| |
| |||||||
Log-Analyse und Auswertung: Windows 10: Audacity Malware heruntergeladenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
08.08.2021, 19:07
| #1 |
| |  Windows 10: Audacity Malware heruntergeladen Hallo ihr Lieben, ich habe mir das Programm Audacity (von Audacity.de) heruntergeladen und danach erfahren, dass es sich bei diesem Download um ein mit Malware verseuchtes Programm handelt. Seit dem Download zeigt mein Browser Werbung an und stürzt gelegentlich ab. Außerdem wurden alle auf dem PC gespeicherten Passwörter gelöscht und der PC ist viel langsamer als gewöhnlich. Dabei weiß ich allerdings nicht, ob das mit dem Download der Malware zutun hat. Ich habe bereits das Programm AdwCleaner genutzt, welches keine nennenswerten Probleme erkannt bzw. behoben hat. Die Addition und FRST Dateien waren leider zu groß, weshalb ich sie in den Anhang gepackt habe. Ich hoffe ihr könnt mir hier weiterhelfen. Danke schonmal im Voraus! AdwCleaner Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build: 05-25-2020
# Database: 2020-05-19.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-30-2021
# Duration: 00:01:04
# OS: Windows 10 Home
# Scanned: 31863
# Detected: 84
***** [ Services ] *****
PUP.Optional.Legacy WCAssistantService
***** [ Folders ] *****
PUP.Optional.Legacy C:\Users\Eleonora\AppData\Local\SweetLabs App Platform
PUP.Optional.WebCompanion C:\Program Files (x86)\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
PUP.Optional.WebCompanion C:\Users\Eleonora\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
PUP.Optional.WebCompanion C:\Users\Eleonora\AppData\Roaming\Lavasoft\Web Companion
***** [ Files ] *****
PUP.Optional.WebCompanion C:\Users\Eleonora\AppData\Local\Temp\WebCompanion.zip
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{258f267c-ee2f-485f-a663-8f619cd4ff5c}|DisplayIcon
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{258f267c-ee2f-485f-a663-8f619cd4ff5c}|DisplayName
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{258f267c-ee2f-485f-a663-8f619cd4ff5c}|UninstallString
PUP.Optional.Conduit HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.CyberLinkMediaEspresso Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}
Preinstalled.CyberLinkMediaEspresso Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{E3739848-5329-48E3-8D28-5BBD6E8BE384}
Preinstalled.CyberLinkShellExtension Registry HKLM\Software\Classes\CLSID\{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2}
Preinstalled.HPCoolSense Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP COOLSENSE
Preinstalled.HPCoolSense Folder C:\Users\Eleonora\AppData\Local\HEWLETT-PACKARD\HP COOLSENSE
Preinstalled.HPCoolSense Folder C:\Windows\System32\Tasks\HEWLETT-PACKARD\HP COOLSENSE
Preinstalled.HPCoolSense Registry HKLM\Software\Classes\CLSID\{224695A4-BD5E-4C38-B354-A4C828E61BF7}
Preinstalled.HPCoolSense Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}
Preinstalled.HPHealthCheck Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6F340107-F9AA-47C6-B54C-C3A19F11553F}
Preinstalled.HPMediaSmart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
Preinstalled.HPMediaSmart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{01FB4998-33C4-4431-85ED-079E3EEFE75D}
Preinstalled.HPRegistrationService Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP REGISTRATION SERVICE
Preinstalled.HPRegistrationService Folder C:\ProgramData\HEWLETT-PACKARD\HP REGISTRATION SERVICE
Preinstalled.HPRegistrationService Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D1E8F2D7-7794-4245-B286-87ED86C1893C}
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Users\Eleonora\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Users\Eleonora\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}
Preinstalled.HPTouchpointAnalyticsClient Folder C:\Program Files\HP\HP TOUCHPOINT ANALYTICS CLIENT
Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.Pokki File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk
Preinstalled.Pokki File C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Start Menu.lnk
Preinstalled.Pokki File C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\BEJEWELED 3
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\BUILD-A-LOT
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\BUILDING THE GREAT WALL OF CHINA COLLECTORS EDITION
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\CRAZY CHICKEN SOCCER
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\FARM FRENZY
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\GOVERNOR OF POKER 2 PREMIUM EDITION
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\JEWEL MATCH 3
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PLANTS VS ZOMBIES - GAME OF THE YEAR
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\POLAR BOWLER
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\RANCH RUSH 2 - PREMIUM EDITION
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\TRINKLIT SUPREME
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\VACATION QUEST - AUSTRALIA
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\VIRTUAL FAMILIES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\WEDDING DASH
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\YOUDA JEWEL SHOP
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\WEB LINK - SEAFIGHT
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-darkorbit
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-dragonsofatlantis
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-mahjonggdarkdimensions
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-seafight
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-hp-genres
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-hp-main
AdwCleaner[S00].txt - [13437 octets] - [30/01/2021 21:01:23]
AdwCleaner[C00].txt - [4620 octets] - [30/01/2021 21:04:01]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build: 05-25-2020
# Database: 2020-05-19.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-30-2021
# Duration: 00:00:41
# OS: Windows 10 Home
# Cleaned: 17
# Failed: 0
***** [ Services ] *****
Deleted WCAssistantService
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\Users\Eleonora\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted C:\Users\Eleonora\AppData\Local\SweetLabs App Platform
Deleted C:\Users\Eleonora\AppData\Roaming\Lavasoft\Web Companion
***** [ Files ] *****
Deleted C:\Users\Eleonora\AppData\Local\Temp\WebCompanion.zip
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{258f267c-ee2f-485f-a663-8f619cd4ff5c}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{258f267c-ee2f-485f-a663-8f619cd4ff5c}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{258f267c-ee2f-485f-a663-8f619cd4ff5c}|UninstallString
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [13437 octets] - [30/01/2021 21:01:23]
AdwCleaner[C00].txt - [4620 octets] - [30/01/2021 21:04:01]
AdwCleaner[S01].txt - [11561 octets] - [30/01/2021 21:14:47]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
Code:
ATTFilter Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 07-08-2021
durchgeführt von Eleonora (08-08-2021 14:30:56)
Gestartet von C:\Users\Eleonora\Downloads
Start-Modus: Normal
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worksheet Crafter\Auf die ursprünglichen Einstellungen zurücksetzen (WsCrafter).lnk -> C:\Program Files (x86)\Worksheet Crafter\resetWsC.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk -> C:\Users\Eleonora\AppData\Local\Pokki\Engine\HostAppService.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worksheet Crafter\Worksheet Crafter entfernen.lnk -> C:\Program Files (x86)\Worksheet Crafter\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worksheet Crafter\Worksheet Crafter Handbuch.lnk -> C:\Program Files (x86)\Worksheet Crafter\Help\WsCrafterManual_de.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worksheet Crafter\Worksheet Crafter.lnk -> C:\Program Files (x86)\Worksheet Crafter\WorksheetCrafter.exe (SchoolCraft GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Ink Document Viewer.lnk -> C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTInkDocumentViewer.exe (SMART Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Ink.lnk -> C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTInk.exe (SMART Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Notebook.lnk -> C:\Program Files (x86)\SMART Technologies\Education Software\Notebook.exe (SMART Technologies ULC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Systemmenü.lnk -> C:\Program Files (x86)\Common Files\SMART Technologies\SystemMenu\SMARTSystemMenu.exe (SMART Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Werkzeuge\Bildschirmaufnahme.lnk -> C:\Program Files (x86)\SMART Technologies\Education Software\snapshot.exe (SMART Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Werkzeuge\Produkttreiber Kalibrierung.lnk -> C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\Orient.exe (SMART Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Werkzeuge\SMART Deinstallationsprogramm.lnk -> C:\Program Files (x86)\Common Files\SMART Technologies\SMART Uninstaller\SMART Uninstaller.exe (SMART Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Werkzeuge\SMART Einstellungen.lnk -> C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBrd.exe (SMART Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Werkzeuge\SMART Ink Einstellungen.lnk -> C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTInkSettings.exe (SMART Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Werkzeuge\SMART Product Update.lnk -> C:\Program Files (x86)\Common Files\SMART Technologies\SMART Product Update\SMARTProductUpdate.exe (SMART Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Werkzeuge\SMART Recorder.lnk -> C:\Program Files (x86)\SMART Technologies\Education Software\recorder.exe (SMART Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Werkzeuge\Spotlight.lnk -> C:\Program Files (x86)\SMART Technologies\Education Software\Spotlight.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection\HP SimplePass.lnk -> C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\L.A. Noire\L.A. Noire.lnk -> C:\Program Files (x86)\Rockstar Games\L.A. Noire\LANLauncher.exe (Rockstar Games)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\7-Zip File Manager.lnk -> C:\Program Files\7-Zip\7zFM.exe (Igor Pavlov)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\7-Zip Help.lnk -> C:\Program Files\7-Zip\7-zip.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\CyberLink Power2Go.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\Power2Go8.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\Desktop Burning Gadget.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\Evernote.lnk -> C:\Windows\Installer\{412F6426-A3C7-11E3-8A71-00163E98E7D6}\Evernote.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\HP Utility Center.lnk -> C:\Program Files\Hewlett-Packard\HP Utility Center\HPUC.exe (Hewlett-Packard Development Company, L.P.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\ISO Viewer.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\IsoViewer8.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\Virtual Drive.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (64bit).lnk -> C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\Uninstall.lnk -> C:\Program Files\obs-studio\uninstall.exe (obsproject.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js.lnk -> C:\Program Files (x86)\nodejs\node.exe (Node.js)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\Beats Audio.lnk -> C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\CyberLink Media Suite.lnk -> C:\Program Files (x86)\CyberLink\Media Suite\PS.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\CyberLink MediaEspresso.lnk -> C:\Program Files (x86)\CyberLink\MediaEspresso\MediaEspresso.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\CyberLink PhotoDirector.lnk -> C:\Program Files (x86)\CyberLink\PhotoDirector\PhotoDirector3.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\CyberLink Power Media Player 12.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD12\PDVDLaunchPolicy.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\CyberLink PowerDirector 10.lnk -> C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Aufzeichnungs-Manager von Skype for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OcPubMgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office-Spracheinstellungen.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetriedashboard für Office.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\msotd.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetrieprotokoll für Office.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\msoev.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in\Office Live Workspace.lnk -> C:\Windows\Installer\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}\ProductIcon ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in\Office Live-Add-In-Hilfe.lnk -> C:\Windows\Installer\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}\ProductShortcutIcon ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Outlook 2007.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Digitales Zertifikat für VBA-Projekte.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2007 Spracheinstellungen.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office-Diagnose.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Zoo Tycoon 2\Zoo Tycoon 2 Profile.lnk -> C:\Users\Eleonora\AppData\Roaming\Microsoft Games\Zoo Tycoon 2 ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Zoo Tycoon 2\Zoo Tycoon 2-Infodatei.lnk -> C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\Info.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Zoo Tycoon 2\Zoo Tycoon 2.lnk -> C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel Control Center.lnk -> C:\Program Files (x86)\Intel\Intel Control Center\IntelControlCenter.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk -> C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Recovery Manager\HP Recovery Manager.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Die Sims 2\Die Sims 2 Body Shop.lnk -> C:\Program Files (x86)\EA GAMES\Die Sims 2\CSBin\TS2BodyShop.exe (Maxis, a division of Electronic Arts Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Die Sims 2\Die Sims 2 deinstallieren.lnk -> C:\Program Files (x86)\EA GAMES\Die Sims 2\eauninstall.exe (Electronic Arts Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Die Sims 2\Die Sims 2.lnk -> C:\Program Files (x86)\EA GAMES\Die Sims 2\TSBin\Sims2.exe (Maxis, a division of Electronic Arts Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Die Sims 2\Kundendienst.lnk -> C:\Program Files (x86)\EA GAMES\Die Sims 2\Support\European Help Files\EA_Help_Select.