|
Log-Analyse und Auswertung: Windows 10: Audacity Malware heruntergeladenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
08.08.2021, 19:07 | #1 |
| Windows 10: Audacity Malware heruntergeladen Hallo ihr Lieben, ich habe mir das Programm Audacity (von Audacity.de) heruntergeladen und danach erfahren, dass es sich bei diesem Download um ein mit Malware verseuchtes Programm handelt. Seit dem Download zeigt mein Browser Werbung an und stürzt gelegentlich ab. Außerdem wurden alle auf dem PC gespeicherten Passwörter gelöscht und der PC ist viel langsamer als gewöhnlich. Dabei weiß ich allerdings nicht, ob das mit dem Download der Malware zutun hat. Ich habe bereits das Programm AdwCleaner genutzt, welches keine nennenswerten Probleme erkannt bzw. behoben hat. Die Addition und FRST Dateien waren leider zu groß, weshalb ich sie in den Anhang gepackt habe. Ich hoffe ihr könnt mir hier weiterhelfen. Danke schonmal im Voraus! AdwCleaner Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 8.0.5.0 # ------------------------------- # Build: 05-25-2020 # Database: 2020-05-19.1 (Local) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 01-30-2021 # Duration: 00:01:04 # OS: Windows 10 Home # Scanned: 31863 # Detected: 84 ***** [ Services ] ***** PUP.Optional.Legacy WCAssistantService ***** [ Folders ] ***** PUP.Optional.Legacy C:\Users\Eleonora\AppData\Local\SweetLabs App Platform PUP.Optional.WebCompanion C:\Program Files (x86)\Lavasoft\Web Companion PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion PUP.Optional.WebCompanion C:\ProgramData\Lavasoft\Web Companion PUP.Optional.WebCompanion C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion PUP.Optional.WebCompanion C:\Users\Eleonora\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG PUP.Optional.WebCompanion C:\Users\Eleonora\AppData\Roaming\Lavasoft\Web Companion ***** [ Files ] ***** PUP.Optional.WebCompanion C:\Users\Eleonora\AppData\Local\Temp\WebCompanion.zip ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{258f267c-ee2f-485f-a663-8f619cd4ff5c}|DisplayIcon PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{258f267c-ee2f-485f-a663-8f619cd4ff5c}|DisplayName PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{258f267c-ee2f-485f-a663-8f619cd4ff5c}|UninstallString PUP.Optional.Conduit HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** Preinstalled.CyberLinkMediaEspresso Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384} Preinstalled.CyberLinkMediaEspresso Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{E3739848-5329-48E3-8D28-5BBD6E8BE384} Preinstalled.CyberLinkShellExtension Registry HKLM\Software\Classes\CLSID\{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} Preinstalled.HPCoolSense Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP COOLSENSE Preinstalled.HPCoolSense Folder C:\Users\Eleonora\AppData\Local\HEWLETT-PACKARD\HP COOLSENSE Preinstalled.HPCoolSense Folder C:\Windows\System32\Tasks\HEWLETT-PACKARD\HP COOLSENSE Preinstalled.HPCoolSense Registry HKLM\Software\Classes\CLSID\{224695A4-BD5E-4C38-B354-A4C828E61BF7} Preinstalled.HPCoolSense Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF} Preinstalled.HPHealthCheck Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6F340107-F9AA-47C6-B54C-C3A19F11553F} Preinstalled.HPMediaSmart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} Preinstalled.HPMediaSmart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{01FB4998-33C4-4431-85ED-079E3EEFE75D} Preinstalled.HPRegistrationService Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP REGISTRATION SERVICE Preinstalled.HPRegistrationService Folder C:\ProgramData\HEWLETT-PACKARD\HP REGISTRATION SERVICE Preinstalled.HPRegistrationService Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D1E8F2D7-7794-4245-B286-87ED86C1893C} Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Preinstalled.HPSupportAssistant Folder C:\Users\Eleonora\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Preinstalled.HPSupportAssistant Folder C:\Users\Eleonora\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D} Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D} Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831} Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{79C54A05-F146-4EA0-8A70-D4EFE6181E52} Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{8C696B4B-6AB1-44BC-9416-96EAC474CABE} Preinstalled.HPTouchpointAnalyticsClient Folder C:\Program Files\HP\HP TOUCHPOINT ANALYTICS CLIENT Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F} Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2} Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2} Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A} Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A} Preinstalled.Pokki File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk Preinstalled.Pokki File C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Start Menu.lnk Preinstalled.Pokki File C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\BEJEWELED 3 Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\BUILD-A-LOT Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\BUILDING THE GREAT WALL OF CHINA COLLECTORS EDITION Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\CRAZY CHICKEN SOCCER Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\FARM FRENZY Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\GOVERNOR OF POKER 2 PREMIUM EDITION Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\JEWEL MATCH 3 Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PLANTS VS ZOMBIES - GAME OF THE YEAR Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\POLAR BOWLER Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\RANCH RUSH 2 - PREMIUM EDITION Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\TRINKLIT SUPREME Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\VACATION QUEST - AUSTRALIA Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\VIRTUAL FAMILIES Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\WEDDING DASH Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\YOUDA JEWEL SHOP Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\WEB LINK - SEAFIGHT Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-darkorbit Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-dragonsofatlantis Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-mahjonggdarkdimensions Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-seafight Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-hp-genres Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-hp-main AdwCleaner[S00].txt - [13437 octets] - [30/01/2021 21:01:23] AdwCleaner[C00].txt - [4620 octets] - [30/01/2021 21:04:01] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ########## Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 8.0.5.0 # ------------------------------- # Build: 05-25-2020 # Database: 2020-05-19.1 (Local) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 01-30-2021 # Duration: 00:00:41 # OS: Windows 10 Home # Cleaned: 17 # Failed: 0 ***** [ Services ] ***** Deleted WCAssistantService ***** [ Folders ] ***** Deleted C:\Program Files (x86)\Lavasoft\Web Companion Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion Deleted C:\ProgramData\Lavasoft\Web Companion Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion Deleted C:\Users\Eleonora\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG Deleted C:\Users\Eleonora\AppData\Local\SweetLabs App Platform Deleted C:\Users\Eleonora\AppData\Roaming\Lavasoft\Web Companion ***** [ Files ] ***** Deleted C:\Users\Eleonora\AppData\Local\Temp\WebCompanion.zip ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\Lavasoft\Web Companion Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{258f267c-ee2f-485f-a663-8f619cd4ff5c}|DisplayIcon Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{258f267c-ee2f-485f-a663-8f619cd4ff5c}|DisplayName Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{258f267c-ee2f-485f-a663-8f619cd4ff5c}|UninstallString ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [13437 octets] - [30/01/2021 21:01:23] AdwCleaner[C00].txt - [4620 octets] - [30/01/2021 21:04:01] AdwCleaner[S01].txt - [11561 octets] - [30/01/2021 21:14:47] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ########## Code:
ATTFilter Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 07-08-2021 durchgeführt von Eleonora (08-08-2021 14:30:56) Gestartet von C:\Users\Eleonora\Downloads Start-Modus: Normal ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worksheet Crafter\Auf die ursprünglichen Einstellungen zurücksetzen (WsCrafter).lnk -> C:\Program Files (x86)\Worksheet Crafter\resetWsC.bat () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk -> C:\Users\Eleonora\AppData\Local\Pokki\Engine\HostAppService.exe (Keine Datei) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worksheet Crafter\Worksheet Crafter entfernen.lnk -> C:\Program Files (x86)\Worksheet Crafter\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worksheet Crafter\Worksheet Crafter Handbuch.lnk -> C:\Program Files (x86)\Worksheet Crafter\Help\WsCrafterManual_de.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worksheet Crafter\Worksheet Crafter.lnk -> C:\Program Files (x86)\Worksheet Crafter\WorksheetCrafter.exe (SchoolCraft GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files\VideoLAN\VLC\Documentation.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files\VideoLAN\VLC\NEWS.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files\VideoLAN\VLC\VideoLAN Website.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Ink Document Viewer.lnk -> C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTInkDocumentViewer.exe (SMART Technologies) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Ink.lnk -> C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTInk.exe (SMART Technologies) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Notebook.lnk -> C:\Program Files (x86)\SMART Technologies\Education Software\Notebook.exe (SMART Technologies ULC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Systemmenü.lnk -> C:\Program Files (x86)\Common Files\SMART Technologies\SystemMenu\SMARTSystemMenu.exe (SMART Technologies) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Werkzeuge\Bildschirmaufnahme.lnk -> C:\Program Files (x86)\SMART Technologies\Education Software\snapshot.exe (SMART Technologies) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Werkzeuge\Produkttreiber Kalibrierung.lnk -> C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\Orient.exe (SMART Technologies) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Werkzeuge\SMART Deinstallationsprogramm.lnk -> C:\Program Files (x86)\Common Files\SMART Technologies\SMART Uninstaller\SMART Uninstaller.exe (SMART Technologies) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Werkzeuge\SMART Einstellungen.lnk -> C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBrd.exe (SMART Technologies) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Werkzeuge\SMART Ink Einstellungen.lnk -> C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTInkSettings.exe (SMART Technologies) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Werkzeuge\SMART Product Update.lnk -> C:\Program Files (x86)\Common Files\SMART Technologies\SMART Product Update\SMARTProductUpdate.exe (SMART Technologies) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Werkzeuge\SMART Recorder.lnk -> C:\Program Files (x86)\SMART Technologies\Education Software\recorder.exe (SMART Technologies) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Werkzeuge\Spotlight.lnk -> C:\Program Files (x86)\SMART Technologies\Education Software\Spotlight.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection\HP SimplePass.lnk -> C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe (Hewlett-Packard) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\L.A. Noire\L.A. Noire.lnk -> C:\Program Files (x86)\Rockstar Games\L.A. Noire\LANLauncher.exe (Rockstar Games) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\7-Zip File Manager.lnk -> C:\Program Files\7-Zip\7zFM.exe (Igor Pavlov) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\7-Zip Help.lnk -> C:\Program Files\7-Zip\7-zip.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\CyberLink Power2Go.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\Power2Go8.exe (CyberLink Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\Desktop Burning Gadget.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe (CyberLink Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\Evernote.lnk -> C:\Windows\Installer\{412F6426-A3C7-11E3-8A71-00163E98E7D6}\Evernote.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\HP Utility Center.lnk -> C:\Program Files\Hewlett-Packard\HP Utility Center\HPUC.exe (Hewlett-Packard Development Company, L.P.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\ISO Viewer.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\IsoViewer8.exe (CyberLink Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\Virtual Drive.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (64bit).lnk -> C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\Uninstall.lnk -> C:\Program Files\obs-studio\uninstall.exe (obsproject.com) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js.lnk -> C:\Program Files (x86)\nodejs\node.exe (Node.js) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\Beats Audio.lnk -> C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\CyberLink Media Suite.lnk -> C:\Program Files (x86)\CyberLink\Media Suite\PS.exe (CyberLink Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\CyberLink MediaEspresso.lnk -> C:\Program Files (x86)\CyberLink\MediaEspresso\MediaEspresso.exe (CyberLink Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\CyberLink PhotoDirector.lnk -> C:\Program Files (x86)\CyberLink\PhotoDirector\PhotoDirector3.exe (CyberLink Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\CyberLink Power Media Player 12.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD12\PDVDLaunchPolicy.exe (CyberLink Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\CyberLink PowerDirector 10.lnk -> C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.exe (CyberLink Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Aufzeichnungs-Manager von Skype for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OcPubMgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office-Spracheinstellungen.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetriedashboard für Office.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\msotd.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetrieprotokoll für Office.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\msoev.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in\Office Live Workspace.lnk -> C:\Windows\Installer\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}\ProductIcon () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in\Office Live-Add-In-Hilfe.lnk -> C:\Windows\Installer\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}\ProductShortcutIcon () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\xlicons.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Outlook 2007.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\outicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\pptico.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\wordicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Digitales Zertifikat für VBA-Projekte.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\misc.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\cagicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2007 Spracheinstellungen.