H1 19043.1052 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

() [Datei ist nicht signiert] D:\Program Files (x86)\RocketDock\RocketDock.exe
() [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
(CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Discord Inc. -> Discord Inc.) C:\Users\user\AppData\Local\Discord\app-1.0.9002\Discord.exe <6>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\127.4.4265\QtWebEngineProcess.exe <2>
(Electronic Arts, Inc. -> Electronic Arts) D:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [Datei ist nicht signiert] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Ludicrous Speed LLC -> jah@raider.io) D:\Program Files\RaiderIO\RaiderIO.exe <5>
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(mfbot.de) [Datei ist nicht signiert] D:\Benutzer\user\Desktop\V Server Daten\sf_bot\MFBot.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2105.19601.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\NVDisplay.Container.exe <2>
(pdfforge GmbH -> © pdfforge GmbH.) C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8107808 2021-07-17] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Run: [TSMApplication] => D:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2021-06-29] () [Datei ist nicht signiert]
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Run: [RocketDock] => D:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () [Datei ist nicht signiert]
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Run: [Discord] => C:\Users\user\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Run: [RaiderIO] => D:\Program Files\RaiderIO\RaiderIO.exe [131130784 2021-07-12] (Ludicrous Speed LLC -> jah@raider.io)
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Run: [4K Stogram] => E:\Program Files\4KDownload\4kstogram\4kstogram.exe [35037288 2021-06-21] (Open Media LLC -> Open Media LLC) [Datei ist nicht signiert]
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Run: [mfbot] => D:\Benutzer\user\Desktop\V Server Daten\sf_bot\MFBot.exe [30963200 2020-10-31] (mfbot.de) [Datei ist nicht signiert]
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\MountPoints2: {127c30e0-7213-11eb-839d-94de802d2ecb} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\MountPoints2: {5467c86e-ddb0-11eb-83b3-94de802d2ecb} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\MountPoints2: {9d7a4a31-eabc-11ea-8384-94de802d2ecb} - "H:\HiSuiteDownLoader.exe" 
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116224 2017-07-14] (pdfforge GmbH) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.164\Installer\chrmstp.exe [2021-07-20] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2021-04-08]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy\User: Beschränkung ? <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {09330061-6634-495C-991E-B25E91CFA719} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {09E0422A-8536-4C07-8886-1EE3745133ED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0DC5C887-E37A-4EC9-B475-8CAD4A852DCD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {0FCA54E6-F449-4C8A-8D0A-DDA13CDE6B37} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1511D088-A694-480D-B763-AA0449D958DB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {19BC29F4-0193-4EDF-9415-EE1F36359E77} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {19BDD71D-F623-4DCA-B384-E3B18459EC7E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {2D63ADD2-5469-4E7C-849C-ED563EE9837D} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => D:\Programme (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe
Task: {2F45C8AD-72E2-4DA5-826D-9C1B8FFC2358} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {378D1815-5E71-4704-8B06-1DDC2C746773} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {4038B3D9-1A43-4A4B-B409-70CAF1D25FEA} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {47EB6065-ED67-4DEB-893D-EB2DB973A647} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4BCFD516-6394-4F22-AEA1-791B167435D3} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5AB5DD3B-53D8-4FE0-B86B-36CF2E9EE073} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {6790EDDA-7DC6-41B9-BC07-3412A1895E33} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {738090EC-26F5-4064-9A82-45041BFE9127} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {73A5A3D2-E097-4FF0-87EC-2477998EFB11} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {78D1C236-CB61-4EF3-8482-4E355F4F08C4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7EE4E874-EBCE-4DF6-99FE-C980E4729AE8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208216 2021-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {81AC556B-0896-4D9E-AFBA-4D9BEDA0DCD1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {929D223C-5FF7-4321-B6D1-ED3088284C6C} - \Microsoft\Windows\Setup\EOSNotify -> Keine Datei <==== ACHTUNG
Task: {92B66D62-F28B-414E-9D25-7D5B84EAE4A4} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {95C8EF2E-423B-4BE9-A5A2-40AA9FDB12CA} - \Microsoft\Windows\Setup\EOSNotify2 -> Keine Datei <==== ACHTUNG
Task: {9F610F07-9D0C-4A4E-89AF-1D86D27B5888} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9F919A76-5D57-472B-98E0-36EAA84EA535} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1A1FF90-9748-4B69-A30F-269C9C7FB099} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1C2A07E-C757-4A4A-8AA7-62CBA9590E7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {A254AA92-ACAF-4CDC-9BD0-E50C409D6132} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563208 2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2A196D6-DA80-4148-8A0E-0A7C56F28A84} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {A5ACBDF0-DB03-4B80-8254-3D59744A1400} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A65167F7-58EA-4537-B651-3552D3069B8E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A7EB71A7-8D30-4934-BF15-60940D310FC0} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B0E3FD1D-7453-4AA7-9BEA-8404498C3AC6} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B6725EA9-582B-4E20-9272-001291F5A853} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563208 2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {B82857BC-BC10-4363-A80B-EEB84379A517} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BC08E8DA-566D-4F31-9EA4-2205791973AD} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {C0A35703-385D-4844-BCAF-C5B5698B22DD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C7C03417-EB80-4EAC-A602-2805D534A0C0} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CE8BD891-1689-4B21-847B-748DD541777E} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D1399B06-7930-4304-8AC4-0E3C2D509636} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-07-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {D6884AAB-ECA3-4371-918A-D8467E913624} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DD8E96C5-E385-4AC7-A9B0-107980976525} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DEFF90BC-FB73-4B2A-A2E8-C2A11A5DB9E4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512736 2021-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {E78D2438-592A-4549-A053-281971115CCA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {EF57CEB2-854F-40E2-8474-A8759D5A855A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {F097A801-A729-4447-8AC1-E2F944F363FA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208216 2021-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F381F6C4-7BE6-4287-9C23-BD7EF5E1CF1A} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F5268221-48AB-456B-B9FC-DEE158C9523C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512736 2021-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F88C09D9-FB49-4A6B-AA45-EE2CE9D058C2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-14] (Dropbox, Inc -> Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F65D90C0-CE55-4802-A363-66C369DD5169}: [DhcpNameServer] 192.168.178.1

Edge: 
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-22]