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Die Sims 2\Readme.lnk -> C:\Program Files (x86)\EA GAMES\Die Sims 2\Support\de\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Spielkiste.lnk -> C:\Program Files (x86)\Einfach_Spielen\spielkiste.exe (phenomedia publishing gmbh)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Schatzjäger2\Schatzjäger 2 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Schatzjäger 2\Schatzjaeger2.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Schatzjäger 3\Schatzjäger 3 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Schatzjäger 3\Schatzjaeger3.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Schatzjäger\Schatzjäger spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Schatzjäger\start.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Schatz des Pharao\Schatz des Pharao spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Schatz des Pharao\MHA-XXL.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn X\Moorhuhn X.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn X\MHX-XXL.exe (phenomedia publishing gmbh)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Winter\Moorhuhn Winter spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Winter\MoorhuhnWinter.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Wanted\Moorhuhn Wanted spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Wanted\MHW-XXL.exe (phenomedia publishing gmbh)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Remake\Moorhuhn Remake spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Remake\MoorhuhnRemake.exe (phenomedia publishing gmbh)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Piraten\Moorhuhn Piraten spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Piraten\MoorhuhnPiraten.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Kart Thunder\Moorhuhn Kart Thunder spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Kart Thunder\mhk4.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Kart Extra\Moorhuhn Kart Extra spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Kart Extra\MHKE-XXL.exe (Phenomedia AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Kart 3\Moorhuhn Kart 3 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Kart 3\Moorhuhn_Kart3.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Kart 2\Moorhuhn Kart 2 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Kart 2\MHK2-XXL.exe (Phenomedia AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Kart\Moorhuhn Kart spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Kart\MHK-XXL.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Invasion\Moorhuhn Invasion spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Invasion\MoorhuhnInvasion.exe (phenomedia publishing gmbh)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Directors Cut\Moorhuhn Directors Cut spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Directors Cut\mhdc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn Atlantis\Moorhuhn Atlantis spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Atlantis\mhatlantis.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn 3\Moorhuhn 3 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn 3\Moorhuhn3.exe (phenomedia publishing gmbh)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Moorhuhn 2\Moorhuhn 2 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn 2\Moorhuhn2.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Fluch des Goldes\Fluch des Goldes spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Fluch des Goldes\mha2.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Die original Moorhuhnjagd\Die original Moorhuhnjagd.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\MoorhuhnJagd\Moorhuhn.exe (Witan Entertainment BV)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Hewlett-Packard\Recovery\Links\RM.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Eleonora\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\Links\Desktop.lnk -> C:\Users\Eleonora\Desktop ()
Shortcut: C:\Users\Eleonora\Links\Downloads.lnk -> C:\Users\Eleonora\Downloads ()
Shortcut: C:\Users\Eleonora\Links\RecentPlaces.lnk -> [::{22877A6D-37A1-461A-91B0-DBDA5AAEBC99}]
Shortcut: C:\Users\Eleonora\Desktop\Bilder - Verknüpfung.lnk -> C:\Users\Eleonora\Pictures ()
Shortcut: C:\Users\Eleonora\Desktop\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\Desktop\Keytrans.lnk -> C:\Program Files (x86)\Will Software\Schulschriften\Keytrans.exe (Will Software)
Shortcut: C:\Users\Eleonora\Desktop\Microsoft Office Excel 2007.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\Users\Eleonora\Desktop\Microsoft Office Outlook 2007.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\Users\Eleonora\Desktop\Microsoft Office PowerPoint 2007.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\Users\Eleonora\Desktop\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\Users\Eleonora\Desktop\Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\Desktop\Rockstar Games Launcher.lnk -> C:\Program Files\Rockstar Games\Launcher\LauncherPatcher.exe (Rockstar Games)
Shortcut: C:\Users\Eleonora\Desktop\TeamViewerQS - Verknüpfung.lnk -> C:\Users\Eleonora\Downloads\TeamViewerQS.exe (TeamViewer)
Shortcut: C:\Users\Eleonora\Desktop\WhatsApp.lnk -> C:\Users\Eleonora\AppData\Local\WhatsApp\WhatsApp.exe (WhatsApp)
Shortcut: C:\Users\Eleonora\Desktop\Word.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\Desktop\Zoom.lnk -> C:\Users\Eleonora\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Die original Moorhuhnjagd.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\MoorhuhnJagd\Moorhuhn.exe (Witan Entertainment BV)
Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Fluch des Goldes spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Fluch des Goldes\mha2.exe ()
Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn 2 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn 2\Moorhuhn2.exe ()
Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn 3 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn 3\Moorhuhn3.exe (phenomedia publishing gmbh)
Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Atlantis spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Atlantis\mhatlantis.exe ()
Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Directors Cut spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Directors Cut\mhdc.exe ()
Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Invasion spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Invasion\MoorhuhnInvasion.exe (phenomedia publishing gmbh)
Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Kart 2 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Kart 2\MHK2-XXL.exe (Phenomedia AG)
Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Kart 3 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Kart 3\Moorhuhn_Kart3.exe ()
Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Kart Extra spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Kart Extra\MHKE-XXL.exe (Phenomedia AG)
Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Kart spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Kart\MHK-XXL.exe ()
Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Kart Thunder spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Kart Thunder\mhk4.exe ()
Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Piraten spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Piraten\MoorhuhnPiraten.exe ()
Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Remake spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Remake\MoorhuhnRemake.exe (phenomedia publishing gmbh)
Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Wanted spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Wanted\MHW-XXL.exe (phenomedia publishing gmbh)
Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn Winter spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn Winter\MoorhuhnWinter.exe ()
Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Moorhuhn X spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Moorhuhn X\MHX-XXL.exe (phenomedia publishing gmbh)
Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Schatz des Pharao spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Schatz des Pharao\MHA-XXL.exe ()
Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Schatzjäger 2 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Schatzjäger 2\Schatzjaeger2.exe ()
Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Schatzjäger 3 spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Schatzjäger 3\Schatzjaeger3.exe ()
Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Schatzjäger spielen.lnk -> C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\Schatzjäger\start.exe ()
Shortcut: C:\Users\Eleonora\Desktop\Moorhuhn\Spielkiste.lnk -> C:\Program Files (x86)\Einfach_Spielen\spielkiste.exe (phenomedia publishing gmbh)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Eleonora\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarLeaf.lnk -> C:\Users\Eleonora\AppData\Local\StarLeaf\StarLeaf\StarLeaf.exe (StarLeaf Ltd.)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Zoom.lnk -> C:\Users\Eleonora\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp\WhatsApp.lnk -> C:\Users\Eleonora\AppData\Local\WhatsApp\WhatsApp.exe (WhatsApp)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Rockstar Games Launcher.lnk -> C:\Program Files\Rockstar Games\Launcher\LauncherPatcher.exe (Rockstar Games)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP Utility Center.lnk -> C:\Program Files\Hewlett-Packard\HP Utility Center\HPUC.exe (Hewlett-Packard Development Company, L.P.)
Shortcut: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Roaming\ClassicShell\Pinned\startscreen.lnk -> C:\Program Files\Classic Shell\ClassicStartMenu.exe (Keine Datei)
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\WildTangentGames.-GamesApp-_qt5r5pa5dyg8m\WTGames.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.ZuneVideo_8wekyb3d8bbwe\Microsoft.ZuneVideo.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.ZuneMusic_8wekyb3d8bbwe\Microsoft.ZuneMusic.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\Microsoft.XboxLIVEGames.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsScan_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsReadingList_8wekyb3d8bbwe\Microsoft.WindowsReadingList.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Calendar.lnk -> [LFW1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweQmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar1SPSMԆi<D*TQ ModernCalendar\CalendarLogo.pngU!ModernCalendar\CalendarBadge.png]%ModernCalendar\CalendarSmallLogo.pngY$ModernCalendar\CalendarWideLogo.pngQ3]%ModernCalendar\CalendarLargeLogo.pngMms-resource:calendarAppTitleY$ModernCalendar\CalendarTinyLogo.pngi1SPS0%G`Mms-resource:calendarAppTitle-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation]
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Mail.lnk -> [LF)O1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweMmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mailv1SPSMԆi<D*TIModernMail\Res\MailLogo.pngMModernMail\Res\MailBadge.pngU!ModernMail\Res\MailSmallLogo.pngQ ModernMail\Res\MailWideLogo.pngrU!ModernMail\Res\MailLargeLogo.pngEms-resource:mailAppTitleQ ModernMail\Res\MailTinyLogo.pnga1SPS0%G`Ems-resource:mailAppTitleq1SPS}@H1U!ms-resource:mailShareDescription-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation]
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.People.lnk -> [LFS1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweOmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.People1SPSMԆi<D*TAModernPeople\People.pngMModernPeople\PeopleSmall.pngIModernPeople\PeopleWide.pngG&MModernPeople\PeopleLarge.png]%ms-resource:///strings/peopleAppNameIModernPeople\PeopleTiny.pngy1SPS0%G`]%ms-resource:///strings/peopleAppName1SPS}@H1e*ms-resource:///strings/raShareDescription-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation]
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsCalculator_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsAlarms_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.SkypeApp_kzf8qxf38zg5c\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Reader_8wekyb3d8bbwe\Microsoft.Reader.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Office.OneNote_8wekyb3d8bbwe\microsoft.onenoteim.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\MicrosoftMahjong.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.HelpAndTips_8wekyb3d8bbwe\HelpAndTips.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingWeather_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingTravel_8wekyb3d8bbwe\AppexTravel.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingSports_8wekyb3d8bbwe\AppexSports.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingNews_8wekyb3d8bbwe\AppexNews.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingMaps_8wekyb3d8bbwe\AppexMaps.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingHealthAndFitness_8wekyb3d8bbwe\AppexHealthAndFitness.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\AppexFoodAndDrink.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingFinance_8wekyb3d8bbwe\AppexFinance.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\CyberLinkCorp.hs.YouCamforHP_06qsbagp91rvg\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\AD2F1837.HPRegistration_v10z8vjag6ke6\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\AD2F1837.HPConnectedPhotopoweredbySnapfish_v10z8vjag6ke6\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\AD2F1837.HPConnectedMusic_v10z8vjag6ke6\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\AD2F1837.GettingStartedwithWindows8_v10z8vjag6ke6\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\2703103D.McAfeeCentral_4ehj4w4frejdr\McAfeeCentral.lnk -> Tile and icon assets
Shortcut: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\Application Shortcuts\134D4F5B.Box_2qk4zy5s3qmee\Box.lnk -> Tile and icon assets
Shortcut: C:\Users\Public\Desktop\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\Die Sims 2.lnk -> C:\Program Files (x86)\EA GAMES\Die Sims 2\TSBin\Sims2.exe (Maxis, a division of Electronic Arts Inc.)
