|
Plagegeister aller Art und deren Bekämpfung: Win 10: verschiedenste Abstürze, Firefox, Outlook, Kalender, Avast und weitereWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
28.10.2021, 20:12 | #1 |
| Win 10: verschiedenste Abstürze, Firefox, Outlook, Kalender, Avast und weitere Hallo zusammen, Etwa seit gestern hab ich verschiedenste Probleme auf meinem Rechner. Ich benutze ihn schon seit vielen Jahre, vor allem zum Spielen, Browsen, Arbeiten, Studieren. Ich bin durch diesen Thread auf euch aufmerksam geworden: https://www.trojaner-board.de/193556-win10-pup-optional-startfenster-anderes.html#post1705784 vorher hatte AdwCleaner ebenfalls PUP bzw. "Startfenster" bei mir gefunden gehabt, siehe Ergebnisse AdwCleaner. Seit gestern habe ich die folgenden Probleme: Firefox stürzt grundsätzlich beim Starten ab, mit entsprechendem Fehlerfenster siehe anschließend. Auch Deinstallation/Neuinstallation und abgesicherter Modus ändern daran nichts. Edge hing auch, also hab ich zunächst versucht über internet explorer Chrome zu installieren aber es gab weitere Problem: Outlook läd nicht mehr, teilweise wird eine OST bemängelt, aber auch neue OST-dateien werden kurz danach angeblich korrupt. Teilweise läd es auch einfach nicht, bzw. hängt sich beim Starten auf. Der Windows Kalender öffnet entweder gar nicht oder geht kurz nach dem Öffnen gleich wieder zu. Avast hat nicht mehr funktioniert, hat nicht geladen oder nicht reagiert. Ich habe versucht als Alternative TotalAV zu installieren... ja ich weiß, habs bereut. Die Windows-Sicherheit öffnet sich nicht mehr. Hab andere Optionen versucht: Windows Rücksetzung auf einen Stand vor 3 Tagen Speicher getestet Festplatte C getestet Virenscan Fehlercode vom Firefox: Code:
ATTFilter AvailablePageFile: 8380321792 AvailablePhysicalMemory: 3520815104 AvailableVirtualMemory: 138531589898240 BuildID: 20210927210923 CPUMicrocodeVersion: 0x27 CrashTime: 1635446113 InstallTime: 1634187300 ModuleSignatureInfo: {"Microsoft Corporation":["msvcp140.dll","VCRUNTIME140.dll","VCRUNTIME140_1.dll"],"Microsoft Windows":["webauthn.dll","wshbth.dll","winrnr.dll","pnrpnsp.dll","NapiNSP.dll","dbgcore.dll","msi.dll","wsock32.dll","dbghelp.dll","winmm.dll","DWrite.dll","textinputframework.dll","version.dll","npmproxy.dll","usp10.dll","dhcpcsvc.dll","dhcpcsvc6.DLL","winnsi.dll","avrt.dll","propsys.dll","netprofm.dll","wtsapi32.dll","nlaapi.dll","WinTypes.dll","CoreUIComponents.dll","CoreMessaging.dll","uxtheme.dll","dwmapi.dll","kernel.appcore.dll","windows.storage.dll","ntmarta.dll","IPHLPAPI.DLL","dnsapi.dll","mswsock.dll","CRYPTBASE.DLL","wldp.dll","msasn1.dll","userenv.dll","profapi.dll","bcryptPrimitives.dll","gdi32full.dll","cfgmgr32.dll","crypt32.dll","ucrtbase.dll","bcrypt.dll","msvcp_win.dll","win32u.dll","KERNELBASE.dll","wintrust.dll","oleaut32.dll","advapi32.dll","combase.dll","SHCore.dll","clbcatq.dll","imm32.dll","ws2_32.dll","psapi.dll","gdi32.dll","rpcrt4.dll","shell32.dll","msctf.dll","nsi.dll","shlwapi.dll","setupapi.dll","user32.dll","kernel32.dll","msvcrt.dll","ole32.dll","sechost.dll","ntdll.dll"],"Mozilla Corporation":["firefox.exe","xul.dll","nss3.dll","mozglue.dll","lgpllibs.dll"]} ProductID: {ec8030f7-c20a-464f-9b0e-13a3a9e97384} ProductName: Firefox ReleaseChannel: release SafeMode: 0 SecondsSinceLastCrash: 9500 StartupCrash: 1 StartupTime: 1635446113 SystemMemoryUsePercentage: 58 ThreadIdNameMapping: 13228:"IPC I/O Parent",10468:"Timer",10036:"Link Monitor #1",6508:"Socket Thread",10616:"Permission",7928:"BackgroundThreadPool #1",4056:"JS Watchdog",4076:"BGReadURLs", Throttleable: 1 TotalPageFile: 14350114816 TotalPhysicalMemory: 8444534784 TotalVirtualMemory: 140737488224256 URL: UptimeTS: 4.25289 Vendor: Mozilla Version: 93.0 Diese Meldung enthält Informationen über den Status der Anwendung zum Zeitpunkt des Absturzes. Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 8.3.0.0 # ------------------------------- # Build: 06-29-2021 # Database: 2021-10-26.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 10-28-2021 # Duration: 00:00:10 # OS: Windows 10 Pro N # Cleaned: 36 # Awaiting reboot:3 # Failed: 0 ***** [ Services ] ***** Deleted SecurityService Deleted SecurityServiceMonitor Deleted webshieldfilter ***** [ Folders ] ***** Deleted C:\Program Files (x86)\Startfenster Deleted C:\ProgramData\SecuritySuite Deleted C:\Users\Kasimal\AppData\Local\Temp\DMR Deleted C:\Users\Kasimal\AppData\Roaming\OpenOffice Updater Deleted C:\Users\Kasimal\Documents\TotalAV Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV Needs Reboot C:\Program Files (x86)\TotalAV Needs Reboot C:\ProgramData\TotalAV ***** [ Files ] ***** Deleted C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk Deleted C:\Users\Kasimal\AppData\Roaming\Mozilla\Firefox\Profiles\6n331lir.default\invalidprefs.js Deleted C:\Users\Kasimal\Downloads\TOTALAV_SETUP.EXE Deleted C:\Users\Public\Desktop\TotalAV.lnk Needs Reboot C:\Windows\System32\drivers\webshieldfilter.sys ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\DriverToolkit Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F9A0C13D-1A5E-45E2-80B7-28E37D4D682A} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|OpenOffice Updater Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\OpenOffice Updater Deleted HKCU\Software\OpenOffice Updater Deleted HKCU\Software\SSProtect Deleted HKCU\Software\csastats Deleted HKLM\SOFTWARE\Classes\*\shell\TotalAV Deleted HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant Deleted HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant Deleted HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant Deleted HKLM\Software\Classes\totalav Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{F9A0C13D-1A5E-45E2-80B7-28E37D4D682A} Deleted HKLM\Software\Websuche Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Startfenster Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\TotalAV Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityServiceMonitor ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* ***** Reboot Required to Complete ***** ***** [ Folders ] ***** Cleaning failed C:\Program Files (x86)\TotalAV Cleaning failed C:\ProgramData\TotalAV ************************* ***** [ Files ] ***** Cleaned C:\Windows\System32\drivers\webshieldfilter.sys ************************* AdwCleaner[S00].txt - [4426 octets] - [28/10/2021 07:44:23] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 8.3.0.0 # ------------------------------- # Build: 06-29-2021 # Database: 2021-10-26.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 10-28-2021 # Duration: 00:00:09 # OS: Windows 10 Pro N # Scanned: 32005 # Detected: 36 ***** [ Services ] ***** PUP.Adware.Heuristic webshieldfilter PUP.Optional.PCProtect SecurityService PUP.Optional.TotalAV SecurityServiceMonitor ***** [ Folders ] ***** PUP.Optional.DownloadSponsor C:\Users\Kasimal\AppData\Local\Temp\DMR PUP.Optional.Fake.OpenOfficeUpdater C:\Users\Kasimal\AppData\Roaming\OpenOffice Updater PUP.Optional.Legacy C:\Program Files (x86)\TotalAV PUP.Optional.Legacy C:\ProgramData\TotalAV PUP.Optional.Legacy C:\Users\Kasimal\Documents\TotalAV PUP.Optional.Legacy C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV PUP.Optional.PCProtect C:\ProgramData\SecuritySuite PUP.Optional.StartFenster C:\Program Files (x86)\Startfenster ***** [ Files ] ***** PUP.Optional.Legacy C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk PUP.Optional.Legacy C:\Users\Kasimal\AppData\Roaming\Mozilla\Firefox\Profiles\6n331lir.default\invalidprefs.js PUP.Optional.Legacy C:\Users\Public\Desktop\TotalAV.lnk PUP.Optional.PCProtect C:\Windows\System32\drivers\webshieldfilter.sys PUP.Optional.TotalAV C:\Users\Kasimal\Downloads\TOTALAV_SETUP.EXE ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.Fake.OpenOfficeUpdater HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|OpenOffice Updater PUP.Optional.Fake.OpenOfficeUpdater HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\OpenOffice Updater PUP.Optional.Fake.OpenOfficeUpdater HKCU\Software\OpenOffice Updater PUP.Optional.InstallCore HKCU\Software\csastats PUP.Optional.Legacy HKCU\Software\DriverToolkit PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F9A0C13D-1A5E-45E2-80B7-28E37D4D682A} PUP.Optional.Legacy HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{F9A0C13D-1A5E-45E2-80B7-28E37D4D682A} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\TotalAV PUP.Optional.PCProtect HKCU\Software\SSProtect PUP.Optional.PCProtect HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService PUP.Optional.SlimCleanerPlus HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com PUP.Optional.SlimCleanerPlus HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com PUP.Optional.StartFenster HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Startfenster PUP.Optional.TotalAV HKLM\SOFTWARE\Classes\*\shell\TotalAV PUP.Optional.TotalAV HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant PUP.Optional.TotalAV HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant PUP.Optional.TotalAV HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant PUP.Optional.TotalAV HKLM\Software\Classes\totalav PUP.Optional.TotalAV HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityServiceMonitor PUP.Optional.WebsucheDE HKLM\Software\Websuche ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** No Preinstalled Software found. ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ########## Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-10-2021 durchgeführt von Kasimal (Administrator) auf YOLGHURMAK (Gigabyte Technology Co., Ltd. Z97P-D3) (28-10-2021 19:16:05) Gestartet von C:\Users\Kasimal\Downloads Geladene Profile: Kasimal Platform: Microsoft Windows 10 Pro N Version 21H1 19043.1288 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: Chrome Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe (ESET, spol. s r.o. -> ESET) C:\Users\Kasimal\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files (x86)\TC UP\TOTALCMD.EXE (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <12> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCopyAccelerator.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\Display.NvContainer\NVDisplay.Container.exe <2> (TC UP Team) [Datei ist nicht signiert] C:\Program Files (x86)\TC UP\TC UP.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339512 2021-09-22] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [122427152 2021-07-14] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [PowerPDF Registry Controller] => C:\Program Files (x86)\Nuance\Power PDF 21\RegistryController.exe [274216 2017-05-16] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM-x32\...\Run: [PowerPDFInboxMonitor] => C:\Program Files (x86)\Nuance\Power PDF 21\InboxMonitor.exe [255544 2017-05-16] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\Run: [Steam] => D:\steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation) HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5230784 2017-12-15] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\Kasimal\AppData\Local\WebEx\CiscoWebExStart.exe [4703056 2021-10-22] (Cisco WebEx LLC -> Cisco Webex LLC) HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\Run: [EpicGamesLauncher] => D:\Games\epic\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33434600 2021-10-17] (Epic Games, Inc -> Epic Games, Inc.) HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\MountPoints2: {031d44d3-3994-11e8-836e-fcaa14c93c98} - "G:\setup.exe" HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\MountPoints2: {1b856c63-ea92-11e7-835e-fcaa14c93c98} - "F:\setup.exe" HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\MountPoints2: {51b5d6bc-33a7-11e8-836e-fcaa14c93c98} - "G:\setup.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.54\Installer\chrmstp.exe [2021-10-27] (Google LLC -> Google LLC) GroupPolicy: Beschränkung ? <==== ACHTUNG Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {065D31FD-54C0-4B38-BC22-C2DEF2F36DBA} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2989952 2021-10-12] (Microsoft Corporation -> Microsoft Corporation) Task: {11C0C823-1317-4FAB-A2AA-75012F9542D6} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {132396EC-50DF-47DC-9D12-27803CF36520} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-09-28] (Mozilla Corporation -> Mozilla Foundation) Task: {164A801E-A08A-4115-9A04-5E0E8ED76276} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {1DBF86F4-D78F-427E-BFAF-F26A31D85C49} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {23E80629-006F-450F-84EB-207644C788C0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21978504 2021-10-11] (Microsoft Corporation -> Microsoft Corporation) Task: {3052AF1D-6F1B-4736-BC3F-7115E0E9D9C3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1551280 2021-10-18] (Microsoft Corporation -> Microsoft Corporation) Task: {3AC6D19D-915C-46DF-838E-94E52D2BFA55} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-19] (Adobe Inc. -> Adobe) Task: {4240384C-598D-41EC-8DB7-2E6449E01A4C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5729224 2021-10-18] (Microsoft Corporation -> Microsoft Corporation) Task: {471D6BF5-CB4A-4DBA-A53F-E2871F8F8DF8} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5245D683-90E4-408B-937B-D45251F98F76} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5B276608-56C5-4B65-A786-36652858C012} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {61069A10-0F00-41B1-881F-5FEF1E7AB3E5} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-19] (Adobe Inc. -> Adobe) Task: {74C630A5-9D53-43AC-BF9A-C5C3BB74BD6B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8057EB29-C4A6-4B57-B8EE-9A856C361442} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A08BA74B-7CA9-4CF4-A323-9A9C45EB59F5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-27] (Google LLC -> Google LLC) Task: {AB1FAB61-2208-4FFC-9045-C81C599CCEB2} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG Task: {B1493B32-AED0-4130-9F2F-ED637BBD7AE7} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe Task: {B31CCFF1-6E6A-46B8-A403-2BD9B2114A48} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BC392074-EFA7-4E18-88F1-8D20214833E7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-27] (Google LLC -> Google LLC) Task: {BCB03532-AAF4-4542-8B7B-2A151E2FEEAC} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [65432 2021-10-14] (Microsoft Corporation -> Microsoft) Task: {C3F4FD47-3200-4070-813C-92A24BC8E4D0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C4F08899-FE4A-4FB8-8D23-9781A60D8416} - System32\Tasks\AutoPico Daily Restart => D:\Programme\KMSpico [Argument = Portable\AutoPico.exe /silent] Task: {C8BBD34C-20FD-45B4-A54C-A7193791AD7A} - System32\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A} => D:\Games\Magic Arena\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.90.exe -> /i "C:\Users\Kasimal\AppData\Local\Temp\AIE6CAD.tmp" AI_SETUPEXEPATH="D:\Games\Magic Arena\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.90.exe" SETUPEXEDIR="D:\Games\Magic Arena\MTGA\MTGALauncher\Updates\" ADDLOCAL=MainFeature,MicrosoftVisualC ALLUSERS="1" PRIMARYFOLDER="APPDIR" ROOTDRIVE="D:\" TRANSFORMS=":1031" AI_PREREQFILES="C:\Users\Kasimal\AppData\Roaming\Wizards of the Coast\MTGA Launcher\prerequisites\Visual C++ Redistributable for Visual Studio 2015-2019\VC_redist.x64.exe" AI_PREREQDIRS="C:\Users\Kasimal\AppData\Roaming\Wizards of the Coast\MTGA Launcher\prerequisites" AI_MISSING_PREREQS="Visual C++ Redistributable for Visual Studio 2017 x64" AI_SETUPEXEPATH="D:\Games\Magic Arena\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.90.exe" SETUPEXEDIR="D:\Games\Magic Arena\MTGA\MTGALauncher\Updates\" AI_INSTALL="1" BIPROCESSTIME="2020-07-14T10:45:21.2916875Z" URL2="company.wizards.com/de/legal/arenas-privacy-policy" POLICY="Datenschutzerklärung" TARGETLOCKED="TRUE" TERMS="AGB" URL1="company.wizards.com/de/legal/terms" AI_BOOTSTRAPPERLANG="1031" TARGETDIR="D:\" APPDIR="D:\Games\Magic Arena\MTGA\" AI_SETUPEXEPATH_ORIGINAL="D:\Games\Magic Arena\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.90.exe" Task: {CEC30C55-D9B6-45E8-AC0A-A79AA012AF19} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {DA149D1F-491F-4E9A-880F-E43DD8199F55} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DD251D1E-6482-4282-8FF9-6D1C12E23683} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe Task: {DED17277-33CB-4ACA-8261-D5D73DCFDCFB} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe Task: {DFAB59B5-B268-41B5-BB2C-1CED78B3D6EA} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E1F74D74-E6E5-4932-8754-EA5A600D6C60} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {E38E173A-6BEF-4E27-B9B3-B64D75A6399A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5729224 2021-10-18] (Microsoft Corporation -> Microsoft Corporation) Task: {E5A16CC5-6AD7-4BF8-AC94-941EF9D74C41} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21978504 2021-10-11] (Microsoft Corporation -> Microsoft Corporation) Task: {E87BF86B-C4BE-4739-9F1A-22BA3B6F51A7} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E8A7D211-E5BF-41F9-B6A9-BC372A52499B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134504 2021-10-18] (Microsoft Corporation -> Microsoft Corporation) Task: {FB42B782-3706-4D1D-A34E-D234895E8F46} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-27] (Microsoft Windows Publisher -> Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}.job => D:\Games\Magic Arena\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.90.exeһ/i C:\Users\Kasimal\AppData\Local\Temp\AIE6CAD.tmp AI_SETUPEXEPATH=D:\Games\Magic Arena\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.90.exe SETUPEXEDIR=D:\Games\Magic Arena\MTGA\MTGALauncher\Updates\ ADDLOCAL=MainFeature,MicrosoftVisualC ALLUSERS=1 PRIMARYFOLDER=APPDIR ROOTDRIVE=D:\ TRANSFORMS=:1031 AI_PREREQFILES=C:\Users\Kasimal\AppData\Roaming\Wizards of the Coast\MTGA Launcher\prerequisites\Visual C++ Redistributable for Visual Studio 2015-2019\VC_redist.x64.exe AI_PREREQDIRS=C:\Users\Kasimal\AppData\Roaming\Wizards of the Coast\MTGA Launcher\prerequisites AI_MISSING_PREREQS=Visual C++ Redistributable for Visual Studio 2017 x64 AI_SETUPEXEPATH=D:\Games\Magic Arena\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.90.exe SETUPEXEDIR=D:\Games\Magic Arena\MTGA\MTGALauncher\Updates\ AI_INSTALL=1 BIPROCESSTIME=2020-07-14T10:45:21.2916875Z URL2=company.wizards.com/de/legal/arenas-privacy-policy POLICY=Datenschutzerklärung TARGETLOCKED=TRUE TERMS=AGB URL1=company.wizards.com/de/legal/terms AI_BOOTSTRAPPERLANG=1031 TARGETDIR=D:\ APPDIR=D:\Games\Magic Arena\MTGA\ AI_SETUPEXEPATH_ORIGINAL=D:\Games\Magic Arena\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.90.