FireFox:
========
FF DefaultProfile: d8idc29k.default
FF ProfilePath: C:\Users\user\AppData\Roaming\TomTom\HOME\Profiles\8mwhvg18.default [2017-09-10]
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default [2021-07-26]
FF Session Restore: Mozilla\Firefox\Profiles\d8idc29k.default -> ist aktiviert.
FF Notifications: Mozilla\Firefox\Profiles\d8idc29k.default -> hxxps://www.instagram.com; hxxps://web.whatsapp.com; hxxps://de.xhamsterlive.com; hxxps://top.gg
FF Extension: (Facebook Container) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default\Extensions\@contain-facebook.xpi [2021-05-07]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2021-07-26]
FF Extension: (Patreon Helper) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default\Extensions\{2af3d10e-9f62-46cc-9840-9391564da4f6}.xpi [2021-06-02]
FF Extension: (Download All Images) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default\Extensions\{32af1358-428a-446d-873e-5f8eb5f2a72e}.xpi [2021-07-05]
FF Extension: (MediaPlayer - Video and Audio Player) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default\Extensions\{9051e1b5-f28b-48d2-af1c-b1cbd8a3d0e0}.xpi [2021-05-22]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-05-19]
FF Extension: (Unpaywall) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\d8idc29k.default\Extensions\{f209234a-76f0-4735-9920-eb62507a54cd}.xpi [2021-07-15]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2021-07-23]
CHR StartupUrls: Default -> "hxxp://sc2.searchpo.com/searcher/bingsearch"
CHR DefaultSearchURL: Default -> hxxp://sc1.searchpo.com/search/{searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Extension: (Präsentationen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-22]
CHR Extension: (MEGA) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2021-07-22]
CHR Extension: (Chrome IG Story) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojgejgifofondahckoaahkilneffhmf [2019-02-15]
CHR Extension: (IG Downloader) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpgaheeihidjmolbakklolchdplenjai [2021-07-22]
CHR Extension: (Tabellen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-22]
CHR Extension: (Google Docs Offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-22]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-07-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-10]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-22]
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-03-19]
CHR Extension: (Google Präsentationen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-28]
CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-28]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-28]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-28]
CHR Extension: (Google Tabellen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-28]
CHR Extension: (Google Docs Offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-28]
CHR Extension: (Avast Online Security) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-11-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-28]
CHR Extension: (Google Mail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-28]
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\System Profile [2017-03-19]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [122728 2017-09-04] (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5745672 2018-05-08] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9482696 2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-14] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2021-07-17] (Dropbox, Inc -> Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [392168 2016-08-31] (Digital Wave Ltd -> Digital Wave Ltd.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-11-29] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [610464 2018-01-18] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-05-06] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2019-05-06] (GOG Sp. z o.o. -> GOG.com)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-08-17] (Huawei Technologies Co., Ltd. -> )
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-08-18] (Logitech Inc -> Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-30] (Malwarebytes Inc -> Malwarebytes)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-06-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; D:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-06-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (pdfforge GmbH -> © pdfforge GmbH.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe [493792 2017-11-07] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [120096 2017-11-08] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [57360 2020-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ACHTUNG (kein ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ACHTUNG (kein ServiceDLL)
S3 GoogleChromeElevationService; "C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\elevation_service.exe" [X]
S3 MicrosoftEdgeElevationService; "C:\Program Files (x86)\Microsoft\Edge\Application\91.0.864.64\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ampa; C:\Windows\system32\ampa.sys [38320 2016-12-26] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-12-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-12-14] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-08-18] (Logitech Inc -> Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-07-26] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-30] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-22] (Malwarebytes Inc -> Malwarebytes)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2020-01-07] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-07-10] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425192 2021-07-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-10] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-07-26 18:30 - 2021-07-26 18:30 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-07-25 12:08 - 2021-07-25 12:08 - 000000000 _____ C:\Recovery.txt
2021-07-25 11:18 - 2021-07-25 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-07-25 11:11 - 2021-07-25 11:11 - 000004270 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-07-25 11:11 - 2021-07-25 11:11 - 000004038 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-07-25 00:33 - 2021-07-26 22:53 - 000000000 ____D C:\FRST
2021-07-23 18:18 - 2021-07-23 18:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-07-22 20:35 - 2021-07-22 20:35 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-07-17 16:58 - 2021-07-17 16:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-07-17 16:58 - 2021-07-17 16:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-07-17 16:58 - 2021-07-17 16:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-07-17 16:58 - 2021-07-17 16:58 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-07-17 09:32 - 2021-07-17 09:32 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-07-16 18:51 - 2021-07-16 18:51 - 000003630 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-16 18:51 - 2021-07-16 18:51 - 000003506 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-10 18:30 - 2021-07-10 18:30 - 000000000 ____D C:\Users\user\.m2
2021-07-10 18:30 - 2021-07-10 18:30 - 000000000 ____D C:\Users\user\.lemminx
2021-07-10 18:26 - 2021-07-10 18:26 - 000000000 ____D C:\Users\user\AppData\Local\Eclipse
2021-07-10 18:09 - 2021-07-10 18:09 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eclipse
2021-07-10 18:03 - 2021-07-10 18:39 - 000000000 ____D C:\Users\user\.p2
2021-07-10 18:03 - 2021-07-10 18:26 - 000000000 ____D C:\Users\user\.eclipse
2021-07-05 18:44 - 2021-07-26 18:29 - 019136512 _____ C:\WINDOWS\system32\config\SYSTEM
2021-06-30 18:38 - 2021-06-30 18:38 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-06-30 18:37 - 2021-06-21 10:43 - 000037664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-06-30 18:36 - 2021-06-22 03:25 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-06-30 18:36 - 2021-06-22 03:25 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-06-30 18:36 - 2021-06-22 03:25 - 001474336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-06-30 18:36 - 2021-06-22 03:25 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-06-30 18:36 - 2021-06-22 03:25 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-06-30 18:36 - 2021-06-22 03:25 - 001212192 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-06-30 18:36 - 2021-06-22 03:25 - 001097832 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-06-30 18:36 - 2021-06-22 03:25 - 001097832 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-06-30 18:36 - 2021-06-22 03:25 - 000951912 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-06-30 18:36 - 2021-06-22 03:25 - 000951912 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-06-30 18:36 - 2021-06-22 03:21 - 001519384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-06-30 18:36 - 2021-06-22 03:21 - 001170224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-06-30 18:36 - 2021-06-22 03:21 - 000715568 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-06-30 18:36 - 2021-06-22 03:21 - 000675088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-06-30 18:36 - 2021-06-22 03:21 - 000641328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-06-30 18:36 - 2021-06-22 03:21 - 000575792 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-06-30 18:36 - 2021-06-22 03:21 - 000563992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-06-30 18:36 - 2021-06-22 03:20 - 002111264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-06-30 18:36 - 2021-06-22 03:20 - 001594656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-06-30 18:36 - 2021-06-22 03:20 - 000917280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-06-30 18:36 - 2021-06-22 03:20 - 000704792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-06-30 18:36 - 2021-06-22 03:19 - 008852760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-06-30 18:36 - 2021-06-22 03:19 - 007918872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-06-30 18:36 - 2021-06-22 03:19 - 004986648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-06-30 18:36 - 2021-06-22 03:19 - 002924304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-06-30 18:36 - 2021-06-22 03:19 - 000446744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-06-30 18:36 - 2021-06-22 03:18 - 000848672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-06-30 18:36 - 2021-06-22 03:17 - 006215312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-06-30 18:36 - 2021-06-21 10:43 - 000082968 _____ C:\WINDOWS\system32\nvinfo.pb

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-07-26 22:53 - 2019-08-29 21:19 - 000000000 ____D C:\Users\user\AppData\Roaming\RaiderIO
2021-07-26 22:52 - 2018-12-24 12:05 - 000000000 ____D C:\Users\user\AppData\Local\Spotify
2021-07-26 22:52 - 2017-01-08 18:23 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2021-07-26 22:51 - 2018-12-24 12:05 - 000000000 ____D C:\Users\user\AppData\Roaming\Spotify
2021-07-26 22:51 - 2017-06-15 21:22 - 000000000 ____D C:\Users\user\AppData\Roaming\discord
2021-07-26 22:51 - 2017-04-28 17:30 - 000000000 ____D C:\Users\user\AppData\Local\Battle.net
2021-07-26 22:41 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-26 22:31 - 2017-06-15 21:22 - 000000000 ____D C:\Users\user\AppData\Local\Discord
2021-07-26 21:56 - 2016-11-27 14:51 - 000000000 ____D C:\Program Files (x86)\Google
2021-07-26 20:02 - 2020-11-08 12:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-26 18:37 - 2020-11-08 12:33 - 001886424 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-26 18:37 - 2019-12-07 16:50 - 000785596 _____ C:\WINDOWS\system32\perfh007.dat
2021-07-26 18:37 - 2019-12-07 16:50 - 000167710 _____ C:\WINDOWS\system32\perfc007.dat
2021-07-26 18:37 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-07-26 18:31 - 2019-04-18 17:39 - 000000000 ____D C:\ProgramData\Mozilla
2021-07-26 18:30 - 2020-11-08 12:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-26 18:30 - 2020-11-08 12:22 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-26 18:30 - 2017-11-13 21:20 - 000000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2021-07-26 18:30 - 2017-11-13 21:20 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2021-07-26 18:30 - 2017-09-27 06:27 - 000000000 ____D C:\Users\user\AppData\LocalLow\Mozilla
2021-07-26 18:30 - 2016-11-26 18:33 - 000000000 ____D C:\ProgramData\NVIDIA
2021-07-26 18:29 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-07-26 18:27 - 2019-02-14 20:48 - 000001210 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-07-26 18:27 - 2019-02-14 20:48 - 000001206 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-07-26 18:25 - 2017-09-13 19:36 - 000000000 ____D C:\Users\user\AppData\Roaming\Samsung
2021-07-26 18:25 - 2017-09-13 19:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2021-07-26 18:25 - 2017-09-13 19:36 - 000000000 ____D C:\Program Files (x86)\Samsung
2021-07-26 18:24 - 2017-02-03 07:53 - 000000000 ____D C:\AdwCleaner
2021-07-25 23:29 - 2016-11-27 16:35 - 000000000 ____D C:\Users\user\AppData\Roaming\KeePass
2021-07-25 16:56 - 2021-01-15 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2021-07-25 16:56 - 2021-01-15 12:45 - 000000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2021-07-25 12:36 - 2019-12-30 21:47 - 000000000 ____D C:\Users\user\AppData\Local\D3DSCache
2021-07-25 11:18 - 2019-02-14 20:48 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-07-24 20:30 - 2020-06-19 16:48 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-24 20:30 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-24 20:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-23 18:18 - 2021-06-25 18:19 - 000000250 _____ C:\WINDOWS\wininit.ini
2021-07-23 18:18 - 2017-11-02 02:32 - 000000943 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-07-22 16:00 - 2017-03-19 11:24 - 000000000 ____D C:\Users\user\AppData\Local\Packages
2021-07-21 18:17 - 2016-11-27 16:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-07-21 00:00 - 2016-11-26 18:20 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-07-17 09:32 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-07-17 09:31 - 2019-12-31 12:53 - 000000000 ____D C:\Program Files\Microsoft Office
2021-07-11 23:12 - 2017-11-30 09:19 - 000000000 ____D C:\Users\user\AppData\Roaming\obs-studio
2021-07-11 21:33 - 2020-03-14 15:52 - 000000000 ____D C:\Users\user\AppData\Roaming\vlc
2021-07-11 10:18 - 2016-12-05 16:17 - 000000000 ____D C:\Users\user\AppData\Local\Microsoft Help
2021-07-10 18:26 - 2018-04-29 14:43 - 000000000 ____D C:\Users\user\.cache
2021-07-10 15:04 - 2020-07-04 02:28 - 000010752 _____ C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-07-10 09:36 - 2019-12-30 21:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-07-05 18:44 - 2021-06-21 18:06 - 019398656 _____ C:\WINDOWS\system32\C_32770.NLS
2021-06-30 18:42 - 2017-11-06 13:21 - 000000000 ____D C:\Users\user\AppData\Local\NVIDIA
2021-06-30 18:24 - 2021-06-22 07:13 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-06-30 18:24 - 2021-06-22 07:13 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b5b9e570dbf8
2021-06-29 19:31 - 2016-11-28 16:30 - 000000000 ____D C:\ProgramData\Origin