Shortcut: C:\Users\Public\Desktop\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Public\Desktop\HP Support Assistant.lnk -> C:\Program Files (x86)\HP\HP Support Framework\HP Support Assistant.ico ()
Shortcut: C:\Users\Public\Desktop\L.A. Noire.lnk -> C:\Program Files (x86)\Rockstar Games\L.A. Noire\LANLauncher.exe (Rockstar Games)
Shortcut: C:\Users\Public\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\OBS Studio.lnk -> C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS)
Shortcut: C:\Users\Public\Desktop\SMART Notebook.lnk -> C:\Program Files (x86)\SMART Technologies\Education Software\Notebook.exe (SMART Technologies ULC)
Shortcut: C:\Users\Public\Desktop\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Public\Desktop\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH)
Shortcut: C:\Users\Public\Desktop\updatepush.com.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\Users\Public\Desktop\Worksheet Crafter.lnk -> C:\Program Files (x86)\Worksheet Crafter\WorksheetCrafter.exe (SchoolCraft GmbH)
Shortcut: C:\Users\Public\Desktop\Zoo Tycoon 2.lnk -> C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe (Microsoft Corporation)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js command prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files (x86)\nodejs\nodevars.bat"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\Snapfish Fotos.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_de
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAServiceHelper.exe (Intel) -> installstartup
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk -> C:\Program Files\McAfee\TrueKey\Application\truekey.exe (McAfee, LLC) -> --open-source=startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\Tintenwerkzeug von SMART Touch.lnk -> C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTInk.exe (SMART Technologies) -> -showfinger
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies\SMART Werkzeuge\Bildschirmvorhang.lnk -> C:\Program Files (x86)\SMART Technologies\Education Software\Spotlight.exe () -> -screenshade
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Uninstall Node.js.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {0E05CA72-D8DD-432F-A2CC-880034A48577}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Database Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\DATABASECOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Spreadsheet Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\SPREADSHEETCOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Zoo Tycoon 2\Zoo Tycoon 2 deinstallieren.lnk -> C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\UNINSTAL.EXE (Microsoft Corporation) -> /runtemp
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Klett\Oskar 1\Oskar 1 deinstallieren.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {DDA98552-EB62-4C76-8C43-3BB0E502DC36}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Recovery Manager\HP Recovery Media Creation.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \CRM
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Bejeweled 3.lnk -> C:\Program Files (x86)\WildGames\Bejeweled 3\bejeweled3-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Build-a-lot.lnk -> C:\Program Files (x86)\WildGames\Build-a-lot\Buildalot-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Crazy Chicken Soccer.lnk -> C:\Program Files (x86)\WildGames\Crazy Chicken Soccer\Moorhuhn-Soccer-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Dragons Of Atlantis.lnk -> C:\Program Files (x86)\WildTangent Games\Web Link - Dragons Of Atlantis\launcher.exe (WildTangent) -> /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Farm Frenzy.lnk -> C:\Program Files (x86)\WildGames\Farm Frenzy\Farm Frenzy-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Governor of Poker 2 Premium Edition.lnk -> C:\Program Files (x86)\WildGames\Governor of Poker 2 Premium Edition\GovernorofPoker2_PE_WildTangent_v1.5-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Plants vs. Zombies - Game of the Year.lnk -> C:\Program Files (x86)\WildGames\Plants vs Zombies - Game of the Year\plantsvszombies-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Ranch Rush 2 - Premium Edition.lnk -> C:\Program Files (x86)\WildGames\Ranch Rush 2 - Premium Edition\ranchrush2collectorsedition-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Vacation Quest™ - Australia.lnk -> C:\Program Files (x86)\WildGames\Vacation Quest - Australia\vacationquestaustralia-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Die Sims 2\Elektronische Registrierung.lnk -> C:\Program Files (x86)\EA GAMES\Die Sims 2\Support\EReg.exe (Electronic Arts, Inc.) -> "Sims2.exe"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die ersten 10 Jahre\Die ersten 10 Jahre deinstallieren.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1C12B0B2-91FB-439A-A64D-1A239F0B7FAB}\Setup.exe" -l0x7 -uninstshortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Apps.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \SWR
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\BTR.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \BTR
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Driver.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \SWR
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\RMC.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \CRM
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Eleonora\Desktop\Discord.lnk -> C:\Users\Eleonora\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\Eleonora\Desktop\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\Eleonora\Desktop\Microsoft Teams.lnk -> C:\Users\Eleonora\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe"
ShortcutWithArgument: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk -> C:\Users\Eleonora\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe"
ShortcutWithArgument: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\Eleonora\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Video Communications, Inc.) -> /uninstall
ShortcutWithArgument: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord.lnk -> C:\Users\Eleonora\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto
ShortcutWithArgument: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation) -> /recycle
ShortcutWithArgument: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) -> /recycle
ShortcutWithArgument: C:\Users\Eleonora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Eleonora\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Public\Desktop\True Key.lnk -> C:\Program Files\McAfee\TrueKey\Application\truekey.exe (McAfee, LLC) -> --open-source=dtopicon
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worksheet Crafter\Die Webseite zum Worksheet Crafter .url -> URL: hxxps://www.getschoolcraft.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js documentation.url -> URL: hxxps://nodejs.org/download/release/v6.10.3/docs/api/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js website.url -> URL: hxxp://nodejs.org/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Zoo Tycoon 2\Weblinks\Onlineregistrierung.url -> URL: hxxp://go.microsoft.com/fwlink/?linkid=35544
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Zoo Tycoon 2\Weblinks\Zoo Tycoon 2-Homepage.url -> URL: hxxp://www.microsoft.com/germany/games/zootycoon/zoo2/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\Die Sims 2\Online nach Update suchen.url -> URL: hxxp://thesims2.ea.com/update/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL ->
InternetURL: C:\Users\Default\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://redirect.hp.com/svs/rdr?locale=de_de&c=142&bd=pavilion&tp=iefavbar&s=amazon&pf=cnnb&TYPE=4
InternetURL: C:\Users\Default\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://redirect.hp.com/svs/rdr?locale=de_de&c=142&bd=pavilion&tp=iefavbar&s=amazon&pf=cnnb&TYPE=4
InternetURL: C:\Users\Default\Favorites\HP\Snapfish Fotos.url -> URL: hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_de
InternetURL: C:\Users\Default\Favorites\HP\WildTangent Games for HP.url -> URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cnnb&locale=de_de&bd=all&c=143
InternetURL: C:\Users\Eleonora\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Eleonora\Favorites\Classic Shell - Start menu and other Windows enhancements.url -> URL: hxxp://www.classicshell.net/
InternetURL: C:\Users\Eleonora\Favorites\Portfolio\Portfolio Beschreibung.url -> URL: hxxp://methodenpool.uni-koeln.de/download/portfolio.pdf
InternetURL: C:\Users\Eleonora\Favorites\Portfolio\Portfolio Theorie.url -> URL: hxxp://methodenpool.uni-koeln.de/download/portfolio.pdf
InternetURL: C:\Users\Eleonora\Favorites\Portfolio\Portfolio-Schule.url -> BASEURL: hxxp://www.portfolio-schule.de/ URL: hxxp://www.portfolio-schule.de/
InternetURL: C:\Users\Eleonora\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://redirect.hp.com/svs/rdr?locale=de_de&c=142&bd=pavilion&tp=iefavbar&s=amazon&pf=cnnb&TYPE=4
InternetURL: C:\Users\Eleonora\Favorites\Links\Android-Frühjahrsputz Schnell wie am ersten Tag - PC-WELT.url -> BASEURL: hxxp://www.pcwelt.de/ratgeber/Android_wieder_schnell_wie_am_ersten_Tag-Smartphone_aufraeumen-7837689.html URL: hxxp://www.pcwelt.de/ratgeber/Android_wieder_schnell_wie_am_ersten_Tag-Smartphone_aufraeumen-7837689.html
InternetURL: C:\Users\Eleonora\Favorites\Links\cablemail.de Webinterface Willkommen beim cablemail.de Webinterface.url -> URL: hxxps://mail.cablemail.de/roundcube/
InternetURL: C:\Users\Eleonora\Favorites\Links\YouTube.url -> URL: hxxps://www.youtube.com/
InternetURL: C:\Users\Eleonora\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://redirect.hp.com/svs/rdr?locale=de_de&c=142&bd=pavilion&tp=iefavbar&s=amazon&pf=cnnb&TYPE=4
InternetURL: C:\Users\Eleonora\Favorites\HP\Snapfish Fotos.url -> URL: hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_de
InternetURL: C:\Users\Eleonora\Favorites\HP\WildTangent Games for HP.url -> URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cnnb&locale=de_de&bd=all&c=143
InternetURL: C:\Users\Eleonora\Dropbox\Get Started with Dropbox Paper.url -> URL: hxxps://www.dropbox.com/login?_tk=dropbox_desktop_urlfile&cont=https%3A%2F%2Fpaper.dropbox.com%2Fpad%2Fopen-or-create-sample%2Fintro®ister_cont=https%3A%2F%2Fpaper.dropbox.com%2Fpad%2Fopen-or-create-sample%2Fintro
InternetURL: C:\Users\Eleonora\Desktop\Cities Skylines.url -> URL: steam://rungameid/255710
InternetURL: C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Cities Skylines.url -> URL: steam://rungameid/255710
==================== Ende vom Shortcut.txt =============================
Geändert von dorinora (08.08.2021 um 19:20 Uhr) |
|
08.08.2021, 19:25
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 10: Audacity Malware heruntergeladen Bitte alle Logs in CODE-Tags posten.
__________________
__________________ |
|
08.08.2021, 20:14
| #3 |
| | Windows 10: Audacity Malware heruntergeladen Hier noch die fehlenden CODE-Tags.
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 07-08-2021
durchgeführt von Eleonora (08-08-2021 14:21:39)
Gestartet von C:\Users\Eleonora\Downloads
Windows 10 Home Version 20H2 19042.1110 (X64) (2021-03-12 23:22:36)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-3041158100-3232429967-454566112-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3041158100-3232429967-454566112-503 - Limited - Disabled)
Eleonora (S-1-5-21-3041158100-3232429967-454566112-1001 - Administrator - Enabled) => C:\Users\Eleonora
Gast (S-1-5-21-3041158100-3232429967-454566112-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3041158100-3232429967-454566112-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3041158100-3232429967-454566112-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{E407C8D7-09C6-4056-BFAD-68C5FD8340F0}) (Version: 1.3 - Eyeo GmbH)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Bejeweled 3 (HKLM-x32\...\WTA-1ee772db-7059-4026-8bff-4853ce37c4cb) (Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot (HKLM-x32\...\WTA-75a48dff-d031-4477-89f3-89a56af30e7d) (Version: 2.2.0.98 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (HKLM-x32\...\WTA-9f8ca7c9-8662-4ca3-9fbb-d22977c235eb) (Version: 3.0.2.48 - WildTangent) Hidden
Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft)
Crazy Chicken Soccer (HKLM-x32\...\WTA-6694393f-4e0e-4ecd-ba98-3adb8a5192a7) (Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.9.4928 - CyberLink Corp.)
CyberLink MediaEspresso 6.7 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.7.4.6127 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.6.5104 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.10.5422 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3604 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.5.4628 - CyberLink Corp.)
Die ersten 10 Jahre (HKLM-x32\...\{1C12B0B2-91FB-439A-A64D-1A239F0B7FAB}) (Version: 1.00.0000 - )
Die Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version: - )
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Discord (HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\Discord) (Version: 0.0.310 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 128.4.2870 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.485.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.2 (HKLM-x32\...\{412F6426-A3C7-11E3-8A71-00163E98E7D6}) (Version: 5.2.0.2951 - Evernote Corp.)