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{ed24437a-dddf-4261-9f86-84e2e494d8f7}: [DhcpNameServer] 192.168.178.1 Edge: ======= Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden] Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden] Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden] Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden] Edge Profile: C:\Users\Kasimal\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-28] FireFox: ======== FF DefaultProfile: 1okzs5kd.default-1635399282547 FF ProfilePath: C:\Users\Kasimal\AppData\Roaming\Mozilla\Firefox\Profiles\1okzs5kd.default-1635399282547 [2021-10-28] FF HKLM\...\Firefox\Extensions: [sweb2pdfextension.3@nuance.com] - C:\Program Files (x86)\Nuance\Power PDF 21\bin\SFirefoxExtn FF Extension: (Nuance PDF Create) - C:\Program Files (x86)\Nuance\Power PDF 21\bin\SFirefoxExtn [2021-10-28] [] FF HKLM-x32\...\Firefox\Extensions: [sweb2pdfextension.3@nuance.com] - C:\Program Files (x86)\Nuance\Power PDF 21\bin\SFirefoxExtn FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-19] (Adobe Inc. -> ) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-18] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-19] (Adobe Inc. -> ) FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-08-26] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-08-26] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-10-18] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-18] (Microsoft Corporation -> Microsoft Corporation) FF Plugin HKU\S-1-5-21-3782075860-127496113-178799132-1001: ubisoft.com/uplaypc -> D:\Games\Siedler 7\Die Siedler 7\Data\Base\_Dbg\Bin\Release\orbit\npuplaypc.dll [Keine Datei] Chrome: ======= CHR Profile: C:\Users\Kasimal\AppData\Local\Google\Chrome\User Data\Default [2021-10-28] CHR Session Restore: Default -> ist aktiviert. CHR Extension: (Präsentationen) - C:\Users\Kasimal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-28] CHR Extension: (Docs) - C:\Users\Kasimal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-28] CHR Extension: (Google Drive) - C:\Users\Kasimal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-27] CHR Extension: (YouTube) - C:\Users\Kasimal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-27] CHR Extension: (Tabellen) - C:\Users\Kasimal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-28] CHR Extension: (Google Docs Offline) - C:\Users\Kasimal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-28] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Kasimal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-28] CHR Extension: (Google Mail) - C:\Users\Kasimal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-27] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-19] (Adobe Inc. -> Adobe) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.) S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-07-25] (Brother Industries, Ltd.) [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9251696 2021-10-11] (Microsoft Corporation -> Microsoft Corporation) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3128000 2017-12-15] (Disc Soft Ltd -> Disc Soft Ltd) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-17] (Epic Games Inc. -> Epic Games, Inc.) S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.196.0921.0007\FileSyncHelper.exe [2386816 2021-10-12] (Microsoft Corporation -> Microsoft Corporation) S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\21.196.0921.0007\OneDriveUpdaterService.exe [2748288 2021-10-12] (Microsoft Corporation -> Microsoft Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5414976 2021-10-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13086224 2020-07-20] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2109.6-0\NisSrv.exe [2855512 2021-10-27] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2109.6-0\MsMpEng.exe [128392 2021-10-27] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert] R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-04-12] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-04-12] (Disc Soft Ltd -> Disc Soft Ltd) S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2017-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) R1 VD_FileDisk; C:\Windows\System32\Drivers\VD_FileDisk.sys [30312 2011-01-26] (Ghisler Software GmbH -> CaptainFlint Software) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-10-27] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-10-27] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-10-27] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2021-10-28 18:43 - 2021-10-28 18:43 - 002554923 _____ C:\Users\Kasimal\Downloads\Nicht bestätigt 756371.crdownload 2021-10-28 18:39 - 2021-10-28 18:55 - 000089130 _____ C:\Users\Kasimal\Downloads\Addition.txt 2021-10-28 18:37 - 2021-10-28 19:16 - 000027069 _____ C:\Users\Kasimal\Downloads\FRST.txt 2021-10-28 18:37 - 2021-10-28 19:16 - 000000000 ____D C:\FRST 2021-10-28 18:31 - 2021-10-28 18:31 - 002310656 _____ (Farbar) C:\Users\Kasimal\Downloads\FRST64.exe 2021-10-28 18:27 - 2021-10-28 18:27 - 000001380 _____ C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2021-10-28 18:27 - 2021-10-28 18:27 - 000001274 _____ C:\Users\Kasimal\Desktop\ESET Online Scanner.lnk 2021-10-28 18:27 - 2021-10-28 18:27 - 000000000 ____D C:\Users\Kasimal\AppData\Local\ESET 2021-10-28 18:26 - 2021-10-28 18:26 - 013311448 _____ (ESET) C:\Users\Kasimal\Downloads\esetonlinescanner.exe 2021-10-28 17:20 - 2021-10-28 17:20 - 000076590 _____ C:\Users\Kasimal\Downloads\automat.pdf 2021-10-28 10:24 - 2021-10-28 17:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2021-10-28 10:02 - 2021-10-28 17:18 - 000000000 ____D C:\Users\Kasimal\AppData\Local⁌ow 2021-10-28 09:19 - 2021-10-28 09:19 - 000000762 _____ C:\Users\Kasimal\Desktop\HUMANKIND Digital Deluxe Edition.lnk 2021-10-28 09:15 - 2021-10-28 09:15 - 000001106 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2021-10-28 08:14 - 2021-10-28 17:18 - 000000000 ____D C:\WINDOWS\system32\lxss 2021-10-28 08:14 - 2021-10-28 08:14 - 000000000 ____D C:\WINDOWS\SysWOW64\NV 2021-10-28 08:14 - 2021-10-28 08:14 - 000000000 ____D C:\WINDOWS\system32\NV 2021-10-28 08:12 - 2021-10-21 02:48 - 000038016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll 2021-10-28 08:04 - 2021-10-21 19:49 - 001874648 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2021-10-28 08:04 - 2021-10-21 19:49 - 001874648 _____ C:\WINDOWS\system32\vulkaninfo.exe 2021-10-28 08:04 - 2021-10-21 19:49 - 001464952 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2021-10-28 08:04 - 2021-10-21 19:49 - 001450232 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2021-10-28 08:04 - 2021-10-21 19:49 - 001450232 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2021-10-28 08:04 - 2021-10-21 19:49 - 001206384 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2021-10-28 08:04 - 2021-10-21 19:49 - 001111256 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2021-10-28 08:04 - 2021-10-21 19:49 - 001111256 _____ C:\WINDOWS\system32\vulkan-1.dll 2021-10-28 08:04 - 2021-10-21 19:49 - 000965336 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2021-10-28 08:04 - 2021-10-21 19:49 - 000965336 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2021-10-28 08:04 - 2021-10-21 19:45 - 001523336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2021-10-28 08:04 - 2021-10-21 19:45 - 001172608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2021-10-28 08:04 - 2021-10-21 19:45 - 000800368 _____ C:\WINDOWS\system32\nvofapi64.dll 2021-10-28 08:04 - 2021-10-21 19:45 - 000707728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2021-10-28 08:04 - 2021-10-21 19:45 - 000676480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2021-10-28 08:04 - 2021-10-21 19:45 - 000656512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2021-10-28 08:04 - 2021-10-21 19:45 - 000635000 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2021-10-28 08:04 - 2021-10-21 19:45 - 000564352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2021-10-28 08:04 - 2021-10-21 19:44 - 008724080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2021-10-28 08:04 - 2021-10-21 19:44 - 007843984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2021-10-28 08:04 - 2021-10-21 19:44 - 004938896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2021-10-28 08:04 - 2021-10-21 19:44 - 002850416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2021-10-28 08:04 - 2021-10-21 19:44 - 002114688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2021-10-28 08:04 - 2021-10-21 19:44 - 001597584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2021-10-28 08:04 - 2021-10-21 19:44 - 000981112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2021-10-28 08:04 - 2021-10-21 19:44 - 000792208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2021-10-28 08:04 - 2021-10-21 19:44 - 000452216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2021-10-28 08:04 - 2021-10-21 19:43 - 005727376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2021-10-28 08:04 - 2021-10-21 19:43 - 000849016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2021-10-28 08:04 - 2021-10-21 19:39 - 006430824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2021-10-28 08:04 - 2021-10-21 02:48 - 000085748 _____ C:\WINDOWS\system32\nvinfo.pb 2021-10-28 07:55 - 2021-10-28 07:55 - 000118482 _____ C:\Users\Kasimal\Downloads\bookmarks.html 2021-10-28 07:51 - 2021-06-03 15:56 - 000043408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys 2021-10-28 07:50 - 2021-10-28 17:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-10-28 07:44 - 2021-10-28 07:44 - 000000000 ____D C:\AdwCleaner 2021-10-28 07:43 - 2021-10-28 07:43 - 008553680 _____ (Malwarebytes) C:\Users\Kasimal\Downloads\adwcleaner_8.3.0.exe 2021-10-28 07:34 - 2021-10-28 17:18 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-10-28 07:34 - 2021-10-28 07:50 - 000000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-10-28 07:34 - 2021-10-28 07:50 - 000000953 _____ C:\Users\Public\Desktop\Firefox.lnk 2021-10-27 20:37 - 2021-10-28 17:16 - 000000000 ____D C:\Users\Kasimal\Desktop\Alte Firefox-Daten 2021-10-27 20:33 - 2021-10-28 18:38 - 000000000 ____D C:\Program Files (x86)\Google 2021-10-27 20:33 - 2021-10-28 17:16 - 000000000 ____D C:\Users\Kasimal\AppData\Local\Google 2021-10-27 20:33 - 2021-10-28 17:16 - 000000000 ____D C:\Program Files\Google 2021-10-27 20:33 - 2021-10-27 20:33 - 000003632 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-10-27 20:33 - 2021-10-27 20:33 - 000003508 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-10-27 20:33 - 2021-10-27 20:33 - 000002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-10-27 20:33 - 2021-10-27 20:33 - 000002230 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-10-27 20:05 - 2021-10-28 17:18 - 000000000 ____D C:\Users\Kasimal\AppData\Local\GUI 2021-10-27 19:42 - 2021-10-27 19:42 - 000333040 _____ (Mozilla) C:\Users\Kasimal\Downloads\Firefox Installer.exe 2021-10-25 13:23 - 2021-10-27 11:38 - 000000000 ____D C:\Users\Kasimal\Documents\OneNote-Notizbücher 2021-10-25 08:57 - 2021-10-25 08:57 - 000000000 ____D C:\Users\Kasimal\Documents\PDF-Favoriten 2021-10-25 08:44 - 2021-10-28 17:16 - 000000000 ____D C:\Users\Kasimal\AppData\Roaming\Nuance 2021-10-25 08:39 - 2021-10-28 17:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance Power PDF Advanced 2021-10-25 08:39 - 2021-10-28 17:16 - 000000000 ____D C:\ProgramData\Nuance 2021-10-25 08:39 - 2021-10-28 17:16 - 000000000 ____D C:\Program Files (x86)\Nuance 2021-10-25 08:39 - 2021-10-25 08:39 - 000000000 ____D C:\Users\Kasimal\AppData\Roaming\ZEON 2021-10-25 08:39 - 2021-10-25 08:39 - 000000000 ____D C:\Users\Kasimal\AppData\Local\Nuance 2021-10-25 08:39 - 2021-10-25 08:39 - 000000000 ____D C:\ProgramData\FileOpen 2021-10-21 17:38 - 2021-10-21 17:38 - 000000000 ____D C:\Users\Kasimal\AppData\LocalLow\AnomalyGames 2021-10-21 17:33 - 2021-10-21 17:33 - 000000872 _____ C:\Users\Public\Desktop\The Fermi Paradox.lnk 2021-10-21 17:33 - 2021-10-21 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Fermi Paradox [GOG.com] 2021-10-21 09:39 - 2021-10-21 09:39 - 000001796 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2019.lnk 2021-10-21 09:38 - 2021-10-21 09:38 - 000000000 ____D C:\Users\Kasimal\.dotnet 2021-10-21 09:38 - 2021-10-21 09:38 - 000000000 ____D C:\Program Files (x86)\NuGet 2021-10-21 09:37 - 2021-10-21 09:38 - 000000000 ____D C:\Program Files\dotnet 2021-10-21 09:37 - 2021-10-21 09:37 - 000000000 ____D C:\Program Files (x86)\dotnet 2021-10-20 14:33 - 2021-10-28 17:18 - 000000000 ____D C:\Users\Kasimal\AppData\Roaming\PapDesigner 2021-10-20 14:33 - 2021-10-20 14:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PapDesigner 2021-10-20 14:33 - 2021-10-20 14:33 - 000000000 ____D C:\Program Files (x86)\PapDesigner 2021-10-18 12:52 - 2021-10-18 12:52 - 000000000 ___SD C:\Users\Kasimal\Documents\Meine Shapes 2021-10-18 12:08 - 2021-10-18 12:08 - 000000000 ____D C:\Users\Kasimal\source 2021-10-18 12:07 - 2021-10-18 12:08 - 000000000 ____D C:\Users\Kasimal\Documents\Visual Studio 2019 2021-10-18 12:07 - 2021-10-18 12:07 - 000000000 ____D C:\Users\Kasimal\AppData\Local\ServiceHub 2021-10-18 12:07 - 2021-10-18 12:07 - 000000000 ____D C:\Users\Kasimal\AppData\Local\IdentityNexusIntegration 2021-10-18 09:50 - 2021-10-18 09:50 - 000001041 _____ C:\Users\Kasimal\Desktop\procexp.exe - Verknüpfung.lnk 2021-10-17 21:43 - 2021-10-17 21:43 - 000000858 _____ C:\Users\Kasimal\Desktop\Tyranny Overlord Edition.lnk 2021-10-17 14:10 - 2021-10-17 14:10 - 000000359 _____ C:\Users\Kasimal\Desktop\Rocket League®.url 2021-10-17 13:48 - 2021-10-17 13:48 - 000000000 ____D C:\Program Files\Epic Games 2021-10-17 13:46 - 2021-10-17 13:46 - 000000000 ____D C:\Users\Kasimal\AppData\Local\EOSUserHelper 2021-10-17 13:45 - 2021-10-27 20:44 - 000000000 ____D C:\Users\Kasimal\AppData\Local\Epic Games 2021-10-17 13:45 - 2021-10-17 13:45 - 000000000 ____D C:\Users\Kasimal\AppData\Local\UnrealEngineLauncher 2021-10-17 13:45 - 2021-10-17 13:45 - 000000000 ____D C:\Users\Kasimal\AppData\Local\EpicGamesLauncher 2021-10-17 13:45 - 2021-10-17 13:45 - 000000000 ____D C:\Program Files (x86)\Epic Games 2021-10-17 13:44 - 2021-10-17 13:46 - 000000000 ____D C:\ProgramData\Epic 2021-10-17 13:44 - 2021-10-17 13:44 - 000000971 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk 2021-10-17 13:44 - 2021-10-17 13:44 - 000000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk 2021-10-14 12:01 - 2021-10-28 11:33 - 000000000 ____D C:\Users\Kasimal\AppData\Local\.IdentityService 2021-10-14 11:59 - 2021-10-14 11:59 - 000000000 ____D C:\ProgramData\Windows App Certification Kit 2021-10-14 11:59 - 2021-10-14 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2021-10-14 11:59 - 2021-10-14 11:59 - 000000000 ____D C:\Program Files\Application Verifier 2021-10-14 11:59 - 2021-10-14 11:59 - 000000000 ____D C:\Program Files (x86)\Application Verifier 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\SysWOW64\3082 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\SysWOW64\2052 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\SysWOW64\1055 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\SysWOW64\1049 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\SysWOW64\1046 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\SysWOW64\1045 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\SysWOW64\1042 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\SysWOW64\1041 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\SysWOW64\1040 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\SysWOW64\1036 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\SysWOW64\1033 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\SysWOW64\1031 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\SysWOW64\1029 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\SysWOW64\1028 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\system32\3082 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\system32\2052 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\system32\1055 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\system32\1049 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\system32\1046 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\system32\1045 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\system32\1042 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\system32\1041 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\system32\1040 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\system32\1036 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\system32\1033 