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\misc.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\oisicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office-Diagnose.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\misc.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Zoo Tycoon 2\Zoo Tycoon 2 Profile.lnk -> C:\Users\Eleonora\AppData\Roaming\Microsoft Games\Zoo Tycoon 2 () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Zoo Tycoon 2\Zoo Tycoon 2-Infodatei.lnk -> C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\Info.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Zoo Tycoon 2\Zoo Tycoon 2.lnk -> C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel Control Center.lnk -> C:\Program Files (x86)\Intel\Intel Control Center\IntelControlCenter.exe (Intel Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk -> C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe (Intel Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Recovery Manager\HP Recovery Manager.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Die Sims 2\Die Sims 2 Body Shop.lnk -> C:\Program Files (x86)\EA GAMES\Die Sims 2\CSBin\TS2BodyShop.exe (Maxis, a division of Electronic Arts Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Die Sims 2\Die Sims 2 deinstallieren.lnk -> C:\Program Files (x86)\EA GAMES\Die Sims 2\eauninstall.exe (Electronic Arts Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Die Sims 2\Die Sims 2.lnk -> C:\Program Files (x86)\EA GAMES\Die Sims 2\TSBin\Sims2.exe (Maxis, a division of Electronic Arts Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Die Sims 2\Kundendienst.lnk -> C:\Program Files (x86)\EA GAMES\Die Sims 2\Support\European Help Files\EA_Help_Select.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Die Sims 2\Readme.lnk -> C:\Program Files (x86)\EA GAMES\Die Sims 2\Support\de\readme.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Spielkiste.lnk -> C:\Program Files (x86)\Einfach_Spielen\spielkiste.exe (phenomedia publishing gmbh) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Schatzjäger2\Schatzjäger 2 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Schatzjäger 2\Schatzjaeger2.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Schatzjäger 3\Schatzjäger 3 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Schatzjäger 3\Schatzjaeger3.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Schatzjäger\Schatzjäger spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Schatzjäger\start.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Schatz des Pharao\Schatz des Pharao spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Schatz des Pharao\MHA-XXL.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn X\Moorhuhn X.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn X\MHX-XXL.exe (phenomedia publishing gmbh) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Winter\Moorhuhn Winter spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Winter\MoorhuhnWinter.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Wanted\Moorhuhn Wanted spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Wanted\MHW-XXL.exe (phenomedia publishing gmbh) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Remake\Moorhuhn Remake spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Remake\MoorhuhnRemake.exe (phenomedia publishing gmbh) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Piraten\Moorhuhn Piraten spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Piraten\MoorhuhnPiraten.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Kart Thunder\Moorhuhn Kart Thunder spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Kart Thunder\mhk4.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Kart Extra\Moorhuhn Kart Extra spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Kart Extra\MHKE-XXL.exe (Phenomedia AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Kart 3\Moorhuhn Kart 3 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Kart 3\Moorhuhn_Kart3.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Kart 2\Moorhuhn Kart 2 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Kart 2\MHK2-XXL.exe (Phenomedia AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Kart\Moorhuhn Kart spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Kart\MHK-XXL.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Invasion\Moorhuhn Invasion spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Invasion\MoorhuhnInvasion.exe (phenomedia publishing gmbh) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Directors Cut\Moorhuhn Directors Cut spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Directors Cut\mhdc.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Atlantis\Moorhuhn Atlantis spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Atlantis\mhatlantis.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn 3\Moorhuhn 3 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn 3\Moorhuhn3.exe (phenomedia publishing gmbh) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn 2\Moorhuhn 2 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn 2\Moorhuhn2.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Fluch des Goldes\Fluch des Goldes spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Fluch des Goldes\mha2.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Die original Moorhuhnjagd\Die original Moorhuhnjagd.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\MoorhuhnJagd\Moorhuhn.exe (Witan Entertainment BV) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Hewlett-Packard\Recovery\Links\RM.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Eleonora\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\Links\Desktop.lnk -> C:\Users\Eleonora\Desktop () Shortcut: C:\Users\Eleonora\Links\Downloads.lnk -> C:\Users\Eleonora\Downloads () Shortcut: C:\Users\Eleonora\Links\RecentPlaces.lnk -> [::{22877A6D-37A1-461A-91B0-DBDA5AAEBC99}] Shortcut: C:\Users\Eleonora\Desktop\Bilder - Verknüpfung.lnk -> C:\Users\Eleonora\Pictures () Shortcut: C:\Users\Eleonora\Desktop\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\Desktop\Keytrans.lnk -> C:\Program Files (x86)\Will Software\Schulschriften\Keytrans.exe (Will Software) Shortcut: C:\Users\Eleonora\Desktop\Microsoft Office Excel 2007.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\xlicons.exe () Shortcut: C:\Users\Eleonora\Desktop\Microsoft Office Outlook 2007.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\outicon.exe () Shortcut: C:\Users\Eleonora\Desktop\Microsoft Office PowerPoint 2007.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\pptico.exe () Shortcut: C:\Users\Eleonora\Desktop\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\wordicon.exe () Shortcut: C:\Users\Eleonora\Desktop\Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) Shortcut: C:\Users\Eleonora\Desktop\Rockstar Games Launcher.lnk -> C:\Program Files\Rockstar Games\Launcher\LauncherPatcher.exe (Rockstar Games) Shortcut: C:\Users\Eleonora\Desktop\TeamViewerQS - Verknüpfung.lnk -> C:\Users\Eleonora\Downloads\TeamViewerQS.exe (TeamViewer) Shortcut: C:\Users\Eleonora\Desktop\WhatsApp.lnk -> C:\Users\Eleonora\AppData\Local\WhatsApp\WhatsApp.exe (WhatsApp) Shortcut: C:\Users\Eleonora\Desktop\Word.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation) Shortcut: C:\Users\Eleonora\Desktop\Zoom.lnk -> C:\Users\Eleonora\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.) Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Die original Moorhuhnjagd.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\MoorhuhnJagd\Moorhuhn.exe (Witan Entertainment BV) Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Fluch des Goldes spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Fluch des Goldes\mha2.exe () Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn 2 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn 2\Moorhuhn2.exe () Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn 3 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn 3\Moorhuhn3.exe (phenomedia publishing gmbh) Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Atlantis spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Atlantis\mhatlantis.exe () Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Directors Cut spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Directors Cut\mhdc.exe () Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Invasion spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Invasion\MoorhuhnInvasion.exe (phenomedia publishing gmbh) Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Kart 2 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Kart 2\MHK2-XXL.exe (Phenomedia AG) Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Kart 3 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Kart 3\Moorhuhn_Kart3.exe () Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Kart Extra spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Kart Extra\MHKE-XXL.exe (Phenomedia AG) Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Kart spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Kart\MHK-XXL.exe () Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Kart Thunder spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Kart Thunder\mhk4.exe () Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Piraten spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Piraten\MoorhuhnPiraten.exe () Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Remake spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Remake\MoorhuhnRemake.exe (phenomedia publishing gmbh) Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Wanted spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Wanted\MHW-XXL.exe (phenomedia publishing gmbh) Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Winter spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Winter\MoorhuhnWinter.exe () Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn X spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn X\MHX-XXL.exe (phenomedia publishing gmbh) Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Schatz des Pharao spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Schatz des Pharao\MHA-XXL.exe () Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Schatzjäger 2 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Schatzjäger 2\Schatzjaeger2.exe () Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Schatzjäger 3 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Schatzjäger 3\Schatzjaeger3.exe () Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Schatzjäger spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Schatzjäger\start.exe () Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Spielkiste.lnk -> C:\Program Files (x86)\Einfach_Spielen\spielkiste.exe (phenomedia publishing gmbh) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Eleonora\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarLeaf.lnk -> C:\Users\Eleonora\AppData\Local\StarLeaf\StarLeaf\StarLeaf.exe (StarLeaf Ltd.) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Zoom.lnk -> C:\Users\Eleonora\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp\WhatsApp.lnk -> C:\Users\Eleonora\AppData\Local\WhatsApp\WhatsApp.exe (WhatsApp) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Rockstar Games Launcher.lnk -> C:\Program Files\Rockstar Games\Launcher\LauncherPatcher.exe (Rockstar Games) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP Utility Center.lnk -> C:\Program Files\Hewlett-Packard\HP Utility Center\HPUC.exe (Hewlett-Packard Development Company, L.P.) Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Roaming\ClassicShell\Pinned\startscreen.lnk -> C:\Program Files\Classic Shell\ClassicStartMenu.exe (Keine Datei) Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\WildTangentGames.-GamesApp-_qt5r5pa5dyg8m\WTGames.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.ZuneVideo_8wekyb3d8bbwe\Microsoft.ZuneVideo.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.ZuneMusic_8wekyb3d8bbwe\Microsoft.ZuneMusic.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\Microsoft.XboxLIVEGames.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\App.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsScan_8wekyb3d8bbwe\App.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsReadingList_8wekyb3d8bbwe\Microsoft.WindowsReadingList.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Calendar.lnk -> [LFW1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweQmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar1SPSMԆi<D*TQ ModernCalendar\CalendarLogo.pngU!ModernCalendar\CalendarBadge.png]%ModernCalendar\CalendarSmallLogo.pngY$ModernCalendar\CalendarWideLogo.pngQ3]%ModernCalendar\CalendarLargeLogo.pngMms-resource:calendarAppTitleY$ModernCalendar\CalendarTinyLogo.pngi1SPS0%G`Mms-resource:calendarAppTitle-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Mail.lnk -> [LF)O1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweMmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mailv1SPSMԆi<D*TIModernMail\Res\MailLogo.pngMModernMail\Res\MailBadge.pngU!ModernMail\Res\MailSmallLogo.pngQ ModernMail\Res\MailWideLogo.pngrU!ModernMail\Res\MailLargeLogo.pngEms-resource:mailAppTitleQ ModernMail\Res\MailTinyLogo.pnga1SPS0%G`Ems-resource:mailAppTitleq1SPS}@H1U!ms-resource:mailShareDescription-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.People.lnk -> [LFS1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweOmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.People1SPSMԆi<D*TAModernPeople\People.pngMModernPeople\PeopleSmall.pngIModernPeople\PeopleWide.pngG&MModernPeople\PeopleLarge.png]%ms-resource:///strings/peopleAppNameIModernPeople\PeopleTiny.pngy1SPS0%G`]%ms-resource:///strings/peopleAppName1SPS}@H1e*ms-resource:///strings/raShareDescription-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsCalculator_8wekyb3d8bbwe\App.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsAlarms_8wekyb3d8bbwe\App.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.SkypeApp_kzf8qxf38zg5c\App.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Reader_8wekyb3d8bbwe\Microsoft.Reader.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Office.OneNote_8wekyb3d8bbwe\microsoft.onenoteim.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\App.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\MicrosoftMahjong.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.HelpAndTips_8wekyb3d8bbwe\HelpAndTips.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingWeather_8wekyb3d8bbwe\App.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingTravel_8wekyb3d8bbwe\AppexTravel.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingSports_8wekyb3d8bbwe\AppexSports.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingNews_8wekyb3d8bbwe\AppexNews.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingMaps_8wekyb3d8bbwe\AppexMaps.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingHealthAndFitness_8wekyb3d8bbwe\AppexHealthAndFitness.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\AppexFoodAndDrink.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingFinance_8wekyb3d8bbwe\AppexFinance.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\CyberLinkCorp.hs.YouCamforHP_06qsbagp91rvg\App.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\AD2F1837.HPRegistration_v10z8vjag6ke6\App.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\AD2F1837.HPConnectedPhotopoweredbySnapfish_v10z8vjag6ke6\App.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\AD2F1837.HPConnectedMusic_v10z8vjag6ke6\App.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\AD2F1837.GettingStartedwithWindows8_v10z8vjag6ke6\App.