Farm Frenzy (HKLM-x32\...\WTA-6233138d-600b-459b-b424-ff051406282c) (Version: 2.2.0.98 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-4364d7d1-bfa9-4f9b-be07-bb5e52f70136) (Version: 2.2.0.110 - WildTangent) Hidden
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{4BBA238C-9E5D-40F9-8AC6-FACB736752B9}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.46 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.18.34.21 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Utility Center (HKLM\...\{36F80C5F-DC0D-4DF4-AF09-DC1867F0EB0A}) (Version: 2.4.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard Company)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.46 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.46 - Softex Inc.) Hidden
Intel Driver && Support Assistant (HKLM-x32\...\{10BECC47-44EA-43BF-90F7-6A392DD15F06}) (Version: 21.4.29.8 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{50883721-017E-40C5-9B65-F11F20DE8B45}) (Version: 2.4.07630 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5058 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.16.1063 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{8B4EA042-9E21-46FB-8286-225F4D51CC52}) (Version: 4.2.41.2710 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{EA877F2C-A0FB-4379-83D0-734540686C80}) (Version: 17.1.1531.1764 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{0a6e5067-9368-4f32-be84-aac5f85dc5c3}) (Version: 21.4.29.8 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-36dae6a4-f8f1-469d-9311-ee623efff17f) (Version: 2.2.0.98 - WildTangent) Hidden
L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games)
McAfee True Key (HKLM\...\TrueKey) (Version: 5.3.138.1 - McAfee, LLC)
MHS 1-2 - Bayern Version 1.0 (HKLM-x32\...\{5FCA0FD8-0D3A-4682-8EFE-863CF915EDFE}_is1) (Version: 1.0 - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterweg Schöningh Winklers GmbH)
Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.14228.20204 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.50 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 89.0.774.68 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\OneDriveSetup.exe) (Version: 21.129.0627.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\Teams) (Version: 1.4.00.8872 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29112 (HKLM-x32\...\{be826f5f-eda5-45a2-a3fe-c2cb5c1b9842}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 90.0.2 (x64 de)) (Version: 90.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.3 - Mozilla)
NVIDIA Grafiktreiber 446.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 446.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.4 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14228.20204 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20204 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20204 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.14228.20204 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-a31469a9-6a11-433d-881f-ebc90d4dbd29) (Version: 3.0.2.51 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WTA-9b964062-9b05-4f25-9294-c28bbf192213) (Version: 2.2.0.97 - WildTangent) Hidden
Ranch Rush 2 - Premium Edition (HKLM-x32\...\WTA-e71c857e-11de-4663-b99f-d56ce1cfa303) (Version: 2.2.0.98 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.40 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.23.252 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.6 - Rockstar Games)
SMART Gallery Essentials (HKLM-x32\...\{B1BCD573-39C5-48CD-A2A7-F6525BB7072B}) (Version: 2.0.2.0 - SMART Technologies ULC)
SMART German Handwriting Resources (HKLM-x32\...\{2B73B4A7-03E4-437F-9E7F-AE533A93D4A2}) (Version: 15.1.10.0 - SMART Technologies ULC)
SMART Ink (HKLM-x32\...\{1B6934C5-BA75-4C7D-B3BA-D73B4DDB42A5}) (Version: 5.5.340.0 - SMART Technologies ULC)
SMART Lesson Activity Toolkit (HKLM-x32\...\{8AD57A09-153E-4F6D-A269-0AD8AC54B82A}) (Version: 2.0.7.0 - SMART Technologies ULC)
SMART Notebook (HKLM-x32\...\{67A22506-25EF-4F7A-97A8-9293345093E1}) (Version: 19.0.2576.1 - SMART Technologies ULC)
SMART Produkttreiber (HKLM-x32\...\{BF782898-838D-4FA4-9D3E-FC6F27E76D89}) (Version: 12.13.46.0 - SMART Technologies ULC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.17057 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.15.5 - TeamViewer)
TechSmith Screen Capture Codec (HKLM-x32\...\{84FE50F5-B0F3-4D18-8BE8-A4DEEE0C37AD}) (Version: 4.1.1.0 - TechSmith Corporation) Hidden
Trinklit Supreme (HKLM-x32\...\WTA-1b99ba4f-b7d0-497d-ba69-f983b14c86b3) (Version: 2.2.0.98 - WildTangent) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_STANDARD_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_STANDARD_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_STANDARD_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_STANDARD_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Vacation Quest™ - Australia (HKLM-x32\...\WTA-8e02fba1-9770-4e68-b0bc-0c6a4de329d2) (Version: 3.0.2.32 - WildTangent) Hidden
Validity WBF DDK (HKLM\...\{21498212-1146-4540-8A81-6A1328BA19F2}) (Version: 4.5.228.0 - Validity Sensors, Inc.)
Virtual Families (HKLM-x32\...\WTA-6b0d88e0-57df-4bbc-84c2-db5f11a97dbc) (Version: 2.2.0.98 - WildTangent) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Wedding Dash (HKLM-x32\...\WTA-750dadc0-8f26-4281-8e17-e4caa99c8c87) (Version: 2.2.0.95 - WildTangent) Hidden
WhatsApp (HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\WhatsApp) (Version: 2.2126.15 - WhatsApp)
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Youda Jewel Shop (HKLM-x32\...\WTA-bb9e074d-690b-4444-885a-98dba7d68858) (Version: 3.0.2.51 - WildTangent) Hidden
Zoo Tycoon 2 (HKLM-x32\...\Zoo Tycoon 2) (Version: 1.0 - Microsoft)
Zoom (HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\ZoomUMX) (Version: 5.5.4 (13142.0301) - Zoom Video Communications, Inc.)
Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2015-06-27] (WildTangent Games)
Box for Windows 8 -> C:\Program Files\WindowsApps\134D4F5B.Box_2.1.4.4_neutral__2qk4zy5s3qmee [2015-11-12] (Box, Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.7.46.0_x86__kgqvnymyfvs32 [2021-08-06] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.198.300.0_x86__kgqvnymyfvs32 [2021-07-22] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-19] (Canon Inc.)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_6.1.13.0_x86__h6adky7gbf63m [2021-07-15] (Gameloft SE)
Erste Schritte mit Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2015-04-01] (Hewlett-Packard Company)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2015-04-01] (Hewlett-Packard Company)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.7.536.0_x64__v10z8vjag6ke6 [2021-07-11] (HP Inc.)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-07] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.0.11030.0_x64__8wekyb3d8bbwe [2020-11-26] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-06] (Microsoft Studios) [MS Ad]
MSN Gesundheit & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Kochen & Genuss -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Reisen -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-27] (NVIDIA Corp.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-14] (Twitter Inc.)
YouCam for HP -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.YouCamforHP_1.0.2.29632_x86__06qsbagp91rvg [2015-04-01] (CYBERLINKCOM CORP)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3041158100-3232429967-454566112-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Eleonora\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20339.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3041158100-3232429967-454566112-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (Intel Corporation -> Intel)
CustomCLSID: HKU\S-1-5-21-3041158100-3232429967-454566112-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
CustomCLSID: HKU\S-1-5-21-3041158100-3232429967-454566112-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Eleonora\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3041158100-3232429967-454566112-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Eleonora\Dropbox [2019-09-05 20:58]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-12-23] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-12-23] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_0ebd0596825b39a0\nvshext.dll [2020-05-18] (NVIDIA Corporation -> NVIDIA Corporation)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [442368 2005-02-26] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [442368 2005-02-26] (On2.com) [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2015-07-03 00:05 - 2015-07-03 00:05 - 000022528 _____ (%CFullName%) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2015-07-03 00:17 - 2015-07-03 00:17 - 000886784 _____ (%CFullName%) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\OpBHO64.dll
2015-07-03 00:06 - 2015-07-03 00:06 - 000055808 _____ (%CFullName%) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2015-07-03 00:06 - 2015-07-03 00:06 - 000036864 _____ (%CFullName%) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2021-04-13 12:36 - 2021-04-13 12:36 - 005745664 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module.dll
2015-07-03 00:07 - 2015-07-03 00:07 - 002174464 _____ (Hewlett-Packard) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2015-07-03 00:06 - 2015-07-03 00:06 - 000717824 _____ (Hewlett-Packard) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\storeng.dll
2015-07-03 00:07 - 2015-07-03 00:07 - 001138176 _____ (Hewlett-Packard) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\userdata.dll
2021-05-12 20:07 - 2021-05-12 20:07 - 001638912 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2021-05-21 14:04 - 2021-05-21 14:04 - 000130048 _____ (Sam Grogan) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Intel\Driver and Support Assistant\NotifyIconWin32.dll
2021-03-13 00:49 - 2021-03-13 00:49 - 000649360 _____ (SMART Technologies ULC -> Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_smarttech.ms.vc120.crt_e7e76aadd9f46776_1.0.19.0_none_affc467131f8f86a\MSVCP120.dll
2021-03-13 00:49 - 2021-03-13 00:49 - 000952464 _____ (SMART Technologies ULC -> Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_smarttech.ms.vc120.crt_e7e76aadd9f46776_1.0.19.0_none_affc467131f8f86a\MSVCR120.dll
2015-07-03 00:18 - 2015-07-03 00:18 - 000862800 _____ (Softex Incorporated -> %CFullName%) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2015-07-03 00:18 - 2015-07-03 00:18 - 000764496 _____ (Softex Incorporated -> Hewlett-Packard) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\hdddrv.dll
2015-07-03 00:18 - 2015-07-03 00:18 - 000542288 _____ (Softex Incorporated -> Hewlett-Packard) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2015-07-03 00:18 - 2015-07-03 00:18 - 001613392 _____ (Softex Incorporated -> Hewlett-Packard) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\Wbf.dll
2021-05-12 20:07 - 2021-05-12 20:07 - 002122240 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\WINDOWS\system32\AERTAC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AERTAR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CX64APO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_33.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_36.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_40.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4531.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCComp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437654.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437682.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437654.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437682.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DAA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DHT64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtDataProc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtNicProp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sl3apo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slcnt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slprp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sltech64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRRPTR64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSX64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSWOW64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynTPCo41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_4.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\RtlExUpd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_36.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_29.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SRCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_5.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\CFRMD.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\CLVirtualDrive.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\intelaud.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rt640x64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Eleonora\Downloads\376.33-notebook-win10-64bit-international-whql.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Eleonora\Downloads\376.33-notebook-win10-64bit-international-whql.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Eleonora\Downloads\adblock_plus-2.7.3-sm_tb_fx_an(1).zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Eleonora\Downloads\adblock_plus-2.7.3-sm_tb_fx_an(1).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Eleonora\Downloads\adblock_plus-2.7.3-sm_tb_fx_an.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Eleonora\Downloads\adblock_plus-2.7.3-sm_tb_fx_an.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Eleonora\Downloads\avira_de_fass0_58a1d02b26e1e__ws.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Eleonora\Downloads\avira_de_fass0_58a1d02b26e1e__ws.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Eleonora\Downloads\SteamSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Eleonora\Downloads\SteamSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Eleonora\Downloads\TeamViewerQS.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Eleonora\Downloads\TeamViewerQS.exe:$CmdZnID [26]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-3041158100-3232429967-454566112-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
SearchScopes: HKLM -> {910174F9-9C31-45EB-AE64-875F632F64A7} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {910174F9-9C31-45EB-AE64-875F632F64A7} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3041158100-3232429967-454566112-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3041158100-3232429967-454566112-1001 -> {910174F9-9C31-45EB-AE64-875F632F64A7} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc -> Google Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2021-06-27] (HP Inc. -> HP Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-12-16] (Eyeo GmbH -> Adblock Plus) [Datei ist nicht signiert]
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-04] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) [Datei ist nicht signiert]
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc -> Google Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2021-06-27] (HP Inc. -> HP Inc.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-12-16] (Eyeo GmbH -> Adblock Plus) [Datei ist nicht signiert]
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc -> Google Inc.)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-04] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\localhost -> localhost
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2017-09-29 15:46 - 2017-02-05 11:33 - 000000861 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
2020-04-22 20:09 - 2020-04-22 20:09 - 000000435 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Hewlett-Packard\SimplePass\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\nodejs\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3041158100-3232429967-454566112-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 195.234.128.139 - 217.68.162.126
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}"
HKLM\...\StartupApproved\Run32: => "Avira Safe Shopping"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "sbsdk-server"
HKLM\...\StartupApproved\Run32: => "SMART Board Service"
HKLM\...\StartupApproved\Run32: => "SMART Ink"
HKLM\...\StartupApproved\Run32: => "SMARTNotification"
HKLM\...\StartupApproved\Run32: => "SMART Tray Tools"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\StartupApproved\Run: => "Power2GoExpress8"
HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{37E48BA8-A35D-488B-93AE-3AC312C0E1FB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A1482596-B346-4179-81F7-D36E2FE2A537}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C78F6B50-C369-4013-9D6D-84C8EA7B1E5F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1FBD5C52-9CA9-481C-86A4-54E060A4A4B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{091C4F66-A873-46E5-AD8F-4D98EA7EF749}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{78683649-97ED-48F1-B3E7-D560D5B8DDC7}] => (Allow) C:\Users\Eleonora\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{3F36AB6A-DA53-4A95-A6DE-EE47FE83B978}] => (Allow) C:\Users\Eleonora\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{6280C939-4076-420E-B501-960A68BCB2A5}] => (Allow) C:\Users\Eleonora\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{A3B1AE11-6447-438C-9C42-616D3D496A0D}C:\users\eleonora\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\eleonora\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{EA4AA603-3545-4FD1-8DE0-CC4B770F62CE}C:\users\eleonora\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\eleonora\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{391E1B8D-C3C6-4EF3-861B-DC2F34BF6CBB}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{99481F81-C37F-41EC-A59C-311B468466C5}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{46C33158-C644-49AD-AB3B-54EE99F0E3F6}] => (Allow) C:\Users\Eleonora\AppData\Local\StarLeaf\StarLeaf\2\StarLeafc.exe (StarLeaf Ltd -> StarLeaf Ltd.)