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\system32\1031 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\system32\1029 2021-10-14 11:56 - 2021-10-14 11:56 - 000000000 ____D C:\WINDOWS\system32\1028 2021-10-14 11:56 - 2019-12-06 16:35 - 000374784 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DXCpl.exe 2021-10-14 11:56 - 2019-12-06 16:34 - 000417792 _____ C:\WINDOWS\system32\d3dconfig.exe 2021-10-14 11:56 - 2019-12-06 16:27 - 000347136 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DXCpl.exe 2021-10-14 11:56 - 2019-12-06 16:26 - 000365056 _____ C:\WINDOWS\SysWOW64\d3dconfig.exe 2021-10-14 11:55 - 2021-10-14 11:55 - 000000000 ____D C:\Program Files\Microsoft SQL Server 2021-10-14 11:54 - 2021-10-14 11:55 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2021-10-14 11:53 - 2021-10-21 09:39 - 000000000 ____D C:\Program Files (x86)\Windows Kits 2021-10-14 11:53 - 2021-10-21 09:39 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs 2021-10-14 11:53 - 2021-10-14 11:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019 2021-10-14 11:52 - 2021-10-14 11:52 - 000001795 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019.lnk 2021-10-14 11:35 - 2021-10-14 11:51 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2021-10-14 11:35 - 2021-10-14 11:35 - 000001429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk 2021-10-14 11:35 - 2021-10-14 11:35 - 000000000 ____D C:\Users\Kasimal\AppData\Roaming\Visual Studio Setup 2021-10-14 11:35 - 2021-10-14 11:35 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio 2021-10-14 09:25 - 2021-10-14 09:25 - 000000000 ____D C:\Users\Kasimal\AppData\Local\gtk-3.0 2021-10-14 08:53 - 2021-10-14 08:54 - 000000000 ____D C:\WINDOWS\SysWOW64\directx 2021-10-13 23:19 - 2021-10-13 23:19 - 001823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-10-13 23:19 - 2021-10-13 23:19 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-10-13 23:19 - 2021-10-13 23:19 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll 2021-10-13 23:19 - 2021-10-13 23:19 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-10-13 23:19 - 2021-10-13 23:19 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2021-10-13 23:19 - 2021-10-13 23:19 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2021-10-13 23:19 - 2021-10-13 23:19 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-10-13 23:19 - 2021-10-13 23:19 - 000203264 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll 2021-10-13 23:19 - 2021-10-13 23:19 - 000158208 _____ C:\WINDOWS\system32\uwfcsp.dll 2021-10-13 23:19 - 2021-10-13 23:19 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-10-13 23:19 - 2021-10-13 23:19 - 000040960 _____ C:\WINDOWS\system32\uwfservicingapi.dll 2021-10-13 23:19 - 2021-10-13 23:19 - 000011495 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-10-13 23:19 - 2021-10-13 23:19 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx 2021-10-13 23:19 - 2021-10-13 23:19 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx 2021-10-13 23:18 - 2021-10-13 23:18 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-10-13 23:18 - 2021-10-13 23:18 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2021-10-13 23:14 - 2021-10-13 23:14 - 000000000 ___HD C:\$WinREAgent 2021-10-12 11:22 - 2021-10-12 11:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP 2021-10-12 11:21 - 2021-10-12 21:43 - 000000000 ____D C:\Users\Kasimal\AppData\Roaming\Notepad++ 2021-10-12 11:21 - 2021-10-12 11:21 - 000000837 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk 2021-10-12 11:21 - 2021-10-12 11:21 - 000000825 _____ C:\Users\Public\Desktop\Notepad++.lnk 2021-10-12 11:21 - 2021-10-12 11:21 - 000000000 ____D C:\Program Files\Notepad++ 2021-10-12 11:20 - 2021-10-12 11:22 - 000000000 ____D C:\xampp 2021-10-11 19:39 - 2016-09-01 19:26 - 000000218 _____ C:\Users\Kasimal\AppData\Local\recently-used.xbel 2021-10-11 17:33 - 2021-10-11 17:33 - 000001353 _____ C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2021-10-11 17:16 - 2021-10-27 19:36 - 000002728 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2021-10-11 17:16 - 2021-10-15 19:19 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive 2021-10-11 17:16 - 2021-10-12 08:48 - 000002190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-10-11 17:16 - 2021-10-11 17:16 - 000000000 ___RD C:\Users\Default\OneDrive 2021-10-11 17:16 - 2021-10-11 17:16 - 000000000 ____D C:\Program Files (x86)\Teams Installer 2021-10-11 17:15 - 2021-10-11 17:15 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2021-10-11 17:14 - 2021-10-28 10:24 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk 2021-10-11 17:14 - 2021-10-28 10:24 - 000002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2021-10-11 17:14 - 2021-10-28 10:24 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2021-10-11 17:14 - 2021-10-28 10:24 - 000002476 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2021-10-11 17:14 - 2021-10-28 10:24 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk 2021-10-11 17:14 - 2021-10-28 10:24 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2021-10-11 17:14 - 2021-10-28 10:24 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2021-10-11 17:14 - 2021-10-28 10:24 - 000002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk 2021-10-11 17:14 - 2021-10-28 10:24 - 000002387 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2021-10-11 17:11 - 2021-10-11 17:11 - 000000000 ____D C:\Program Files\Microsoft Office 15 2021-10-11 10:56 - 2021-10-28 10:20 - 000000000 ____D C:\Users\Kasimal\Documents\Outlook-Dateien 2021-10-08 14:15 - 2021-10-28 17:18 - 000000000 ____D C:\Users\Kasimal\AppData\Local\WhatsApp 2021-10-07 06:46 - 2021-10-09 17:45 - 000000000 ____D C:\Users\Kasimal\AppData\LocalLow\Adobe 2021-10-06 21:26 - 2021-10-06 21:26 - 000000040 ____H C:\305274DF1A00 2021-10-06 21:26 - 2021-10-06 21:26 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2021-10-06 19:29 - 2021-10-06 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2021-10-06 19:28 - 2021-10-06 19:28 - 000000000 ____D C:\Program Files\Logitech 2021-10-06 19:27 - 2021-10-28 17:23 - 000000000 ____D C:\Users\Kasimal\AppData\Local\Deployment 2021-10-06 19:23 - 2021-10-06 19:23 - 000000000 ____D C:\Users\Kasimal\AppData\Local\LogiBolt 2021-10-06 19:23 - 2021-10-06 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi 2021-10-06 19:23 - 2021-10-06 19:23 - 000000000 ____D C:\Program Files\Logi 2021-10-06 12:10 - 2021-10-06 12:10 - 000001922 _____ C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk 2021-10-06 12:10 - 2021-10-06 12:10 - 000001892 _____ C:\Users\Kasimal\Desktop\SumatraPDF.lnk 2021-10-06 12:10 - 2021-10-06 12:10 - 000000000 ____D C:\Users\Kasimal\AppData\Local\SumatraPDF 2021-10-04 11:45 - 2021-10-08 14:15 - 000002209 _____ C:\Users\Kasimal\Desktop\WhatsApp.lnk 2021-09-29 20:24 - 2021-09-29 20:24 - 000000790 _____ C:\Users\Public\Desktop\Foundation.lnk 2021-09-29 20:24 - 2021-09-29 20:24 - 000000000 ____D C:\Users\Kasimal\Documents\Polymorph Games 2021-09-29 20:24 - 2021-09-29 20:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foundation [GOG.com] 2021-09-28 20:32 - 2021-09-28 20:32 - 000002121 _____ C:\Users\Public\Desktop\Brother Creative Center.lnk 2021-09-28 20:32 - 2021-09-28 20:32 - 000000000 ____D C:\Users\Kasimal\AppData\Roaming\ControlCenter4 2021-09-28 20:22 - 2021-09-28 20:22 - 000001692 _____ C:\Users\Public\Desktop\Brother Utilities.lnk 2021-09-28 20:22 - 2021-09-28 20:22 - 000000000 ____D C:\ProgramData\PCFaxTx 2021-09-28 20:22 - 2021-09-28 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother 2021-09-28 20:22 - 2017-12-26 13:13 - 000318464 _____ ( ) C:\WINDOWS\system32\BrFaxTxAppRunA64.dll 2021-09-28 20:21 - 2021-09-28 20:32 - 000000000 ____D C:\ProgramData\ControlCenter4 2021-09-28 20:21 - 2021-09-28 20:21 - 000013215 _____ C:\WINDOWS\BRRBCOM.INI 2021-09-28 20:21 - 2021-09-28 20:21 - 000000000 ____D C:\Program Files (x86)\ControlCenter4 CSDK 2021-09-28 20:21 - 2021-09-28 20:21 - 000000000 ____D C:\Program Files (x86)\ControlCenter4 2021-09-28 20:21 - 2021-09-28 20:21 - 000000000 ____D C:\Program Files (x86)\Browny02 2021-09-28 15:45 - 2021-09-28 15:45 - 000001776 _____ C:\Users\Public\Desktop\iTunes.lnk 2021-09-28 15:45 - 2021-09-28 15:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2021-09-28 15:45 - 2021-09-28 15:45 - 000000000 ____D C:\Program Files\iTunes ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2021-10-28 19:09 - 2017-05-15 17:10 - 000000000 ____D C:\ProgramData\NVIDIA 2021-10-28 19:09 - 2015-12-31 10:04 - 000000000 ____D C:\Users\Kasimal\AppData\Local\CrashDumps 2021-10-28 18:56 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-10-28 18:30 - 2017-12-30 18:24 - 000000000 ____D C:\Program Files\DAEMON Tools Lite 2021-10-28 18:26 - 2020-08-26 00:20 - 001722792 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-10-28 18:26 - 2019-12-07 16:51 - 000743714 _____ C:\WINDOWS\system32\perfh007.dat 2021-10-28 18:26 - 2019-12-07 16:51 - 000150136 _____ C:\WINDOWS\system32\perfc007.dat 2021-10-28 18:26 - 2019-12-07 11:12 - 000000000 ____D C:\WINDOWS\INF 2021-10-28 18:25 - 2016-01-01 01:37 - 000000000 ____D C:\Users\Kasimal\AppData\Roaming\vlc 2021-10-28 18:19 - 2020-08-26 00:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-10-28 18:19 - 2020-08-26 00:09 - 000008192 ___SH C:\DumpStack.log.tmp 2021-10-28 18:19 - 2019-11-07 22:31 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-10-28 18:19 - 2017-05-15 17:10 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-10-28 18:19 - 2015-12-31 10:06 - 000000000 __SHD C:\Users\Kasimal\IntelGraphicsProfiles 2021-10-28 18:15 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-10-28 17:39 - 2017-10-29 00:47 - 000000000 ____D C:\Users\Kasimal\AppData\Roaming\discord 2021-10-28 17:39 - 2017-09-30 19:48 - 000009443 _____ C:\Users\Kasimal\Desktop\PW.ods 2021-10-28 17:21 - 2017-10-29 00:47 - 000000000 ____D C:\Users\Kasimal\AppData\Local\Discord 2021-10-28 17:19 - 2020-08-26 00:10 - 000000000 ____D C:\Users\Kasimal 2021-10-28 17:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-10-28 17:18 - 2021-01-17 18:18 - 000000000 ____D C:\Users\Kasimal\AppData\Roaming\webex 2021-10-28 17:18 - 2021-01-17 18:18 - 000000000 ____D C:\Users\Kasimal\AppData\Local\WebEx 2021-10-28 17:18 - 2018-07-13 19:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2021-10-28 17:18 - 2017-10-30 15:19 - 000000000 ____D C:\Users\Kasimal\AppData\Local\JDownloader 2.0 2021-10-28 17:18 - 2017-05-15 17:10 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2021-10-28 17:18 - 2017-05-15 17:10 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2021-10-28 17:18 - 2017-04-08 16:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2021-10-28 17:18 - 2016-04-12 21:13 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite 2021-10-28 17:18 - 2016-01-01 01:31 - 000000000 ___RD C:\Program Files (x86)\TC UP 2021-10-28 17:17 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-10-28 17:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\registration 2021-10-28 17:16 - 2021-01-17 18:18 - 000000000 ____D C:\Users\Kasimal\AppData\LocalLow\WebEx 2021-10-28 17:16 - 2017-05-15 17:10 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2021-10-28 17:16 - 2015-12-31 09:52 - 000000000 ____D C:\Program Files\AVAST Software 2021-10-28 17:16 - 2015-12-31 09:51 - 000000000 ____D C:\ProgramData\AVAST Software 2021-10-28 17:16 - 2015-12-31 05:02 - 000000000 ____D C:\Users\Kasimal\AppData\Local\NVIDIA 2021-10-28 17:09 - 2015-12-31 11:47 - 000000000 ____D C:\Users\Kasimal\AppData\Local\Mozilla 2021-10-28 17:09 - 2015-12-31 09:52 - 000000000 ____D C:\Users\Kasimal\AppData\Roaming\AVAST Software 2021-10-28 11:52 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-10-28 11:52 - 2019-10-18 12:48 - 000000000 ____D C:\Users\Kasimal\AppData\Local\D3DSCache 2021-10-28 09:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-10-28 09:44 - 2016-11-18 01:18 - 000000000 ____D C:\Users\Kasimal\AppData\LocalLow\Mozilla 2021-10-28 08:15 - 2018-08-31 18:21 - 000000000 ____D C:\ProgramData\Packages 2021-10-28 08:15 - 2017-10-27 17:06 - 000000000 ____D C:\Users\Kasimal\AppData\Local\Packages 2021-10-28 07:51 - 2020-08-26 00:17 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-10-28 07:51 - 2020-08-26 00:17 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-10-28 07:51 - 2020-08-26 00:17 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-10-28 07:51 - 2020-08-26 00:17 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-10-28 07:51 - 2020-08-26 00:17 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-10-28 07:51 - 2020-08-26 00:17 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-10-28 07:51 - 2020-08-26 00:17 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-10-28 07:51 - 2020-08-26 00:17 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-10-28 07:51 - 2020-08-26 00:17 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-10-28 07:51 - 2020-08-26 00:17 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-10-28 07:45 - 2015-12-31 05:04 - 000000000 ____D C:\Users\Kasimal\AppData\Local\Comms 2021-10-28 07:34 - 2019-04-23 16:03 - 000000000 ____D C:\ProgramData\Mozilla 2021-10-27 20:46 - 2020-08-26 00:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-10-27 20:46 - 2018-07-19 18:45 - 000000000 ____D C:\Users\Kasimal\AppData\Local\AVAST Software 2021-10-27 20:14 - 2020-08-26 00:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software 2021-10-27 20:14 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender 2021-10-27 20:14 - 2019-10-08 16:54 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-10-27 20:03 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2021-10-27 19:37 - 2020-08-26 15:40 - 000475768 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-10-27 19:37 - 2020-04-04 11:04 - 000002746 ____H C:\WINDOWS\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}.job 2021-10-27 19:37 - 2019-11-22 19:08 - 000000000 ___HD C:\avast! sandbox 2021-10-27 19:36 - 2021-02-10 17:52 - 000002444 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe 2021-10-27 19:36 - 2021-02-10 17:52 - 000002392 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe 2021-10-27 19:36 - 2021-02-10 17:52 - 000002388 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_itype_exe 2021-10-27 19:36 - 2020-08-26 00:17 - 000004778 _____ C:\WINDOWS\system32\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A} 2021-10-27 19:36 - 2020-08-26 00:17 - 000003802 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier 2021-10-27 19:36 - 2020-08-26 00:17 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-10-27 19:36 - 2020-08-26 00:17 - 000003404 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-10-27 19:36 - 2020-08-26 00:17 - 000003332 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater 2021-10-27 19:36 - 2020-08-26 00:17 - 000002558 _____ C:\WINDOWS\system32\Tasks\AutoPico Daily Restart 2021-10-25 08:25 - 2016-12-20 00:03 - 000000000 ____D C:\ProgramData\Adobe 2021-10-22 09:05 - 2016-01-05 13:05 - 000000000 ____D C:\Users\Kasimal\AppData\Roaming\XnView 2021-10-21 19:39 - 2019-11-22 19:22 - 007578560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2021-10-21 02:48 - 2019-11-22 19:23 - 000125568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2021-10-18 22:22 - 2017-12-02 21:11 - 000000000 ____D C:\Program Files\Microsoft Office 2021-10-18 09:50 - 2016-04-17 19:15 - 000000000 ____D C:\temp 2021-10-17 22:10 - 2018-04-03 16:19 - 000000000 ____D C:\Users\Kasimal\AppData\Roaming\WhatsApp 2021-10-17 21:26 - 2019-03-24 17:35 - 000000000 ____D C:\Users\Kasimal\AppData\Local\PlaceholderTileLogoFolder 2021-10-17 13:46 - 2015-12-31 05:03 - 000000000 ____D C:\ProgramData\Package Cache 2021-10-17 13:45 - 2017-03-31 23:45 - 000000000 ____D C:\Users\Kasimal\AppData\Local\UnrealEngine 2021-10-15 19:16 - 2016-10-05 17:10 - 000000000 ____D C:\Users\Kasimal\AppData\Local\ConnectedDevicesPlatform 2021-10-15 11:24 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-10-15 11:24 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-10-15 11:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-10-15 11:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-10-15 11:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-10-15 11:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-10-15 11:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-10-15 11:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack 2021-10-15 11:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-10-15 11:23 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-10-14 11:55 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2021-10-14 11:53 - 2020-08-26 00:57 - 000000000 ____D C:\Program Files (x86)\MSBuild 2021-10-13 23:14 - 2015-12-31 11:47 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-10-13 23:12 - 2015-12-31 11:47 - 139806512 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-10-12 08:02 - 2015-12-31 10:37 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-10-11 17:09 - 2015-07-10 13:02 - 000000076 _____ C:\WINDOWS\win.ini 2021-10-11 10:35 - 2020-01-10 19:06 - 000000000 ____D C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MTG Arena Pro 2021-10-11 10:35 - 2019-12-03 04:22 - 000000000 ____D C:\Users\Kasimal\AppData\Local\mtgaprotracker 2021-10-11 10:35 - 2019-11-22 19:08 - 000000000 ____D C:\Users\Kasimal\AppData\Roaming\mtgaprotracker 2021-10-09 19:22 - 2017-12-02 21:11 - 000000000 ____D C:\Users\Kasimal\AppData\Local\Microsoft Help 2021-10-09 17:47 - 2016-01-02 08:02 - 000000000 ____D C:\Users\Kasimal\AppData\Local\Adobe 2021-10-09 17:47 - 2015-12-31 10:37 - 000000000 ____D C:\Users\Kasimal\AppData\Roaming\Adobe 2021-10-08 14:15 - 2018-04-03 16:19 - 000000000 ____D C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2021-10-08 14:15 - 2016-08-12 16:40 - 000000000 ____D C:\Users\Kasimal\AppData\Local\SquirrelTemp 2021-10-06 21:25 - 2016-12-20 00:03 - 000000000 ____D C:\Program Files (x86)\Adobe 2021-10-06 19:23 - 2018-05-03 19:13 - 000000000 ____D C:\ProgramData\Logishrd 2021-10-06 12:10 - 2017-08-02 06:18 - 000001904 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk 2021-10-06 11:15 - 2017-10-29 00:47 - 000002237 _____ C:\Users\Kasimal\Desktop\Discord.lnk 2021-10-05 11:51 - 2017-10-29 00:47 - 000000000 ____D C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2021-10-01 09:45 - 2020-08-22 17:11 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-09-30 13:00 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-09-29 07:52 - 2018-04-07 12:25 - 000000000 ___RD C:\Users\Kasimal\iCloudDrive 2021-09-28 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2021-09-28 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-09-28 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2021-09-28 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-09-28 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2021-09-28 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2021-09-28 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-09-28 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-09-28 21:55 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing 2021-09-28 21:32 - 2017-09-27 22:22 - 000000000 ___RD C:\Users\Kasimal\AppData\Roaming\Brother 2021-09-28 20:22 - 2017-09-27 22:21 - 000000260 _____ C:\WINDOWS\Brpfx04a.ini 2021-09-28 20:22 - 2017-09-27 22:21 - 000000000 ____D C:\Program Files (x86)\Brother ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2019-10-10 19:11 - 2019-10-10 19:11 - 000000073 _____ () C:\Users\Kasimal\AppData\Roaming\InstallerReports.txt 2021-10-06 21:26 - 2021-10-25 08:26 - 000000615 _____ () C:\Users\Kasimal\AppData\Local\oobelibMkey.log 2021-10-11 19:39 - 2016-09-01 19:26 - 000000218 _____ () C:\Users\Kasimal\AppData\Local\recently-used.xbel 2020-08-02 13:11 - 2020-08-02 13:11 - 000007605 _____ () C:\Users\Kasimal\AppData\Local\Resmon.ResmonCfg ==================== FLock ============================== 2017-09-27 22:21 C:\ProgramData\Brother ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