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2021-06-21 18:04 - 2021-06-21 18:04 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll
2018-01-15 13:50 - 2018-01-15 13:51 - 000000132 _____ () C:\Users\user\AppData\Roaming\Adobe BMP-Format CC - Voreinstellungen
2017-03-07 17:10 - 2021-02-17 20:22 - 000000132 _____ () C:\Users\user\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2017-03-07 17:02 - 2021-06-21 20:22 - 000001456 _____ () C:\Users\user\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2020-07-04 02:28 - 2021-07-10 15:04 - 000010752 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-06-14 06:39 - 2018-07-02 13:14 - 000000600 _____ () C:\Users\user\AppData\Local\PUTTY.RND
2020-06-21 18:00 - 2020-06-21 18:00 - 000007601 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
--- --- ---

Alt 26.07.2021, 21:59   #15
Polydoros
 
Ransomeware eingefangen? + A Disk read error occured. - Standard

Ransomeware eingefangen? + A Disk read error occured.


Addition:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 19-07-2021 01
durchgeführt von user (26-07-2021 22:54:08)
Gestartet von D:\Benutzer\user\Downloads
Windows 10 Home Version 21H1 19043.1052 (X64) (2020-11-08 10:28:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-2579833569-30274321-2403803918-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2579833569-30274321-2403803918-503 - Limited - Disabled)
Gast (S-1-5-21-2579833569-30274321-2403803918-501 - Limited - Disabled)
user (S-1-5-21-2579833569-30274321-2403803918-1000 - Administrator - Enabled) => C:\Users\user
WDAGUtilityAccount (S-1-5-21-2579833569-30274321-2403803918-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4K Stogram (HKLM\...\{4F7C8AC4-DEF5-47D7-BA92-72BFBABD94E1}) (Version: 3.3.2.3490 - Open Media LLC)
Active Directory Authentication Library für SQL Server (HKLM\...\{DCF8CB30-F4CE-476A-AB02-E8D620FADC70}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library für SQL Server (x86) (HKLM-x32\...\{03D2027B-6335-4822-89ED-CD99D2F4CE43}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Agent Ransack x64 (HKLM\...\{C4A498C9-A668-462D-8E54-9DD68A87DFAD}) (Version: 8.0.865.1 - Mythicsoft Ltd)
AlienFX for KoneXTD (HKLM\...\{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.02 - Roccat GmbH) Hidden
AlienFX for KoneXTD (HKLM-x32\...\InstallShield_{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.02 - Roccat GmbH)
AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version:  - AOMEI Technology Co., Ltd.)
AOMEI Partition Assistant Standard Edition 6.5 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Burning Crusade Classic (HKLM-x32\...\Burning Crusade Classic) (Version:  - Blizzard Entertainment)
Call of Duty Black Ops Cold War (HKLM-x32\...\Call of Duty Black Ops Cold War) (Version:  - Blizzard Entertainment)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
CrystalDiskInfo 8.1.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.1.0 - Crystal Dew World)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0221 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 127.4.4265 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.485.1 - Dropbox, Inc.) Hidden
Epic Games Launcher (HKLM-x32\...\{50D3E17D-0AFC-4617-AB00-DDE3099545FA}) (Version: 1.1.183.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{FD639F4D-1460-42E6-B32D-FEC1745D0BDC}) (Version: 13.0.1601.5 - Microsoft Corporation)
FileZilla Client 3.39.0 (HKLM-x32\...\FileZilla Client) (Version: 3.39.0 - Tim Kosse)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Video Flip and Rotate (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 1.1.35.831 - Digital Wave Ltd)
GetFoldersize 3.1.10 (HKLM-x32\...\GetFoldersize_is1) (Version: 3.1.10 - Michael Thummerer Software Design)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.164 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.99 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 10.1.1.500 - Huawei Technologies Co., Ltd.)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.29.01 - Hyperionics Technology LLC)
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KeePass Password Safe 1.32 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.32 - Dominik Reichl)
KeePass Password Safe 2.43 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.43 - Dominik Reichl)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.81 - Logitech Inc.)
Malwarebytes version 4.4.0.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 - Malwarebytes)
Manager (HKLM-x32\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.55 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (German) (HKLM-x32\...\{90120000-00D1-0407-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Volume - de-de) (Version: 16.0.10376.20033 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\OneDriveSetup.exe) (Version: 21.109.0530.0001 - Microsoft Corporation)
Microsoft Report Viewer 2015 Runtime (HKLM-x32\...\{3ECE8FC7-7020-4756-A71C-C345D4725B77}) (Version: 12.0.2402.15 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{13146756-9716-4843-84CA-053916D2FCF9}) (Version: 11.3.6538.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB  (HKLM\...\{C555970C-4C94-4A20-9869-AE7E2F84748F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{264B070C-82D7-4C9C-B1CE-A0B124BCC787}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service  (HKLM-x32\...\{4EFF12AE-599C-42A2-ACFA-0D95C3B11A19}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom  (HKLM\...\{E8F3D249-7DE6-4422-AC86-1CE7D5CCFA0F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.60519.0) (HKLM-x32\...\{9F367648-EC0C-4F97-B351-D12A51E38F96}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2016 Management Objects  (HKLM-x32\...\{35A7B00B-4F9C-4B4D-919C-86FFFEE46AD6}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Teams) (Version: 1.3.00.12058 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{48BF289B-F3FA-4023-9251-80ABF7B726F9}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 90.0.2 (x64 de)) (Version: 90.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla)
Mozilla Thunderbird 45.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.5.0 (x86 de)) (Version: 45.5.0 - Mozilla)
Mozilla Thunderbird 78.12.0 (x86 de) (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Mozilla Thunderbird 78.12.0 (x86 de)) (Version: 78.12.0 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.8.2 - Notepad++ Team)
NVIDIA Grafiktreiber 471.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.11 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.1.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10376.20033 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10376.20033 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.10376.20033 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.101.48500 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
paint.net (HKLM\...\{B998B716-4001-4919-BA90-BA14B51DFEB5}) (Version: 4.1.6 - dotPDN LLC)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.3 - pdfforge GmbH)
RaiderIO 2.1.8 (HKLM\...\ea53c16d-4ef5-533f-83dc-5b0c5bb40cb2) (Version: 2.1.8 - jah@raider.io)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6738 - Realtek Semiconductor Corp.)
Rename Master (HKLM-x32\...\Rename Master_is1) (Version:  - )
ROCCAT Isku Keyboard Driver (HKLM-x32\...\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}) (Version:  - Roccat GmbH)
ROCCAT Kone XTD Mouse Driver (HKLM-x32\...\{7133137D-DF48-4522-AD88-13C82B7D0A63}) (Version:  - Roccat GmbH)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
roomeon 3D-Planer (HKLM-x32\...\{E94EF5B3-85D9-40C0-97DB-FA2BB29814E5}) (Version: 1.6.2 - roomeon GmbH)
Roslyn Language Services - x86 (HKLM-x32\...\{6970C7E1-F99D-388D-8903-DF8FCE677FED}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
SimilarImages (HKLM-x32\...\SimilarImages) (Version: 2013.11 - Nils Maier)
Snaz Version 1.12.7.0 (HKLM-x32\...\{70A76031-FDC6-4F9B-BB5C-33776703F45A}_is1) (Version: 1.12.7.0 - JimsApps)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\Spotify) (Version: 1.1.64.561.g71bd09eb - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.22.3 - General Workings, Inc.)
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (HKLM-x32\...\{7A95671A-759E-3B83-B763-4289D1D24D73}) (Version: 14.102.25619 - Microsoft) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Witcher Adventure Game (HKLM-x32\...\1207666883_is1) (Version: 2.7.0.24 - GOG.com)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
TreeSize Free V4.4.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.4.2 - JAM Software)
Tukui Client (HKLM-x32\...\{FFA451DC-1551-445D-BCBE-45C207527B74}) (Version: 3.2.7 - Tukui)
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{BA5762C7-D35F-4725-A4BD-525854127018}) (Version: 1.8.36.0 - Microsoft Corporation) Hidden
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
VEGAS Pro 16.0 (HKLM\...\{0A450A0F-A098-11E8-A36D-00155D6302F2}) (Version: 16.0.248 - VEGAS)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Warcraft Logs Uploader 4.7.0 (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\{bcc11bd8-bf2f-5f00-925b-921594bc2ca4}) (Version: 4.7.0 - warcraftlogs)
Warcraft Logs Uploader 5.5.1 (HKU\S-1-5-21-2579833569-30274321-2403803918-1000\...\bcc11bd8-bf2f-5f00-925b-921594bc2ca4) (Version: 5.5.1 - warcraftlogs)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