FirewallRules: [{E74EB808-62F0-45D4-92AB-84D6B3833077}] => (Allow) C:\Users\Eleonora\AppData\Local\StarLeaf\StarLeaf\1\StarLeafc.exe (StarLeaf Ltd -> StarLeaf Ltd.)
FirewallRules: [{2F0335C7-2DCF-46DA-85BA-FFE180DC4C55}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{FFAAA848-2689-474D-8522-A462D58F0738}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7E5A1FBC-F55B-486D-A66E-D35A4A5C1A96}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{25DD2597-F7C3-4FD2-A369-AB37C37AE221}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{96FD8770-032B-47A6-8136-A20B62F5B002}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{3A7FD33B-4A64-434E-B4BB-76CD16E844D0}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCService.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{32DE17BB-732A-4C99-AA90-60CBE650AB01}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCService.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{A2BB17D0-3210-4A5D-9E32-F46BAAB21D2D}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCGui.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{9A19BC4D-58CC-49BE-92D2-B52351FC53F0}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCGui.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{D475A119-C543-4006-BEA8-CABB06837A1B}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\Notebook.exe (SMART Technologies ULC -> SMART Technologies ULC)
FirewallRules: [{974FA4A7-7AF2-44DC-A8C1-B2D3F791D420}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\Notebook.exe (SMART Technologies ULC -> SMART Technologies ULC)
FirewallRules: [{DFEE7516-E664-4070-B546-691979D1EF25}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{87A33855-024A-4804-AC40-32A520E4CE6A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D16C500C-3F83-47B3-92E6-31BF84794442}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{AF978F4B-9FE9-4A6D-8E87-A23B48AB8198}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2E1905E5-0F5F-4714-A574-469BEC46FDF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe () [Datei ist nicht signiert]
FirewallRules: [{E9696F87-01B0-4570-B582-0CE17D16BB04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe () [Datei ist nicht signiert]
FirewallRules: [{4A2E6037-C0E1-4DB6-965C-C4522FA3827B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FF11E873-C169-4D1B-AF47-3F21ABAF8C74}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7D61CE80-8715-4038-B7E2-B7415FCA4991}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{0818B228-3DD7-437C-9FFA-45E9ED62C866}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{92DDBC00-6557-403F-8577-68EB95E4DB39}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe => Keine Datei
FirewallRules: [{C062FF91-EEFB-4EB8-AD12-E50C8DEAE069}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{89C1B47A-644D-4474-98E5-0F605E2518F9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => Keine Datei
FirewallRules: [{8F7B0570-505D-40DB-AFCA-471C2E958F4F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{12105812-BD88-4D3A-9554-1E23D451E11D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe => Keine Datei
FirewallRules: [{252DFA28-6012-4E33-BBFF-F50264EE03ED}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{AE47F7BE-025B-4280-BF83-9FE64D83E6F4}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => Keine Datei
FirewallRules: [{ED9EE3C2-9F3B-4E86-A5B4-F2F9BBDB2E6F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => Keine Datei
FirewallRules: [{8C9FB903-0C85-42D4-827F-A10BD3A86CC8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5950D0C5-07E9-4956-A372-FAE1CD98D1AF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5C2479AA-F607-4B07-913C-8991E5D4B3C1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{46DA3073-9D33-4F86-BA03-4779A90E197E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C899F1C0-44F5-4E66-9356-47A8041A46B2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D02409E5-0872-4A10-90F8-3344C9C1BB23}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F5B1ED71-6392-4461-A5B7-1F1ECEAF33ED}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7D2E8ED7-F4AB-4909-AACF-2DFEC7CAE66A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{64798149-A439-4700-BA0D-CFA18057F668}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe (Microsoft Corporation) [Datei ist nicht signiert]
FirewallRules: [{3EE84EB4-D4A1-414D-9214-13B3F8EC7D90}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe (Microsoft Corporation) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{BD379053-E29A-44B2-852A-D064C91DD4F8}C:\program files (x86)\phenomedia\die ersten 10 jahre\moorhuhn kart 3\moorhuhn_kart3.exe] => (Block) C:\program files (x86)\phenomedia\die ersten 10 jahre\moorhuhn kart 3\moorhuhn_kart3.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{7192A7C2-C6D3-47F2-9AEF-7A133F3D2C71}C:\program files (x86)\phenomedia\die ersten 10 jahre\moorhuhn kart 3\moorhuhn_kart3.exe] => (Block) C:\program files (x86)\phenomedia\die ersten 10 jahre\moorhuhn kart 3\moorhuhn_kart3.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{4A15B294-0A6F-4976-8AAA-C8D8D0D2DEF9}C:\program files (x86)\phenomedia\die ersten 10 jahre\moorhuhn kart 3\moorhuhn_kart3.exe] => (Block) C:\program files (x86)\phenomedia\die ersten 10 jahre\moorhuhn kart 3\moorhuhn_kart3.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{E0337B59-2B24-4021-91EC-6CDCC93DA221}C:\program files (x86)\phenomedia\die ersten 10 jahre\moorhuhn kart 3\moorhuhn_kart3.exe] => (Block) C:\program files (x86)\phenomedia\die ersten 10 jahre\moorhuhn kart 3\moorhuhn_kart3.exe () [Datei ist nicht signiert]
FirewallRules: [{6D50AF0A-170C-4DFB-82DA-92D22CEC22C9}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{BD4AD8A6-D2FB-4C43-81D3-599AECC550DE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\89.0.774.68\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6DB5AC7B-33DC-45F5-81F7-6E5D41EA4F4F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9AF04D15-C020-42AF-B11A-F4E973455329}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BF413056-816E-4AF0-8AB4-1E125DF0BF6B}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{E6CF30B6-D3FF-4C8D-8D00-08A31208C951}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{AC281FF1-12A1-4BA7-879C-3209A9179554}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{1B502997-94D6-4992-B943-542FBD52AF80}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{7EF72C3C-A62D-49BA-9FEA-CF1495A50624}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{10A93D5C-46DC-4FFF-A307-104B447F3E1B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0B03C791-8C84-449B-A79D-B069AFE3664F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{576EF928-2042-4BB8-8199-2F6CB3335167}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
04-08-2021 12:24:50 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (08/08/2021 02:10:37 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.
Error: (08/08/2021 02:10:37 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Das Objekt oder die Eigenschaft wurde nicht gefunden.
Error: (08/08/2021 02:08:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: msedge.exe, Version: 89.0.774.50, Zeitstempel: 0x60482869
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.1110, Zeitstempel: 0x4809adf2
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x0000000000034ed9
ID des fehlerhaften Prozesses: 0x297c
Startzeit der fehlerhaften Anwendung: 0x01d78c4e1c60960b
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 0c7c346b-1662-4e70-bcfe-21ae324776c5
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/07/2021 09:30:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: msedge.exe, Version: 89.0.774.50, Zeitstempel: 0x60482869
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.1110, Zeitstempel: 0x4809adf2
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x0000000000034ed9
ID des fehlerhaften Prozesses: 0x4148
Startzeit der fehlerhaften Anwendung: 0x01d78b5e28db8908
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 52d50184-67e6-4aed-8e88-c3431c2678e0
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/04/2021 07:39:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: msedge.exe, Version: 89.0.774.50, Zeitstempel: 0x60482869
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.1110, Zeitstempel: 0x4809adf2
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x0000000000034ed9
ID des fehlerhaften Prozesses: 0x378
Startzeit der fehlerhaften Anwendung: 0x01d78957baa4b451
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 7db63834-28e6-4b8b-be1e-987f92bb4916
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/04/2021 07:39:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: msedge.exe, Version: 89.0.774.50, Zeitstempel: 0x60482869
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.1110, Zeitstempel: 0x4809adf2
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x0000000000034ed9
ID des fehlerhaften Prozesses: 0x34b4
Startzeit der fehlerhaften Anwendung: 0x01d78957baab5d75
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 75d224d7-a9f1-477d-a188-1846b2e617ca
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/04/2021 01:20:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15656
Error: (08/04/2021 01:20:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15656
Systemfehler:
=============
Error: (08/08/2021 02:05:29 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (08/07/2021 06:57:18 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (08/07/2021 09:13:14 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (08/06/2021 04:00:32 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (08/06/2021 10:54:01 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{F3B4E234-7A68-4E43-B813-E4BA55A065F6}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (08/06/2021 10:15:47 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (08/06/2021 08:28:01 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (08/05/2021 07:59:12 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Windows Defender:
================
Date: 2021-08-06 09:04:58
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {EBFBCEF2-32F9-48E0-B45A-E38CAA3659A1}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2021-07-29 17:45:48
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {E9349998-3DF5-43C7-A4CA-4C3AA0E3B437}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2021-07-28 17:16:43
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {9A2C5647-90D0-4860-9C5F-B32EF5B5A59C}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2021-07-27 21:05:09
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {3E0891D9-F4BA-4C1C-BF58-6E62EF4B3903}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2021-07-26 21:59:31
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {25001B93-9A55-4886-BC7E-9069EA4EB418}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2021-07-25 17:26:52
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.343.1644.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.18300.4
Fehlercode: 0x8050a003
Fehlerbeschreibung: Dieses Paket enthält keine aktuellen Definitionsdateien für das Programm. Weitere Informationen finden Sie in "Hilfe und Support".