28.10.2021, 20:14 | #2 |
/// TB-Ausbilder | Win 10: verschiedenste Abstürze, Firefox, Outlook, Kalender, Avast und weitereMein Name ist Matthias und ich werde dir bei der Analyse und der eventuell notwendigen Bereinigung deines Computers helfen. Es fehlt die 2. Logdatei von FRST, Addition.txt, bitte nachreichen. |
28.10.2021, 20:15 | #3 |
| Win 10: verschiedenste Abstürze, Firefox, Outlook, Kalender, Avast und weitere shortcut.txt
__________________Code:
ATTFilter Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 20-10-2021 durchgeführt von Kasimal (28-10-2021 19:19:29) Gestartet von C:\Users\Kasimal\Downloads Start-Modus: Normal ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{A3985C05-7386-411F-A4BF-32A73F37EB44}\AppleSoftwareUpdateIco.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2019.lnk -> C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\Common7\IDE\Blend.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk -> D:\Games\epic\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk -> C:\Program Files\Notepad++\notepad++.exe (Don HO don.h@free.fr) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk -> C:\Program Files\Microsoft Office\root\Office16\GROOVE.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk -> C:\Program Files\paint.net\PaintDotNet.exe (dotPDN LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk -> C:\Program Files\PCHealthCheck\PCHealthCheck.exe (Keine Datei) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk -> C:\Program Files\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk -> C:\Program Files\SumatraPDF\SumatraPDF.exe (Krzysztof Kowalczyk) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019.lnk -> C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\Common7\IDE\devenv.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk -> C:\Program Files (x86)\Microsoft Visual Studio\Installer\setup.exe (Microsoft) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warlock 2 The Exiled.lnk -> D:\Games\Warlock 2\Warlock 2 The Exiled\Game.exe (Ino-Co Plus) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP\Uninstall XAMPP.lnk -> C:\xampp\uninstall.exe (Bitnami) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP\XAMPP Control Panel.lnk -> C:\xampp\xampp-control.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP\XAMPP htdocs folder.lnk -> C:\xampp\htdocs () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows Software Development Kit\Documentation for Desktop Apps.lnk -> C:\Program Files (x86)\Windows Kits\10\Shortcuts\DesktopDevCenterLearn.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows Software Development Kit\Documentation for Windows Store Apps.lnk -> C:\Program Files (x86)\Windows Kits\10\Shortcuts\WindowsStoreAppDevCenterLearn.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows Software Development Kit\Samples for Desktop Apps.lnk -> C:\Program Files (x86)\Windows Kits\10\Shortcuts\DesktopDevCenterSamples.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows Software Development Kit\Samples for Windows Store Apps.lnk -> C:\Program Files (x86)\Windows Kits\10\Shortcuts\WindowsStoreAppDevCenterSamples.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows Software Development Kit\Tools for Desktop Apps.lnk -> C:\Program Files (x86)\Windows Kits\10\Shortcuts\DesktopDevCenterToolsDocumentation.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows Software Development Kit\Tools for Windows Store Apps.lnk -> C:\Program Files (x86)\Windows Kits\10\Shortcuts\WindowsStoreAppDevCenterToolsDocumentation.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows App Certification Kit\Windows App Cert Kit.lnk -> C:\Program Files (x86)\Windows Kits\10\App Certification Kit\appcertui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Application Verifier (X86)\Application Verifier (WOW).lnk -> C:\Windows\SysWOW64\appverif.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Application Verifier (X64)\Application Verifier (X64).lnk -> C:\Windows\System32\appverif.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Application Verifier (X64)\Application Verifier Help.lnk -> C:\Windows\System32\appverif.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0\Demos\vulkaninfo.lnk -> C:\Program Files (x86)\VulkanRT\1.0.3.0\vulkaninfo.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0\Demos\vulkaninfo32.lnk -> C:\Program Files (x86)\VulkanRT\1.0.3.0\vulkaninfo32.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files\VideoLAN\VLC\Documentation.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files\VideoLAN\VLC\NEWS.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files\VideoLAN\VLC\VideoLAN Website.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander Ultima Prime\Total Commander Ultima Prime.lnk -> C:\Program Files (x86)\TC UP\TC UP.exe (TC UP Team) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\This War of Mine [GOG.com]\Deinstallieren This War of Mine.lnk -> D:\Games\This War of Mine\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\This War of Mine [GOG.com]\Modding Tool.lnk -> D:\Games\This War of Mine\StorytellerNS.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\This War of Mine [GOG.com]\This War of Mine.lnk -> D:\Games\This War of Mine\This War of Mine.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\This War of Mine [GOG.com]\Dokumente\Modding Instructions.lnk -> D:\Games\This War of Mine\Modding Instructions.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Fermi Paradox [GOG.com]\Deinstallieren The Fermi Paradox.lnk -> D:\Games\The Fermi Paradox\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Fermi Paradox [GOG.com]\The Fermi Paradox.lnk -> D:\Games\The Fermi Paradox\The Fermi Paradox.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Curious Expedition [GOG.com]\Deinstallieren The Curious Expedition.lnk -> D:\Games\The Curious Expedition\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Curious Expedition [GOG.com]\The Curious Expedition.lnk -> D:\Games\The Curious Expedition\The Curious Expedition.exe (GitHub, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> D:\steam\steam.exe (Valve Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PapDesigner\PapDesigner.lnk -> C:\Program Files (x86)\PapDesigner\PapDesigner.exe (friedrich-folkmann.de) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PapDesigner\Uninstall.lnk -> C:\Program Files (x86)\PapDesigner\Uninstall.exe (friedrich folkmann) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3\OpenOffice Base.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sbase.exe (Apache Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3\OpenOffice Calc.lnk -> C:\Program Files (x86)\OpenOffice 4\program\scalc.exe (Apache Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3\OpenOffice Draw.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe (Apache Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3\OpenOffice Impress.lnk -> C:\Program Files (x86)\OpenOffice 4\program\simpress.exe (Apache Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3\OpenOffice Math.lnk -> C:\Program Files (x86)\OpenOffice 4\program\smath.exe (Apache Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3\OpenOffice Writer.lnk -> C:\Program Files (x86)\OpenOffice 4\program\swriter.exe (Apache Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3\OpenOffice.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance Power PDF Advanced\Convert-Assistent.lnk -> C:\Program Files (x86)\Nuance\Power PDF 21\NPDFAssist.exe (Nuance Communications, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance Power PDF Advanced\Create-Assistent.lnk -> C:\Program Files (x86)\Nuance\Power PDF 21\bin\NPDFCreate.exe (Nuance) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance Power PDF Advanced\Power PDF Advanced.lnk -> C:\Program Files (x86)\Nuance\Power PDF 21\bin\NuancePDF.exe (Nuance) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft entfernen.lnk -> D:\Games\minecraft\game\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft.lnk -> D:\Games\minecraft\game\minecraft launcher\Minecraft Launcher.exe (Titan Launcher) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Aufzeichnungs-Manager von Skype for Business.lnk -> C:\Program Files\Microsoft Office\root\Office16\OcPubMgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office-Spracheinstellungen.lnk -> C:\Program Files\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetriedashboard für Office.lnk -> C:\Program Files\Microsoft Office\root\Office16\msotd.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetrieprotokoll für Office.lnk -> C:\Program Files\Microsoft Office\root\Office16\msoev.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Options.lnk -> C:\Program Files\Logitech\LogiOptions\LogiOptions.exe (Logitech, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi\Logi Bolt.lnk -> C:\Program Files\Logi\LogiBolt\LogiBolt.exe (Logitech) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Java konfigurieren.lnk -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\javacpl.exe (Oracle Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Über iTunes.lnk -> C:\Program Files\iTunes\iTunes.Resources\de.lproj\About iTunes.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud-Fotos.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreamsShortcut.exe (Apple Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot\Greenshot.lnk -> C:\Program Files\Greenshot\Greenshot.exe (Greenshot) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot\License.txt.lnk -> C:\Program Files\Greenshot\license.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot\Readme.txt.lnk -> C:\Program Files\Greenshot\readme.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot\Uninstall Greenshot.lnk -> C:\Program Files\Greenshot\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FTL - Advanced Edition [GOG.com]\FTL - Advanced Edition.lnk -> D:\Games\FTL\FTL - Advanced Edition\FTLGame.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FTL - Advanced Edition [GOG.com]\Readme.lnk -> D:\Games\FTL\FTL - Advanced Edition\FTL_README.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FTL - Advanced Edition [GOG.com]\Uninstall FTL - Advanced Edition.lnk -> D:\Games\FTL\FTL - Advanced Edition\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foundation [GOG.com]\Deinstallieren Foundation.lnk -> D:\Games\Foundation\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foundation [GOG.com]\Foundation.lnk -> D:\Games\Foundation\foundation.exe (Polymorph Games) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Endless Space 2\Endless Space 2.lnk -> D:\Games\Endless space 2\game\EndlessSpace2.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Endless Space 2\Uninstall Endless Space 2.lnk -> D:\Games\Endless space 2\game\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74-2\DOSBox 0.74-2 Manual.lnk -> C:\Program Files (x86)\DOSBox-0.74-2\Documentation\README.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74-2\Extras\Uninstall.lnk -> C:\Program Files (x86)\DOSBox-0.74-2\uninstall.exe (DOSBox Team) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74-2\Extras\Video\Video instructions.lnk -> C:\Program Files (x86)\DOSBox-0.74-2\Video Codec\Video Instructions.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Darkest Dungeon The Crimson Court\Uninstall Darkest Dungeon The Crimson Court.lnk -> D:\Games\Darkest Dungeon\Darkest Dungeon The Crimson Court\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crusader Kings III.lnk -> D:\Games\Crusader Kings III.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crusader Kings III\Crusader Kings III entfernen.lnk -> D:\Games\Crusader Kings III\game\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crusader Kings III\Crusader Kings III.lnk -> D:\Games\Crusader Kings III\game\binaries\ck3.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\Brother Utilities.lnk -> C:\Program Files (x86)\Brother\BrLauncher\BrLauncher.exe (Brother Industries, Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bounty Train [GOG.com]\Bounty Train.lnk -> D:\Games\Bounty Train\BountyTrain.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bounty Train [GOG.com]\Deinstallieren Bounty Train.lnk -> D:\Games\Bounty Train\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aggressors - Ancient Rome [GOG.com]\Aggressors - Ancient Rome (Quick Launch).lnk -> D:\Games\Aggressors Ancient Rome\Aggressors.exe (Keine Datei) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aggressors - Ancient Rome [GOG.com]\Dokumente\Manual.lnk -> D:\Games\Aggressors Ancient Rome\Manuals\GameManual.pdf (Keine Datei) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files\7-Zip\7zFM.exe (Igor Pavlov) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files\7-Zip\7-zip.chm () Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\Kasimal\Links\Desktop.lnk -> C:\Users\Kasimal\Desktop () Shortcut: C:\Users\Kasimal\Links\Downloads.lnk -> C:\Users\Kasimal\Downloads () Shortcut: C:\Users\Kasimal\Links\iCloud Drive.lnk -> C:\Users\Kasimal\iCloudDrive () Shortcut: C:\Users\Kasimal\Downloads\DDownloads.lnk -> D:\Downloads () Shortcut: C:\Users\Kasimal\Desktop\Cisco Webex Meetings.lnk -> C:\Users\Kasimal\AppData\Local\WebEx\WebEx\Applications\ptoneclk.exe (Cisco Webex LLC) Shortcut: C:\Users\Kasimal\Desktop\Craft the World.lnk -> D:\Games\Craft.The.World.v1.2.006.Cracked-3DM\CraftWorld.exe () Shortcut: C:\Users\Kasimal\Desktop\Crusader Kings III Royal Edition.lnk -> D:\Games\Crusader Kings III\game\binaries\ck3.exe () Shortcut: C:\Users\Kasimal\Desktop\Dawn of Man Solstice.lnk -> D:\Games\Dawn of Man\Dawn of Man Solstice\DawnOfMan.exe () Shortcut: C:\Users\Kasimal\Desktop\Dungeoneering.lnk -> D:\Games\Guild of Dungeoneering\dungeoneering.exe () Shortcut: C:\Users\Kasimal\Desktop\Endless Space 2.lnk -> D:\Games\Endless space 2\game\EndlessSpace2.exe () Shortcut: C:\Users\Kasimal\Desktop\ESET Online Scanner.lnk -> C:\Users\Kasimal\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe (ESET) Shortcut: C:\Users\Kasimal\Desktop\Fallout 4.lnk -> D:\Games\Fallout 4\game\Fallout4.exe (Bethesda Softworks) Shortcut: C:\Users\Kasimal\Desktop\HUMANKIND Digital Deluxe Edition.lnk -> D:\Games\Humankind\Humankind.exe () Shortcut: C:\Users\Kasimal\Desktop\Humankind Victor OpenDev Build.lnk -> D:\Games\Humankind\Humankind.exe () Shortcut: C:\Users\Kasimal\Desktop\JDownloader 2.lnk -> C:\Users\Kasimal\AppData\Local\JDownloader 2.0\JDownloader2.exe (AppWork GmbH) Shortcut: C:\Users\Kasimal\Desktop\Life Is Strange Complete Season.lnk -> D:\Games\life is strange\game\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) Shortcut: C:\Users\Kasimal\Desktop\MiniMetro.lnk -> D:\Games\minimetro\Mini Metro\MiniMetro.exe () Shortcut: C:\Users\Kasimal\Desktop\nw.exe - Verknüpfung.lnk -> D:\Programme\9kw.eu\nwjs-sdk-v0.26.6-win-ia32\nw.exe (The NWJS Community) Shortcut: C:\Users\Kasimal\Desktop\OldWorld.exe - Verknüpfung.lnk -> D:\Games\Old Worlds\install\OldWorld.exe () Shortcut: C:\Users\Kasimal\Desktop\procexp.exe - Verknüpfung.lnk -> C:\temp\ProcExp\procexp.exe (Sysinternals - www.sysinternals.com) Shortcut: C:\Users\Kasimal\Desktop\Sid Meiers Civilization VI Gathering Storm.lnk -> D:\Games\Civilization 6 Gathering