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\2703103D.McAfeeCentral_4ehj4w4frejdr\McAfeeCentral.lnk -> Tile and icon assets Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\134D4F5B.Box_2qk4zy5s3qmee\Box.lnk -> Tile and icon assets Shortcut: C:\Users\Public\Desktop\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated) Shortcut: C:\Users\Public\Desktop\Die Sims 2.lnk -> C:\Program Files (x86)\EA GAMES\Die Sims 2\TSBin\Sims2.exe (Maxis, a division of Electronic Arts Inc.) Shortcut: C:\Users\Public\Desktop\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\Users\Public\Desktop\HP Support Assistant.lnk -> C:\Program Files (x86)\HP\HP Support Framework\HP Support Assistant.ico () Shortcut: C:\Users\Public\Desktop\L.A. Noire.lnk -> C:\Program Files (x86)\Rockstar Games\L.A. Noire\LANLauncher.exe (Rockstar Games) Shortcut: C:\Users\Public\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) Shortcut: C:\Users\Public\Desktop\OBS Studio.lnk -> C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS) Shortcut: C:\Users\Public\Desktop\SMART Notebook.lnk -> C:\Program Files (x86)\SMART Technologies\Education Software\Notebook.exe (SMART Technologies ULC) Shortcut: C:\Users\Public\Desktop\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) Shortcut: C:\Users\Public\Desktop\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) Shortcut: C:\Users\Public\Desktop\updatepush.com.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) Shortcut: C:\Users\Public\Desktop\Worksheet Crafter.lnk -> C:\Program Files (x86)\Worksheet Crafter\WorksheetCrafter.exe (SchoolCraft GmbH) Shortcut: C:\Users\Public\Desktop\Zoo Tycoon 2.lnk -> C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe (Microsoft Corporation) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js command prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files (x86)\nodejs\nodevars.bat" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\Snapfish Fotos.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_de ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAServiceHelper.exe (Intel) -> installstartup ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk -> C:\Program Files\McAfee\TrueKey\Application\truekey.exe (McAfee, LLC) -> --open-source=startmenu ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\Tintenwerkzeug von SMART Touch.lnk -> C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTInk.exe (SMART Technologies) -> -showfinger ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Werkzeuge\Bildschirmvorhang.lnk -> C:\Program Files (x86)\SMART Technologies\Education Software\Spotlight.exe () -> -screenshade ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Uninstall Node.js.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {0E05CA72-D8DD-432F-A2CC-880034A48577} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Database Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\DATABASECOMPARE.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Spreadsheet Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\SPREADSHEETCOMPARE.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Zoo Tycoon 2\Zoo Tycoon 2 deinstallieren.lnk -> C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\UNINSTAL.EXE (Microsoft Corporation) -> /runtemp ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Klett\Oskar 1\Oskar 1 deinstallieren.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {DDA98552-EB62-4C76-8C43-3BB0E502DC36} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Recovery Manager\HP Recovery Media Creation.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \CRM ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Bejeweled 3.lnk -> C:\Program Files (x86)\WildGames\Bejeweled 3\bejeweled3-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Build-a-lot.lnk -> C:\Program Files (x86)\WildGames\Build-a-lot\Buildalot-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Crazy Chicken Soccer.lnk -> C:\Program Files (x86)\WildGames\Crazy Chicken Soccer\Moorhuhn-Soccer-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Dragons Of Atlantis.lnk -> C:\Program Files (x86)\WildTangent Games\Web Link - Dragons Of Atlantis\launcher.exe (WildTangent) -> /src gamesmenu ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Farm Frenzy.lnk -> C:\Program Files (x86)\WildGames\Farm Frenzy\Farm Frenzy-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Governor of Poker 2 Premium Edition.lnk -> C:\Program Files (x86)\WildGames\Governor of Poker 2 Premium Edition\GovernorofPoker2_PE_WildTangent_v1.5-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Plants vs. Zombies - Game of the Year.lnk -> C:\Program Files (x86)\WildGames\Plants vs Zombies - Game of the Year\plantsvszombies-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Ranch Rush 2 - Premium Edition.lnk -> C:\Program Files (x86)\WildGames\Ranch Rush 2 - Premium Edition\ranchrush2collectorsedition-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Vacation Quest™ - Australia.lnk -> C:\Program Files (x86)\WildGames\Vacation Quest - Australia\vacationquestaustralia-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Die Sims 2\Elektronische Registrierung.lnk -> C:\Program Files (x86)\EA GAMES\Die Sims 2\Support\EReg.exe (Electronic Arts, Inc.) -> "Sims2.exe" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Die ersten 10 Jahre deinstallieren.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1C12B0B2-91FB-439A-A64D-1A239F0B7FAB}\Setup.exe" -l0x7 -uninstshortcut ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Apps.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \SWR ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\BTR.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \BTR ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Driver.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \SWR ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\RMC.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \CRM ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\Eleonora\Desktop\Discord.lnk -> C:\Users\Eleonora\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe ShortcutWithArgument: C:\Users\Eleonora\Desktop\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home ShortcutWithArgument: C:\Users\Eleonora\Desktop\Microsoft Teams.lnk -> C:\Users\Eleonora\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe" ShortcutWithArgument: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk -> C:\Users\Eleonora\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe" ShortcutWithArgument: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\Eleonora\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Video Communications, Inc.) -> /uninstall ShortcutWithArgument: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord.lnk -> C:\Users\Eleonora\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe ShortcutWithArgument: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto ShortcutWithArgument: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation) -> /recycle ShortcutWithArgument: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) -> /recycle ShortcutWithArgument: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E} ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D} ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default ShortcutWithArgument: C:\Users\Public\Desktop\True Key.lnk -> C:\Program Files\McAfee\TrueKey\Application\truekey.exe (McAfee, LLC) -> --open-source=dtopicon InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worksheet Crafter\Die Webseite zum Worksheet Crafter .url -> URL: hxxps://www.getschoolcraft.com InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js documentation.url -> URL: hxxps://nodejs.org/download/release/v6.10.3/docs/api/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js website.url -> URL: hxxp://nodejs.org/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Zoo Tycoon 2\Weblinks\Onlineregistrierung.url -> URL: hxxp://go.microsoft.com/fwlink/?linkid=35544 InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Zoo Tycoon 2\Weblinks\Zoo Tycoon 2-Homepage.url -> URL: hxxp://www.microsoft.com/germany/games/zootycoon/zoo2/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Die Sims 2\Online nach Update suchen.url -> URL: hxxp://thesims2.ea.com/update/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> InternetURL: C:\Users\Default\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://redirect.hp.com/svs/rdr?locale=de_de&c=142&bd=pavilion&tp=iefavbar&s=amazon&pf=cnnb&TYPE=4 InternetURL: C:\Users\Default\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://redirect.hp.com/svs/rdr?locale=de_de&c=142&bd=pavilion&tp=iefavbar&s=amazon&pf=cnnb&TYPE=4 InternetURL: C:\Users\Default\Favorites\HP\Snapfish Fotos.url -> URL: hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_de InternetURL: C:\Users\Default\Favorites\HP\WildTangent Games for HP.url -> URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cnnb&locale=de_de&bd=all&c=143 InternetURL: C:\Users\Eleonora\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142 InternetURL: C:\Users\Eleonora\Favorites\Classic Shell - Start menu and other Windows enhancements.url -> URL: hxxp://www.classicshell.net/ InternetURL: C:\Users\Eleonora\Favorites\Portfolio\Portfolio Beschreibung.url -> URL: hxxp://methodenpool.uni-koeln.de/download/portfolio.pdf InternetURL: C:\Users\Eleonora\Favorites\Portfolio\Portfolio Theorie.url -> URL: hxxp://methodenpool.uni-koeln.de/download/portfolio.pdf InternetURL: C:\Users\Eleonora\Favorites\Portfolio\Portfolio-Schule.url -> BASEURL: hxxp://www.portfolio-schule.de/ URL: hxxp://www.portfolio-schule.de/ InternetURL: C:\Users\Eleonora\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://redirect.hp.com/svs/rdr?locale=de_de&c=142&bd=pavilion&tp=iefavbar&s=amazon&pf=cnnb&TYPE=4 InternetURL: C:\Users\Eleonora\Favorites\Links\Android-Frühjahrsputz Schnell wie am ersten Tag - PC-WELT.url -> BASEURL: hxxp://www.pcwelt.de/ratgeber/Android_wieder_schnell_wie_am_ersten_Tag-Smartphone_aufraeumen-7837689.html URL: hxxp://www.pcwelt.de/ratgeber/Android_wieder_schnell_wie_am_ersten_Tag-Smartphone_aufraeumen-7837689.html InternetURL: C:\Users\Eleonora\Favorites\Links\cablemail.de Webinterface Willkommen beim cablemail.de Webinterface.url -> URL: hxxps://mail.cablemail.de/roundcube/ InternetURL: C:\Users\Eleonora\Favorites\Links\YouTube.url -> URL: hxxps://www.youtube.com/ InternetURL: C:\Users\Eleonora\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://redirect.hp.com/svs/rdr?locale=de_de&c=142&bd=pavilion&tp=iefavbar&s=amazon&pf=cnnb&TYPE=4 InternetURL: C:\Users\Eleonora\Favorites\HP\Snapfish Fotos.url -> URL: hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_de InternetURL: C:\Users\Eleonora\Favorites\HP\WildTangent Games for HP.url -> URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cnnb&locale=de_de&bd=all&c=143 InternetURL: C:\Users\Eleonora\Dropbox\Get Started with Dropbox Paper.url -> URL: hxxps://www.dropbox.com/login?_tk=dropbox_desktop_urlfile&cont=https%3A%2F%2Fpaper.dropbox.com%2Fpad%2Fopen-or-create-sample%2Fintro®ister_cont=https%3A%2F%2Fpaper.dropbox.com%2Fpad%2Fopen-or-create-sample%2Fintro InternetURL: C:\Users\Eleonora\Desktop\Cities Skylines.url -> URL: steam://rungameid/255710 InternetURL: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Cities Skylines.url -> URL: steam://rungameid/255710 ==================== Ende vom Shortcut.txt ============================= Geändert von dorinora (08.08.2021 um 19:20 Uhr) |
08.08.2021, 19:25 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Audacity Malware heruntergeladen Bitte alle Logs in CODE-Tags posten.
__________________
__________________ |
08.08.2021, 20:14 | #3 |
| Windows 10: Audacity Malware heruntergeladen Hier noch die fehlenden CODE-Tags.
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 07-08-2021 durchgeführt von Eleonora (08-08-2021 14:21:39) Gestartet von C:\Users\Eleonora\Downloads Windows 10 Home Version 20H2 19042.1110 (X64) (2021-03-12 23:22:36) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-3041158100-3232429967-454566112-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3041158100-3232429967-454566112-503 - Limited - Disabled) Eleonora (S-1-5-21-3041158100-3232429967-454566112-1001 - Administrator - Enabled) => C:\Users\Eleonora Gast (S-1-5-21-3041158100-3232429967-454566112-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3041158100-3232429967-454566112-1003 - Limited - Enabled) WDAGUtilityAccount (S-1-5-21-3041158100-3232429967-454566112-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{E407C8D7-09C6-4056-BFAD-68C5FD8340F0}) (Version: 1.3 - Eyeo GmbH) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.) Bejeweled 3 (HKLM-x32\...\WTA-1ee772db-7059-4026-8bff-4853ce37c4cb) (Version: 2.2.0.98 - WildTangent) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Build-a-lot (HKLM-x32\...\WTA-75a48dff-d031-4477-89f3-89a56af30e7d) (Version: 2.2.0.98 - WildTangent) Hidden Building the Great Wall of China Collector's Edition (HKLM-x32\...\WTA-9f8ca7c9-8662-4ca3-9fbb-d22977c235eb) (Version: 3.0.2.48 - WildTangent) Hidden Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft) Crazy Chicken Soccer (HKLM-x32\...\WTA-6694393f-4e0e-4ecd-ba98-3adb8a5192a7) (Version: 2.2.0.110 - WildTangent) Hidden CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.9.4928 - CyberLink Corp.) CyberLink MediaEspresso 6.7 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.7.4.6127 - CyberLink Corp.) Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.) CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.6.5104 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.10.5422 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3604 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.5.4628 - CyberLink Corp.) Die ersten 10 Jahre (HKLM-x32\...\{1C12B0B2-91FB-439A-A64D-1A239F0B7FAB}) (Version: 1.00.0000 - ) Die Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version: - ) DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden Discord (HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\Discord) (Version: 0.0.310 - Discord Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 128.4.2870 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.485.1 - Dropbox, Inc.) Hidden Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company) Evernote v. 5.2 (HKLM-x32\...\{412F6426-A3C7-11E3-8A71-00163E98E7D6}) (Version: 5.2.0.2951 - Evernote Corp.) Farm Frenzy (HKLM-x32\...\WTA-6233138d-600b-459b-b424-ff051406282c) (Version: 2.2.0.98 - WildTangent) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC) Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-4364d7d1-bfa9-4f9b-be07-bb5e52f70136) (Version: 2.2.0.110 - WildTangent) Hidden HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{4BBA238C-9E5D-40F9-8AC6-FACB736752B9}) (Version: 1.1.0.0 - Hewlett-Packard) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard) HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.46 - Hewlett-Packard) HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.18.34.21 - Hewlett-Packard Company) HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company) HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.) HP Utility Center (HKLM\...\{36F80C5F-DC0D-4DF4-AF09-DC1867F0EB0A}) (Version: 2.4.4 - Hewlett-Packard Company) HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard Company) Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.46 - Softex Inc.) Hidden Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.46 - Softex Inc.) Hidden Intel Driver && Support Assistant (HKLM-x32\...