Date: 2021-07-25 17:26:52
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.343.1644.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.18300.4
Fehlercode: 0x8050a003
Fehlerbeschreibung: Dieses Paket enthält keine aktuellen Definitionsdateien für das Programm. Weitere Informationen finden Sie in "Hilfe und Support".
Date: 2021-07-25 17:26:52
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.343.1644.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.18300.4
Fehlercode: 0x8050a003
Fehlerbeschreibung: Dieses Paket enthält keine aktuellen Definitionsdateien für das Programm. Weitere Informationen finden Sie in "Hilfe und Support".
Date: 2021-06-29 19:31:21
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.343.25.0
%Vorherige Version der Sicherheitsinformationen: 1.341.1626.0
Update Source: Benutzer
Sicherheitstyp: AntiSpyware
Updatetyp: Delta
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 1.1.18300.4
%Vorherige Modulversion: 1.1.18200.4
Fehlercode: 0x80070666
Fehlerbeschreibung: Eine andere Version des Produkts ist bereits installiert. Die Installation dieser Version kann nicht fortgesetzt werden. Verwenden Sie die Systemsteuerungsoption "Software", um die vorhandene Version dieses Produkts zu konfigurieren oder zu entfernen.
Date: 2021-06-29 19:31:21
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.343.25.0
%Vorherige Version der Sicherheitsinformationen: 1.341.1626.0
Update Source: Benutzer
Sicherheitstyp: AntiVirus
Updatetyp: Delta
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 1.1.18300.4
%Vorherige Modulversion: 1.1.18200.4
Fehlercode: 0x80070666
Fehlerbeschreibung: Eine andere Version des Produkts ist bereits installiert. Die Installation dieser Version kann nicht fortgesetzt werden. Verwenden Sie die Systemsteuerungsoption "Software", um die vorhandene Version dieses Produkts zu konfigurieren oder zu entfernen.
==================== Speicherinformationen ===========================
BIOS: Insyde F.57 11/09/2018
Hauptplatine: Hewlett-Packard 228D
Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 45%
Installierter physikalischer RAM: 12218.15 MB
Verfügbarer physikalischer RAM: 6640.56 MB
Summe virtueller Speicher: 14074.15 MB
Verfügbarer virtueller Speicher: 4025.57 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:909.47 GB) (Free:441.11 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:20.05 GB) (Free:2.01 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
\\?\Volume{511961be-c667-419e-a6a0-c7b7e47f64bc}\ (WINRE) (Fixed) (Total:0.63 GB) (Free:0.37 GB) NTFS
\\?\Volume{1baa20d9-4ed9-43a8-ae58-06f268ac9ebe}\ () (Fixed) (Total:0.98 GB) (Free:0.39 GB) NTFS
\\?\Volume{b915eb01-8004-48fe-94b3-341ed20958f1}\ () (Fixed) (Total:0.25 GB) (Free:0.13 GB) FAT32
==================== MBR & Partitionstabelle ====================
==================== Ende von Addition.txt =======================
|
|
08.08.2021, 20:16
| #4 |
| | Windows 10: Audacity Malware heruntergeladenCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 07-08-2021
durchgeführt von Eleonora (Administrator) auf ELLI (Hewlett-Packard HP ENVY 15 Notebook PC) (08-08-2021 14:13:23)
Gestartet von C:\Users\Eleonora\Downloads
Geladene Profile: Eleonora
Platform: Windows 10 Home Version 20H2 19042.1110 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(%CFullName%) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe <2>
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Intel® Trusted Connect Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12105.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe <2>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_0ebd0596825b39a0\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SMART Technologies ULC -> SMART Technologies) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe
(Softex Inc.) [Datei ist nicht signiert] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Validity Sensors, Inc.) [Datei ist nicht signiert] C:\Windows\System32\valWBFPolicyService.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2016-06-15] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2017-04-19] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2016-01-06] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8089888 2021-08-05] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SMARTNotification] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTNotification.exe [201152 2019-05-14] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Board Service] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe [2679744 2019-05-14] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Tray Tools] => C:\Program Files (x86)\Common Files\SMART Technologies\SystemMenu\SMARTSystemMenu.exe [654272 2019-04-10] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\sbsdk-server\NodeLauncher.exe [68544 2018-10-16] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Ink] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTInk.exe [289728 2019-05-07] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2021-07-26] (Intel Corporation -> Intel)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1728952 2015-12-23] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve -> Valve Corporation)
HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Eleonora\AppData\Local\Microsoft\Teams\Update.exe [2453696 2021-04-13] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\Run: [Discord] => C:\Users\Eleonora\AppData\Local\Discord\Update.exe [1512096 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\RunOnce: [Application Restart #6] => C:\Users\Eleonora\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-res (Der Dateneintrag hat 589 mehr Zeichen).
HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\RunOnce: [Application Restart #5] => C:\Users\Eleonora\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-res (Der Dateneintrag hat 589 mehr Zeichen).
HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\RunOnce: [Application Restart #4] => C:\Users\Eleonora\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-res (Der Dateneintrag hat 589 mehr Zeichen).
HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [4819704 2016-01-06] (Softex Incorporated -> Hewlett-Packard)
HKU\S-1-5-21-3041158100-3232429967-454566112-1001\...\RunOnce: [Application Restart #1] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [506104 2016-01-06] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Windows x64\Print Processors\Canon MB2000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCC.DLL [30208 2014-04-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MB2000 series: C:\WINDOWS\system32\CNCALCC.DLL [303104 2014-04-28] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MB2000 series: C:\WINDOWS\system32\CNMLMCC.DLL [406016 2014-04-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [404992 2013-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\...\Print\Monitors\SMART Local Port: C:\WINDOWS\system32\smrtlocalmon.dll [38336 2019-06-14] (SMART Technologies ULC -> SMART Technologies ULC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-06] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2015-07-03] (Softex Inc..) [Datei ist nicht signiert]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2015-07-03] (Softex Inc..) [Datei ist nicht signiert]
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"
GroupPolicy: Beschränkung - Chrome <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01581B2E-3420-4A69-9A39-9C69A320AB9B} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1354552 2015-12-23] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
Task: {09711622-305F-422A-AC12-BEFDD2F699AE} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {1652CC98-748B-4577-A6AA-3AD290B58B70} - System32\Tasks\Avira Safe Shopping Updater => C:\Program Files (x86)\Avira\Safe Shopping\\Updater\Updater.exe
Task: {1A027185-C44D-4487-8659-B0A969C1E862} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1118896 2021-07-11] (HP Inc. -> HP Inc.)
Task: {1BCB008C-D454-49C2-8613-2B528F585447} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1150872 2021-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F70B6ED-0010-4CBE-9AD9-EDEC1514CB99} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [506104 2016-01-06] (Softex Incorporated -> Hewlett-Packard)
Task: {22B1BE5A-34CB-4114-99A7-7ECDFAF8FBBC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113992 2021-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {22BDB88A-B2A3-41B6-BD6B-5BE7135491F8} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {23E96C1D-8898-46FE-86D1-9C3668175AD7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {299B6301-7960-4FF4-8DA7-4A948F9701E7} - \WPD\SqmUpload_S-1-5-21-3041158100-3232429967-454566112-1001 -> Keine Datei <==== ACHTUNG
Task: {2C145ABF-5D91-4AE2-8E97-8431F7E7BDAE} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {36D2D8AD-0428-4ABB-90B3-D628D995BCC6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {38C76B5E-C453-4A54-A049-6263531E4897} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {3BAFE3CA-8329-42E3-B00E-B8511F9949A9} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-09-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {3DFF1B91-A666-4973-A019-73A16F79B1C0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {49EBE9C4-7387-44A7-9753-8D195DAB9B32} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {4BF3A677-23CA-4308-A097-93D7CBEEF5FA} - System32\Tasks\GoogleUpdateTaskMachineUA1d10e70b69a65e9 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {517AE2D5-1599-4DD9-81D1-B16F07C184F7} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3074176 2021-04-15] (Intel(R) System Usage Report -> Intel Corporation)
Task: {54D2187D-E922-404B-9B2D-B128BDE54C1B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {59ADE6AB-9884-4817-83A6-B2525BFDD5A0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5EDB63DE-29FE-4699-8070-DD82BB6F4F4A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {60FEAB6A-E5AC-42C1-AA3B-0AF42C2CFB3C} - System32\Tasks\GoogleUpdateTaskMachineCore1d10e70b671e660 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {677C488B-AB04-4EC3-B628-6D3A46DE4A5E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-07-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {6D1255D4-B9FD-46AA-AFD5-78609D6F26D8} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7499651F-AF1A-4B0F-889C-E0FE0561C3FB} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {763C03C1-F0EC-4D8F-9D42-58F3D2F0D5EF} - System32\Tasks\Smartcard Google IKE- => C:\Program Files (x86)\nodejs\node.exe [15017624 2017-05-02] (Node.js Foundation -> Node.js) -> "C:\ProgramData\Package Cache\{4BDFD8E1-101B-42EC-933F-4028ABE55F43}\{69556DE2-05A7-4C6F-934D-8BDB97F06F9C}" <==== ACHTUNG
Task: {773ED662-F3BC-48C5-8351-C1485A360687} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {78758093-E8C8-49A5-83A3-756D8ECE27BD} - System32\Tasks\GoogleUpdateTaskMachineUA1d12f48a0e7027a => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {7A5D7FC7-6A5E-4EEE-B113-7600C820EA93} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7DCAB002-4F6A-4D28-9189-6D7649EDC143} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7E805797-4355-42A0-A245-AA7CC53EF60C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113992 2021-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {804BFC11-F1A9-4EE1-B28A-E9BEECE7EE56} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {8607001D-5F2D-4880-A2FE-8826CCC96DD4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4282288 2021-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {97309D27-072E-4996-A9C8-6A8A9E5EC616} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {986AC4A5-444F-40DD-9876-8979FD109A3C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {9A1B6210-94C7-4D61-94C8-C518C61BE37C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {9CED2674-891F-4C86-BF55-D5EC63B4E2F2} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {9F17B8B9-839E-4204-9C4B-6A11E9043C89} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [506104 2016-01-06] (Softex Incorporated -> Hewlett-Packard)
Task: {A6C11AEB-0381-4FBD-8479-5F9CFA1883C2} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => C:\WINDOWS\System32\GWX\GWXUXWorker.exe
Task: {AC309EA0-10FD-466B-A268-D5936E948D84} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {AE5457CD-E2F6-4B53-A386-7CC733C85079} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4282288 2021-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB2957BF-5CA8-4001-8428-EEFD0B735A9A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {BC1EE9E0-54E0-4798-B2AA-FE23A97C978C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {C23B1FB3-50D7-4C5E-B091-6C47D8FD8C7C} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {C3971B05-E065-4AAB-A660-06F448AF84AB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [560816 2021-07-11] (HP Inc. -> HP Inc.)