Packages:
=========
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-31] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-01] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-20] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-06-30] (NVIDIA Corp.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2579833569-30274321-2403803918-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2579833569-30274321-2403803918-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2579833569-30274321-2403803918-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\user\Dropbox [2019-02-14 20:49]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-01-17] (Notepad++ -> )
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2017-01-31] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\nvshext.dll [2021-06-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2_S-1-5-21-2579833569-30274321-2403803918-1000: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\Agent Ransack\ShellExt.dll [2016-10-19] (Mythicsoft Ltd -> Mythicsoft Ltd)
ContextMenuHandlers4_S-1-5-21-2579833569-30274321-2403803918-1000: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\Agent Ransack\ShellExt.dll [2016-10-19] (Mythicsoft Ltd -> Mythicsoft Ltd)
ContextMenuHandlers5_S-1-5-21-2579833569-30274321-2403803918-1000: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\Agent Ransack\ShellExt.dll [2016-10-19] (Mythicsoft Ltd -> Mythicsoft Ltd)
ContextMenuHandlers6_S-1-5-21-2579833569-30274321-2403803918-1000: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\Agent Ransack\ShellExt.dll [2016-10-19] (Mythicsoft Ltd -> Mythicsoft Ltd)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2017-12-22] (Beepa P/L) [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2017-12-22] (Beepa P/L) [Datei ist nicht signiert]

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2016-11-27 16:41 - 2007-09-02 14:57 - 000069632 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\RocketDock\RocketDock.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000053760 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\_bz2.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000084992 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\_ctypes.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000783360 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\_hashlib.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000137216 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\_lzma.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000047104 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\_socket.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000039424 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\psutil._psutil_windows.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 001861120 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtCore.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 002002944 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtGui.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 004101120 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtWidgets.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000009728 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\select.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000075264 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\sip.pyd
2021-06-29 20:02 - 2021-06-29 20:01 - 000758784 _____ () [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\unicodedata.pyd
2021-06-10 18:20 - 2021-07-12 23:23 - 002821120 _____ () [Datei ist nicht signiert] D:\Program Files\RaiderIO\ffmpeg.dll
2021-06-10 18:20 - 2021-07-12 23:23 - 000446464 _____ () [Datei ist nicht signiert] D:\Program Files\RaiderIO\libegl.dll
2021-06-10 18:20 - 2021-07-12 23:23 - 007900160 _____ () [Datei ist nicht signiert] D:\Program Files\RaiderIO\libglesv2.dll
2020-11-08 12:25 - 2020-11-08 12:25 - 000065536 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll
2019-12-31 12:53 - 2019-12-31 12:53 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2019-12-31 12:53 - 2019-12-31 12:53 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2017-12-19 15:39 - 2017-09-27 18:30 - 000489984 _____ (Newtonsoft) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\Newtonsoft.Json.dll
2017-07-14 18:55 - 2017-07-14 18:55 - 000116224 _____ (pdfforge GmbH) [Datei ist nicht signiert] C:\WINDOWS\System32\pdfcmon.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 002741248 _____ (Python Software Foundation) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\python34.dll
2017-06-15 10:38 - 2017-06-15 10:38 - 000069120 _____ (SkinSoft) [Datei ist nicht signiert] C:\Users\user\AppData\Local\SkinSoft\VisualStyler\2.4.59444.6\x64\ssapihook.dll
2020-10-31 11:38 - 2021-07-26 18:31 - 001716224 _____ (SQLite Development Team) [Datei ist nicht signiert] D:\Benutzer\user\Desktop\V Server Daten\sf_bot\sqlite3.DLL
2021-06-29 20:02 - 2021-06-29 20:01 - 000848896 _____ (The ICU Project) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\icudt53.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 001580032 _____ (The ICU Project) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\icuin53.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 001079296 _____ (The ICU Project) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\icuuc53.dll
2016-11-28 16:32 - 2020-04-08 16:17 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\LIBEAY32.dll
2016-11-28 16:32 - 2020-04-08 16:18 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\ssleay32.dll
2016-11-28 16:32 - 2019-08-29 14:44 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-06-29 19:31 - 2019-08-29 14:44 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5Core.dll
2021-06-29 19:31 - 2019-08-29 14:44 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5Gui.dll
2021-06-29 19:31 - 2019-08-29 14:44 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5Network.dll
2021-06-29 19:31 - 2019-08-29 14:45 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-06-29 19:31 - 2019-08-29 14:45 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-06-29 19:31 - 2019-08-29 14:45 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5Xml.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000036352 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qdds.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000022016 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qgif.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000029184 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qicns.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000022016 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qico.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000381952 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjp2.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000206848 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjpeg.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000218624 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qmng.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000016384 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtga.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000308736 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtiff.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000015360 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwbmp.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000287232 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwebp.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 000991744 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\platforms\qwindows.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 004182528 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Core.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 004877312 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Gui.dll
2021-06-29 20:02 - 2021-06-29 20:01 - 004490752 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Widgets.dll
2017-12-19 15:39 - 2017-11-07 17:37 - 000088064 _____ (Wondershare) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppCollect.dll
2017-12-19 15:39 - 2017-11-07 17:37 - 000200192 _____ (Wondershare) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppCommon.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [226]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKU\S-1-5-21-2579833569-30274321-2403803918-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-11-19 01:53 - 000003469 _____ C:\WINDOWS\system32\drivers\etc\hosts
173.0.14.249 d1.proxpn.com
173.0.14.249 d1.proxpn.biz
173.0.14.249 d1.proxpn.org
173.0.14.249 d1.proxpn.me
107.6.100.5 pptp-d1.proxpn.com
107.6.100.5 pptp-d1.proxpn.biz
107.6.100.5 pptp-d1.proxpn.org
107.6.100.5 pptp-d1.proxpn.me
173.231.141.114 ny1.proxpn.com
173.231.141.114 ny1a.proxpn.biz
173.231.141.114 ny1a.proxpn.org
173.231.141.114 ny1a.proxpn.me
173.231.141.116 pptp-ny1a.proxpn.com
173.231.141.116 pptp-ny1a.proxpn.biz
173.231.141.116 pptp-ny1.proxpn.org
173.231.141.116 pptp-ny1.proxpn.me
216.18.231.179 se1.proxpn.com
216.18.231.179 se1.proxpn.biz
216.18.231.179 se1.proxpn.org
216.18.231.179 se1.proxpn.me
216.18.231.181 pptp-se1.proxpn.com
216.18.231.181 pptp-se1.proxpn.biz
216.18.231.181 pptp-se1.proxpn.org
216.18.231.181 pptp-se1.proxpn.me
64.27.29.67 la1.proxpn.com
64.27.29.67 la1.proxpn.biz
64.27.29.67 la1.proxpn.org
64.27.29.67 la1.proxpn.me
64.27.29.68 pptp-la1.proxpn.com
64.27.29.68 pptp-la1.proxpn.biz

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\AOMEI Backupper;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2579833569-30274321-2403803918-1000\Control Panel\Desktop\\Wallpaper -> D:\Benutzer\user\Eigene Bilder\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei)
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: Steam => "D:\Program Files (x86)\Steam\steam.exe" -silent