Storm\game\Base\Binaries\Win64Steam\CivilizationVI.exe (Firaxis Games) Shortcut: C:\Users\Kasimal\Desktop\Stellaris Galaxy Edition.lnk -> D:\Games\Stellaris\stellaris.exe (Paradox Interactive) Shortcut: C:\Users\Kasimal\Desktop\SumatraPDF.lnk -> C:\Program Files\SumatraPDF\SumatraPDF.exe (Krzysztof Kowalczyk) Shortcut: C:\Users\Kasimal\Desktop\The Curious Expedition 2.lnk -> D:\Games\Curious.Expedition.2.v0.10.6\CE2.exe () Shortcut: C:\Users\Kasimal\Desktop\The Long Dark.lnk -> D:\Games\The Long Dark\The Long Dark Incl. Update v1.21 MULTi16\tld.exe () Shortcut: C:\Users\Kasimal\Desktop\The Witcher 3 Wild Hunt Game of the Year Edition.lnk -> D:\Games\The Witcher 3\The Witcher 3 Wild Hunt\bin\x64\witcher3.exe (CD Projekt Red) Shortcut: C:\Users\Kasimal\Desktop\TransportFever2.exe - Verknüpfung.lnk -> D:\Games\Transport Fever 2\TransportFever2.exe () Shortcut: C:\Users\Kasimal\Desktop\Tropico6-Win64-Shipping.exe - Verknüpfung.lnk -> D:\Games\Tropico 6\Tropico 6 - Beta-1.0_83060\Tropico6\Binaries\Win64\Tropico6-Win64-Shipping.exe (Kalypso Media GmbH) Shortcut: C:\Users\Kasimal\Desktop\Tyranny Overlord Edition.lnk -> D:\Games\Tyranny\Tyranny\Tyranny.exe (Obsidian Entertainment, Inc.) Shortcut: C:\Users\Kasimal\Desktop\WhatsApp.lnk -> C:\Users\Kasimal\AppData\Local\WhatsApp\WhatsApp.exe (Keine Datei) Shortcut: C:\Users\Kasimal\Desktop\Wreckfest [64 BIT].lnk -> D:\Games\Wreckfest\game\Wreckfest_x64.exe () Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crusader Kings II.lnk -> D:\Games\Crusader Kings II\game\CK2game.exe (Paradox Interactive) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crusader Kings III Royal Edition.lnk -> D:\Games\Crusader Kings III\game\binaries\ck3.exe () Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dungeoneering.lnk -> D:\Games\Guild of Dungeoneering\dungeoneering.exe () Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk -> C:\Users\Kasimal\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe (ESET) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fallout 4.lnk -> D:\Games\Fallout 4\game\Fallout4.exe (Bethesda Softworks) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hearthstone Deck Tracker.lnk -> D:\Games\Hearthstone\Hearthstone Deck Tracker\Hearthstone Deck Tracker.exe (Keine Datei) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Life Is Strange Complete Season.lnk -> D:\Games\life is strange\game\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiniMetro.lnk -> D:\Games\minimetro\Mini Metro\MiniMetro.exe () Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sid Meiers Civilization VI Gathering Storm.lnk -> D:\Games\Civilization 6 Gathering Storm\game\Base\Binaries\Win64Steam\CivilizationVI.exe (Firaxis Games) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stardew Valley.lnk -> D:\Games\Stardew Valley\game\Stardew Valley.exe (ConcernedApe) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stellaris Galaxy Edition.lnk -> D:\Games\Stellaris\stellaris.exe (Paradox Interactive) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk -> C:\Program Files\SumatraPDF\SumatraPDF.exe (Krzysztof Kowalczyk) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Long Dark.lnk -> D:\Games\The Long Dark\The Long Dark\tld.exe () Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Witcher 3 Wild Hunt Game of the Year Edition.lnk -> D:\Games\The Witcher 3\The Witcher 3 Wild Hunt\bin\x64\witcher3.exe (CD Projekt Red) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TransportFever2.exe - Verknüpfung.lnk -> D:\Games\Transport Fever 2\TransportFever2.exe () Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wreckfest [64 BIT].lnk -> D:\Games\Wreckfest\game\Wreckfest_x64.exe () Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Zoom.lnk -> C:\Users\Kasimal\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp\WhatsApp.lnk -> C:\Users\Kasimal\AppData\Local\WhatsApp\WhatsApp.exe (Keine Datei) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> D:\steam\steam.exe (Valve Corporation) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rual Ilmarranen\mtgaprotracker.lnk -> C:\Users\Kasimal\AppData\Local\mtgaprotracker\mtgaprotracker.exe (Keine Datei) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Last Man\Last Man.lnk -> D:\themes\games\Last Man\Last_Man.exe (Vortex Cannon Entertainment) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Last Man\Uninstall.lnk -> D:\themes\games\Last Man\uninstall.exe (Vortex Cannon Entertainment) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2 Deinstallationsprogramm.lnk -> C:\Users\Kasimal\AppData\Local\JDownloader 2.0\Uninstall JDownloader.exe (AppWork GmbH) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2 Update & Rescue.lnk -> C:\Users\Kasimal\AppData\Local\JDownloader 2.0\JDownloader2Update.exe (AppWork GmbH) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2.lnk -> C:\Users\Kasimal\AppData\Local\JDownloader 2.0\JDownloader2.exe (AppWork GmbH) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud Drive.lnk -> C:\Users\Kasimal\iCloudDrive () Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cisco Webex Meetings Desktop App\Cisco Webex Meetings.lnk -> C:\Users\Kasimal\AppData\Local\WebEx\WebEx\Applications\ptoneclk.exe (Cisco Webex LLC) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\JDownloader 2.lnk -> C:\Users\Kasimal\AppData\Local\JDownloader 2.0\JDownloader2.exe (AppWork GmbH) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Keine Datei) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\TC UP.lnk -> C:\Program Files (x86)\TC UP\TC UP.exe (TC UP Team) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\JDownloader 2.lnk -> C:\Users\Kasimal\AppData\Local\JDownloader 2.0\JDownloader2.exe (AppWork GmbH) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TC UP.lnk -> C:\Program Files (x86)\TC UP\TC UP.exe (TC UP Team) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Tombstones\Mozilla Firefox (3).lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7111c0ce965b7246\Battle.net.lnk -> D:\Games\Hearthstone\Battle.net\Battle.net.exe (Keine Datei) Shortcut: C:\Users\Kasimal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\4ac866364817f10c\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Keine Datei) Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Windows.PurchaseDialog_cw5n1h2txyewy\Microsoft.Windows.PurchaseDialog.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Windows.ContactSupport_cw5n1h2txyewy\App.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.XboxIdentityProvider_cw5n1h2txyewy\Microsoft.XboxIdentityProvider.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.XboxGameCallableUI_cw5n1h2txyewy\Microsoft.XboxGameCallableUI.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.XboxApp_8wekyb3d8bbwe\Microsoft.XboxApp.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsStore_8wekyb3d8bbwe\App.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsPhone_8wekyb3d8bbwe\CompanionApp.App.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsMaps_8wekyb3d8bbwe\App.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsFeedback_cw5n1h2txyewy\App.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\microsoft.windowslive.calendar.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\microsoft.windowslive.mail.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsCamera_8wekyb3d8bbwe\App.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsCalculator_8wekyb3d8bbwe\App.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsAlarms_8wekyb3d8bbwe\App.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\App.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Windows.Photos_8wekyb3d8bbwe\App.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Windows.ParentalControls_cw5n1h2txyewy\App.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaUI.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\App.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\App.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Windows.AssignedAccessLockApp_cw5n1h2txyewy\App.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.People_8wekyb3d8bbwe\x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Office.OneNote_8wekyb3d8bbwe\microsoft.onenoteim.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\App.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\Microsoft.MicrosoftOfficeHub.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.LockApp_cw5n1h2txyewy\WindowsDefaultLockScreen.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Getstarted_8wekyb3d8bbwe\App.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BioEnrollment_cw5n1h2txyewy\App.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingWeather_8wekyb3d8bbwe\App.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingSports_8wekyb3d8bbwe\AppexSports.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingNews_8wekyb3d8bbwe\AppexNews.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingFinance_8wekyb3d8bbwe\AppexFinance.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Appconnector_8wekyb3d8bbwe\App.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.AccountsControl_cw5n1h2txyewy\App.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\App.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.3DBuilder_8wekyb3d8bbwe\App.lnk -> Tile and icon assets Shortcut: C:\Users\Kasimal\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Keine Datei) Shortcut: C:\Users\Public\Desktop\911 Operator.lnk -> D:\Games\911 Operator\911 Operator\911.exe () Shortcut: C:\Users\Public\Desktop\Bounty Train.lnk -> D:\Games\Bounty Train\BountyTrain.exe () Shortcut: C:\Users\Public\Desktop\Brother Creative Center.lnk -> C:\Program Files (x86)\Brother\CreativeCenter\Brother Creative Center.url () Shortcut: C:\Users\Public\Desktop\Brother Utilities.lnk -> C:\Program Files (x86)\Brother\BrLauncher\BrLauncher.exe (Brother Industries, Ltd.) Shortcut: C:\Users\Public\Desktop\Crusader Kings II.lnk -> D:\Games\Crusader Kings II\game\CK2game.exe (Paradox Interactive) Shortcut: C:\Users\Public\Desktop\Dawn of Man.lnk -> D:\Games\Dawn of Man\game\DawnOfMan.exe () Shortcut: C:\Users\Public\Desktop\Epic Games Launcher.lnk -> D:\Games\epic\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.) Shortcut: C:\Users\Public\Desktop\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Public\Desktop\Foundation.lnk -> D:\Games\Foundation\foundation.exe (Polymorph Games) Shortcut: C:\Users\Public\Desktop\FTL - Advanced Edition.lnk -> D:\Games\FTL\FTL - Advanced Edition\FTLGame.exe () Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\Users\Public\Desktop\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.) Shortcut: C:\Users\Public\Desktop\Knights of Pen and Paper 2.lnk -> D:\Games\Knights of Pen and Paper 2\game\kopp2.exe () Shortcut: C:\Users\Public\Desktop\Minecraft.lnk -> D:\Games\minecraft\game\minecraft launcher\Minecraft Launcher.exe (Titan Launcher) Shortcut: C:\Users\Public\Desktop\Notepad++.lnk -> C:\Program Files\Notepad++\notepad++.exe (Don HO don.h@free.fr) Shortcut: C:\Users\Public\Desktop\OpenOffice 4.1.3.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation) Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.) Shortcut: C:\Users\Public\Desktop\Stardew Valley.lnk -> D:\Games\Stardew Valley\game\Stardew Valley.exe (ConcernedApe) Shortcut: C:\Users\Public\Desktop\Steam.lnk -> D:\steam\steam.exe (Valve Corporation) Shortcut: C:\Users\Public\Desktop\TC UP.lnk -> C:\Program Files (x86)\TC UP\TC UP.exe (TC UP Team) Shortcut: C:\Users\Public\Desktop\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) Shortcut: C:\Users\Public\Desktop\The Curious Expedition.lnk -> D:\Games\The Curious Expedition\The Curious Expedition.exe (GitHub, Inc.) Shortcut: C:\Users\Public\Desktop\The Fermi Paradox.lnk -> D:\Games\The Fermi Paradox\The Fermi Paradox.exe () Shortcut: C:\Users\Public\Desktop\This War of Mine.lnk -> D:\Games\This War of Mine\This War of Mine.exe () Shortcut: C:\Users\Public\Desktop\Warlock 2 The Exiled.lnk -> D:\Games\Warlock 2\Warlock 2 The Exiled\Game.exe (Ino-Co Plus) Shortcut: C:\Users\Public\Desktop\Sid Meier's Civilization IV Complete Edition\Sid Meier's Civilization IV Beyond the Sword.lnk -> D:\Games\Sid Meier's Civilization IV Complete Edition\game\Sid Meiers Civilization IV Complete\Beyond the Sword\Civ4BeyondSword.exe (Firaxis Games) Shortcut: C:\Users\Public\Desktop\Sid Meier's Civilization IV Complete Edition\Sid Meier's Civilization IV Colonization.lnk -> D:\Games\Sid Meier's Civilization IV Complete Edition\game\Sid Meiers Civilization IV Colonization\Colonization.exe (Firaxis Games) Shortcut: C:\Users\Public\Desktop\Sid Meier's Civilization IV Complete Edition\Sid Meier's Civilization IV Warlords.lnk -> D:\Games\Sid Meier's Civilization IV Complete Edition\game\Sid Meiers Civilization IV Complete\Warlords\Civ4Warlords.exe (Firaxis Games) Shortcut: C:\Users\Public\Desktop\Sid Meier's Civilization IV Complete Edition\Sid Meier's Civilization IV.lnk -> D:\Games\Sid Meier's Civilization IV Complete Edition\game\Sid Meiers Civilization IV Complete\Civilization4.exe (Firaxis Games) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019\Visual Studio Tools\Developer Command Prompt for VS 2019.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\Common7\Tools\VsDevCmd.bat" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019\Visual Studio Tools\VC\x64 Native Tools Command Prompt for VS 2019.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Auxiliary\Build\vcvars64.bat" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019\Visual Studio Tools\VC\x64_x86 Cross Tools Command Prompt for VS 2019.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Auxiliary\Build\vcvarsamd64_x86.bat" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019\Visual Studio Tools\VC\x86 Native Tools Command Prompt for VS 2019.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Auxiliary\Build\vcvars32.bat" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019\Visual Studio Tools\VC\x86_x64 Cross Tools Command Prompt for VS 2019.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Auxiliary\Build\vcvarsx86_amd64.bat" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows Software Development Kit\Windows Software Development Kit.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Windows Kits\10\" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019\Visual Studio Tools\Debuggable Package Manager.lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -Command "& { Import-Module Appx; Import-Module .\AppxDebug.dll; Show-AppxDebug}" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019\Visual Studio Tools\Developer PowerShell for VS 2019.lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -noe -c "&{Import-Module """C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; Enter-VsDevShell e0ddcc2d}" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander Ultima Prime\Repair TC UP.lnk -> C:\Program Files (x86)\TC UP\PLUGINS\Tools\TCUPTurbo\TCUPIntegrator.exe (TC UP Team) -> /REPAIR ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Database Compare.lnk -> C:\Program Files\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Office16\DCF\DATABASECOMPARE.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Spreadsheet Compare.lnk -> C:\Program Files\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Office16\DCF\SPREADSHEETCOMPARE.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Auf Updates prüfen.lnk -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\javacpl.exe (Oracle Corporation) -> -tab update ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Info zu Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\javacpl.exe (Oracle Corporation) -> -tab about ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\E-Mails.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> mail ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Erinnerungen.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> reminders ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iPhone suchen.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> find ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Kalender.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> calendar ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Keynote.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> keynote ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Kontakte.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> contacts ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Notizen.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> notes ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Numbers.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> numbers ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Pages.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> pages ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74-2\DOSBox 0.74-2.lnk -> C:\Program Files (x86)\DOSBox-0.74-2\DOSBox.exe (DOSBox Team) -> -userconf ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74-2\Options\DOSBox 0.74-2 Options.lnk -> C:\Program Files (x86)\DOSBox-0.74-2\DOSBox.exe (DOSBox Team) -> -editconf notepad.exe -editconf "%SystemRoot%\system32\notepad.exe" -editconf "%WINDIR%\notepad.exe" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74-2\Options\Reset KeyMapper.lnk -> C:\Program Files (x86)\DOSBox-0.74-2\DOSBox.exe (DOSBox Team) -> -erasemapper ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74-2\Options\Reset Options.lnk -> C:\Program Files (x86)\DOSBox-0.74-2\DOSBox.exe (DOSBox Team) -> -eraseconf ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74-2\Extras\DOSBox 0.74-2 (noconsole).lnk -> C:\Program Files (x86)\DOSBox-0.74-2\DOSBox.exe (DOSBox Team) -> -noconsole -userconf ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74-2\Extras\Screenshots & Recordings.lnk -> C:\Program Files (x86)\DOSBox-0.74-2\DOSBox.exe (DOSBox Team) -> -opencaptures explorer.exe ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74-2\Extras\Video\Install movie codec.