Task: {C501FB60-E4C4-4F90-A44C-380E3D0A6FBD} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {C8190E6B-166E-4B4A-B94C-E5C50FB61250} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {C88A612D-5A49-489F-BB06-61F0CE45F063} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {C972B18C-9C81-403B-A282-3458E7BA5FA0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253376 2021-07-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D357F475-E43C-412F-95CB-29D554A19C30} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3074176 2021-04-15] (Intel(R) System Usage Report -> Intel Corporation)
Task: {D379CB39-B371-4F92-886A-89FCCBCA8C11} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-09-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {D8ACBF71-0674-4FFA-B7CE-4C5256C78333} - System32\Tasks\GoogleUpdateTaskMachineUA1d15db61dcf4652 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {E469D684-7460-47A5-857F-1B3352F138DF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E555266C-A02D-4E6F-836A-FE44201BB0A6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {EBC5D5FC-90F2-4989-B493-2B7E4BEB9A05} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253376 2021-07-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F415FC68-1B2F-475F-8248-A0AF780B041A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {F4A9184F-CD32-483F-A2BC-CBDADA1E2C15} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {FC3E020D-9527-411D-B472-FF8BFA66D3CB} - System32\Tasks\BenutzerdienstfürAllJoyn-Routerdienst => C:\Program Files (x86)\nodejs\node.exe [15017624 2017-05-02] (Node.js Foundation -> Node.js) -> C:\WINDOWS\Installer\{6B039FE3-9504-40A3-BF95-759A6CD1F3A7}\{FF42796E-0BBC-4988-BAA8-D668A602541F} <==== ACHTUNG
Task: {FF591CBB-E512-423B-80F5-BA1FA317EF76} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [4819704 2016-01-06] (Softex Incorporated -> Hewlett-Packard)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d10e70b69a65e9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12f48a0e7027a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 195.234.128.139 217.68.162.126
Tcpip\..\Interfaces\{7805d965-24b9-403a-be4a-188e4b20a76f}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{7805d965-24b9-403a-be4a-188e4b20a76f}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{fb4db7cf-5282-4477-951e-652ae2fbdf52}: [DhcpNameServer] 195.234.128.139 217.68.162.126
Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Eleonora\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-19]
Edge Extension: ( ) - C:\Users\Eleonora\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dmmpiipcdjofcankgcokkfjlefmhpjnl [2021-01-22]
Edge Extension: ( ) - C:\Users\Eleonora\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ionlfkmogcchefmejapgonljjlhomkle [2021-04-19]
Edge Extension: ( ) - C:\Users\Eleonora\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\miaakjiighknaidcelkmaimnlhahdlgc [2021-04-18]
Edge Extension: ( ) - C:\Users\Eleonora\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\onpbhofmhjdbjjmmekbkbmlkjalcilba [2021-02-25]
FireFox:
========
FF DefaultProfile: gf00ukyo.default
FF ProfilePath: C:\Users\Eleonora\AppData\Roaming\Mozilla\Firefox\Profiles\gf00ukyo.default [2021-08-08]
FF user.js: detected! => C:\Users\Eleonora\AppData\Roaming\Mozilla\Firefox\Profiles\gf00ukyo.default\user.js [2021-08-08]
FF Homepage: Mozilla\Firefox\Profiles\gf00ukyo.default -> hxxps://www.google.de/
FF NewTab: Mozilla\Firefox\Profiles\gf00ukyo.default -> hxxps://myfiresearch.com/homepage?hp=1&bitmask=9996&pId=AC191101&iDate=2021-01-22 07:27:48&bName=
FF NetworkProxy: Mozilla\Firefox\Profiles\gf00ukyo.default -> type", 0
FF Notifications: Mozilla\Firefox\Profiles\gf00ukyo.default -> hxxps://mail.google.com; hxxps://login.schulmanager-online.de
FF Extension: (I don't care about cookies) - C:\Users\Eleonora\AppData\Roaming\Mozilla\Firefox\Profiles\gf00ukyo.default\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2021-06-28]
FF Extension: (uBlock Origin) - C:\Users\Eleonora\AppData\Roaming\Mozilla\Firefox\Profiles\gf00ukyo.default\Extensions\uBlock0@raymondhill.net.xpi [2021-08-03]
FF Extension: (Autofill) - C:\Users\Eleonora\AppData\Roaming\Mozilla\Firefox\Profiles\gf00ukyo.default\Extensions\{143f479b-4cb2-4d8c-8c31-ae8653bc6054}.xpi [2021-02-02]
FF Extension: (ProxTube) - C:\Users\Eleonora\AppData\Roaming\Mozilla\Firefox\Profiles\gf00ukyo.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2021-05-12] [UpdateUrl:hxxps://proxtube.com/dl/firefox/info/updates.json]
FF Extension: (Distill Web Monitor) - C:\Users\Eleonora\AppData\Roaming\Mozilla\Firefox\Profiles\gf00ukyo.default\Extensions\{7a73dc4b-1b38-40e7-ac56-7d356dd4af34}.xpi [2021-03-04]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Eleonora\AppData\Roaming\Mozilla\Firefox\Profiles\gf00ukyo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-07-27]
FF Extension: (Bypass Paywalls Clean) - C:\Users\Eleonora\AppData\Roaming\Mozilla\Firefox\Profiles\gf00ukyo.default\Extensions\{d133e097-46d9-4ecc-9903-fa6a722a6e0e}.xpi [2021-05-16]
FF Extension: (Mobile View Switcher) - C:\Users\Eleonora\AppData\Roaming\Mozilla\Firefox\Profiles\gf00ukyo.default\Extensions\{fa247c57-77ac-41cd-b942-332051e15ced}.xpi [2020-07-09]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) [Datei ist nicht signiert]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corporation -> Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Eleonora\AppData\Local\Google\Chrome\User Data\Default [2021-06-06]
CHR Extension: (Docs) - C:\Users\Eleonora\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20]
CHR Extension: (Google Drive) - C:\Users\Eleonora\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-11]
CHR Extension: (YouTube) - C:\Users\Eleonora\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-29]
CHR Extension: ( ) - C:\Users\Eleonora\AppData\Local\Google\Chrome\User Data\Default\Extensions\clkpcpbljbdababcfcihembpphcimpbh [2021-03-30]
CHR Extension: (HP SimplePass) - C:\Users\Eleonora\AppData\Local\Google\Chrome\User Data\Default\Extensions\fidikogfgleiaefnjbmnjaplmgknppkg [2020-09-25]
CHR Extension: (Avira Browser Safety) - C:\Users\Eleonora\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-03-30]
CHR Extension: (Google Docs Offline) - C:\Users\Eleonora\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Eleonora\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-30]
CHR Extension: (Gmail) - C:\Users\Eleonora\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Eleonora\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [fidikogfgleiaefnjbmnjaplmgknppkg]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9141648 2021-07-21] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-09-05] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-09-05] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2021-08-05] (Dropbox, Inc -> Dropbox, Inc.)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [36792 2021-07-26] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [177080 2021-07-26] (Intel Corporation -> Intel)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [734760 2021-07-11] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [733224 2021-07-11] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [733216 2021-07-11] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [733760 2021-07-11] (HP Inc. -> HP Inc.)
S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2016-01-06] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [124928 2016-01-06] (Softex Inc.) [Datei ist nicht signiert]
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1705088 2020-05-12] (Rockstar Games, Inc. -> Rockstar Games)
R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe [632768 2019-05-14] (SMART Technologies ULC -> SMART Technologies)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12727576 2021-02-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [194168 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [32768 2013-08-01] (Validity Sensors, Inc.) [Datei ist nicht signiert]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_0ebd0596825b39a0\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_0ebd0596825b39a0\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 CFRMD; C:\WINDOWS\System32\DRIVERS\CFRMD.sys [40224 2015-10-21] (Comodo Security Solutions, Inc. -> Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SMARTMouseFilterx64; C:\WINDOWS\System32\drivers\SMARTMouseFilterx64.sys [18952 2019-05-14] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
R3 SMARTVHidMiniVistaAmd64; C:\WINDOWS\System32\drivers\SMARTVHidMiniVistaAmd64.sys [28168 2019-05-14] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-10-10] (The OpenVPN Project) [Datei ist nicht signiert]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
S3 dcdbas; \SystemRoot\System32\drivers\dcdbas64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-08-08 14:13 - 2021-08-08 14:18 - 000041928 _____ C:\Users\Eleonora\Downloads\FRST.txt
2021-08-08 14:10 - 2021-08-08 14:17 - 000000000 ____D C:\FRST
2021-08-08 14:10 - 2021-08-08 14:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-08-08 14:09 - 2021-08-08 14:10 - 002300416 _____ (Farbar) C:\Users\Eleonora\Downloads\FRST64.exe
2021-08-05 22:33 - 2021-08-05 22:33 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-08-05 22:33 - 2021-08-05 22:33 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-08-05 22:33 - 2021-08-05 22:33 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-08-05 22:33 - 2021-08-05 22:33 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-07-23 20:11 - 2021-07-23 20:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-07-20 09:06 - 2021-07-27 08:38 - 000000000 ____D C:\Users\Eleonora\Documents\Material Seminar 2020 21
2021-07-18 17:49 - 2021-07-18 17:49 - 001649042 _____ C:\Users\Eleonora\Downloads\Zusammenfassung Texte Einführungskurs.pdf
2021-07-16 14:19 - 2021-07-16 14:19 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-16 14:19 - 2021-07-16 14:19 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-16 14:19 - 2021-07-16 14:19 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-16 14:19 - 2021-07-16 14:19 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-16 14:19 - 2021-07-16 14:19 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-16 14:19 - 2021-07-16 14:19 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-16 13:49 - 2021-07-16 13:49 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000009-000000.txt
2021-07-09 16:04 - 2021-07-09 16:04 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000008-000000.txt
2021-07-09 14:43 - 2021-07-09 14:43 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-09 14:43 - 2021-07-09 14:43 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-09 14:43 - 2021-07-09 14:43 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-09 14:43 - 2021-07-09 14:43 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-09 14:43 - 2021-07-09 14:43 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-09 14:43 - 2021-07-09 14:43 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-09 14:42 - 2021-07-09 14:42 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-09 14:42 - 2021-07-09 14:42 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-07-09 14:41 - 2021-07-09 14:41 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-09 14:41 - 2021-07-09 14:41 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-08-08 14:14 - 2019-09-05 20:46 - 000000000 ____D C:\Users\Eleonora\AppData\Local\Dropbox
2021-08-08 14:13 - 2019-09-05 20:46 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-08-08 14:07 - 2016-11-19 20:49 - 000000000 ____D C:\Users\Eleonora\AppData\LocalLow\Mozilla
2021-08-08 14:02 - 2017-04-17 18:02 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-08-08 14:02 - 2015-03-31 11:13 - 000000000 __SHD C:\Users\Eleonora\IntelGraphicsProfiles