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{4A6E148B-989F-44C1-9A7A-DDDE8F8E088C}] => (Allow) E:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [{6DA249F2-1189-4D4D-B43D-14590E3F9239}] => (Allow) E:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{90199173-0506-4E4D-88CD-C79EEC856D92}D:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) D:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{D5B3A047-5529-47AD-B36B-28DDCDB89F28}D:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) D:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{CD0AB3DC-A410-44DA-87B0-08B35902E06C}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => Keine Datei
FirewallRules: [{A9889C33-2A62-4F9E-B0DD-18AC86A1EE26}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => Keine Datei
FirewallRules: [UDP Query User{E06468E0-98B0-4491-86B7-6F6C90864756}E:\steamlibrary\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe => Keine Datei
FirewallRules: [TCP Query User{E1B46380-71CC-4331-BCA7-6DECD8A8258D}E:\steamlibrary\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{7BBB7DF8-D6C7-44D0-9EA5-4614C36A36C1}C:\users\user\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\user\appdata\local\programs\blitz\blitz.exe => Keine Datei
FirewallRules: [TCP Query User{BC0CFFD8-D507-449E-9B70-0D1551CDDE35}C:\users\user\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\user\appdata\local\programs\blitz\blitz.exe => Keine Datei
FirewallRules: [UDP Query User{26F71397-CBF4-466A-8595-CF734D0E2CF5}C:\users\user\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\user\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{EF3EBD27-65FF-4CCB-93C6-E8048E274EAC}C:\users\user\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\user\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{CD721D75-23DF-49B9-A453-C241CD404BD8}C:\users\user\appdata\local\blitz\current\blitz.exe] => (Allow) C:\users\user\appdata\local\blitz\current\blitz.exe => Keine Datei
FirewallRules: [TCP Query User{8DF1D4FB-1850-4EB6-9E42-B0C5B11E6D3A}C:\users\user\appdata\local\blitz\current\blitz.exe] => (Allow) C:\users\user\appdata\local\blitz\current\blitz.exe => Keine Datei
FirewallRules: [{001C0D1A-2552-4463-A16E-72B72EC26B29}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => Keine Datei
FirewallRules: [{500C6985-4DB1-47DF-960A-9D0EDA2990BC}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => Keine Datei
FirewallRules: [{437C337B-7540-46E6-A4DD-A1F51EFC54C2}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => Keine Datei
FirewallRules: [{327F6E00-8137-4A78-A6A3-F51971DB9EBE}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => Keine Datei
FirewallRules: [{E8233E25-EF07-4D43-8A12-3025C6B0DFE2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D2E02427-6686-4762-B0C6-410FD7943037}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{34354047-A99B-487E-A167-3D89CEA316D6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{53C4D91A-20A9-4069-8B9F-5B3CC216E03D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8B6D41A7-5D8E-421C-998A-2E3456C66D94}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{645892EA-372F-4D43-8C92-CE7BCDC88602}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe => Keine Datei
FirewallRules: [{CB0F98E5-3516-4C26-9CB2-2354190F1D6B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe => Keine Datei
FirewallRules: [{4E831682-08D2-4B0E-B324-240658B57250}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => Keine Datei
FirewallRules: [{9D22EB54-8DE8-466E-9B45-E37CFFCF3F0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe => Keine Datei
FirewallRules: [{6219D0A0-5282-4C85-914D-1E2FE3388DCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe => Keine Datei
FirewallRules: [{ECA95E8D-64B0-423D-A08C-1D4C1CCC8F0F}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{28FF2450-6226-4612-8F9C-394BE8FBC52E}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9FE82643-1380-4E45-8907-3D42E65CECF5}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{80EA1FC5-DE45-4F1F-A864-92C2E78EF09F}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{90A61087-67B9-4211-9A6A-EF9983652A4B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4B6B3CF8-11F4-43BB-8EAB-5C7EE8E90519}] => (Allow) LPort=2869
FirewallRules: [{91834D8E-BF68-434A-8DD1-F5A4A20BD329}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{4AE65574-6C6F-4455-892E-F737DC4D2362}E:\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) E:\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [UDP Query User{1B1EF4AD-628B-4A66-8827-FBE92DFF2494}E:\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) E:\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [TCP Query User{25630A57-B7EE-48BA-B2D9-0465ABA1495C}E:\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe] => (Allow) E:\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [UDP Query User{3546140E-876E-4E18-9BF1-8D88F3AF4F4A}E:\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe] => (Allow) E:\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [TCP Query User{18D80B2F-8405-4F9C-873E-14BC6935C2E8}E:\overwatch\overwatch.exe] => (Allow) E:\overwatch\overwatch.exe => Keine Datei
FirewallRules: [UDP Query User{A8E7A4FB-03B3-4D27-A19A-4640A8459857}E:\overwatch\overwatch.exe] => (Allow) E:\overwatch\overwatch.exe => Keine Datei
FirewallRules: [{D09DCB6F-DF75-46E5-A6F5-27401051E44E}] => (Allow) C:\Users\user\AppData\Local\Temp\andy-x64\Setup.exe => Keine Datei
FirewallRules: [{96F37A3F-C18D-47DC-ABE4-908961378B01}] => (Allow) C:\Users\user\AppData\Local\Temp\andy-x64\Setup.exe => Keine Datei
FirewallRules: [{490D8786-E36B-46EF-85DA-5A6E255B84F2}] => (Allow) C:\Program Files\Andy\andy.exe => Keine Datei
FirewallRules: [{852D0C27-64AF-43AD-BD9D-6992F2A730CF}] => (Allow) C:\Program Files\Andy\andy.exe => Keine Datei
FirewallRules: [{2500D083-69C3-46A4-978E-C0870245764F}] => (Allow) C:\Program Files\Andy\AndyConsole.exe => Keine Datei
FirewallRules: [{FCD75FD3-BDAE-43F5-8B9D-E2DD3C58ACA9}] => (Allow) C:\Program Files\Andy\AndyConsole.exe => Keine Datei
FirewallRules: [{CD2B06F1-34E4-450E-B6A0-C4441259FFBF}] => (Allow) C:\Program Files\Andy\HandyAndy.exe => Keine Datei
FirewallRules: [{002514EE-2676-4F7D-92FB-AAA143B12CA3}] => (Allow) C:\Program Files\Andy\HandyAndy.exe => Keine Datei
FirewallRules: [{59E7B9F1-1FD3-48C7-B35C-6CB488D54218}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe => Keine Datei
FirewallRules: [{379A5A9C-415E-485D-8C77-46A121DF76DB}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe => Keine Datei
FirewallRules: [{4290E391-36C6-4AEB-A569-E715A16EFE82}] => (Allow) C:\Users\user\AppData\Local\Temp\RemoveTemp.exe => Keine Datei
FirewallRules: [{D40C5F2F-55DA-4535-97D4-2778BBB54041}] => (Allow) C:\Users\user\AppData\Local\Temp\RemoveTemp.exe => Keine Datei
FirewallRules: [{836E9BE2-E01D-4A44-A38C-B168998FED1A}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe => Keine Datei
FirewallRules: [{2B94FF74-5C6F-4374-8E85-9E50CF9A5045}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe => Keine Datei
FirewallRules: [{49D6DF34-3858-487C-9795-73A18858075F}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe => Keine Datei
FirewallRules: [{2B22F4AB-1E91-4CBF-8597-FB6CC84644A8}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe => Keine Datei
FirewallRules: [TCP Query User{3E8D9AAD-B8E6-4A31-BE6E-47B402AEC12B}E:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) E:\program files\rockstar games\grand theft auto v\gta5.exe => Keine Datei
FirewallRules: [UDP Query User{F3177FED-A5E5-4A86-9928-8AD289C80396}E:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) E:\program files\rockstar games\grand theft auto v\gta5.exe => Keine Datei
FirewallRules: [TCP Query User{52447431-39D5-4DA7-AB9E-F076BD20DD02}D:\program files\teamspeak 3 client\ts3client_win64.exe] => (Allow) D:\program files\teamspeak 3 client\ts3client_win64.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [UDP Query User{25913D96-0447-416C-8015-F06857EC78C7}D:\program files\teamspeak 3 client\ts3client_win64.exe] => (Allow) D:\program files\teamspeak 3 client\ts3client_win64.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [{0E5A8359-22D1-40A5-B892-E289639170A4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{06B67D62-3F1C-484A-A69C-A6C8A2CFCCD2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{DCD22A10-EBE3-4E77-850D-1A3AA73EC764}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{DEAAD606-F120-48C4-9522-7B4314F7839F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{DA65F31F-99FA-4641-8DA1-74F186830C0F}E:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) E:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [UDP Query User{5ED2F346-43A5-461B-B961-1D200A397A64}E:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) E:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [{60406519-4E1C-4DD8-BC1A-ABD566C45B3D}] => (Block) E:\Program Files\Rockstar Games\Grand Theft Auto V\GTAVLauncher.exe => Keine Datei