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> setupapi,InstallHinfSection DefaultInstall 128 C:\Program Files (x86)\DOSBox-0.74-2\Video Codec\zmbv.inf ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Darkest Dungeon The Crimson Court\Darkest Dungeon The Crimson Court.lnk -> D:\Games\Darkest Dungeon\Darkest Dungeon The Crimson Court\_windows\Darkest.exe () -> -skipvalidation ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\Kasimal\Desktop\Darkest Dungeon The Crimson Court.lnk -> D:\Games\Darkest Dungeon\Darkest Dungeon The Crimson Court\_windows\Darkest.exe () -> -skipvalidation ShortcutWithArgument: C:\Users\Kasimal\Desktop\Discord.lnk -> C:\Users\Kasimal\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe ShortcutWithArgument: C:\Users\Kasimal\Desktop\Microsoft Teams.lnk -> C:\Users\Kasimal\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe" ShortcutWithArgument: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk -> C:\Users\Kasimal\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe" ShortcutWithArgument: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\Kasimal\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Video Communications, Inc.) -> /uninstall ShortcutWithArgument: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord.lnk -> C:\Users\Kasimal\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe ShortcutWithArgument: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto ShortcutWithArgument: C:\Users\Kasimal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) -> /recycle ShortcutWithArgument: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E} ShortcutWithArgument: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System ShortcutWithArgument: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions ShortcutWithArgument: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures ShortcutWithArgument: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Kasimal\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\Public\Desktop\DOSBox 0.74-2.lnk -> C:\Program Files (x86)\DOSBox-0.74-2\DOSBox.exe (DOSBox Team) -> -userconf InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP\Bitnami for XAMPP.url -> URL: hxxps//bitnami.com/stack/xampp?utm_source=bitnami&utm_medium=installer&utm_campaign=XAMPP%2BInstaller InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\This War of Mine [GOG.com]\Dokumente\Support.url -> URL: hxxp//www.gog.com/support/this_war_of_mine InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp//support.steampowered.com/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Besuchen Sie Java.com.url -> URL: hxxp//java.com/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Hilfe aufrufen.url -> URL: hxxp//java.com/help InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FTL - Advanced Edition [GOG.com]\Documents\Support.url -> URL: hxxp//www.gog.com/support/faster_than_light InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bounty Train [GOG.com]\Dokumente\Support.url -> URL: hxxp//www.gog.com/support/bounty_train InternetURL: C:\Users\Kasimal\Favorites\Bing.url -> URL: hxxp//go.microsoft.com/fwlink/p/?LinkId=255142 InternetURL: C:\Users\Kasimal\Desktop\Rocket League®.url -> URL: com.epicgames.launcher://apps/9773aa1aa54f4f7b80e44bef04986cea%3A530145df28a24424923f5828cc9031a1%3ASugar?action=launch&silent=true ==================== Ende vom Shortcut.txt ============================ |
28.10.2021, 20:16 | #4 |
| Win 10: verschiedenste Abstürze, Firefox, Outlook, Kalender, Avast und weitere Addition.txt (war zu groß) Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-10-2021 durchgeführt von Kasimal (28-10-2021 19:17:54) Gestartet von C:\Users\Kasimal\Downloads Microsoft Windows 10 Pro N Version 21H1 19043.1288 (X64) (2020-08-25 22:17:13) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-3782075860-127496113-178799132-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3782075860-127496113-178799132-503 - Limited - Disabled) Gast (S-1-5-21-3782075860-127496113-178799132-501 - Limited - Disabled) Kasimal (S-1-5-21-3782075860-127496113-178799132-1001 - Administrator - Enabled) => C:\Users\Kasimal WDAGUtilityAccount (S-1-5-21-3782075860-127496113-178799132-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov) 7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov) 911 Operator MULTi6 - ElAmigos Version 1.30.31 (HKLM-x32\...\{10F745FF-5F38-413E-B47E-85C7148A2EEB}_is1) (Version: 1.30.31 - PlayWay S.A.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe) Apple Application Support (32-Bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{527DD209-8A66-482F-8779-C7B3BACCA8F1}) (Version: 15.0.0.16 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.) Application Verifier x64 External Package (HKLM\...\{8A4CD158-E6B3-6D91-D7DE-10098BC980E2}) (Version: 10.1.19041.685 - Microsoft) Hidden AppLogLibSetup (HKLM-x32\...\{52FB0C8F-DF05-4C61-AEB6-18C55F8C385F}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden Bounty Train (HKLM-x32\...\1455194922_is1) (Version: 1.0.13761 - GOG.com) Bounty Train Trainium Edition (HKLM-x32\...\1741374013_is1) (Version: 1.0.13761 - GOG.com) BrLauncher (HKLM-x32\...\{C04DCB6D-02A2-41AD-AA79-2644CEB26445}) (Version: 2.0.17.0 - Brother Industries Ltd.) Hidden BrLogRx (HKLM-x32\...\{B556F816-FF4D-4BB6-9339-ED28639E2EF3}) (Version: 1.0.2.1 - Brother Industries Ltd.) Hidden Brother PCFax Driver (HKLM-x32\...\{56BA05BD-7A67-4EF8-85A7-8C6528AEE2AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden Brother Printer Driver (HKLM-x32\...\{B0526B11-2029-4DA4-8724-BB96BD874FF0}) (Version: 3.3.0.0 - Brother Industries Ltd.) Hidden Brother Scanner Driver (HKLM-x32\...\{77B57C72-AC29-42C6-BD2E-DA551A9ACC9B}) (Version: 1.0.38.1 - Brother Industries Ltd.) Hidden BrSupportTools (HKLM-x32\...\{E1B7CE6D-A4F9-4C9B-8FAB-9178CF47FDED}) (Version: 1.0.27.0 - Brother Industries Ltd.) Hidden Cisco Webex Meetings (HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\ActiveTouchMeetingClient) (Version: 41.9.5 - Cisco Webex LLC) ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{5A260D5A-95D3-4956-8E0A-E182CC4144ED}) (Version: 4.8.04162 - Microsoft Corporation) Hidden ControlCenter4 (HKLM-x32\...\{CAFE5834-5440-41B8-8C56-4DD946A1A5E1}) (Version: 4.6.21.1 - Brother Industries, Ltd.) Hidden ControlCenter4 CSDK (HKLM-x32\...\{1E89F75C-EF46-406C-9AAC-615B3CCC1D3D}) (Version: 4.3.2.1 - Brother Insutries Ltd.) Hidden Crusader Kings II MULTi4 - ElAmigos Version 3.0.0 (HKLM-x32\...\{9485E8B2-2BC1-4632-9B79-9597768873BD}_is1) (Version: 3.0.0 - Paradox Interactive) Crusader Kings III Royal Edition MULTi7 - ElAmigos Version 1.2.1 (HKLM-x32\...\{390B5299-2855-4561-AFD9-E8EB1306138B}_is1) (Version: 1.2.1 - Paradox Interactive) Crusader Kings III Royal Edition MULTi7 5451646 (HKLM-x32\...\Crusader Kings III Royal Edition MULTi7 5451646) (Version: 5451646 - ) Crusader Kings III Royal Edition Update 5 MULTi7 5708797 (HKLM-x32\...\Crusader Kings III Royal Edition Update 5 MULTi7 5708797) (Version: 5708797 - ) DAEMON Tools Ultra (HKLM-x32\...\DAEMON Tools Ultra) (Version: 3.0.0.0310 - Disc Soft Ltd) Darkest Dungeon The Crimson Court (HKLM-x32\...\Darkest Dungeon The Crimson Court_is1) (Version: - ) Dawn of Man MULTi4 - ElAmigos Version 1.4.0 (HKLM-x32\...\{C9209A07-3293-4BE1-9FE8-44CE47D77223}_is1) (Version: 1.4.0 - Madruga Works) Dawn of Man Solstice (HKLM-x32\...\Dawn of Man Solstice_is1) (Version: - ) DeviceDetect (HKLM-x32\...\{2AE08F71-6282-4083-B049-B4069679559E}) (Version: 1.4.5.0 - Brother Industries Ltd.) Hidden DiagnosticsHub_CollectionService (HKLM\...\{1F3C3AAC-9F7A-47DA-A082-0ACE770041BE}) (Version: 16.1.28901 - Microsoft Corporation) Hidden Discord (HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\Discord) (Version: 0.0.311 - Discord Inc.) Divinity Original Sin 2 Definitive Edition Update 25 MULTi2 3.6.69.4648 (HKLM-x32\...\Divinity Original Sin 2 Definitive Edition Update 25 MULTi2 3.6.69.4648) (Version: 3.6.69.4648 - ) Endless Space 2 (HKLM-x32\...\Endless Space 2_is1) (Version: - ) Entity Framework 6.2.0 Tools for Visual Studio 2019 (HKLM-x32\...\{F878746A-C5F7-420A-A672-4DFEF74ADC3A}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden Epic Games Launcher (HKLM-x32\...\{E0419FB0-0C46-4F07-9D5B-2FD78A8C45ED}) (Version: 1.3.0.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.) Fallout 4 MULTi2 1.1.30 (HKLM-x32\...\Fallout 4 MULTi2 1.1.30) (Version: - ) Foundation (HKLM-x32\...\1446930743_is1) (Version: alpha 1.7.10.0630 - GOG.com) FTL - Advanced Edition (HKLM-x32\...\GOGPACKFTL_is1) (Version: 2.3.0.13 - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.54 - Google LLC) Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot) HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden HUMANKIND Digital Deluxe Edition MULTi10 7197073 (HKLM-x32\...\HUMANKIND Digital Deluxe Edition MULTi10 7197073) (Version: 7197073 - ) icecap_collection_neutral (HKLM-x32\...\{1036893D-9917-4E70-B96C-8D72A2B224BC}) (Version: 16.10.31306 - Microsoft Corporation) Hidden icecap_collection_x64 (HKLM\...\{289873DF-80D0-4D7D-8068-D25D342A26FA}) (Version: 16.10.31306 - Microsoft Corporation) Hidden icecap_collectionresources (HKLM-x32\...\{87A0DCD8-E774-4484-8676-B5214CCB8B5A}) (Version: 16.10.31306 - Microsoft Corporation) Hidden icecap_collectionresourcesx64 (HKLM-x32\...\{F9CE4297-DD31-437B-91AC-DC90574288A2}) (Version: 16.10.31306 - Microsoft Corporation) Hidden iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation) IntelliTraceProfilerProxy (HKLM-x32\...\{7D94CF67-6666-4111-B027-D7AB7F189F70}) (Version: 15.0.18198.01 - Microsoft Corporation) Hidden iTunes (HKLM\...\{349A0EEF-DE2E-48DD-87CB-A94E3D03DCBD}) (Version: 12.12.1.1 - Apple Inc.) Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) JDownloader 2 (HKLM\...\jdownloader2-1) (Version: 2.0 - AppWork GmbH) Kits Configuration Installer (HKLM-x32\...\{E75A9998-E979-760B-6AEB-49763F279EDD}) (Version: 10.1.19041.685 - Microsoft) Hidden Knights of Pen and Paper 2 (HKLM\...\S25pZ2h0c29mUGVuYW5kUGFwZXIy_is1) (Version: 1 - ) Kumulatives Microsoft .NET Framework Intellisense Pack für Visual Studio (Deutsch) (HKLM-x32\...\{E1F68FC9-F23C-4F44-8092-CAC55E43A80B}) (Version: 4.8.03761 - Microsoft Corporation) Hidden Last Man (HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\Last Man) (Version: - ) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Life is Strange Before the Storm Deluxe Edition Incl. Bonus Episode MULTi2 1.0 (HKLM-x32\...\Life is Strange Before the Storm Deluxe Edition Incl. Bonus Episode MULTi2 1.0) (Version: 1.0 - ) Life is Strange Before the Storm Deluxe Edition MULTi2 1.0 (HKLM-x32\...\Life is Strange Before the Storm Deluxe Edition MULTi2 1.0) (Version: 1.0 - ..) Life is Strange Before the Storm Deluxe Edition Update 1 MULTi2 1.0 (HKLM-x32\...\Life is Strange Before the Storm Deluxe Edition Update 1 MULTi2 1.0) (Version: 1.0 - ) Life Is Strange Complete Season MULTi2 1.0 (HKLM-x32\...\Life Is Strange Complete Season MULTi2 1.0) (Version: - ) Life Is Strange Complete Season Update 1 1.0 (HKLM-x32\...\Life Is Strange Complete Season Update 1 1.0) (Version: - ) Logi Bolt (HKLM\...\LogiBolt) (Version: 1.01.415.0 - Logi) LogiOptionsExcelAddin (HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\5B9DBC017A73395321F758581D1CBC19EA9DF4FF) (Version: 9.40.13.0 - Logitech) LogiOptionsPowerPointAddin (HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\2C15990041C0A40782166403A24D0F52DFC41095) (Version: 9.40.13.0 - Logitech) LogiOptionsWordAddin (HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\77F95DB8F75F35C40BD868B4D39ADCCB966A0FD1) (Version: 9.40.13.0 - Logitech) Logitech Options (HKLM\...\LogiOptions) (Version: 9.40.86 - Logitech) Microsoft .NET SDK 5.0.402 (x64) from Visual Studio (HKLM\...\{A6889A2D-DA5E-4DED-B563-DAF5BE5252AA}) (Version: 5.4.221.47606 - Microsoft Corporation) Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.14430.20306 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.30 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 95.0.1020.30 - Microsoft Corporation) Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.196.0921.0007 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\Teams) (Version: 1.4.00.2879 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30135 (HKLM-x32\...\{fa7f6d52-f85e-48ef-8f56-a37268aa5772}) (Version: 14.29.30135.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30135 (HKLM-x32\...\{b7a2b241-3f54-4d7d-94d1-8ce0146e03c7}) (Version: 14.29.30135.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.60724 - Microsoft Corporation) Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.11.40.25675 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2019 CTP2.2 (HKLM\...\{0AF3B52A-F38D-4D63-9F72-73623C601CD9}) (Version: 15.0.1200.24 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2019 CTP2.2 (HKLM-x32\...\{BF16A1DB-06A6-4A8E-B7A8-61F1F9C9FBA3}) (Version: 15.0.1200.24 - Microsoft Corporation) Minecraft - ElAmigos Version 1.15.1 (HKLM-x32\...\{64E20254-DB52-4EC0-97E4-93B7C7B2DEDA}_is1) (Version: 1.15.1 - Mojang) Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 93.0 (x64 de)) (Version: 93.0 - Mozilla) MSI Development Tools (HKLM-x32\...\{7AAC93B0-F3D7-6B24-6B37-9E74980C1C81}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden NetworkRepairTool (HKLM-x32\...\{947DE453-69FD-4CF6-A682-04D1308C79AF}) (Version: 1.2.15.0 - Brother Industries, Ltd.) Hidden Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.1.5 - Notepad++ Team) Nuance Power PDF Advanced (HKLM\...\{C53A8571-CB00-4844-972C-A2242433199C}) (Version: 2.10.6415 - Nuance Communications, Inc.) NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation) NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation) NVIDIA Grafiktreiber 496.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 496.49 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.38.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.92 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20306 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20306 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.14430.20234 - Microsoft Corporation) Hidden OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation) paint.net (HKLM\...\{1F895C18-6A2F-4A9E-BBE9-246783070F37}) (Version: 4.0.16 - dotPDN LLC) Paket zur Festlegung von Zielversionen von Microsoft .NET Framework 4.7.2 (Deutsch) (HKLM-x32\...\{98FE7C2A-22A4-401A-B45B-2AA107C06DD7}) (Version: 4.7.03062 - Microsoft Corporation) Hidden PCFaxTx (HKLM-x32\...\{90338D66-4493-4DC3-A8C7-EB6FD5282B02}) (Version: 3.7.12.1 - Brother Industries Ltd.) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8228 - Realtek Semiconductor Corp.) ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden ScummVM 1.8.0 (HKLM-x32\...\ScummVM_is1) (Version: - The ScummVM Team) SDK ARM Additions (HKLM-x32\...\{FCF9D89E-6F79-64FB-B08D-B0E69FF54DEE}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden SDK ARM Redistributables (HKLM-x32\...\{72DB07D6-E166-5A3F-B6E6-4664383781B8}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden Sid Meiers Civilization IV Complete Edition MULTi6 - ElAmigos Version 3.19 (HKLM-x32\...\{FD42D320-CEFC-44B3-B2B4-53598CABA43A}_is1) (Version: 3.19 - 2K) Sid Meiers Civilization VI Gathering Storm (HKLM-x32\...\Sid Meiers Civilization VI Gathering Storm_is1) (Version: - ) SilentSetup (HKLM-x32\...\{BA073B32-292B-424A-97E1-70C25CD1075F}) (Version: 1.0.0 - Default Company Name) Hidden Skype Version 8.67 (HKLM-x32\...\Skype_is1) (Version: 8.67 - Skype Technologies S.A.) Stardew Valley - ElAmigos Version 1.2.33 (HKLM-x32\...\{B798256B-8466-4DB5-A6A9-6A2C80B40D25}_is1) (Version: 1.2.33 - Chucklefish) StatusMonitor (HKLM-x32\...\{1F4C40FC-9C25-450C-9F77-0AE71CA0DB64}) (Version: 1.22.14.0 - Brother Industries, Ltd.) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stellaris Galaxy Edition Incl. Update 2.7.2 MULTi2 2.7.2 (HKLM-x32\...\Stellaris Galaxy Edition Incl. Update 2.7.2 MULTi2 2.7.2) (Version: 2.7.2 - ) SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.3.3 - Krzysztof Kowalczyk) Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.19572 - Microsoft Corporation) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.8.3 - TeamViewer) The Curious Expedition (HKLM-x32\...\1453128328_is1) (Version: 1.3.11.7 - GOG.com) The Fermi Paradox (HKLM-x32\...\1295495170_is1) (Version: 0.63.B.5 - GOG.com) The Long Dark Incl. Update v1.21 MULTi16 1.21 (HKLM-x32\...\The Long Dark Incl. Update v1.21 MULTi16 1.21) (Version: 1.21 - ..) The Long Dark MULTi16 - ElAmigos Version 1.15 (HKLM-x32\...\{D66E1FE6-A572-4A4D-AF86-C75A208F81F5}_is1) (Version: 1.15 - Hinterland Studio Inc.) The Witcher 3 Wild Hunt Game of the Year Edition MULTi2 1.31 (HKLM-x32\...\The Witcher 3 Wild Hunt Game of the Year Edition MULTi2 1.31) (Version: - ) This War of Mine - The Little Ones (HKLM-x32\...\1109065057_is1) (Version: 2.3.0.7 - GOG.com) This War of Mine (HKLM-x32\...\1207666873_is1) (Version: 2.4.0.8 - GOG.com) Total Commander Ultima Prime 6.8 (HKLM-x32\...\TC UP) (Version: 6.8.0.1227 - TC UP Team) TypeScript SDK (HKLM-x32\...\{6D0FC687-BA41-4DFD-80B4-3469E567AA0F}) (Version: 4.3.5.0 - Microsoft Corporation) Hidden Tyranny Overlord Edition MULTi2 1.0 (HKLM-x32\...\Tyranny Overlord Edition MULTi2 1.0) (Version: - ) Tyranny Overlord Edition Update 2 MULTi2 1.0.2.0021 (HKLM-x32\...