\{10BECC47-44EA-43BF-90F7-6A392DD15F06}) (Version: 21.4.29.8 - Intel) Hidden Intel(R) Computing Improvement Program (HKLM\...\{50883721-017E-40C5-9B65-F11F20DE8B45}) (Version: 2.4.07630 - Intel Corporation) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5058 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.16.1063 - Intel Corporation) Intel(R) Smart Connect Technology (HKLM\...\{8B4EA042-9E21-46FB-8286-225F4D51CC52}) (Version: 4.2.41.2710 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{EA877F2C-A0FB-4379-83D0-734540686C80}) (Version: 17.1.1531.1764 - Intel Corporation) Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden Intel® Driver & Support Assistant (HKLM-x32\...\{0a6e5067-9368-4f32-be84-aac5f85dc5c3}) (Version: 21.4.29.8 - Intel) Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation) Jewel Match 3 (HKLM-x32\...\WTA-36dae6a4-f8f1-469d-9311-ee623efff17f) (Version: 2.2.0.98 - WildTangent) Hidden L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games) McAfee True Key (HKLM\...\TrueKey) (Version: 5.3.138.1 - McAfee, LLC) MHS 1-2 - Bayern Version 1.0 (HKLM-x32\...\{5FCA0FD8-0D3A-4682-8EFE-863CF915EDFE}_is1) (Version: 1.0 - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterweg Schöningh Winklers GmbH) Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.14228.20204 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.50 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 89.0.774.68 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\OneDriveSetup.exe) (Version: 21.129.0627.0002 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\Teams) (Version: 1.4.00.8872 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29112 (HKLM-x32\...\{be826f5f-eda5-45a2-a3fe-c2cb5c1b9842}) (Version: 14.27.29112.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 90.0.2 (x64 de)) (Version: 90.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.3 - Mozilla) NVIDIA Grafiktreiber 446.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 446.14 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.4 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14228.20204 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20204 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20204 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.14228.20204 - Microsoft Corporation) Hidden Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-a31469a9-6a11-433d-881f-ebc90d4dbd29) (Version: 3.0.2.51 - WildTangent) Hidden Polar Bowler (HKLM-x32\...\WTA-9b964062-9b05-4f25-9294-c28bbf192213) (Version: 2.2.0.97 - WildTangent) Hidden Ranch Rush 2 - Premium Edition (HKLM-x32\...\WTA-e71c857e-11de-4663-b99f-d56ce1cfa303) (Version: 2.2.0.98 - WildTangent) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.40 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.23.252 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.6 - Rockstar Games) SMART Gallery Essentials (HKLM-x32\...\{B1BCD573-39C5-48CD-A2A7-F6525BB7072B}) (Version: 2.0.2.0 - SMART Technologies ULC) SMART German Handwriting Resources (HKLM-x32\...\{2B73B4A7-03E4-437F-9E7F-AE533A93D4A2}) (Version: 15.1.10.0 - SMART Technologies ULC) SMART Ink (HKLM-x32\...\{1B6934C5-BA75-4C7D-B3BA-D73B4DDB42A5}) (Version: 5.5.340.0 - SMART Technologies ULC) SMART Lesson Activity Toolkit (HKLM-x32\...\{8AD57A09-153E-4F6D-A269-0AD8AC54B82A}) (Version: 2.0.7.0 - SMART Technologies ULC) SMART Notebook (HKLM-x32\...\{67A22506-25EF-4F7A-97A8-9293345093E1}) (Version: 19.0.2576.1 - SMART Technologies ULC) SMART Produkttreiber (HKLM-x32\...\{BF782898-838D-4FA4-9D3E-FC6F27E76D89}) (Version: 12.13.46.0 - SMART Technologies ULC) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated) Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.17057 - Microsoft Corporation) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.15.5 - TeamViewer) TechSmith Screen Capture Codec (HKLM-x32\...\{84FE50F5-B0F3-4D18-8BE8-A4DEEE0C37AD}) (Version: 4.1.1.0 - TechSmith Corporation) Hidden Trinklit Supreme (HKLM-x32\...\WTA-1b99ba4f-b7d0-497d-ba69-f983b14c86b3) (Version: 2.2.0.98 - WildTangent) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_STANDARD_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_STANDARD_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_STANDARD_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_STANDARD_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) Vacation Quest™ - Australia (HKLM-x32\...\WTA-8e02fba1-9770-4e68-b0bc-0c6a4de329d2) (Version: 3.0.2.32 - WildTangent) Hidden Validity WBF DDK (HKLM\...\{21498212-1146-4540-8A81-6A1328BA19F2}) (Version: 4.5.228.0 - Validity Sensors, Inc.) Virtual Families (HKLM-x32\...\WTA-6b0d88e0-57df-4bbc-84c2-db5f11a97dbc) (Version: 2.2.0.98 - WildTangent) Hidden VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN) Wedding Dash (HKLM-x32\...\WTA-750dadc0-8f26-4281-8e17-e4caa99c8c87) (Version: 2.2.0.95 - WildTangent) Hidden WhatsApp (HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\WhatsApp) (Version: 2.2126.15 - WhatsApp) WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) Youda Jewel Shop (HKLM-x32\...\WTA-bb9e074d-690b-4444-885a-98dba7d68858) (Version: 3.0.2.51 - WildTangent) Hidden Zoo Tycoon 2 (HKLM-x32\...\Zoo Tycoon 2) (Version: 1.0 - Microsoft) Zoom (HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\ZoomUMX) (Version: 5.5.4 (13142.0301) - Zoom Video Communications, Inc.) Packages: ========= - Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2015-06-27] (WildTangent Games) Box for Windows 8 -> C:\Program Files\WindowsApps\134D4F5B.Box_2.1.4.4_neutral__2qk4zy5s3qmee [2015-11-12] (Box, Inc.) Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.7.46.0_x86__kgqvnymyfvs32 [2021-08-06] (king.com) Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.198.300.0_x86__kgqvnymyfvs32 [2021-07-22] (king.com) Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-19] (Canon Inc.) Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_6.1.13.0_x86__h6adky7gbf63m [2021-07-15] (Gameloft SE) Erste Schritte mit Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2015-04-01] (Hewlett-Packard Company) Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation) HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2015-04-01] (Hewlett-Packard Company) HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.7.536.0_x64__v10z8vjag6ke6 [2021-07-11] (HP Inc.) Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-07] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad] Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.0.11030.0_x64__8wekyb3d8bbwe [2020-11-26] (Microsoft Studios) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-06] (Microsoft Studios) [MS Ad] MSN Gesundheit & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad] MSN Kochen & Genuss -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad] MSN Reisen -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-27] (NVIDIA Corp.) Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-14] (Twitter Inc.) YouCam for HP -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.YouCamforHP_1.0.2.29632_x86__06qsbagp91rvg [2015-04-01] (CYBERLINKCOM CORP) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-3041158100-3232429967-454566112-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Eleonora\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20339.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3041158100-3232429967-454566112-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (Intel Corporation -> Intel) CustomCLSID: HKU\S-1-5-21-3041158100-3232429967-454566112-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated) CustomCLSID: HKU\S-1-5-21-3041158100-3232429967-454566112-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Eleonora\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3041158100-3232429967-454566112-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Eleonora\Dropbox [2019-09-05 20:58] ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-12-23] (CyberLink Corp. -> Cyberlink) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-12-23] (CyberLink Corp. -> Cyberlink) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_0ebd0596825b39a0\nvshext.dll [2020-05-18] (NVIDIA Corporation -> NVIDIA Corporation) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [442368 2005-02-26] (On2.com) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [442368 2005-02-26] (On2.com) [Datei ist nicht signiert] ==================== Verknüpfungen & WMI ======================== ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2015-07-03 00:05 - 2015-07-03 00:05 - 000022528 _____ (%CFullName%) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll 2015-07-03 00:17 - 2015-07-03 00:17 - 000886784 _____ (%CFullName%) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\OpBHO64.dll 2015-07-03 00:06 - 2015-07-03 00:06 - 000055808 _____ (%CFullName%) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll 2015-07-03 00:06 - 2015-07-03 00:06 - 000036864 _____ (%CFullName%) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll 2021-04-13 12:36 - 2021-04-13 12:36 - 005745664 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module.dll 2015-07-03 00:07 - 2015-07-03 00:07 - 002174464 _____ (Hewlett-Packard) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll 2015-07-03 00:06 - 2015-07-03 00:06 - 000717824 _____ (Hewlett-Packard) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\storeng.dll 2015-07-03 00:07 - 2015-07-03 00:07 - 001138176 _____ (Hewlett-Packard) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\userdata.dll 2021-05-12 20:07 - 2021-05-12 20:07 - 001638912 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll 2021-05-21 14:04 - 2021-05-21 14:04 - 000130048 _____ (Sam Grogan) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Intel\Driver and Support Assistant\NotifyIconWin32.dll 2021-03-13 00:49 - 2021-03-13 00:49 - 000649360 _____ (SMART Technologies ULC -> Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_smarttech.ms.vc120.crt_e7e76aadd9f46776_1.0.19.0_none_affc467131f8f86a\MSVCP120.dll 2021-03-13 00:49 - 2021-03-13 00:49 - 000952464 _____ (SMART Technologies ULC -> Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_smarttech.ms.vc120.crt_e7e76aadd9f46776_1.0.19.0_none_affc467131f8f86a\MSVCR120.dll 2015-07-03 00:18 - 2015-07-03 00:18 - 000862800 _____ (Softex Incorporated -> %CFullName%) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll 2015-07-03 00:18 - 2015-07-03 00:18 - 000764496 _____ (Softex Incorporated -> Hewlett-Packard) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\hdddrv.dll 2015-07-03 00:18 - 2015-07-03 00:18 - 000542288 _____ (Softex Incorporated -> Hewlett-Packard) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll 2015-07-03 00:18 - 2015-07-03 00:18 - 001613392 _____ (Softex Incorporated -> Hewlett-Packard) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\Wbf.dll 2021-05-12 20:07 - 2021-05-12 20:07 - 002122240 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\WINDOWS\system32\AERTAC64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\AERTAR64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\CX64APO.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_33.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_34.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_35.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_36.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_37.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_38.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_40.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_41.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_42.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_43.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_42.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx10.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx10_33.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx10_34.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx10_35.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx10_36.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx10_37.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\d3dx10_38.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx10_40.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx10_41.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx10_42.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx10_43.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx11_42.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx11_43.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx9_24.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx9_25.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx9_26.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx9_27.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx9_28.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx9_29.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx9_31.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx9_32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx9_33.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx9_34.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx9_35.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx9_36.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\D3DX9_37.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\D3DX9_38.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\D3DX9_40.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\D3DX9_41.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\D3DX9_42.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\D3DX9_43.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4531.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCComp64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437654.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437682.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437654.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437682.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RP3DAA64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RP3DHT64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RtDataProc64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RTEED64A.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RTEEG64A.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RTEEL64A.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RTEEP64A.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RtNicProp64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\sl3apo64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\slcnt64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\slprp64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\sltech64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SRAPO64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SRCOM.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SRCOM64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SRRPTR64.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\SRSTSX64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SRSWOW64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SynTPCo41.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_1.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_2.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_3.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_4.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_5.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_6.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_7.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\xactengine2_0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\xactengine2_10.