FirewallRules: [TCP Query User{972EE226-F87D-464E-8C57-400D562CFFEE}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{C17D4A5F-3C8E-4D48-A1B6-EC7F3BA0115C}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{0719B81F-8660-4FCF-91B1-280185975292}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{3F46F757-53FF-4916-B41F-B5F7E10A3628}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{4DABD2DB-5DB3-4F0C-9505-A4C302AD7106}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{40C39E61-F0C4-481C-B371-5B87A951A6EB}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{465E303A-33B2-4B3F-A0D7-2E4388D2F41C}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{33AD6841-103B-4C00-9124-5D51E90E2583}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{39EDCB2A-0EAA-4E1E-A9EC-6AE691CDCAED}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{207D158A-9DB2-4310-991D-1E1E9B7CB78D}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{06F7425F-135A-4246-A813-4FBBFC4F7325}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{9D5A9055-97DE-4640-AE1F-69F7DACBF2B1}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{8733FF72-EE46-46BA-94CD-0C6DD1D2027E}E:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) E:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{A7E00E1E-C258-4D1F-A8C5-AA4D254C6476}E:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) E:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{B174D0CD-D5F4-4CD7-AB31-AA27328510FA}E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3C76CB0A-A2D0-4FB8-926D-0F423C96C71D}E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{AF4191D3-39C3-46DE-A548-BCABC0164232}E:\program files (x86)\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\program files (x86)\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{CF8123C0-8573-41B6-873D-46354C9C58B0}E:\program files (x86)\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\program files (x86)\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Keine Datei
FirewallRules: [{479CAC48-460C-4F85-8083-3D242B28EB1E}] => (Allow) C:\Users\user\AppData\Roaming\Streamlabs\Streamlabs Chatbot\Streamlabs Chatbot.exe => Keine Datei
FirewallRules: [{49AF226E-C4A2-4F51-900B-D7E49BF1BDD5}] => (Allow) C:\Users\user\AppData\Roaming\Streamlabs\Streamlabs Chatbot\Streamlabs Chatbot.exe => Keine Datei
FirewallRules: [{4E16179E-E83E-475D-86EB-91713A355E15}] => (Allow) C:\Users\user\AppData\Roaming\Streamlabs\Streamlabs Chatbot\Streamlabs Chatbot.exe => Keine Datei
FirewallRules: [{B74A4902-09A0-45F5-8196-41134B17460E}] => (Allow) C:\Users\user\AppData\Roaming\Streamlabs\Streamlabs Chatbot\Streamlabs Chatbot.exe => Keine Datei
FirewallRules: [TCP Query User{913384C0-B5A9-4372-8CE1-01FC50CF866F}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{66ED06BE-74F8-4ABA-B4FA-2BEC35EBAA67}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{C4B879DF-AADC-4A37-AF28-3E1BCE0AB49E}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{EE63598F-7151-455F-BB69-2570EEC7E731}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{F9F5F0A6-D1F9-48A2-9224-10026823ABF2}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{4FAEC4DC-D319-495E-842D-AF8B7D725AD1}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{AA9ED216-C389-48B5-8A31-369D2B47A718}E:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) E:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe => Keine Datei
FirewallRules: [UDP Query User{80FB710F-7D9D-4166-A9F8-93AEAE42C820}E:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) E:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe => Keine Datei
FirewallRules: [TCP Query User{620EC0E5-AFEF-4BC9-9295-BF332737B1AB}E:\jdownloader v2.0\jdownloader2.exe] => (Allow) E:\jdownloader v2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [UDP Query User{F160744B-471A-4BA2-8A22-D4B0391B5DF1}E:\jdownloader v2.0\jdownloader2.exe] => (Allow) E:\jdownloader v2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [TCP Query User{7F5B0FA5-B941-4E30-91B1-D4FC145CB920}E:\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) E:\games\the sims 4\game\bin\ts4_x64.exe => Keine Datei
FirewallRules: [UDP Query User{04A3EA83-0E68-4D3B-970C-C7241E32C43E}E:\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) E:\games\the sims 4\game\bin\ts4_x64.exe => Keine Datei
FirewallRules: [TCP Query User{CA8CA4EE-2381-4E0D-AD50-966D032E5A22}E:\games\the sims 4\game\bin\ts4.exe] => (Allow) E:\games\the sims 4\game\bin\ts4.exe => Keine Datei
FirewallRules: [UDP Query User{2D4DBB37-B576-490D-AC5A-DA00A90A53F6}E:\games\the sims 4\game\bin\ts4.exe] => (Allow) E:\games\the sims 4\game\bin\ts4.exe => Keine Datei
FirewallRules: [TCP Query User{EAC675E0-ACAC-4BBD-BA7E-72A3FFABD559}D:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe => Keine Datei
FirewallRules: [UDP Query User{FDE20F4F-494B-45D4-ADAB-E4B2FA97E1CB}D:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe => Keine Datei
FirewallRules: [{B9EC7B50-785F-4F37-B6D0-2A4CE447689C}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D264CDE4-1B79-48BD-ACBA-077BBBB534F1}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{ADC664A4-1E77-45EF-8C74-3A58896E50B8}D:\benutzer\user\downloads\utox_win64.exe] => (Allow) D:\benutzer\user\downloads\utox_win64.exe => Keine Datei
FirewallRules: [UDP Query User{99182E19-EA0C-403C-8B90-CD444E32273B}D:\benutzer\user\downloads\utox_win64.exe] => (Allow) D:\benutzer\user\downloads\utox_win64.exe => Keine Datei
FirewallRules: [{122119B4-105A-4D05-AFFD-66C9F9BC3366}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe (Firaxis Games) [Datei ist nicht signiert]
FirewallRules: [{E01261B2-7BA2-4088-9CC9-65A17F2E8831}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe (Firaxis Games) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{E21FF858-1EDB-4575-B1C2-229776450DAC}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{E3272ED8-4FFA-4631-834E-E0300BC31BCA}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{87FBA020-3F5A-47D4-BC3F-D2C7ED5E7F58}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{87B1062E-9E8C-4C81-B8D5-1C273BBEA439}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{32C9F1D6-B82C-4916-A4CC-450EE13B130B}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{50BF5346-EA5E-4818-BD24-ACEFCDFCD03A}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{3A6CCCD8-C4D0-4BA2-B5FE-22ADD3206A7E}E:\diablo iii\x64\diablo iii64.exe] => (Allow) E:\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{5FE912CC-6DAC-4772-ACDA-E1143C48F49E}E:\diablo iii\x64\diablo iii64.exe] => (Allow) E:\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{599497F7-C4CE-4FB1-87B4-39BFCE218FAC}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{1C55F239-39C6-41FE-8E00-13F45F0DCBD1}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{490ABA47-D019-44C6-8ED2-CE34FD5CE948}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{D3B4543B-7B9A-42FA-AB88-AA99DB620D21}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{E46F05A8-2610-4FD3-9C5B-8C8DCB3A5A45}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{E8C4EC46-FD45-43C4-8E79-FE035EA4D68A}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{91C080B1-8594-454E-9467-B1B938301511}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{CA619507-B0D2-4C5A-B2DA-4851B3061E8D}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{294B0418-47FD-41F1-8FA8-9E7A8A689686}] => (Allow) D:\Program Files (x86)\Sidify Music Converter Free\Sidify Music Converter Free.exe.exe => Keine Datei
FirewallRules: [TCP Query User{DE5A6191-EA16-43E6-959E-3B7770FC7EC0}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{0DD7FCA2-37CD-4347-BFDB-9F86E1F05B5A}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{55F01C71-F10D-459C-9F03-0F6AA1632F06}D:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{4D63B839-2C47-4C3C-BB06-174994747797}D:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{54F46A0A-6877-43FC-9F5B-08536031FBE9}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{20726450-26F9-4D7D-9F05-C3491723B4ED}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{DFD9B37A-4CF8-4A08-9262-DD96FC9CFDF2}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{B31A81F7-5EF7-44A9-82A0-3FD9B2D01AA2}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{489A26CB-4983-4AB6-888B-E6DFAA571647}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{2C89F74F-D7D0-4913-A141-4603E433A0D9}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{756F276C-61A9-4586-9E5B-F3FACBF902AD}D:\benutzer\user\downloads\utox_win64.exe] => (Block) D:\benutzer\user\downloads\utox_win64.exe => Keine Datei
FirewallRules: [UDP Query User{0CA54C5D-AB4A-40D0-9843-E2E909A5A0D4}D:\benutzer\user\downloads\utox_win64.exe] => (Block) D:\benutzer\user\downloads\utox_win64.exe => Keine Datei