2021-08-07 20:37 - 2021-02-27 20:40 - 000000000 ____D C:\Users\Eleonora\Documents\A Finanzen
2021-08-07 20:37 - 2020-10-12 14:10 - 000013944 _____ C:\ProgramData\DisplaySessionContainer45.log_backup1
2021-08-07 20:37 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-07 19:38 - 2021-03-13 09:45 - 000000000 ____D C:\Users\Eleonora\AppData\Local\Deployment
2021-08-07 09:50 - 2020-10-11 21:29 - 000013944 _____ C:\ProgramData\DisplaySessionContainer44.log_backup1
2021-08-06 22:17 - 2020-10-10 17:42 - 000013353 _____ C:\ProgramData\DisplaySessionContainer43.log_backup1
2021-08-06 22:17 - 2020-05-14 15:27 - 000000000 ____D C:\Users\Eleonora\AppData\Roaming\discord
2021-08-06 22:07 - 2020-05-14 15:27 - 000000000 ____D C:\Users\Eleonora\AppData\Local\Discord
2021-08-06 22:02 - 2021-03-13 00:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-06 20:06 - 2020-05-14 15:27 - 000002284 _____ C:\Users\Eleonora\Desktop\Discord.lnk
2021-08-06 19:57 - 2019-09-13 10:08 - 000000000 ____D C:\Users\Eleonora\Documents
2021-08-06 16:30 - 2018-05-31 20:27 - 000000000 ____D C:\Users\Eleonora\AppData\Roaming\WhatsApp
2021-08-06 16:28 - 2017-12-07 16:16 - 000000000 ____D C:\Users\Eleonora\AppData\Local\Packages
2021-08-06 11:31 - 2020-10-10 13:50 - 000012961 _____ C:\ProgramData\DisplaySessionContainer42.log_backup1
2021-08-06 10:55 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-06 10:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-06 09:07 - 2020-10-09 21:27 - 000012961 _____ C:\ProgramData\DisplaySessionContainer41.log_backup1
2021-08-05 22:17 - 2020-10-09 12:11 - 000013962 _____ C:\ProgramData\DisplaySessionContainer40.log_backup1
2021-08-05 14:53 - 2020-10-08 22:07 - 000013953 _____ C:\ProgramData\DisplaySessionContainer39.log_backup1
2021-08-04 21:59 - 2020-10-08 15:14 - 000014262 _____ C:\ProgramData\DisplaySessionContainer38.log_backup1
2021-08-04 19:45 - 2020-05-14 15:27 - 000000000 ____D C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-08-04 18:22 - 2020-10-02 18:46 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-04 17:10 - 2018-05-31 15:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-04 17:09 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-04 13:20 - 2020-10-08 07:23 - 000014257 _____ C:\ProgramData\DisplaySessionContainer37.log_backup1
2021-08-04 09:27 - 2014-05-06 21:53 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-08-03 23:32 - 2020-10-07 21:06 - 000014261 _____ C:\ProgramData\DisplaySessionContainer36.log_backup1
2021-07-29 20:47 - 2020-10-06 21:45 - 000012969 _____ C:\ProgramData\DisplaySessionContainer35.log_backup1
2021-07-29 20:43 - 2014-08-05 19:48 - 000000000 ____D C:\ProgramData\Package Cache
2021-07-29 20:43 - 2014-08-05 19:36 - 000000000 ____D C:\Program Files (x86)\Intel
2021-07-29 14:30 - 2020-10-05 21:56 - 000013940 _____ C:\ProgramData\DisplaySessionContainer34.log_backup1
2021-07-29 14:25 - 2020-06-02 12:22 - 000000000 ____D C:\Users\Eleonora\AppData\Local\WhatsApp
2021-07-29 14:25 - 2018-05-31 20:27 - 000000000 ____D C:\Users\Eleonora\AppData\Local\SquirrelTemp
2021-07-29 10:31 - 2020-08-12 12:00 - 000013372 _____ C:\ProgramData\DisplaySessionContainer33.log_backup1
2021-07-28 22:02 - 2020-08-11 22:39 - 000012959 _____ C:\ProgramData\DisplaySessionContainer32.log_backup1
2021-07-28 20:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-07-28 20:26 - 2015-10-24 17:20 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-07-28 17:30 - 2020-07-04 22:06 - 000014253 _____ C:\ProgramData\DisplaySessionContainer31.log_backup1
2021-07-28 10:47 - 2020-07-04 13:54 - 000012966 _____ C:\ProgramData\DisplaySessionContainer30.log_backup1
2021-07-27 22:10 - 2020-07-03 14:45 - 000012961 _____ C:\ProgramData\DisplaySessionContainer29.log_backup1
2021-07-27 17:37 - 2020-07-03 09:36 - 000012969 _____ C:\ProgramData\DisplaySessionContainer28.log_backup1
2021-07-27 17:08 - 2019-09-16 15:28 - 000000000 ____D C:\ProgramData\SMART Technologies
2021-07-27 12:01 - 2018-05-31 18:08 - 000000000 ____D C:\Users\Eleonora\AppData\Local\PlaceholderTileLogoFolder
2021-07-27 10:09 - 2020-07-01 21:37 - 000014574 _____ C:\ProgramData\DisplaySessionContainer26.log_backup1
2021-07-27 07:18 - 2020-07-01 13:27 - 000013933 _____ C:\ProgramData\DisplaySessionContainer25.log_backup1
2021-07-26 22:06 - 2020-07-01 07:13 - 000013952 _____ C:\ProgramData\DisplaySessionContainer24.log_backup1
2021-07-26 20:38 - 2021-03-13 01:21 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3041158100-3232429967-454566112-1001
2021-07-26 20:38 - 2021-03-13 00:44 - 000002446 _____ C:\Users\Eleonora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-26 20:38 - 2016-05-05 11:40 - 000000000 ___RD C:\Users\Eleonora\OneDrive
2021-07-26 16:21 - 2020-06-30 21:28 - 000013945 _____ C:\ProgramData\DisplaySessionContainer23.log_backup1
2021-07-26 13:36 - 2020-06-30 12:04 - 000013741 _____ C:\ProgramData\DisplaySessionContainer22.log_backup1
2021-07-26 07:42 - 2020-06-29 15:19 - 000012976 _____ C:\ProgramData\DisplaySessionContainer20.log_backup1
2021-07-25 22:03 - 2020-06-29 15:17 - 000013342 _____ C:\ProgramData\DisplaySessionContainer19.log_backup1
2021-07-25 18:59 - 2020-05-01 18:47 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-07-23 21:34 - 2020-06-28 22:09 - 000012968 _____ C:\ProgramData\DisplaySessionContainer18.log_backup1
2021-07-23 20:11 - 2021-01-07 10:09 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-07-23 20:11 - 2017-12-30 21:48 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-07-23 20:11 - 2017-12-30 21:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-07-23 16:12 - 2020-06-27 11:14 - 000013946 _____ C:\ProgramData\DisplaySessionContainer17.log_backup1
2021-07-23 12:18 - 2020-06-26 21:34 - 000013934 _____ C:\ProgramData\DisplaySessionContainer16.log_backup1
2021-07-23 08:59 - 2020-06-26 11:38 - 000013944 _____ C:\ProgramData\DisplaySessionContainer15.log_backup1
2021-07-23 08:57 - 2019-09-20 19:55 - 000000000 ____D C:\Users\Eleonora\Documents\ZZ
2021-07-22 21:55 - 2020-06-25 21:58 - 000012981 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1
2021-07-22 15:34 - 2020-06-18 22:06 - 000012978 _____ C:\ProgramData\DisplaySessionContainer13.log_backup1
2021-07-22 15:17 - 2019-11-06 21:12 - 000000000 ____D C:\Users\Eleonora\AppData\Roaming\Worksheet Crafter
2021-07-21 22:21 - 2020-06-18 14:30 - 000013944 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2021-07-21 16:50 - 2020-06-17 21:36 - 000013933 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2021-07-20 22:04 - 2020-06-16 22:29 - 000013371 _____ C:\ProgramData\DisplaySessionContainer9.log_backup1
2021-07-20 18:43 - 2020-06-16 12:44 - 000013955 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1
2021-07-20 12:12 - 2020-06-10 14:14 - 000013943 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1
2021-07-19 22:33 - 2020-06-09 22:46 - 000015156 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1
2021-07-19 10:28 - 2020-06-06 22:27 - 000013944 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1
2021-07-18 21:59 - 2020-06-06 19:29 - 000013943 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2021-07-17 11:50 - 2020-06-08 13:26 - 000013941 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2021-07-16 20:38 - 2021-01-22 21:38 - 000000306 __RSH C:\ProgramData\ntuser.pol
2021-07-16 19:53 - 2021-03-13 00:59 - 001929862 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-16 19:53 - 2019-12-07 16:50 - 000822634 _____ C:\WINDOWS\system32\perfh007.dat
2021-07-16 19:53 - 2019-12-07 16:50 - 000183432 _____ C:\WINDOWS\system32\perfc007.dat
2021-07-16 19:41 - 2021-03-13 01:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-16 19:41 - 2021-03-13 00:36 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-16 19:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-07-16 17:10 - 2020-06-06 19:29 - 000017569 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2021-07-16 17:10 - 2020-06-06 19:29 - 000016313 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2021-07-16 17:10 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-07-16 17:08 - 2021-03-13 00:36 - 000549568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-16 17:08 - 2020-06-06 19:29 - 000001206 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2021-07-16 17:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-16 17:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-16 17:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-16 17:05 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-16 17:04 - 2020-06-07 16:28 - 000011739 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2021-07-16 14:25 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-16 13:30 - 2015-04-02 19:04 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-16 13:30 - 2015-04-02 19:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-16 09:45 - 2020-10-02 18:46 - 000740152 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-07-16 09:45 - 2020-10-02 18:46 - 000486712 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-07-15 07:46 - 2020-06-17 14:25 - 000011377 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2021-07-12 18:33 - 2021-06-28 20:06 - 000000000 ____D C:\Users\Eleonora\AppData\Local\HP_Inc
2021-07-12 18:16 - 2016-12-23 19:24 - 000000000 ____D C:\Users\Eleonora\Documents\Musik
2021-07-11 21:27 - 2020-06-07 22:57 - 000006566 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2021-07-11 20:03 - 2021-02-25 20:26 - 000000000 ____D C:\Users\Eleonora\AppData\Roaming\vlc
2021-07-11 18:46 - 2017-11-15 20:11 - 000000000 ____D C:\Program Files\HP
2021-07-09 16:03 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-09 16:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-09 16:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-09 16:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-09 16:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-09 16:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-09 16:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-09 16:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2017-03-16 18:54 - 2017-03-16 18:54 - 000000000 _____ () C:\ProgramData\cis1B12.exe
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
08.08.2021, 20:26
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Audacity Malware heruntergeladen Also dein Rechner ist leider komplett zugemüllt! Ich empfehle dringend eine Neuinstallation, da ist einfach zuviel Unsinn drauf.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
08.08.2021, 20:48
| #6 |
| | Windows 10: Audacity Malware heruntergeladen Danke für die schnelle Antwort! Da hilft wohl alles nichts....bestünde die Möglichkeit den Trojaner zu entfernen? Wahrscheinlich zu aufwendig für meinen zugemüllten Rechner, oder? |
|
08.08.2021, 21:38
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Audacity Malware heruntergeladen Geht schon. Aber du musst erstmal 120 Programme deinstallieren  120 vllt nicht aber einige Störende, veraltete oder unnötige Programme deinstallieren Bitte über Programme und Features (appwiz.cpl) deinstallieren:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
27.08.2021, 21:39
| #8 |
| /// TB-Ausbilder | Windows 10: Audacity Malware heruntergeladen Fehlende Rückmeldung Dieses Thema wurde aus unseren Abos gelöscht. Somit bekommen wir keine Benachrichtigung über neue Antworten. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und ein eigenes Thema erstellen! |
|
| Themen zu Windows 10: Audacity Malware heruntergeladen |
| adwcleaner, audacity, bereits, browser, browser werbung, download, education, erkannt, gelegentlich, gelöscht, genutzt, hoffe, langsamer, liebe, lieben, malware, nenne, passwörter, probleme, programm, schonmal, stürzt, verseuchtes, werbung, windows, zutun |
Linear-Darstellung