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\xactengine2_2.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\xactengine2_3.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\xactengine2_4.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\xactengine2_5.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\xactengine2_6.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\xactengine2_7.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\xactengine2_8.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\xactengine2_9.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\xactengine3_0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\xactengine3_1.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\xactengine3_2.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\xactengine3_3.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\xactengine3_4.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\xactengine3_5.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\xactengine3_6.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_1.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_2.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_3.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_4.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_5.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\XAudio2_0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\XAudio2_1.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\XAudio2_2.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\XAudio2_3.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\XAudio2_4.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\XAudio2_5.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\XAudio2_6.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\XAudio2_7.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\xinput1_2.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\xinput1_3.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\RtlExUpd.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_41.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_43.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_42.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_33.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_34.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_35.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_36.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_37.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_38.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_40.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_41.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_42.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_43.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_42.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_43.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_24.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_25.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_26.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_27.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_28.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_29.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_33.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_34.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_35.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_36.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_37.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_38.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_40.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_41.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_43.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\SRCOM.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_1.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_10.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_2.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_3.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_4.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_5.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_6.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_7.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_8.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_9.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_1.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_2.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_3.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_4.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_5.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_6.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_5.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_1.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_2.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_3.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_4.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_5.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_6.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_7.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_2.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_3.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\CFRMD.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\CLVirtualDrive.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\intelaud.sys:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\Drivers\rt640x64.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [64] AlternateDataStreams: C:\Users\Eleonora\Downloads\376.33-notebook-win10-64bit-international-whql.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Eleonora\Downloads\376.33-notebook-win10-64bit-international-whql.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Eleonora\Downloads\adblock_plus-2.7.3-sm_tb_fx_an(1).zip:$CmdTcID [64] AlternateDataStreams: C:\Users\Eleonora\Downloads\adblock_plus-2.7.3-sm_tb_fx_an(1).zip:$CmdZnID [26] AlternateDataStreams: C:\Users\Eleonora\Downloads\adblock_plus-2.7.3-sm_tb_fx_an.zip:$CmdTcID [64] AlternateDataStreams: C:\Users\Eleonora\Downloads\adblock_plus-2.7.3-sm_tb_fx_an.zip:$CmdZnID [26] AlternateDataStreams: C:\Users\Eleonora\Downloads\avira_de_fass0_58a1d02b26e1e__ws.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Eleonora\Downloads\avira_de_fass0_58a1d02b26e1e__ws.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Eleonora\Downloads\SteamSetup.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Eleonora\Downloads\SteamSetup.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Eleonora\Downloads\TeamViewerQS.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Eleonora\Downloads\TeamViewerQS.exe:$CmdZnID [26] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4 HKU\S-1-5-21-3041158100-3232429967-454566112-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4 SearchScopes: HKLM -> {910174F9-9C31-45EB-AE64-875F632F64A7} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> {910174F9-9C31-45EB-AE64-875F632F64A7} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-3041158100-3232429967-454566112-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3041158100-3232429967-454566112-1001 -> {910174F9-9C31-45EB-AE64-875F632F64A7} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc -> Google Inc.) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2021-06-27] (HP Inc. -> HP Inc.) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-12-16] (Eyeo GmbH -> Adblock Plus) [Datei ist nicht signiert] BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-04] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) [Datei ist nicht signiert] BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc -> Google Inc.) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2021-06-27] (HP Inc. -> HP Inc.) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-12-16] (Eyeo GmbH -> Adblock Plus) [Datei ist nicht signiert] Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc -> Google Inc.) Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc -> Google Inc.) Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-04] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-04] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-04] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-04] (Microsoft Corporation -> Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\localhost -> localhost ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2017-09-29 15:46 - 2017-02-05 11:33 - 000000861 _____ C:\WINDOWS\system32\drivers\etc\hosts 0.0.0.1 mssplus.mcafee.com 2020-04-22 20:09 - 2020-04-22 20:09 - 000000435 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Hewlett-Packard\SimplePass\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\nodejs\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-3041158100-3232429967-454566112-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg DNS Servers: 195.234.128.139 - 217.68.162.126 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKLM\...\StartupApproved\Run: => "NvBackend" HKLM\...\StartupApproved\Run: => "COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}" HKLM\...\StartupApproved\Run32: => "Avira Safe Shopping" HKLM\...\StartupApproved\Run32: => "HPMessageService" HKLM\...\StartupApproved\Run32: => "Dropbox" HKLM\...\StartupApproved\Run32: => "sbsdk-server" HKLM\...\StartupApproved\Run32: => "SMART Board Service" HKLM\...\StartupApproved\Run32: => "SMART Ink" HKLM\...\StartupApproved\Run32: => "SMARTNotification" HKLM\...\StartupApproved\Run32: => "SMART Tray Tools" HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller" HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\StartupApproved\Run: => "Power2GoExpress8" HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{37E48BA8-A35D-488B-93AE-3AC312C0E1FB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{A1482596-B346-4179-81F7-D36E2FE2A537}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{C78F6B50-C369-4013-9D6D-84C8EA7B1E5F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{1FBD5C52-9CA9-481C-86A4-54E060A4A4B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{091C4F66-A873-46E5-AD8F-4D98EA7EF749}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{78683649-97ED-48F1-B3E7-D560D5B8DDC7}] => (Allow) C:\Users\Eleonora\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{3F36AB6A-DA53-4A95-A6DE-EE47FE83B978}] => (Allow) C:\Users\Eleonora\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{6280C939-4076-420E-B501-960A68BCB2A5}] => (Allow) C:\Users\Eleonora\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [UDP Query User{A3B1AE11-6447-438C-9C42-616D3D496A0D}C:\users\eleonora\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\eleonora\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{EA4AA603-3545-4FD1-8DE0-CC4B770F62CE}C:\users\eleonora\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\eleonora\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{391E1B8D-C3C6-4EF3-861B-DC2F34BF6CBB}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{99481F81-C37F-41EC-A59C-311B468466C5}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{46C33158-C644-49AD-AB3B-54EE99F0E3F6}] => (Allow) C:\Users\Eleonora\AppData\Local\StarLeaf\StarLeaf\2\StarLeafc.exe (StarLeaf Ltd -> StarLeaf Ltd.) FirewallRules: [{E74EB808-62F0-45D4-92AB-84D6B3833077}] => (Allow) C:\Users\Eleonora\AppData\Local\StarLeaf\StarLeaf\1\StarLeafc.exe (StarLeaf Ltd -> StarLeaf Ltd.) FirewallRules: [{2F0335C7-2DCF-46DA-85BA-FFE180DC4C55}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{FFAAA848-2689-474D-8522-A462D58F0738}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{7E5A1FBC-F55B-486D-A66E-D35A4A5C1A96}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{25DD2597-F7C3-4FD2-A369-AB37C37AE221}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe (SMART Technologies ULC -> SMART Technologies) FirewallRules: [{96FD8770-032B-47A6-8136-A20B62F5B002}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe (SMART Technologies ULC -> SMART Technologies) FirewallRules: [{3A7FD33B-4A64-434E-B4BB-76CD16E844D0}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCService.exe (SMART Technologies ULC -> SMART Technologies) FirewallRules: [{32DE17BB-732A-4C99-AA90-60CBE650AB01}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCService.exe (SMART Technologies ULC -> SMART Technologies) FirewallRules: [{A2BB17D0-3210-4A5D-9E32-F46BAAB21D2D}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCGui.exe (SMART Technologies ULC -> SMART Technologies) FirewallRules: [{9A19BC4D-58CC-49BE-92D2-B52351FC53F0}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCGui.exe (SMART Technologies ULC -> SMART Technologies) FirewallRules: [{D475A119-C543-4006-BEA8-CABB06837A1B}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\Notebook.exe (SMART Technologies ULC -> SMART Technologies ULC) FirewallRules: [{974FA4A7-7AF2-44DC-A8C1-B2D3F791D420}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\Notebook.exe (SMART Technologies ULC -> SMART Technologies ULC) FirewallRules: [{DFEE7516-E664-4070-B546-691979D1EF25}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{87A33855-024A-4804-AC40-32A520E4CE6A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{D16C500C-3F83-47B3-92E6-31BF84794442}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{AF978F4B-9FE9-4A6D-8E87-A23B48AB8198}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{2E1905E5-0F5F-4714-A574-469BEC46FDF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe () [Datei ist nicht signiert] FirewallRules: [{E9696F87-01B0-4570-B582-0CE17D16BB04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe () [Datei ist nicht signiert] FirewallRules: [{4A2E6037-C0E1-4DB6-965C-C4522FA3827B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{FF11E873-C169-4D1B-AF47-3F21ABAF8C74}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{7D61CE80-8715-4038-B7E2-B7415FCA4991}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{0818B228-3DD7-437C-9FFA-45E9ED62C866}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{92DDBC00-6557-403F-8577-68EB95E4DB39}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe => Keine Datei FirewallRules: [{C062FF91-EEFB-4EB8-AD12-E50C8DEAE069}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink Corp. -> CyberLink) FirewallRules: [{89C1B47A-644D-4474-98E5-0F605E2518F9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => Keine Datei FirewallRules: [{8F7B0570-505D-40DB-AFCA-471C2E958F4F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{12105812-BD88-4D3A-9554-1E23D451E11D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe => Keine Datei FirewallRules: [{252DFA28-6012-4E33-BBFF-F50264EE03ED}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{AE47F7BE-025B-4280-BF83-9FE64D83E6F4}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => Keine Datei FirewallRules: [{ED9EE3C2-9F3B-4E86-A5B4-F2F9BBDB2E6F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => Keine Datei FirewallRules: [{8C9FB903-0C85-42D4-827F-A10BD3A86CC8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{5950D0C5-07E9-4956-A372-FAE1CD98D1AF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{5C2479AA-F607-4B07-913C-8991E5D4B3C1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{46DA3073-9D33-4F86-BA03-4779A90E197E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{C899F1C0-44F5-4E66-9356-47A8041A46B2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{D02409E5-0872-4A10-90F8-3344C9C1BB23}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{F5B1ED71-6392-4461-A5B7-1F1ECEAF33ED}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{7D2E8ED7-F4AB-4909-AACF-2DFEC7CAE66A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{64798149-A439-4700-BA0D-CFA18057F668}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe (Microsoft Corporation) [Datei ist nicht signiert] FirewallRules: [{3EE84EB4-D4A1-414D-9214-13B3F8EC7D90}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe (Microsoft Corporation) [Datei ist nicht signiert] FirewallRules: [TCP Query User{BD379053-E29A-44B2-852A-D064C91DD4F8}C:\program files (x86)\phenomedia\die ersten 10 jahre\moorhuhn kart 3\moorhuhn_kart3.exe] => (Block) C:\program files (x86)\phenomedia\die ersten 10 jahre\moorhuhn kart 3\moorhuhn_kart3.