FirewallRules: [TCP Query User{BBE687B0-C0FF-49BD-A8DB-987DC06E38D5}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{3FFD0217-A45D-4E29-8BDA-85768F528567}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{EC26DC2D-8441-400C-8C50-EE54D11FEA48}E:\program files (x86)\beat hazard ultra\beathazard.exe] => (Allow) E:\program files (x86)\beat hazard ultra\beathazard.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{7C35F32D-4E09-4C6E-AD5E-AC4902B179B1}E:\program files (x86)\beat hazard ultra\beathazard.exe] => (Allow) E:\program files (x86)\beat hazard ultra\beathazard.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{2C790E31-ADEC-4450-A335-4843E02357D9}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{6A1EFE6D-512D-470D-AA1C-D81BD0B6565E}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{A40CF6D2-9357-4AA5-92AE-0D9897F30E7B}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{3C84A94F-F518-463B-BDEF-9C209EC170EE}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{EC820E90-E7F5-4881-B4B6-BCBB5B2E7734}E:\destiny 2\destiny2.exe] => (Allow) E:\destiny 2\destiny2.exe => Keine Datei
FirewallRules: [UDP Query User{E877C03E-4FB8-4748-B0F9-6C48F51C9063}E:\destiny 2\destiny2.exe] => (Allow) E:\destiny 2\destiny2.exe => Keine Datei
FirewallRules: [TCP Query User{AD2599C8-902C-4B19-A504-9D65710A10FD}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{AF83634B-79D7-45B0-AB7D-9E6E3136809D}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{FE099CEF-952D-4B37-9AD2-EA88CF638771}E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe => Keine Datei
FirewallRules: [UDP Query User{2C6C6456-173C-4B04-B60C-86A376A18698}E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe => Keine Datei
FirewallRules: [TCP Query User{7A0DE15D-F7AA-44BB-9E95-A7CB22147641}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{E1E37D5D-C3BC-4240-831D-488DBCA7E533}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{51F23693-B25E-4EB9-864E-D685E6EEBC07}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{65B7A698-F709-4B3B-92AA-96D9D6093ED4}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{19B7F8EA-C00C-4431-981B-20939423710B}E:\program files (x86)\subnautica\subnautica.exe] => (Allow) E:\program files (x86)\subnautica\subnautica.exe => Keine Datei
FirewallRules: [UDP Query User{25DDD6FF-C6F7-433D-8994-4C0B85FDA874}E:\program files (x86)\subnautica\subnautica.exe] => (Allow) E:\program files (x86)\subnautica\subnautica.exe => Keine Datei
FirewallRules: [TCP Query User{19FDAF38-B115-443F-A8BB-E008DAAEFF13}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{EA425FF4-F25F-4651-8F4A-79232F4EE778}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{BC7964D6-3CF3-4592-8F6F-03469D069FEC}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{C0DDEF69-E64E-4113-94A4-645CE3C151AA}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{D3C9FA19-67C5-4D53-9628-7E397856D245}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{3078E517-A467-402D-8116-8DFD42692D4E}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{925398ED-8968-454D-BACC-A3519294E8F2}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{2426DAE1-AB8E-47AB-B476-D6C3157ADF41}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{A6E4C5AB-EA62-4F19-A79A-74C50E20C4FC}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{9DE502FF-4E9C-4537-8D2F-3027A6B34F7C}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{45F555BA-46DC-42F0-93C3-920DD25DF865}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{8C2DA87B-DD2F-46B3-9797-CA403C310446}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{925D9BC2-467D-4720-965E-A6FB90936463}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{99AC887E-D4EB-49D5-88EE-67D98F5092C0}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{60A18536-CA9A-4D4C-8588-7182260A6517}E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{5259AD36-7AD6-4FBE-8FE9-DB62DE0499D4}E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{DED585C5-1FB0-4923-8328-BB4A6ABEA935}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{DADE906A-4F11-445C-A99D-956E248E44E5}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{3AABF6C2-4ECD-40FE-997E-CEACF7DD2DCF}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{82345648-871C-4975-9B69-1924A981C1C1}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{65E09242-0899-44CE-9F68-2DE78F2688E8}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{2947C4AD-A66B-48BC-B813-2DF162BBFAFA}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{D0C29E8E-B606-4C9B-964D-DA6AF8FC91C7}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe => Keine Datei
FirewallRules: [UDP Query User{BCC1E50F-FD53-4767-970E-8A7914BD4479}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe => Keine Datei
FirewallRules: [TCP Query User{D0ED8964-BE69-48C7-8CF3-BECBE206E781}E:\program files (x86)\epic games\satisfactoryearlyaccess\factorygame\binaries\win64\factorygame-win64-shipping.exe] => (Allow) E:\program files (x86)\epic games\satisfactoryearlyaccess\factorygame\binaries\win64\factorygame-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{5CB18286-2D41-4446-BCC2-E0053DC7312E}E:\program files (x86)\epic games\satisfactoryearlyaccess\factorygame\binaries\win64\factorygame-win64-shipping.exe] => (Allow) E:\program files (x86)\epic games\satisfactoryearlyaccess\factorygame\binaries\win64\factorygame-win64-shipping.exe => Keine Datei
FirewallRules: [TCP Query User{FD348760-751D-42DE-BBD0-34B111075290}E:\overwatch\_retail_\overwatch.exe] => (Allow) E:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{1DFC251E-B356-4339-8268-5AE3FE31326D}E:\overwatch\_retail_\overwatch.exe] => (Allow) E:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{BB81DD00-A925-43E6-B4EB-EA6178F491E4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [Datei ist nicht signiert]
FirewallRules: [{CF96C901-3D71-410E-A959-9EC4F4C37E36}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{12CE5B8B-02B8-41B3-8729-A973607F1E56}D:\benutzer\user\downloads\neuer ordner\utox_win64.exe] => (Allow) D:\benutzer\user\downloads\neuer ordner\utox_win64.exe => Keine Datei
FirewallRules: [UDP Query User{67226083-8B5E-4479-84B4-ADFF9CCE98DD}D:\benutzer\user\downloads\neuer ordner\utox_win64.exe] => (Allow) D:\benutzer\user\downloads\neuer ordner\utox_win64.exe => Keine Datei
FirewallRules: [TCP Query User{CC134E2B-2670-456D-9B77-8746DA70D5A3}D:\program files (x86)\blizzard app\battle.net.exe] => (Allow) D:\program files (x86)\blizzard app\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{BE89E264-65AE-47FF-9BEB-440A0359650B}D:\program files (x86)\blizzard app\battle.net.exe] => (Allow) D:\program files (x86)\blizzard app\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{41461476-67F8-4CA8-BAD0-D016D87AB69A}E:\program files (x86)\epic games\satisfactoryexperimental\factorygame\binaries\win64\factorygame-win64-shipping.exe] => (Allow) E:\program files (x86)\epic games\satisfactoryexperimental\factorygame\binaries\win64\factorygame-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{8E5F634D-0A18-4114-A31F-5BDA3CF54497}E:\program files (x86)\epic games\satisfactoryexperimental\factorygame\binaries\win64\factorygame-win64-shipping.exe] => (Allow) E:\program files (x86)\epic games\satisfactoryexperimental\factorygame\binaries\win64\factorygame-win64-shipping.exe => Keine Datei
FirewallRules: [{39BCCF57-4E33-4204-9C47-776E16DB33CC}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{470D3F1C-F79A-4904-92A8-2DDF6F38225F}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{BB7E8AF4-9CFF-485F-99CE-054F6FDD02E4}] => (Allow) E:\SteamLibrary\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [{2A24642E-150F-41F3-98B6-A929EA0925F5}] => (Allow) E:\SteamLibrary\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [{C1E0741B-2828-4C9B-A2C3-137D822846A9}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{1907455D-4DAB-4086-8BF4-49A2A0D0AE6F}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{AD8E354F-DB8D-4166-A4FC-4A78DB3EC33F}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => Keine Datei
FirewallRules: [{775CA9C4-41DB-4390-9041-4946C4D43174}] => (Allow) E:\SteamLibrary\steamapps\common\For The King\FTK.exe () [Datei ist nicht signiert]
FirewallRules: [{39FA0940-7E2B-4A4E-AD0B-BE0029FCE2B9}] => (Allow) E:\SteamLibrary\steamapps\common\For The King\FTK.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{081E422C-898D-4AE5-9225-436B1E51DDED}E:\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) E:\call of duty black ops cold war\blackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [UDP Query User{0F4B7199-3A5C-4038-BEFC-E78068E8CBD1}E:\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) E:\call of duty black ops cold war\blackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [{44D93574-D36C-4FC3-9690-3165B1E6E2AD}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Datei ist nicht signiert]
FirewallRules: [{46952959-F1A0-463F-871A-0A2BFF20D924}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Datei ist nicht signiert]
FirewallRules: [{F3415333-43E5-4653-8F98-B9A8E7DB1537}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{99FB018F-1499-43BE-BEAE-EE93CFDCAB9F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B766BDD3-A4BB-4B59-BC26-70C4327ACBFA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{17A84433-E17D-4FA5-9558-99B7BFE4A882}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EE7BCBEF-B89C-4135-BACE-FC04AE6C48F4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6FADDC1B-6482-47FF-9A1B-067F4D79B5BA}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