\Tyranny Overlord Edition Update 2 MULTi2 1.0.2.0021) (Version: 1.0.2.0021 - ) Universal CRT Extension SDK (HKLM-x32\...\{4D69FB64-4443-F2DD-DE1C-F14FD98AAC59}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (HKLM-x32\...\{6B56745A-F6A4-C51C-933A-AD96C00683EA}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Redistributable (HKLM-x32\...\{A57CD0A6-4297-FD30-34A4-34758B6F5F69}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden Universal CRT Tools x64 (HKLM\...\{CD06199B-41C1-AE6D-7567-984CC68792C3}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden Universal CRT Tools x86 (HKLM-x32\...\{BD75F257-50A4-E0CD-9942-C3550CA3E66A}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden Universal General MIDI DLS Extension SDK (HKLM-x32\...\{A7E95C47-B5F4-110C-D27A-DECB03412B96}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden vcpp_crt.redist.clickonce (HKLM-x32\...\{045E4805-BFCA-4A5F-B3BE-B80B000EDB83}) (Version: 14.29.30135 - Microsoft Corporation) Hidden Visual Studio Community 2019 (HKLM-x32\...\e0ddcc2d) (Version: 16.11.5 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN) VS Immersive Activate Helper (HKLM-x32\...\{A71406B5-E487-4B01-8E59-D466841350F5}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden VS JIT Debugger (HKLM\...\{C7E8A4F2-EF09-42A8-B892-69D5ED99D965}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden VS Script Debugging Common (HKLM\...\{A4272808-82F5-410F-A5F9-1BF6F63F6B9A}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden vs_BlendMsi (HKLM-x32\...\{B5E3A3E1-1529-4D5A-9E95-34971FA07825}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_clickoncebootstrappermsi (HKLM-x32\...\{6F7948F9-8EED-4FA5-A1D9-7DD512A2CA26}) (Version: 16.10.31206 - Microsoft Corporation) Hidden vs_clickoncebootstrappermsires (HKLM-x32\...\{271F1F42-B547-4498-825F-590DBB1774F7}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_clickoncesigntoolmsi (HKLM-x32\...\{30D97A69-3C0F-4552-9A72-60E591B210C7}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_communitymsi (HKLM-x32\...\{CE912A42-1D6A-4F54-A263-F54E7D3F8E09}) (Version: 16.11.31613 - Microsoft Corporation) Hidden vs_communitymsires (HKLM-x32\...\{85309CBF-4898-412A-8218-1DC44FEEFD97}) (Version: 16.10.31213 - Microsoft Corporation) Hidden vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_filehandler_amd64 (HKLM-x32\...\{102E83BD-B6A0-4C74-AD22-7D594A3435D3}) (Version: 16.11.31503 - Microsoft Corporation) Hidden vs_filehandler_x86 (HKLM-x32\...\{6CBDE7BE-E956-4E0E-81FB-2CB79190C924}) (Version: 16.11.31503 - Microsoft Corporation) Hidden vs_FileTracker_Singleton (HKLM-x32\...\{05CA3463-0B45-425D-9AF2-E1964AB85CBB}) (Version: 16.10.31303 - Microsoft Corporation) Hidden vs_Graphics_Singletonx64 (HKLM\...\{76133D32-1325-48F3-929A-27EC7A323FBA}) (Version: 16.10.31213 - Microsoft Corporation) Hidden vs_Graphics_Singletonx86 (HKLM-x32\...\{E42F1CFF-80C7-4865-B378-1EFCF312C1BF}) (Version: 16.10.31213 - Microsoft Corporation) Hidden vs_minshellinteropmsi (HKLM-x32\...\{883D29E5-9A41-4C45-A192-C10B8078BF0C}) (Version: 16.10.31306 - Microsoft Corporation) Hidden vs_minshellmsi (HKLM-x32\...\{53D1C36A-E35A-45B3-801B-F49BDD425293}) (Version: 16.11.31503 - Microsoft Corporation) Hidden vs_minshellmsires (HKLM-x32\...\{8C5B1421-CACA-461B-A173-98B1C7864D06}) (Version: 16.10.31303 - Microsoft Corporation) Hidden vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{9A9E968E-1C75-4B85-BCBF-D1E26D6F7A6B}) (Version: 16.10.31205 - Microsoft Corporation) Hidden vs_tipsmsi (HKLM-x32\...\{E208E682-50EE-4F2F-9860-C91B906B8A03}) (Version: 16.0.28329 - Microsoft Corporation) Hidden Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.) Warlock 2: The Exiled Update v2.1.143 (HKLM-x32\...\V2FybG9jazJUaGVFeGlsZWQ=_is1) (Version: 1 - ) WinAppDeploy (HKLM-x32\...\{2ADF1977-BF31-E127-B651-AC28A8658317}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation) Windows SDK AddOn (HKLM-x32\...\{E18618EC-D9DB-4BCE-B382-85ADA2CBB340}) (Version: 10.1.0.0 - Microsoft Corporation) Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) Windows Software Development Kit - Windows 10.0.19041.685 (HKLM-x32\...\{4591faf1-a2db-4a3d-bfda-aa5a4ebb1587}) (Version: 10.1.19041.685 - Microsoft Corporation) WinRT Intellisense Desktop - en-us (HKLM-x32\...\{BCF7CA0F-E53C-2A4F-B128-A751EC9A1016}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{B42BF427-AFDB-C00F-DB60-6F51395D74A1}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden WinRT Intellisense IoT - en-us (HKLM-x32\...\{3335615C-ABEB-960E-2226-4274CD28E046}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{216D5F47-257D-6284-5849-B51037875EFA}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden WinRT Intellisense Mobile - en-us (HKLM-x32\...\{443FF51E-16C3-F23B-18FC-0D1D66024B0B}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden WinRT Intellisense PPI - en-us (HKLM-x32\...\{15E29AFF-CB19-A20B-9A81-B0765A63115F}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{FF2B49B7-0254-3D6A-4BE0-EF4C59DBCC2B}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden WinRT Intellisense UAP - en-us (HKLM-x32\...\{0AF3B821-474B-1885-473A-6E3FB4F1CF71}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{8832F8ED-1035-9ABE-FD73-4E5ABAA84A5C}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden Wreckfest MULTi2 1.0 (HKLM-x32\...\Wreckfest MULTi2 1.0) (Version: 1.0 - ..) Wreckfest Update 2 MULTi2 1.0 (HKLM-x32\...\Wreckfest Update 2 MULTi2 1.0) (Version: 1.0 - ..) XAMPP (HKLM\...\xampp) (Version: 8.0.11-2 - Bitnami) Zoom (HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\ZoomUMX) (Version: 5.4.3 (58891.1115) - Zoom Video Communications, Inc.) Packages: ========= Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-10-28] (Microsoft Corporation) Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-28] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-10-28] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-10-28] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.9220.0_x64__8wekyb3d8bbwe [2021-10-28] (Microsoft Studios) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-10-28] (NVIDIA Corp.) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-3782075860-127496113-178799132-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\Kasimal\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC) CustomCLSID: HKU\S-1-5-21-3782075860-127496113-178799132-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Kasimal\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3782075860-127496113-178799132-1001_Classes\CLSID\{3BA2E6B1-A6A1-CCF6-942C-D370B14D842B} -> [OneDrive - adidas] => C:\Users\Kasimal\OneDrive - adidas ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.196.0921.0007\amd64\FileSyncShell64.dll [2021-10-12] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.196.0921.0007\amd64\FileSyncShell64.dll [2021-10-12] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.196.0921.0007\amd64\FileSyncShell64.dll [2021-10-12] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.196.0921.0007\amd64\FileSyncShell64.dll [2021-10-12] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.196.0921.0007\amd64\FileSyncShell64.dll [2021-10-12] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.196.0921.0007\amd64\FileSyncShell64.dll [2021-10-12] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.196.0921.0007\amd64\FileSyncShell64.dll [2021-10-12] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.196.0921.0007\amd64\FileSyncShell64.dll [2021-10-12] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.196.0921.0007\amd64\FileSyncShell64.dll [2021-10-12] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.196.0921.0007\amd64\FileSyncShell64.dll [2021-10-12] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.196.0921.0007\amd64\FileSyncShell64.dll [2021-10-12] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.196.0921.0007\amd64\FileSyncShell64.dll [2021-10-12] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.196.0921.0007\amd64\FileSyncShell64.dll [2021-10-12] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.196.0921.0007\amd64\FileSyncShell64.dll [2021-10-12] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.196.0921.0007\amd64\FileSyncShell64.dll [2021-10-12] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2021-09-26] (Notepad++ -> ) ContextMenuHandlers1: [NPDF.ShellExtension] -> {03DDC0E5-AF08-40a2-85B9-FEDF1F4A780C} => C:\Program Files (x86)\Nuance\Power PDF 21\ShellExt.dll [2017-05-16] (Nuance Communications, Inc. -> Nuance Communications, Inc.) ContextMenuHandlers1: [Nuance.SMFCDirectShellExt] -> {B080A0B4-C3ED-4E09-B92C-66D5829AA764} => C:\Program Files (x86)\Nuance\Power PDF 21\bin\SDirectShellExt.dll [2017-04-28] (ZEON CORPORATION -> Zeon International Investment Corp.) ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2017-12-15] (Disc Soft Ltd -> Disc Soft Ltd) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2017-12-15] (Disc Soft Ltd -> Disc Soft Ltd) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.196.0921.0007\amd64\FileSyncShell64.dll [2021-10-12] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.196.0921.0007\amd64\FileSyncShell64.dll [2021-10-12] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\nvshext.dll [2021-10-21] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert] ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== ==================== Verknüpfungen & WMI ======================== ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2021-10-16 20:43 - 2021-10-16 20:43 - 004496384 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DiscSoft.NET.Common\00432f3396e9cee7ebf36ac7e8b7c48e\DiscSoft.NET.Common.ni.dll 2017-09-27 22:21 - 2018-05-02 15:25 - 000091648 _____ () [Datei ist nicht signiert] C:\WINDOWS\system32\BrNetSti.dll 2017-09-27 22:21 - 2010-03-16 01:04 - 000143360 _____ () [Datei ist nicht signiert] C:\WINDOWS\system32\BrSNMP64.dll 2021-10-28 18:27 - 2021-10-28 18:27 - 001195008 _____ (ESET) [Datei ist nicht signiert] C:\Users\Kasimal\AppData\Local\ESET\ESETOnlineScanner\esets_apiW_a.DLL ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896 HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896 HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896 HKU\S-1-5-21-3782075860-127496113-178799132-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896 HKU\S-1-5-21-3782075860-127496113-178799132-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141 SearchScopes: HKLM -> DefaultScope {F9A0C13D-1A5E-45E2-80B7-28E37D4D682A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKU\S-1-5-21-3782075860-127496113-178799132-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 SearchScopes: HKU\S-1-5-21-3782075860-127496113-178799132-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-10-18] (Microsoft Corporation -> Microsoft Corporation) BHO: Nuance PDF Conversion Toolbar Helper -> {940361F8-7F16-4498-AB43-2EFFE0235AFA} -> C:\Program Files (x86)\Nuance\Power PDF 21\Bin\SPDFIEFavClient_x64.dll [2017-02-10] (Nuance Communications, Inc. -> Zeon Corporation) BHO: PlusIEEventHelper Class -> {9D137966-2E29-45C5-9B12-29D5427F8F66} -> C:\Program Files (x86)\Nuance\Power PDF 21\Bin\PlusIEContextMenu_x64.dll [2017-02-10] (Nuance Communications, Inc. -> Zeon Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2021-10-18] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-18] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-08-26] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Nuance PDF Conversion Toolbar Helper -> {940361F8-7F16-4498-AB43-2EFFE0235AFA} -> C:\Program Files (x86)\Nuance\Power PDF 21\Bin\SPDFIEFavClient.dll [2017-02-10] (Nuance Communications, Inc. -> Zeon Corporation) BHO-x32: PlusIEEventHelper Class -> {9D137966-2E29-45C5-9B12-29D5427F8F66} -> C:\Program Files (x86)\Nuance\Power PDF 21\Bin\PlusIEContextMenu.dll [2017-02-10] (Nuance Communications, Inc. -> Zeon Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2021-10-18] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-08-26] (Oracle America, Inc. -> Oracle Corporation) Toolbar: HKLM - Nuance PDF Toolbar - {BED78D9C-A025-4FE9-B3BA-27E6D376A3D5} - C:\Program Files (x86)\Nuance\Power PDF 21\Bin\SPDFIEFavClient_x64.dll [2017-02-10] (Nuance Communications, Inc. -> Zeon Corporation) Toolbar: HKLM-x32 - Nuance PDF Toolbar - {BED78D9C-A025-4FE9-B3BA-27E6D376A3D5} - C:\Program Files (x86)\Nuance\Power PDF 21\Bin\SPDFIEFavClient.dll [2017-02-10] (Nuance Communications, Inc. -> Zeon Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-18] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-18] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-18] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-18] (Microsoft Corporation -> Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\sharepoint.com -> hxxps://adidasgroup-files.sharepoint.com ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2015-07-10 13:02 - 2021-10-28 11:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\ HKU\S-1-5-21-3782075860-127496113-178799132-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kasimal\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "TuneupUI.exe" HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Dropbox" HKLM\...\StartupApproved\Run32: => "I16A" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller" HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\StartupApproved\StartupFolder: => "WhatsApp.lnk" HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\StartupApproved\StartupFolder: => "OneDrive for Business.lnk" HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\StartupApproved\Run: => "iCloudDrive" HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\StartupApproved\Run: => "ApplePhotoStreams" HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\StartupApproved\Run: => "iCloudPhotos" HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\StartupApproved\Run: => "Overwolf" HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\StartupApproved\Run: => "World of Warships" HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\StartupApproved\Run: => "OneDriveSetup" HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\StartupApproved\Run: => "com.squirrel.WhatsApp.WhatsApp" HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\StartupApproved\Run: => "electron.app.Untapped.gg Companion" HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\StartupApproved\Run: => "MTGApro" HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\StartupApproved\Run: => "mtgaprotracker" HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\StartupApproved\Run: => "CiscoMeetingDaemon" HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer" HKU\S-1-5-21-3782075860-127496113-178799132-1001\...\StartupApproved\Run: => "EpicGamesLauncher" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{99647C2A-4BC6-4901-BDA4-F463C0A9B0CA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{F32128E7-D0F7-465A-8FBE-8F081F51C5E7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{ED91ECF7-82E8-49C6-8E4A-C85EDC8CD16E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{CE1A530E-300D-46FC-8452-69BB34B6F2B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [UDP Query User{6903B98F-0A07-4B9D-8742-3005D8FB4E03}D:\games\old worlds\install\oldworld.exe] => (Allow) D:\games\old worlds\install\oldworld.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{FFC7ED1B-77E1-40FB-BB14-E24F4E002E7A}D:\games\old worlds\install\oldworld.exe] => (Allow) D:\games\old worlds\install\oldworld.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{C43FE2B2-84CD-4F6E-8E16-C37380F44A14}D:\games\the long journey home\game\tljh\binaries\win64\tljh-win64-shipping.exe] => (Block) D:\games\the long journey home\game\tljh\binaries\win64\tljh-win64-shipping.exe => Keine Datei FirewallRules: [TCP Query User{5B36445C-3C77-4317-A23D-8630197D8A4E}D:\games\the long journey home\game\tljh\binaries\win64\tljh-win64-shipping.exe] => (Block) D:\games\the long journey home\game\tljh\binaries\win64\tljh-win64-shipping.exe => Keine Datei FirewallRules: [UDP Query User{EAD99E26-747B-41AA-ABB1-86108E095615}D:\games\borderlands 3\game\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\borderlands 3\game\oakgame\binaries\win64\borderlands3.exe => Keine Datei FirewallRules: [TCP Query User{677908C6-AFC7-4EB6-B549-A86E62211B98}D:\games\borderlands 3\game\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\borderlands 3\game\oakgame\binaries\win64\borderlands3.exe => Keine Datei FirewallRules: [UDP Query User{F2810577-6574-4686-BAD2-50542DC3AD0C}D:\games\magic arena\mtga\mtga.exe] => (Allow) D:\games\magic arena\mtga\mtga.exe => Keine Datei FirewallRules: [TCP Query User{1BA4D3AF-43E7-42E9-BF26-608E1388771D}D:\games\magic arena\mtga\mtga.exe] => (Allow) D:\games\magic arena\mtga\mtga.exe => Keine Datei FirewallRules: [UDP Query User{496B9AAE-E1D4-4D56-8D40-EAA4DB88D6AE}C:\total war - warhammer ii\warhammer2.exe] => (Block) C:\total war - warhammer ii\warhammer2.exe => Keine Datei FirewallRules: [TCP Query User{4FD2C299-9230-474A-8B33-DBA2A6589FDD}C:\total war - warhammer ii\warhammer2.exe] => (Block) C:\total war - warhammer ii\warhammer2.exe => Keine Datei FirewallRules: [UDP Query User{DB77D9AD-82C3-4C25-BED3-48B369AD57DD}D:\games\total war warhammer 2\total war - warhammer ii\warhammer2.exe] => (Block) D:\games\total war warhammer 2\total war - warhammer ii\warhammer2.exe => Keine Datei FirewallRules: [TCP Query User{55132E68-F4EF-45BD-AC2D-07496A85C30E}D:\games\total war warhammer 2\total war - warhammer ii\warhammer2.exe] => (Block) D:\games\total war warhammer 2\total war - warhammer ii\warhammer2.exe => Keine Datei FirewallRules: [UDP Query User{2BC6CB3B-75A0-44B3-885B-2E3C7E754D4C}D:\games\life is strange before the storm\game\life is strange - before the storm.exe] => (Block) D:\games\life is strange before the storm\game\life is strange - before the storm.