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{7192A7C2-C6D3-47F2-9AEF-7A133F3D2C71}C:\program files (x86)\phenomedia\die ersten 10 jahre\moorhuhn kart 3\moorhuhn_kart3.exe] => (Block) C:\program files (x86)\phenomedia\die ersten 10 jahre\moorhuhn kart 3\moorhuhn_kart3.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{4A15B294-0A6F-4976-8AAA-C8D8D0D2DEF9}C:\program files (x86)\phenomedia\die ersten 10 jahre\moorhuhn kart 3\moorhuhn_kart3.exe] => (Block) C:\program files (x86)\phenomedia\die ersten 10 jahre\moorhuhn kart 3\moorhuhn_kart3.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{E0337B59-2B24-4021-91EC-6CDCC93DA221}C:\program files (x86)\phenomedia\die ersten 10 jahre\moorhuhn kart 3\moorhuhn_kart3.exe] => (Block) C:\program files (x86)\phenomedia\die ersten 10 jahre\moorhuhn kart 3\moorhuhn_kart3.exe () [Datei ist nicht signiert] FirewallRules: [{6D50AF0A-170C-4DFB-82DA-92D22CEC22C9}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> ) FirewallRules: [{BD4AD8A6-D2FB-4C43-81D3-599AECC550DE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\89.0.774.68\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6DB5AC7B-33DC-45F5-81F7-6E5D41EA4F4F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9AF04D15-C020-42AF-B11A-F4E973455329}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{BF413056-816E-4AF0-8AB4-1E125DF0BF6B}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> ) FirewallRules: [{E6CF30B6-D3FF-4C8D-8D00-08A31208C951}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> ) FirewallRules: [{AC281FF1-12A1-4BA7-879C-3209A9179554}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> ) FirewallRules: [{1B502997-94D6-4992-B943-542FBD52AF80}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> ) FirewallRules: [{7EF72C3C-A62D-49BA-9FEA-CF1495A50624}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{10A93D5C-46DC-4FFF-A307-104B447F3E1B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0B03C791-8C84-449B-A79D-B069AFE3664F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{576EF928-2042-4BB8-8199-2F6CB3335167}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) ==================== Wiederherstellungspunkte ========================= 04-08-2021 12:24:50 Geplanter Prüfpunkt ==================== Fehlerhafte Geräte im Gerätemanager ============ ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (08/08/2021 02:10:37 PM) (Source: DbxSvc) (EventID: 281) (User: ) Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden. Error: (08/08/2021 02:10:37 PM) (Source: DbxSvc) (EventID: 281) (User: ) Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden. Error: (08/08/2021 02:08:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: msedge.exe, Version: 89.0.774.50, Zeitstempel: 0x60482869 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.1110, Zeitstempel: 0x4809adf2 Ausnahmecode: 0xc06d007e Fehleroffset: 0x0000000000034ed9 ID des fehlerhaften Prozesses: 0x297c Startzeit der fehlerhaften Anwendung: 0x01d78c4e1c60960b Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll Berichtskennung: 0c7c346b-1662-4e70-bcfe-21ae324776c5 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (08/07/2021 09:30:58 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: msedge.exe, Version: 89.0.774.50, Zeitstempel: 0x60482869 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.1110, Zeitstempel: 0x4809adf2 Ausnahmecode: 0xc06d007e Fehleroffset: 0x0000000000034ed9 ID des fehlerhaften Prozesses: 0x4148 Startzeit der fehlerhaften Anwendung: 0x01d78b5e28db8908 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll Berichtskennung: 52d50184-67e6-4aed-8e88-c3431c2678e0 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (08/04/2021 07:39:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: msedge.exe, Version: 89.0.774.50, Zeitstempel: 0x60482869 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.1110, Zeitstempel: 0x4809adf2 Ausnahmecode: 0xc06d007e Fehleroffset: 0x0000000000034ed9 ID des fehlerhaften Prozesses: 0x378 Startzeit der fehlerhaften Anwendung: 0x01d78957baa4b451 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll Berichtskennung: 7db63834-28e6-4b8b-be1e-987f92bb4916 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (08/04/2021 07:39:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: msedge.exe, Version: 89.0.774.50, Zeitstempel: 0x60482869 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.1110, Zeitstempel: 0x4809adf2 Ausnahmecode: 0xc06d007e Fehleroffset: 0x0000000000034ed9 ID des fehlerhaften Prozesses: 0x34b4 Startzeit der fehlerhaften Anwendung: 0x01d78957baab5d75 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll Berichtskennung: 75d224d7-a9f1-477d-a188-1846b2e617ca Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (08/04/2021 01:20:25 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15656 Error: (08/04/2021 01:20:25 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 15656 Systemfehler: ============= Error: (08/08/2021 02:05:29 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (08/07/2021 06:57:18 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (08/07/2021 09:13:14 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (08/06/2021 04:00:32 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (08/06/2021 10:54:01 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: Der Server "{F3B4E234-7A68-4E43-B813-E4BA55A065F6}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (08/06/2021 10:15:47 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (08/06/2021 08:28:01 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (08/05/2021 07:59:12 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Windows Defender: ================ Date: 2021-08-06 09:04:58 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {EBFBCEF2-32F9-48E0-B45A-E38CAA3659A1} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2021-07-29 17:45:48 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {E9349998-3DF5-43C7-A4CA-4C3AA0E3B437} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2021-07-28 17:16:43 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {9A2C5647-90D0-4860-9C5F-B32EF5B5A59C} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2021-07-27 21:05:09 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {3E0891D9-F4BA-4C1C-BF58-6E62EF4B3903} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2021-07-26 21:59:31 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {25001B93-9A55-4886-BC7E-9069EA4EB418} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2021-07-25 17:26:52 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.343.1644.0 Update Source: Microsoft Center zum Schutz vor Schadsoftware Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\Netzwerkdienst Aktuelle Modulversion: %Vorherige Modulversion: 1.1.18300.4 Fehlercode: 0x8050a003 Fehlerbeschreibung: Dieses Paket enthält keine aktuellen Definitionsdateien für das Programm. Weitere Informationen finden Sie in "Hilfe und Support". Date: 2021-07-25 17:26:52 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.343.1644.0 Update Source: Microsoft Center zum Schutz vor Schadsoftware Sicherheitstyp: AntiSpyware Updatetyp: Voll Benutzer: NT-AUTORITÄT\Netzwerkdienst Aktuelle Modulversion: %Vorherige Modulversion: 1.1.18300.4 Fehlercode: 0x8050a003 Fehlerbeschreibung: Dieses Paket enthält keine aktuellen Definitionsdateien für das Programm. Weitere Informationen finden Sie in "Hilfe und Support". Date: 2021-07-25 17:26:52 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.343.1644.0 Update Source: Microsoft Center zum Schutz vor Schadsoftware Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\Netzwerkdienst Aktuelle Modulversion: %Vorherige Modulversion: 1.1.18300.4 Fehlercode: 0x8050a003 Fehlerbeschreibung: Dieses Paket enthält keine aktuellen Definitionsdateien für das Programm. Weitere Informationen finden Sie in "Hilfe und Support". Date: 2021-06-29 19:31:21 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: 1.343.25.0 %Vorherige Version der Sicherheitsinformationen: 1.341.1626.0 Update Source: Benutzer Sicherheitstyp: AntiSpyware Updatetyp: Delta Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: 1.1.18300.4 %Vorherige Modulversion: 1.1.18200.4 Fehlercode: 0x80070666 Fehlerbeschreibung: Eine andere Version des Produkts ist bereits installiert. Die Installation dieser Version kann nicht fortgesetzt werden. Verwenden Sie die Systemsteuerungsoption "Software", um die vorhandene Version dieses Produkts zu konfigurieren oder zu entfernen. Date: 2021-06-29 19:31:21 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: 1.343.25.0 %Vorherige Version der Sicherheitsinformationen: 1.341.1626.0 Update Source: Benutzer Sicherheitstyp: AntiVirus Updatetyp: Delta Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: 1.1.18300.4 %Vorherige Modulversion: 1.1.18200.4 Fehlercode: 0x80070666 Fehlerbeschreibung: Eine andere Version des Produkts ist bereits installiert. Die Installation dieser Version kann nicht fortgesetzt werden. Verwenden Sie die Systemsteuerungsoption "Software", um die vorhandene Version dieses Produkts zu konfigurieren oder zu entfernen. ==================== Speicherinformationen =========================== BIOS: Insyde F.57 11/09/2018 Hauptplatine: Hewlett-Packard 228D Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz Prozentuale Nutzung des RAM: 45% Installierter physikalischer RAM: 12218.15 MB Verfügbarer physikalischer RAM: 6640.56 MB Summe virtueller Speicher: 14074.15 MB Verfügbarer virtueller Speicher: 4025.57 MB ==================== Laufwerke ================================ Drive c: (Windows) (Fixed) (Total:909.47 GB) (Free:441.11 GB) NTFS Drive d: (RECOVERY) (Fixed) (Total:20.05 GB) (Free:2.01 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] \\?\Volume{511961be-c667-419e-a6a0-c7b7e47f64bc}\ (WINRE) (Fixed) (Total:0.63 GB) (Free:0.37 GB) NTFS \\?\Volume{1baa20d9-4ed9-43a8-ae58-06f268ac9ebe}\ () (Fixed) (Total:0.98 GB) (Free:0.39 GB) NTFS \\?\Volume{b915eb01-8004-48fe-94b3-341ed20958f1}\ () (Fixed) (Total:0.25 GB) (Free:0.13 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ==================== Ende von Addition.txt ======================= |
08.08.2021, 20:16 | #4 |
| Windows 10: Audacity Malware heruntergeladenCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 07-08-2021 durchgeführt von Eleonora (Administrator) auf ELLI (Hewlett-Packard HP ENVY 15 Notebook PC) (08-08-2021 14:13:23) Gestartet von C:\Users\Eleonora\Downloads Geladene Profile: Eleonora Platform: Windows 10 Home Version 20H2 19042.1110 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: FF Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (%CFullName%) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3> (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe <2> (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe (Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel® Trusted Connect Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe (McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe (McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxAccounts.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxOutlook.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12105.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe <2> (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7> (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_0ebd0596825b39a0\Display.NvContainer\NVDisplay.Container.exe <2> (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (SMART Technologies ULC -> SMART Technologies) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe (Softex Inc.) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Validity Sensors, Inc.) [Datei ist nicht signiert] C:\Windows\System32\valWBFPolicyService.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2016-06-15] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2017-04-19] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2016-01-06] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8089888 2021-08-05] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [SMARTNotification] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTNotification.exe [201152 2019-05-14] (SMART Technologies ULC -> SMART Technologies) HKLM-x32\...\Run: [SMART Board Service] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe [2679744 2019-05-14] (SMART Technologies ULC -> SMART Technologies) HKLM-x32\...\Run: [SMART Tray Tools] => C:\Program Files (x86)\Common Files\SMART Technologies\SystemMenu\SMARTSystemMenu.exe [654272 2019-04-10] (SMART Technologies ULC -> SMART Technologies) HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\sbsdk-server\NodeLauncher.exe [68544 2018-10-16] (SMART Technologies ULC -> SMART Technologies) HKLM-x32\...\Run: [SMART Ink] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTInk.exe [289728 2019-05-07] (SMART Technologies ULC -> SMART Technologies) HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2021-07-26] (Intel Corporation -> Intel) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1728952 2015-12-23] (CyberLink Corp. -> CyberLink Corp.) HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve -> Valve Corporation) HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Eleonora\AppData\Local\Microsoft\Teams\Update.exe [2453696 2021-04-13] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\Run: [Discord] => C:\Users\Eleonora\AppData\Local\Discord\Update.exe [1512096 2021-05-24] (Discord Inc. -> GitHub) HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\RunOnce: [Application Restart #6] => C:\Users\Eleonora\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-res (Der Dateneintrag hat 589 mehr Zeichen). HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\RunOnce: [Application Restart #5] => C:\Users\Eleonora\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-res (Der Dateneintrag hat 589 mehr Zeichen). HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\RunOnce: [Application Restart #4] => C:\Users\Eleonora\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-res (Der Dateneintrag hat 589 mehr Zeichen). HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [4819704 2016-01-06] (Softex Incorporated -> Hewlett-Packard) HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\RunOnce: [Application Restart #1] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [506104 2016-01-06] (Softex Incorporated -> Hewlett-Packard) HKLM\...\Windows x64\Print Processors\Canon MB2000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCC.DLL [30208 2014-04-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MB2000 series: C:\WINDOWS\system32\CNCALCC.DLL [303104 2014-04-28] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MB2000 series: C:\WINDOWS\system32\CNMLMCC.DLL [406016 2014-04-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [404992 2013-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard) HKLM\...