26-07-2021 18:25:52 AdwCleaner_BeforeCleaning_26/07/2021_18:25:52

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (07/26/2021 10:52:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 4kstogram.exe, Version: 3.4.2.3620, Zeitstempel: 0x60ccae62
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.1023, Zeitstempel: 0x7977b9de
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ff199
ID des fehlerhaften Prozesses: 0x2c48
Startzeit der fehlerhaften Anwendung: 0x01d7823b964387fe
Pfad der fehlerhaften Anwendung: E:\Program Files\4KDownload\4kstogram\4kstogram.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: fcdbf71a-d497-4641-9dde-901793e32a3b
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/26/2021 07:47:42 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf Elements (G:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)

Error: (07/26/2021 07:46:20 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf Anwendungen (E:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)

Error: (07/26/2021 06:25:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
Falscher Parameter.
.

Error: (07/25/2021 11:18:31 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.

Error: (07/25/2021 11:18:31 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.

Error: (07/25/2021 07:41:59 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf Elements (G:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)

Error: (07/25/2021 07:34:02 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf Anwendungen (E:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)


Systemfehler:
=============
Error: (07/26/2021 10:45:01 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{E60687F7-01A1-40AA-86AC-DB1CBF673334}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/26/2021 10:43:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "wuauserv" wurde mit folgendem Fehler beendet: 
Das System kann die angegebene Datei nicht finden.

Error: (07/26/2021 10:43:01 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{E60687F7-01A1-40AA-86AC-DB1CBF673334}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/26/2021 10:41:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "wuauserv" wurde mit folgendem Fehler beendet: 
Das System kann die angegebene Datei nicht finden.

Error: (07/26/2021 10:05:14 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{E60687F7-01A1-40AA-86AC-DB1CBF673334}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/26/2021 10:03:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "wuauserv" wurde mit folgendem Fehler beendet: 
Das System kann die angegebene Datei nicht finden.

Error: (07/26/2021 10:03:14 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{E60687F7-01A1-40AA-86AC-DB1CBF673334}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/26/2021 10:01:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "wuauserv" wurde mit folgendem Fehler beendet: 
Das System kann die angegebene Datei nicht finden.


Windows Defender:
================
Date: 2021-07-25 03:39:49
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {373488ED-7F44-4A77-8B53-C3BF160C1393}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-07-10 19:24:55
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {129A94E0-F360-40E0-9DB1-690D0CAD5BE7}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-06-22 07:19:01
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/AgentTesla!ml&threatid=2147760503&enterprise=0
Name: Trojan:Win32/AgentTesla!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_D:\$RECYCLE.BIN\S-1-5-21-2579833569-30274321-2403803918-1000\$RYMNQ53.exe; file:_D:\$RECYCLE.BIN\S-1-5-21-2579833569-30274321-2403803918-1000\$RZYRMCR.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: Home-PC\user
Prozessname: C:\Windows\explorer.exe
Sicherheitsversion: AV: 1.341.1171.0, AS: 1.341.1171.0, NIS: 1.341.1171.0
Modulversion: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-06-22 07:19:01
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/AgentTesla!ml&threatid=2147760503&enterprise=0
Name: Trojan:Win32/AgentTesla!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_D:\$RECYCLE.BIN\S-1-5-21-2579833569-30274321-2403803918-1000\$RZYRMCR.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: Home-PC\user
Prozessname: C:\Windows\explorer.exe
Sicherheitsversion: AV: 1.341.1171.0, AS: 1.341.1171.0, NIS: 1.341.1171.0
Modulversion: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-06-22 07:18:59
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0
Name: Trojan:Win32/Wacatac.B!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: containerfile:_D:\$RECYCLE.BIN\S-1-5-21-2579833569-30274321-2403803918-1000\$RNJY1D5.exe; file:_D:\$RECYCLE.BIN\S-1-5-21-2579833569-30274321-2403803918-1000\$RNJY1D5.exe->[lowcase_mzpe]
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: Home-PC\user
Prozessname: C:\Windows\explorer.exe
Sicherheitsversion: AV: 1.341.1171.0, AS: 1.341.1171.0, NIS: 1.341.1171.0
Modulversion: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-07-24 16:30:09
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.343.1529.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.18300.4
Fehlercode: 0x80080005
Fehlerbeschreibung: Starten des Servers fehlgeschlagen 

Date: 2021-07-22 13:53:17
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.343.1390.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.18300.4
Fehlercode: 0x80080005
Fehlerbeschreibung: Starten des Servers fehlgeschlagen 

Date: 2021-07-18 19:17:52
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.343.1188.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.18300.4
Fehlercode: 0x80080005
Fehlerbeschreibung: Starten des Servers fehlgeschlagen 

Date: 2021-07-16 19:14:40
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.343.1089.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.18300.4
Fehlercode: 0x80080005
Fehlerbeschreibung: Starten des Servers fehlgeschlagen 

Date: 2021-07-10 09:50:32
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.343.729.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.18300.4
Fehlercode: 0x80080005
Fehlerbeschreibung: Starten des Servers fehlgeschlagen 

CodeIntegrity:
===============
Date: 2021-07-25 14:54:16
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2021-07-25 14:54:16
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2021-07-25 14:54:16
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2021-07-25 06:24:33
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. F10 10/23/2012
Hauptplatine: Gigabyte Technology Co., Ltd. B75M-D3V
Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 16330.13 MB
Verfügbarer physikalischer RAM: 10268.61 MB
Summe virtueller Speicher: 32714.13 MB
Verfügbarer virtueller Speicher: 21062.19 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:199.43 GB) (Free:93.58 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Programme) (Fixed) (Total:276.94 GB) (Free:54.13 GB) NTFS
Drive e: (Anwendungen) (Fixed) (Total:465.76 GB) (Free:220.06 GB) NTFS
Drive g: (Elements) (Fixed) (Total:4657.4 GB) (Free:620.67 GB) NTFS

\\?\Volume{0473faaa-0000-0000-0000-a0db31000000}\ () (Fixed) (Total:0.57 GB) (Free:0.12 GB) NTFS

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 0473FAAA)
Partition 1: (Active) - (Size=199.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=582 MB) - (Type=27)
Partition 3: (Not Active) - (Size=276.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 532A1B20)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 4657.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================

Thema geschlossen
Seite 1 von 2 1 2

Themen zu Ransomeware eingefangen? + A Disk read error occured.
computer, desktop, error, festplatte, firefox, ftp, google, iexplore.exe, installation, internet, internet explorer, kaputt, mozilla, performance, problem, prozesse, rundll, security, services.exe, software, stick, teamspeak, updates, usb, windows


« Windows 10: www1.online statt Startseiten Google Chrome | WIN 10: Explorer einsturz, Einstellungen können nicht mehr geöffnet werden, vermute Trojaner. »


Ähnliche Themen: Ransomeware eingefangen? + A Disk read error occured.


  1. Formatierung auf Acer Laptop ist fehlgeschlagen und jetzt "A disc read error occurred"
    Netzwerk und Hardware - 21.11.2018 (3)
  2. 3d Master Disk Error
    Netzwerk und Hardware - 16.07.2016 (3)
  3. Nach Rechnerstart -> "a disk read error occured" sowie CHKDSK, Festplattenfehler etc.
    Plagegeister aller Art und deren Bekämpfung - 20.05.2016 (5)
  4. PC reagiert seltsam, Win Explorer und Chrome abstürze, BlueScreen & "a disk read error occured"
    Plagegeister aller Art und deren Bekämpfung - 23.02.2016 (11)
  5. Windows 7 - PC stürzt ab und startet unzuverlässig: Meldung "Non-System disk or disk error..."; Trojaner/Viren oder mechanisches Problem?
    Log-Analyse und Auswertung - 16.11.2014 (21)
  6. Secunia PSI 2: Fehlermeldung beim Starten: "An Error Occured while removing the Secunia PSI Startup Shortcut"
    Antiviren-, Firewall- und andere Schutzprogramme - 24.10.2014 (12)
  7. Lüfter laufen nach herunterfahren von Windows weiter | Viele Fehler in der Ereignisanzeige | Read error
    Plagegeister aller Art und deren Bekämpfung - 17.10.2014 (4)
  8. Non System or Disk Error
    Netzwerk und Hardware - 14.01.2014 (4)
  9. System Error. Hard disk failure detected - November 2012
    Log-Analyse und Auswertung - 06.11.2012 (8)
  10. System Message - Write Fault Error / system error hard disk failure detected
    Plagegeister aller Art und deren Bekämpfung - 20.09.2012 (9)
  11. system error hard disk failure detected
    Plagegeister aller Art und deren Bekämpfung - 20.06.2012 (1)
  12. System Error. Hard disk failure detected
    Log-Analyse und Auswertung - 07.06.2012 (5)
  13. SYSTEM ERROR. Hard disk failure detected
    Plagegeister aller Art und deren Bekämpfung - 17.05.2012 (1)
  14. system error hard disk failure detected
    Plagegeister aller Art und deren Bekämpfung - 11.05.2012 (1)
  15. Hard Disk Problem - critical Error
    Log-Analyse und Auswertung - 26.12.2011 (3)
  16. Critical Disk Hard Drive Error
    Plagegeister aller Art und deren Bekämpfung - 29.05.2011 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Ransomeware eingefangen? + A Disk read error occured. - Hallo liebes Trojaner-Board, ich hab wahrscheinlich großen Bockmist gebaut und mir nicht früh genug Hilfe bei euch gesucht. Es handelt sich um meinen privaten Rechner. Am 21.6. wollte ich eine - Ransomeware eingefangen? + A Disk read error occured....
Archiv
Du betrachtest: Ransomeware eingefangen? + A Disk read error occured. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19