\Print\Monitors\SMART Local Port: C:\WINDOWS\system32\smrtlocalmon.dll [38336 2019-06-14] (SMART Technologies ULC -> SMART Technologies ULC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-06] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2019-03-09] (McAfee, Inc. -> McAfee, LLC.) HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2015-07-03] (Softex Inc..) [Datei ist nicht signiert] HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2015-07-03] (Softex Inc..) [Datei ist nicht signiert] Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter" GroupPolicy: Beschränkung - Chrome <==== ACHTUNG Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {01581B2E-3420-4A69-9A39-9C69A320AB9B} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1354552 2015-12-23] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) Task: {09711622-305F-422A-AC12-BEFDD2F699AE} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG Task: {1652CC98-748B-4577-A6AA-3AD290B58B70} - System32\Tasks\Avira Safe Shopping Updater => C:\Program Files (x86)\Avira\Safe Shopping\\Updater\Updater.exe Task: {1A027185-C44D-4487-8659-B0A969C1E862} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1118896 2021-07-11] (HP Inc. -> HP Inc.) Task: {1BCB008C-D454-49C2-8613-2B528F585447} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1150872 2021-08-04] (Microsoft Corporation -> Microsoft Corporation) Task: {1F70B6ED-0010-4CBE-9AD9-EDEC1514CB99} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [506104 2016-01-06] (Softex Incorporated -> Hewlett-Packard) Task: {22B1BE5A-34CB-4114-99A7-7ECDFAF8FBBC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113992 2021-08-04] (Microsoft Corporation -> Microsoft Corporation) Task: {22BDB88A-B2A3-41B6-BD6B-5BE7135491F8} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {23E96C1D-8898-46FE-86D1-9C3668175AD7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {299B6301-7960-4FF4-8DA7-4A948F9701E7} - \WPD\SqmUpload_S-1-5-21-3041158100-3232429967-454566112-1001 -> Keine Datei <==== ACHTUNG Task: {2C145ABF-5D91-4AE2-8E97-8431F7E7BDAE} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {36D2D8AD-0428-4ABB-90B3-D628D995BCC6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {38C76B5E-C453-4A54-A049-6263531E4897} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {3BAFE3CA-8329-42E3-B00E-B8511F9949A9} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-09-05] (Dropbox, Inc -> Dropbox, Inc.) Task: {3DFF1B91-A666-4973-A019-73A16F79B1C0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {49EBE9C4-7387-44A7-9753-8D195DAB9B32} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {4BF3A677-23CA-4308-A097-93D7CBEEF5FA} - System32\Tasks\GoogleUpdateTaskMachineUA1d10e70b69a65e9 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {517AE2D5-1599-4DD9-81D1-B16F07C184F7} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3074176 2021-04-15] (Intel(R) System Usage Report -> Intel Corporation) Task: {54D2187D-E922-404B-9B2D-B128BDE54C1B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {59ADE6AB-9884-4817-83A6-B2525BFDD5A0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {5EDB63DE-29FE-4699-8070-DD82BB6F4F4A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {60FEAB6A-E5AC-42C1-AA3B-0AF42C2CFB3C} - System32\Tasks\GoogleUpdateTaskMachineCore1d10e70b671e660 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {677C488B-AB04-4EC3-B628-6D3A46DE4A5E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-07-23] (Mozilla Corporation -> Mozilla Foundation) Task: {6D1255D4-B9FD-46AA-AFD5-78609D6F26D8} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {7499651F-AF1A-4B0F-889C-E0FE0561C3FB} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {763C03C1-F0EC-4D8F-9D42-58F3D2F0D5EF} - System32\Tasks\Smartcard Google IKE- => C:\Program Files (x86)\nodejs\node.exe [15017624 2017-05-02] (Node.js Foundation -> Node.js) -> "C:\ProgramData\Package Cache\{4BDFD8E1-101B-42EC-933F-4028ABE55F43}\{69556DE2-05A7-4C6F-934D-8BDB97F06F9C}" <==== ACHTUNG Task: {773ED662-F3BC-48C5-8351-C1485A360687} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: {78758093-E8C8-49A5-83A3-756D8ECE27BD} - System32\Tasks\GoogleUpdateTaskMachineUA1d12f48a0e7027a => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {7A5D7FC7-6A5E-4EEE-B113-7600C820EA93} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7DCAB002-4F6A-4D28-9189-6D7649EDC143} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7E805797-4355-42A0-A245-AA7CC53EF60C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113992 2021-08-04] (Microsoft Corporation -> Microsoft Corporation) Task: {804BFC11-F1A9-4EE1-B28A-E9BEECE7EE56} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {8607001D-5F2D-4880-A2FE-8826CCC96DD4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4282288 2021-08-04] (Microsoft Corporation -> Microsoft Corporation) Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {97309D27-072E-4996-A9C8-6A8A9E5EC616} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG Task: {986AC4A5-444F-40DD-9876-8979FD109A3C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {9A1B6210-94C7-4D61-94C8-C518C61BE37C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe Task: {9CED2674-891F-4C86-BF55-D5EC63B4E2F2} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe Task: {9F17B8B9-839E-4204-9C4B-6A11E9043C89} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [506104 2016-01-06] (Softex Incorporated -> Hewlett-Packard) Task: {A6C11AEB-0381-4FBD-8479-5F9CFA1883C2} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => C:\WINDOWS\System32\GWX\GWXUXWorker.exe Task: {AC309EA0-10FD-466B-A268-D5936E948D84} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {AE5457CD-E2F6-4B53-A386-7CC733C85079} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4282288 2021-08-04] (Microsoft Corporation -> Microsoft Corporation) Task: {BB2957BF-5CA8-4001-8428-EEFD0B735A9A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG Task: {BC1EE9E0-54E0-4798-B2AA-FE23A97C978C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe Task: {C23B1FB3-50D7-4C5E-B091-6C47D8FD8C7C} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {C3971B05-E065-4AAB-A660-06F448AF84AB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [560816 2021-07-11] (HP Inc. -> HP Inc.) Task: {C501FB60-E4C4-4F90-A44C-380E3D0A6FBD} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: {C8190E6B-166E-4B4A-B94C-E5C50FB61250} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: {C88A612D-5A49-489F-BB06-61F0CE45F063} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {C972B18C-9C81-403B-A282-3458E7BA5FA0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253376 2021-07-23] (Microsoft Corporation -> Microsoft Corporation) Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {D357F475-E43C-412F-95CB-29D554A19C30} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3074176 2021-04-15] (Intel(R) System Usage Report -> Intel Corporation) Task: {D379CB39-B371-4F92-886A-89FCCBCA8C11} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-09-05] (Dropbox, Inc -> Dropbox, Inc.) Task: {D8ACBF71-0674-4FFA-B7CE-4C5256C78333} - System32\Tasks\GoogleUpdateTaskMachineUA1d15db61dcf4652 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {E469D684-7460-47A5-857F-1B3352F138DF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E555266C-A02D-4E6F-836A-FE44201BB0A6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {EBC5D5FC-90F2-4989-B493-2B7E4BEB9A05} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253376 2021-07-23] (Microsoft Corporation -> Microsoft Corporation) Task: {F415FC68-1B2F-475F-8248-A0AF780B041A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {F4A9184F-CD32-483F-A2BC-CBDADA1E2C15} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe Task: {FC3E020D-9527-411D-B472-FF8BFA66D3CB} - System32\Tasks\BenutzerdienstfürAllJoyn-Routerdienst => C:\Program Files (x86)\nodejs\node.exe [15017624 2017-05-02] (Node.js Foundation -> Node.js) -> C:\WINDOWS\Installer\{6B039FE3-9504-40A3-BF95-759A6CD1F3A7}\{FF42796E-0BBC-4988-BAA8-D668A602541F} <==== ACHTUNG Task: {FF591CBB-E512-423B-80F5-BA1FA317EF76} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [4819704 2016-01-06] (Softex Incorporated -> Hewlett-Packard) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d10e70b69a65e9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12f48a0e7027a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: 0.0.0.1 mssplus.mcafee.com Tcpip\Parameters: [DhcpNameServer] 195.234.128.139 217.68.162.126 Tcpip\..\Interfaces\{7805d965-24b9-403a-be4a-188e4b20a76f}: [NameServer] 156.154.70.25,156.154.71.25 Tcpip\..\Interfaces\{7805d965-24b9-403a-be4a-188e4b20a76f}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{fb4db7cf-5282-4477-951e-652ae2fbdf52}: [DhcpNameServer] 195.234.128.139 217.68.162.126 Edge: ======= Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden] Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden] Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden] Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden] Edge DefaultProfile: Default Edge Profile: C:\Users\Eleonora\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-19] Edge Extension: ( ) - C:\Users\Eleonora\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dmmpiipcdjofcankgcokkfjlefmhpjnl [2021-01-22] Edge Extension: ( ) - C:\Users\Eleonora\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ionlfkmogcchefmejapgonljjlhomkle [2021-04-19] Edge Extension: ( ) - C:\Users\Eleonora\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\miaakjiighknaidcelkmaimnlhahdlgc [2021-04-18] Edge Extension: ( ) - C:\Users\Eleonora\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\onpbhofmhjdbjjmmekbkbmlkjalcilba [2021-02-25] FireFox: ======== FF DefaultProfile: gf00ukyo.default FF ProfilePath: C:\Users\Eleonora\AppData\Roaming\Mozilla\Firefox\Profiles\gf00ukyo.default [2021-08-08] FF user.js: detected! => C:\Users\Eleonora\AppData\Roaming\Mozilla\Firefox\Profiles\gf00ukyo.default\user.js [2021-08-08] FF Homepage: Mozilla\Firefox\Profiles\gf00ukyo.default -> hxxps://www.google.de/ FF NewTab: Mozilla\Firefox\Profiles\gf00ukyo.default -> hxxps://myfiresearch.com/homepage?hp=1&bitmask=9996&pId=AC191101&iDate=2021-01-22 07:27:48&bName= FF NetworkProxy: Mozilla\Firefox\Profiles\gf00ukyo.default -> type", 0 FF Notifications: Mozilla\Firefox\Profiles\gf00ukyo.default -> hxxps://mail.google.com; hxxps://login.schulmanager-online.de FF Extension: (I don't care about cookies) - C:\Users\Eleonora\AppData\Roaming\Mozilla\Firefox\Profiles\gf00ukyo.default\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2021-06-28] FF Extension: (uBlock Origin) - C:\Users\Eleonora\AppData\Roaming\Mozilla\Firefox\Profiles\gf00ukyo.default\Extensions\uBlock0@raymondhill.net.xpi [2021-08-03] FF Extension: (Autofill) - C:\Users\Eleonora\AppData\Roaming\Mozilla\Firefox\Profiles\gf00ukyo.default\Extensions\{143f479b-4cb2-4d8c-8c31-ae8653bc6054}.xpi [2021-02-02] FF Extension: (ProxTube) - C:\Users\Eleonora\AppData\Roaming\Mozilla\Firefox\Profiles\gf00ukyo.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2021-05-12] [UpdateUrl:hxxps://proxtube.com/dl/firefox/info/updates.json] FF Extension: (Distill Web Monitor) - C:\Users\Eleonora\AppData\Roaming\Mozilla\Firefox\Profiles\gf00ukyo.default\Extensions\{7a73dc4b-1b38-40e7-ac56-7d356dd4af34}.xpi [2021-03-04] FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Eleonora\AppData\Roaming\Mozilla\Firefox\Profiles\gf00ukyo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-07-27] FF Extension: (Bypass Paywalls Clean) - C:\Users\Eleonora\AppData\Roaming\Mozilla\Firefox\Profiles\gf00ukyo.default\Extensions\{d133e097-46d9-4ecc-9903-fa6a722a6e0e}.xpi [2021-05-16] FF Extension: (Mobile View Switcher) - C:\Users\Eleonora\AppData\Roaming\Mozilla\Firefox\Profiles\gf00ukyo.default\Extensions\{fa247c57-77ac-41cd-b942-332051e15ced}.xpi [2020-07-09] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Keine Datei] FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) [Datei ist nicht signiert] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Keine Datei] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corporation -> Microsoft Corp.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Eleonora\AppData\Local\Google\Chrome\User Data\Default [2021-06-06] CHR Extension: (Docs) - C:\Users\Eleonora\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20] CHR Extension: (Google Drive) - C:\Users\Eleonora\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-11] CHR Extension: (YouTube) - C:\Users\Eleonora\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-29] CHR Extension: ( ) - C:\Users\Eleonora\AppData\Local\Google\Chrome\User Data\Default\Extensions\clkpcpbljbdababcfcihembpphcimpbh [2021-03-30] CHR Extension: (HP SimplePass) - C:\Users\Eleonora\AppData\Local\Google\Chrome\User Data\Default\Extensions\fidikogfgleiaefnjbmnjaplmgknppkg [2020-09-25] CHR Extension: (Avira Browser Safety) - C:\Users\Eleonora\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-03-30] CHR Extension: (Google Docs Offline) - C:\Users\Eleonora\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-30] CHR Extension: (Chrome Web Store Payments) - C:\Users\Eleonora\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-30] CHR Extension: (Gmail) - C:\Users\Eleonora\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-30] CHR Extension: (Chrome Media Router) - C:\Users\Eleonora\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-30] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM-x32\...\Chrome\Extension: [fidikogfgleiaefnjbmnjaplmgknppkg] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9141648 2021-07-21] (Microsoft Corporation -> Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-09-05] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-09-05] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2021-08-05] (Dropbox, Inc -> Dropbox, Inc.) R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [36792 2021-07-26] (Intel Corporation -> Intel) R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [177080 2021-07-26] (Intel Corporation -> Intel) R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [734760 2021-07-11] (HP Inc. -> HP Inc.) R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [733224 2021-07-11] (HP Inc. -> HP Inc.) R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [733216 2021-07-11] (HP Inc. -> HP Inc.) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.) R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [733760 2021-07-11] (HP Inc. -> HP Inc.) S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.) R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2016-01-06] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [124928 2016-01-06] (Softex Inc.) [Datei ist nicht signiert] S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1705088 2020-05-12] (Rockstar Games, Inc. -> Rockstar Games) R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe [632768 2019-05-14] (SMART Technologies ULC -> SMART Technologies) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12727576 2021-02-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.) R2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.) R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [194168 2019-03-09] (McAfee, Inc. -> McAfee, LLC.) R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [32768 2013-08-01] (Validity Sensors, Inc.) [Datei ist nicht signiert] R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_0ebd0596825b39a0\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_0ebd0596825b39a0\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 CFRMD; C:\WINDOWS\System32\DRIVERS\CFRMD.sys [40224 2015-10-21] (Comodo Security Solutions, Inc. -> Windows (R) Win 7 DDK provider) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 SMARTMouseFilterx64; C:\WINDOWS\System32\drivers\SMARTMouseFilterx64.sys [18952 2019-05-14] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies) R3 SMARTVHidMiniVistaAmd64; C:\WINDOWS\System32\drivers\SMARTVHidMiniVistaAmd64.sys [28168 2019-05-14] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-10-10] (The OpenVPN Project) [Datei ist nicht signiert] S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation) R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP) S3 dcdbas; \SystemRoot\System32\drivers\dcdbas64.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2021-08-08 14:13 - 2021-08-08 14:18 - 000041928 _____ C:\Users\Eleonora\Downloads\FRST.txt 2021-08-08 14:10 - 2021-08-08 14:17 - 000000000 ____D C:\FRST 2021-08-08 14:10 - 2021-08-08 14:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2021-08-08 14:09 - 2021-08-08 14:10 - 002300416 _____ (Farbar) C:\Users\Eleonora\Downloads\FRST64.exe 2021-08-05 22:33 - 2021-08-05 22:33 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2021-08-05 22:33 - 2021-08-05 22:33 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2021-08-05 22:33 - 2021-08-05 22:33 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2021-08-05 22:33 - 2021-08-05 22:33 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2021-07-23 20:11 - 2021-07-23 20:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-07-20 09:06 - 2021-07-27 08:38 - 000000000 ____D C:\Users\Eleonora\Documents\Material Seminar 2020 21 2021-07-18 17:49 - 2021-07-18 17:49 - 001649042 _____ C:\Users\Eleonora\Downloads\Zusammenfassung Texte Einführungskurs.pdf 2021-07-16 14:19 - 2021-07-16 14:19 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-07-16 14:19 - 2021-07-16 14:19 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-07-16 14:19 - 2021-07-16 14:19 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb 2021-07-16 14:19 - 2021-07-16 14:19 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb 2021-07-16 14:19 - 2021-07-16 14:19 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb 2021-07-16 14:19 - 2021-07-16 14:19 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb 2021-07-16 13:49 - 2021-07-16 13:49 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000009-000000.txt 2021-07-09 16:04 - 2021-07-09 16:04 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000008-000000.txt 2021-07-09 14:43 - 2021-07-09 14:43 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll 2021-07-09 14:43 - 2021-07-09 14:43 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-07-09 14:43 - 2021-07-09 14:43 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2021-07-09 14:43 - 2021-07-09 14:43 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2021-07-09 14:43 - 2021-07-09 14:43 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2021-07-09 14:43 - 2021-07-09 14:43 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2021-07-09 14:42 - 2021-07-09 14:42 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-07-09 14:42 - 2021-07-09 14:42 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-07-09 14:41 - 2021-07-09 14:41 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-07-09 14:41 - 2021-07-09 14:41 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2021-08-08 14:14 - 2019-09-05 20:46 - 000000000 ____D C:\Users\Eleonora\AppData\Local\Dropbox 2021-08-08 14:13 - 2019-09-05 20:46 - 000000000 ____D C:\Program Files (x86)\Dropbox 2021-08-08 14:07 - 2016-11-19 20:49 - 000000000 ____D C:\Users\Eleonora\AppData\LocalLow\Mozilla 2021-08-08 14:02 - 2017-04-17 18:02 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-08-08 14:02 - 2015-03-31 11:13 - 000000000 __SHD C:\Users\Eleonora\IntelGraphicsProfiles 2021-08-07 20:37 - 2021-02-27 20:40 - 000000000 ____D C:\Users\Eleonora\Documents\A Finanzen 2021-08-07 20:37 - 2020-10-12 14:10 - 000013944 _____ C:\ProgramData\DisplaySessionContainer45.log_backup1 2021-08-07 20:37 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-08-07 19:38 - 2021-03-13 09:45 - 000000000 ____D C:\Users\Eleonora\AppData\Local\Deployment 2021-08-07 09:50 - 2020-10-11 21:29 - 000013944 _____ C:\ProgramData\DisplaySessionContainer44.log_backup1 2021-08-06 22:17 - 2020-10-10 17:42 - 000013353 _____ C:\ProgramData\DisplaySessionContainer43.log_backup1 2021-08-06 22:17 - 2020-05-14 15:27 - 000000000 ____D C:\Users\Eleonora\AppData\Roaming\discord 2021-08-06 22:07 - 2020-05-14 15:27 - 000000000 ____D C:\Users\Eleonora\AppData\Local\Discord 2021-08-06 22:02 - 2021-03-13 00:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-08-06 20:06 - 2020-05-14 15:27 - 000002284 _____ C:\Users\Eleonora\Desktop\Discord.lnk 2021-08-06 19:57 - 2019-09-13 10:08 - 000000000 ____D C:\Users\Eleonora\Documents 2021-08-06 16:30 - 2018-05-31 20:27 - 000000000 ____D C:\Users\Eleonora\AppData\Roaming\WhatsApp 2021-08-06 16:28 - 2017-12-07 16:16 - 000000000 ____D C:\Users\Eleonora\AppData\Local\Packages 2021-08-06 11:31 - 2020-10-10 13:50 - 000012961 _____ C:\ProgramData\DisplaySessionContainer42.log_backup1 2021-08-06 10:55 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-08-06 10:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-08-06 09:07 - 2020-10-09 21:27 - 000012961 _____ C:\ProgramData\DisplaySessionContainer41.log_backup1 2021-08-05 22:17 - 2020-10-09 12:11 - 000013962 _____ C:\ProgramData\DisplaySessionContainer40.log_backup1 2021-08-05 14:53 - 2020-10-08 22:07 - 000013953 _____ C:\ProgramData\DisplaySessionContainer39.log_backup1 2021-08-04 21:59 - 2020-10-08 15:14 - 000014262 _____ C:\ProgramData\DisplaySessionContainer38.log_backup1 2021-08-04 19:45 - 2020-05-14 15:27 - 000000000 ____D C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2021-08-04 18:22 - 2020-10-02 18:46 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-08-04 17:10 - 2018-05-31 15:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-08-04 17:09 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-08-04 13:20 - 2020-10-08 07:23 - 000014257 _____ C:\ProgramData\DisplaySessionContainer37.log_backup1 2021-08-04 09:27 - 2014-05-06 21:53 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2021-08-03 23:32 - 2020-10-07 21:06 - 000014261 _____ C:\ProgramData\DisplaySessionContainer36.log_backup1 2021-07-29 20:47 - 2020-10-06 21:45 - 000012969 _____ C:\ProgramData\DisplaySessionContainer35.log_backup1 2021-07-29 20:43 - 2014-08-05 19:48 - 000000000 ____D C:\ProgramData\Package Cache 2021-07-29 20:43 - 2014-08-05 19:36 - 000000000 ____D C:\Program Files (x86)\Intel 2021-07-29 14:30 - 2020-10-05 21:56 - 000013940 _____ C:\ProgramData\DisplaySessionContainer34.log_backup1 2021-07-29 14:25 - 2020-06-02 12:22 - 000000000 ____D C:\Users\Eleonora\AppData\Local\WhatsApp 2021-07-29 14:25 - 2018-05-31 20:27 - 000000000 ____D C:\Users\Eleonora\AppData\Local\SquirrelTemp 2021-07-29 10:31 - 2020-08-12 12:00 - 000013372 _____ C:\ProgramData\DisplaySessionContainer33.log_backup1 2021-07-28 22:02 - 2020-08-11 22:39 - 000012959 _____ C:\ProgramData\DisplaySessionContainer32.log_backup1 2021-07-28 20:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-07-28 20:26 - 2015-10-24 17:20 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-07-28 17:30 - 2020-07-04 22:06 - 000014253 _____ C:\ProgramData\DisplaySessionContainer31.log_backup1 2021-07-28 10:47 - 2020-07-04 13:54 - 000012966 _____ C:\ProgramData\DisplaySessionContainer30.log_backup1 2021-07-27 22:10 - 2020-07-03 14:45 - 000012961 _____ C:\ProgramData\DisplaySessionContainer29.log_backup1 2021-07-27 17:37 - 2020-07-03 09:36 - 000012969 _____ C:\ProgramData\DisplaySessionContainer28.log_backup1 2021-07-27 17:08 - 2019-09-16 15:28 - 000000000 ____D C:\ProgramData\SMART Technologies 2021-07-27 12:01 - 2018-05-31 18:08 - 000000000 ____D C:\Users\Eleonora\AppData\Local\PlaceholderTileLogoFolder 2021-07-27 10:09 - 2020-07-01 21:37 - 000014574 _____ C:\ProgramData\DisplaySessionContainer26.log_backup1 2021-07-27 07:18 - 2020-07-01 13:27 - 000013933 _____ C:\ProgramData\DisplaySessionContainer25.log_backup1 2021-07-26 22:06 - 2020-07-01 07:13 - 000013952 _____ C:\ProgramData\DisplaySessionContainer24.log_backup1 2021-07-26 20:38 - 2021-03-13 01:21 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3041158100-3232429967-454566112-1001 2021-07-26 20:38 - 2021-03-13 00:44 - 000002446 _____ C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-07-26 20:38 - 2016-05-05 11:40 - 000000000 ___RD C:\Users\Eleonora\OneDrive 2021-07-26 16:21 - 2020-06-30 21:28 - 000013945 _____ C:\ProgramData\DisplaySessionContainer23.log_backup1 2021-07-26 13:36 - 2020-06-30 12:04 - 000013741 _____ C:\ProgramData\DisplaySessionContainer22.log_backup1 2021-07-26 07:42 - 2020-06-29 15:19 - 000012976 _____ C:\ProgramData\DisplaySessionContainer20.log_backup1 2021-07-25 22:03 - 2020-06-29 15:17 - 000013342 _____ C:\ProgramData\DisplaySessionContainer19.log_backup1 2021-07-25 18:59 - 2020-05-01 18:47 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-07-23 21:34 - 2020-06-28 22:09 - 000012968 _____ C:\ProgramData\DisplaySessionContainer18.log_backup1 2021-07-23 20:11 - 2021-01-07 10:09 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-07-23 20:11 - 2017-12-30 21:48 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-07-23 20:11 - 2017-12-30 21:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-07-23 16:12 - 2020-06-27 11:14 - 000013946 _____ C:\ProgramData\DisplaySessionContainer17.log_backup1 2021-07-23 12:18 - 2020-06-26 21:34 - 000013934 _____ C:\ProgramData\DisplaySessionContainer16.log_backup1 2021-07-23 08:59 - 2020-06-26 11:38 - 000013944 _____ C:\ProgramData\DisplaySessionContainer15.log_backup1 2021-07-23 08:57 - 2019-09-20 19:55 - 000000000 ____D C:\Users\Eleonora\Documents\ZZ 2021-07-22 21:55 - 2020-06-25 21:58 - 000012981 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1 2021-07-22 15:34 - 2020-06-18 22:06 - 000012978 _____ C:\ProgramData\DisplaySessionContainer13.log_backup1 2021-07-22 15:17 - 2019-11-06 21:12 - 000000000 ____D C:\Users\Eleonora\AppData\Roaming\Worksheet Crafter 2021-07-21 22:21 - 2020-06-18 14:30 - 000013944 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1 2021-07-21 16:50 - 2020-06-17 21:36 - 000013933 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1 2021-07-20 22:04 - 2020-06-16 22:29 - 000013371 _____ C:\ProgramData\DisplaySessionContainer9.log_backup1 2021-07-20 18:43 - 2020-06-16 12:44 - 000013955 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1 2021-07-20 12:12 - 2020-06-10 14:14 - 000013943 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1 2021-07-19 22:33 - 2020-06-09 22:46 - 000015156 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1 2021-07-19 10:28 - 2020-06-06 22:27 - 000013944 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1 2021-07-18 21:59 - 2020-06-06 19:29 - 000013943 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1 2021-07-17 11:50 - 2020-06-08 13:26 - 000013941 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1 2021-07-16 20:38 - 2021-01-22 21:38 - 000000306 __RSH C:\ProgramData\ntuser.pol 2021-07-16 19:53 - 2021-03-13 00:59 - 001929862 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-07-16 19:53 - 2019-12-07 16:50 - 000822634 _____ C:\WINDOWS\system32\perfh007.dat 2021-07-16 19:53 - 2019-12-07 16:50 - 000183432 _____ C:\WINDOWS\system32\perfc007.dat 2021-07-16 19:41 - 2021-03-13 01:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-07-16 19:41 - 2021-03-13 00:36 - 000008192 ___SH C:\DumpStack.log.tmp 2021-07-16 19:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-07-16 17:10 - 2020-06-06 19:29 - 000017569 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1 2021-07-16 17:10 - 2020-06-06 19:29 - 000016313 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1 2021-07-16 17:10 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-07-16 17:08 - 2021-03-13 00:36 - 000549568 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-07-16 17:08 - 2020-06-06 19:29 - 000001206 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1 2021-07-16 17:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-07-16 17:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-07-16 17:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-07-16 17:05 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System 2021-07-16 17:04 - 2020-06-07 16:28 - 000011739 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1 2021-07-16 14:25 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-07-16 13:30 - 2015-04-02 19:04 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-07-16 13:30 - 2015-04-02 19:04 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-07-16 09:45 - 2020-10-02 18:46 - 000740152 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll 2021-07-16 09:45 - 2020-10-02 18:46 - 000486712 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll 2021-07-15 07:46 - 2020-06-17 14:25 - 000011377 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1 2021-07-12 18:33 - 2021-06-28 20:06 - 000000000 ____D C:\Users\Eleonora\AppData\Local\HP_Inc 2021-07-12 18:16 - 2016-12-23 19:24 - 000000000 ____D C:\Users\Eleonora\Documents\Musik 2021-07-11 21:27 - 2020-06-07 22:57 - 000006566 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1 2021-07-11 20:03 - 2021-02-25 20:26 - 000000000 ____D C:\Users\Eleonora\AppData\Roaming\vlc 2021-07-11 18:46 - 2017-11-15 20:11 - 000000000 ____D C:\Program Files\HP 2021-07-09 16:03 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-07-09 16:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-07-09 16:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-07-09 16:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-07-09 16:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-07-09 16:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-07-09 16:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-07-09 16:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2017-03-16 18:54 - 2017-03-16 18:54 - 000000000 _____ () C:\ProgramData\cis1B12.exe ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
08.08.2021, 20:26 | #5 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Audacity Malware heruntergeladen Also dein Rechner ist leider komplett zugemüllt! Ich empfehle dringend eine Neuinstallation, da ist einfach zuviel Unsinn drauf.
__________________ Logfiles bitte immer in CODE-Tags posten |
08.08.2021, 20:48 | #6 |
| Windows 10: Audacity Malware heruntergeladen Danke für die schnelle Antwort! Da hilft wohl alles nichts....bestünde die Möglichkeit den Trojaner zu entfernen? Wahrscheinlich zu aufwendig für meinen zugemüllten Rechner, oder? |
08.08.2021, 21:38 | #7 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Audacity Malware heruntergeladen Geht schon. Aber du musst erstmal 120 Programme deinstallieren 120 vllt nicht aber einige Störende, veraltete oder unnötige Programme deinstallieren Bitte über Programme und Features (appwiz.cpl) deinstallieren:
__________________ Logfiles bitte immer in CODE-Tags posten |
27.08.2021, 21:39 | #8 |
/// TB-Ausbilder | Windows 10: Audacity Malware heruntergeladen Fehlende Rückmeldung Dieses Thema wurde aus unseren Abos gelöscht. Somit bekommen wir keine Benachrichtigung über neue Antworten. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und ein eigenes Thema erstellen! |
Themen zu Windows 10: Audacity Malware heruntergeladen |
adwcleaner, audacity, bereits, browser, browser werbung, download, education, erkannt, gelegentlich, gelöscht, genutzt, hoffe, langsamer, liebe, lieben, malware, nenne, passwörter, probleme, programm, schonmal, stürzt, verseuchtes, werbung, windows, zutun |