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{9CDFFA94-9589-4C84-86A0-0EE5DCD22F91}D:\games\life is strange before the storm\game\life is strange - before the storm.exe] => (Block) D:\games\life is strange before the storm\game\life is strange - before the storm.exe () [Datei ist nicht signiert] FirewallRules: [{9F8C57C1-46AD-4CA8-94AE-0AE350749A26}] => (Allow) D:\steam\steamapps\common\Life is Strange - Before the Storm\Life is Strange - Before the Storm.exe () [Datei ist nicht signiert] FirewallRules: [{3173AAE9-4098-4D12-8C3F-0A3DF3F1FF82}] => (Allow) D:\steam\steamapps\common\Life is Strange - Before the Storm\Life is Strange - Before the Storm.exe () [Datei ist nicht signiert] FirewallRules: [{867685CD-5917-4441-A539-31EDC09B57F3}] => (Allow) D:\steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei FirewallRules: [{C96B31E3-6B1A-454B-96B3-A97CB331D0C2}] => (Allow) D:\steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei FirewallRules: [{D6557ADD-650A-49B4-8368-48E593D8A309}] => (Allow) D:\steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{F465F662-6F59-4EE9-805E-C7F741A2BB6E}] => (Allow) D:\steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [UDP Query User{BD918C51-2EBD-45AB-B7A9-3AF4A7F96DFC}D:\games\citadel\citadel\binaries\win64\citadel-win64-shipping.exe] => (Block) D:\games\citadel\citadel\binaries\win64\citadel-win64-shipping.exe => Keine Datei FirewallRules: [TCP Query User{D729DBE7-5C9B-4A12-AD57-ABB76366B8C7}D:\games\citadel\citadel\binaries\win64\citadel-win64-shipping.exe] => (Block) D:\games\citadel\citadel\binaries\win64\citadel-win64-shipping.exe => Keine Datei FirewallRules: [UDP Query User{36BC5C36-18A7-407D-B1E6-02422D1470A9}C:\total war warhammer\warhammer.exe] => (Block) C:\total war warhammer\warhammer.exe => Keine Datei FirewallRules: [TCP Query User{4AB28F12-6EBF-4821-B1EB-9A50BCF7B3B6}C:\total war warhammer\warhammer.exe] => (Block) C:\total war warhammer\warhammer.exe => Keine Datei FirewallRules: [UDP Query User{91D8B06B-8FF7-4F58-AE89-09FD21103572}D:\games\total war warhammer\total war warhammer\warhammer.exe] => (Block) D:\games\total war warhammer\total war warhammer\warhammer.exe => Keine Datei FirewallRules: [TCP Query User{A7E15AD9-158F-481E-AF6F-E194A3AB2BC8}D:\games\total war warhammer\total war warhammer\warhammer.exe] => (Block) D:\games\total war warhammer\total war warhammer\warhammer.exe => Keine Datei FirewallRules: [UDP Query User{52F3C716-5F70-4009-ABD4-D5532ACCDAF9}D:\games\world of warships testserver\wowslauncher.exe] => (Allow) D:\games\world of warships testserver\wowslauncher.exe => Keine Datei FirewallRules: [TCP Query User{A8482A23-D800-4406-93C3-2C2510D359B5}D:\games\world of warships testserver\wowslauncher.exe] => (Allow) D:\games\world of warships testserver\wowslauncher.exe => Keine Datei FirewallRules: [{8ED938D4-CE0B-4A97-A272-6A8BE2C8FA97}] => (Allow) D:\Games\World of Warships\worldofwarships.exe => Keine Datei FirewallRules: [{076820B4-E0F8-4C36-A9F7-2FB90D435724}] => (Allow) D:\Games\World of Warships\worldofwarships.exe => Keine Datei FirewallRules: [{8B7383AD-B746-499F-8E7F-27524D7EC092}] => (Allow) D:\Games\World of Warships\WoWSLauncher.exe => Keine Datei FirewallRules: [{37A5AAA1-7B83-4A3B-A89B-451601006B32}] => (Allow) D:\Games\World of Warships\WoWSLauncher.exe => Keine Datei FirewallRules: [UDP Query User{3A5DEBBC-723B-4F38-8E7A-E21142B908A3}D:\games\northgard\northgard.exe] => (Block) D:\games\northgard\northgard.exe => Keine Datei FirewallRules: [TCP Query User{3B8B4031-EA9E-4889-803F-2B02E0EC67FF}D:\games\northgard\northgard.exe] => (Block) D:\games\northgard\northgard.exe => Keine Datei FirewallRules: [UDP Query User{08998776-AF9F-4C2A-BD3F-98AFF92E735C}D:\games\spaz2 v0.8.6\spaz2_64.exe] => (Block) D:\games\spaz2 v0.8.6\spaz2_64.exe => Keine Datei FirewallRules: [TCP Query User{75037577-0025-41CD-B12C-1353E1CC4B2A}D:\games\spaz2 v0.8.6\spaz2_64.exe] => (Block) D:\games\spaz2 v0.8.6\spaz2_64.exe => Keine Datei FirewallRules: [{12107722-8CE4-4600-9255-A8CB9EC87BB1}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe => Keine Datei FirewallRules: [{B9C396E7-8E94-4752-91C2-7213DA5E3D48}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe => Keine Datei FirewallRules: [UDP Query User{F074C343-E1AA-45E5-A2C2-0062404A3062}G:\games\civ 4 colonization\game\colonization_pitboss.exe] => (Allow) G:\games\civ 4 colonization\game\colonization_pitboss.exe => Keine Datei FirewallRules: [TCP Query User{A472F25B-AC76-46C0-9DF9-7553164D7376}G:\games\civ 4 colonization\game\colonization_pitboss.exe] => (Allow) G:\games\civ 4 colonization\game\colonization_pitboss.exe => Keine Datei FirewallRules: [UDP Query User{917E22C7-38A1-4AA3-90E2-6A0516973798}G:\games\heartstone\hearthstone\hearthstone.exe] => (Allow) G:\games\heartstone\hearthstone\hearthstone.exe => Keine Datei FirewallRules: [TCP Query User{C783D3CD-E779-450F-8108-6EFE83C85AAD}G:\games\heartstone\hearthstone\hearthstone.exe] => (Allow) G:\games\heartstone\hearthstone\hearthstone.exe => Keine Datei FirewallRules: [TCP Query User{F287E406-5E9A-4A13-889A-CCA460430E89}D:\games\hearthstone\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone\hearthstone.exe => Keine Datei FirewallRules: [UDP Query User{41E00AEA-0FE1-47BB-B892-69B624B60F2A}D:\games\hearthstone\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone\hearthstone.exe => Keine Datei FirewallRules: [TCP Query User{D583C97F-102C-4B79-BE0A-115F4B88608A}C:\program files (x86)\tc up\plugins\tools\hfs\hfs.exe] => (Block) C:\program files (x86)\tc up\plugins\tools\hfs\hfs.exe => Keine Datei FirewallRules: [UDP Query User{29A18F87-4CAE-47F6-B8B5-11F6F53F6A76}C:\program files (x86)\tc up\plugins\tools\hfs\hfs.exe] => (Block) C:\program files (x86)\tc up\plugins\tools\hfs\hfs.exe => Keine Datei FirewallRules: [TCP Query User{2C566B5B-B169-43D0-B9F7-CEDA37CB8466}D:\games\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\games\xcom 2\binaries\win64\xcom2.exe => Keine Datei FirewallRules: [UDP Query User{7E1A1951-0F34-4352-931A-FDACE176529C}D:\games\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\games\xcom 2\binaries\win64\xcom2.exe => Keine Datei FirewallRules: [{901DB5F6-1EEB-4D01-9A09-D74AF457AA36}] => (Allow) D:\Games\Steam\Steam.exe => Keine Datei FirewallRules: [{5F076827-15D7-4350-B45C-462BF450E379}] => (Allow) D:\Games\Steam\Steam.exe => Keine Datei FirewallRules: [{5FF2718F-FA50-4C26-BB58-DDF87BDBF46D}] => (Allow) D:\Games\Steam\bin\steamwebhelper.exe => Keine Datei FirewallRules: [{73AEB5C5-6A6F-4711-B43F-4AFE2D837302}] => (Allow) D:\Games\Steam\bin\steamwebhelper.exe => Keine Datei FirewallRules: [TCP Query User{A602CD57-5DEB-4B9D-BCBA-A1FC9FBA02DB}D:\games\master of orion\masteroforion.exe] => (Block) D:\games\master of orion\masteroforion.exe => Keine Datei FirewallRules: [UDP Query User{422DFADE-6377-4255-9350-9C3C47E79F8F}D:\games\master of orion\masteroforion.exe] => (Block) D:\games\master of orion\masteroforion.exe => Keine Datei FirewallRules: [TCP Query User{DF31D0FB-14F8-4D7D-8C2B-FF3C5B7BF23C}D:\downloads\nwjs-v0.18.5-win-x64\nw.exe] => (Allow) D:\downloads\nwjs-v0.18.5-win-x64\nw.exe => Keine Datei FirewallRules: [UDP Query User{BC2435AF-29FC-4DA2-A845-9F953071D87D}D:\downloads\nwjs-v0.18.5-win-x64\nw.exe] => (Allow) D:\downloads\nwjs-v0.18.5-win-x64\nw.exe => Keine Datei FirewallRules: [TCP Query User{FF921767-BCC6-4B1D-9F11-CD76475B5F4C}D:\games\dying light\dyinglightgame.exe] => (Block) D:\games\dying light\dyinglightgame.exe => Keine Datei FirewallRules: [UDP Query User{0A6E8747-51DF-4D58-A8D4-D7C9DAE63F40}D:\games\dying light\dyinglightgame.exe] => (Block) D:\games\dying light\dyinglightgame.exe => Keine Datei FirewallRules: [TCP Query User{286BF36C-DA20-4018-ABD3-6FB03D8B1741}D:\games\warlock 2\warlock 2 the exiled\game.exe] => (Block) D:\games\warlock 2\warlock 2 the exiled\game.exe (Ino-Co Plus) [Datei ist nicht signiert] FirewallRules: [UDP Query User{FE1E2458-389C-4C88-8B4E-3201A1DEC55C}D:\games\warlock 2\warlock 2 the exiled\game.exe] => (Block) D:\games\warlock 2\warlock 2 the exiled\game.exe (Ino-Co Plus) [Datei ist nicht signiert] FirewallRules: [TCP Query User{3DC159CC-5985-472A-AB84-E80DF0723723}D:\games\siedler 7\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Block) D:\games\siedler 7\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe => Keine Datei FirewallRules: [UDP Query User{688AF892-C61A-4416-AB1B-609526A3DE05}D:\games\siedler 7\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Block) D:\games\siedler 7\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe => Keine Datei FirewallRules: [TCP Query User{1975B2F3-7748-4DC6-9945-9D6427B15E23}D:\games\this war of mine\modtoolsns.exe] => (Block) D:\games\this war of mine\modtoolsns.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{DC3F55F1-C897-4C6C-B6DE-4B236AE99BD2}D:\games\this war of mine\modtoolsns.exe] => (Block) D:\games\this war of mine\modtoolsns.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{09F64DC2-406A-4020-B3C7-D4D8D8178AE2}D:\games\orwell\orwell_1.0.6180\orwell.exe] => (Block) D:\games\orwell\orwell_1.0.6180\orwell.exe => Keine Datei FirewallRules: [UDP Query User{84539623-B03E-44D1-A06D-B83DB2EA8DB7}D:\games\orwell\orwell_1.0.6180\orwell.exe] => (Block) D:\games\orwell\orwell_1.0.6180\orwell.exe => Keine Datei FirewallRules: [TCP Query User{05733F8C-00D4-4565-A685-C2B267CE30A8}D:\games\battlefield 1 multi2\bf1.exe] => (Block) D:\games\battlefield 1 multi2\bf1.exe => Keine Datei FirewallRules: [UDP Query User{F91F99EE-4CA1-4E90-BBA0-7D2DAB36D09D}D:\games\battlefield 1 multi2\bf1.exe] => (Block) D:\games\battlefield 1 multi2\bf1.exe => Keine Datei FirewallRules: [TCP Query User{EF19F48E-3A98-4C8E-8AA1-D8867218B213}D:\games\tom clancy's ghost recon future soldier\future soldier dx11.exe] => (Block) D:\games\tom clancy's ghost recon future soldier\future soldier dx11.exe => Keine Datei FirewallRules: [UDP Query User{9EAC318A-325A-44E0-9D25-2439AC6EB0B1}D:\games\tom clancy's ghost recon future soldier\future soldier dx11.exe] => (Block) D:\games\tom clancy's ghost recon future soldier\future soldier dx11.exe => Keine Datei FirewallRules: [{561E4F5E-78CC-40E0-9054-5D8C0D8DB09C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{91FFE7B2-C88E-4537-9594-050EA6F80C5A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{B60B89CF-6A1C-43F4-8423-7A279B0D84BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => Keine Datei FirewallRules: [{816C1586-DA90-4862-BF2F-3080B8E35E0E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{8CA93FF0-956B-42BC-917F-716161E607B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{B4417389-74F1-41DB-ACDD-0D0350E070B4}D:\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steam\steamapps\common\terraria\terrariaserver.exe => Keine Datei FirewallRules: [UDP Query User{C09900FC-68C9-4111-AFD9-BEE3B6B09069}D:\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steam\steamapps\common\terraria\terrariaserver.exe => Keine Datei FirewallRules: [TCP Query User{15577D30-0FEA-49D1-A501-8F648195838B}D:\games\hearthstone\battle.net\battle.net.9526\battle.net.exe] => (Allow) D:\games\hearthstone\battle.net\battle.net.9526\battle.net.exe => Keine Datei FirewallRules: [UDP Query User{4F1C1C4B-983D-40E9-A826-42D960644802}D:\games\hearthstone\battle.net\battle.net.9526\battle.net.exe] => (Allow) D:\games\hearthstone\battle.net\battle.net.9526\battle.net.exe => Keine Datei FirewallRules: [{413C82CD-A6E5-43C5-A8CF-9EE487ADF5AF}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Disc Soft Ltd -> Disc Soft Ltd) FirewallRules: [TCP Query User{474A085B-CE1B-4FFD-B148-C135D985B6E0}D:\games\the long dark\the long dark\tld.exe] => (Allow) D:\games\the long dark\the long dark\tld.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{A9A1B6B8-FA88-478F-86D9-3638EA8D7069}D:\games\the long dark\the long dark\tld.exe] => (Allow) D:\games\the long dark\the long dark\tld.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{2264FE22-36A9-45A5-9D79-CD3E4231231E}D:\games\the long dark\the long dark incl. update v1.21 multi16\tld.exe] => (Allow) D:\games\the long dark\the long dark incl. update v1.21 multi16\tld.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{85918B95-399B-428B-A657-3D73250ECC42}D:\games\the long dark\the long dark incl. update v1.21 multi16\tld.exe] => (Allow) D:\games\the long dark\the long dark incl. update v1.21 multi16\tld.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{06EBEF86-CCFC-41D7-A565-9CB520016EC0}D:\games\subnautica\game\subnautica.exe] => (Block) D:\games\subnautica\game\subnautica.exe => Keine Datei FirewallRules: [UDP Query User{5FA30872-691A-4A33-8FC2-701C49E4C943}D:\games\subnautica\game\subnautica.exe] => (Block) D:\games\subnautica\game\subnautica.exe => Keine Datei FirewallRules: [{84399C86-FE80-4209-987B-8B1BBB2FB2EF}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) FirewallRules: [TCP Query User{8EC72976-C1D5-4BD1-AF53-4ABDEC4BFC47}D:\games\life is strange before the storm\game2\life is strange before the storm deluxe edition incl. bonus episode multi2\life is strange - before the storm.exe] => (Allow) D:\games\life is strange before the storm\game2\life is strange before the storm deluxe edition incl. bonus episode multi2\life is strange - before the storm.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{00B8A765-0DB0-4747-9FBB-82482BAAC59B}D:\games\life is strange before the storm\game2\life is strange before the storm deluxe edition incl. bonus episode multi2\life is strange - before the storm.exe] => (Allow) D:\games\life is strange before the storm\game2\life is strange before the storm deluxe edition incl. bonus episode multi2\life is strange - before the storm.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{0A3E414B-C88B-467E-BE61-2EE872F6E10E}C:\programdata\battle.net\agent\agent.6160\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6160\agent.exe => Keine Datei FirewallRules: [UDP Query User{FA561D4B-94C6-4AE3-AE8E-06CE2C6D2BC8}C:\programdata\battle.net\agent\agent.6160\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6160\agent.exe => Keine Datei FirewallRules: [TCP Query User{CEF3D61E-26E2-4DDA-8BC4-4C5D119A4932}D:\games\football tactics\game\game.exe] => (Block) D:\games\football tactics\game\game.exe => Keine Datei FirewallRules: [UDP Query User{07171287-FFAC-4E3C-B3D0-5F2725837EC6}D:\games\football tactics\game\game.exe] => (Block) D:\games\football tactics\game\game.exe => Keine Datei FirewallRules: [TCP Query User{55116CAD-9214-4B14-B0FB-4551F66FEDB8}D:\games\xcom 2 war of the chosen\game\binaries\win64\xcom2.exe] => (Allow) D:\games\xcom 2 war of the chosen\game\binaries\win64\xcom2.exe => Keine Datei FirewallRules: [UDP Query User{20126263-6931-4B94-BA94-F52084BBADF3}D:\games\xcom 2 war of the chosen\game\binaries\win64\xcom2.exe] => (Allow) D:\games\xcom 2 war of the chosen\game\binaries\win64\xcom2.exe => Keine Datei FirewallRules: [TCP Query User{0F39D301-ED74-419F-BFE4-C4F5A48CF40A}D:\games\xcom 2 war of the chosen\game\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) D:\games\xcom 2 war of the chosen\game\xcom2-warofthechosen\binaries\win64\xcom2.exe => Keine Datei FirewallRules: [UDP Query User{DF1EA577-356D-495A-BD28-FE373CBE8FFD}D:\games\xcom 2 war of the chosen\game\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) D:\games\xcom 2 war of the chosen\game\xcom2-warofthechosen\binaries\win64\xcom2.exe => Keine Datei FirewallRules: [TCP Query User{D8F282BC-B6FA-4F4B-8BC3-B232C9EF9C72}D:\games\xcom 2 war of the chosen\game\xcom 2 war of the chosen\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Block) D:\games\xcom 2 war of the chosen\game\xcom 2 war of the chosen\xcom2-warofthechosen\binaries\win64\xcom2.exe => Keine Datei FirewallRules: [UDP Query User{98FCE030-EE20-4E0F-A768-3595835F605A}D:\games\xcom 2 war of the chosen\game\xcom 2 war of the chosen\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Block) D:\games\xcom 2 war of the chosen\game\xcom 2 war of the chosen\xcom2-warofthechosen\binaries\win64\xcom2.exe => Keine Datei FirewallRules: [{F330EE64-1C32-4AB8-BE76-891F7774BC64}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{B317FA19-708C-47C9-9F72-F1FFED04F07C}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{1462FB74-D8FC-427B-9C8D-A91C2AFB726E}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{95053D7A-5E37-4B04-B00F-1B11C5118B00}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{A00FE0DD-8452-491A-AC9A-032433AE5FA7}] => (Allow) LPort=1688 FirewallRules: [{3B2D4F7D-E2D2-4307-AE4E-23154415B604}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{2D1F1B4E-BD39-44E5-B941-1CE78D774B81}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{72E80C90-49E5-4D48-87F6-28E2992CF919}D:\games\total war three kingdoms\game\three_kingdoms.exe] => (Allow) D:\games\total war three kingdoms\game\three_kingdoms.exe => Keine Datei FirewallRules: [UDP Query User{4012D9B4-C7EE-45A8-8770-6F4BCC41DC7E}D:\games\total war three kingdoms\game\three_kingdoms.exe] => (Allow) D:\games\total war three kingdoms\game\three_kingdoms.exe => Keine Datei FirewallRules: [TCP Query User{4BD6DE26-4FF8-4426-B9FA-5F355F8AD076}C:\total war three kingdoms\three_kingdoms.exe] => (Block) C:\total war three kingdoms\three_kingdoms.exe => Keine Datei FirewallRules: [UDP Query User{5B2D28B1-DBAE-40B3-ABB0-D1DD788E3225}C:\total war three kingdoms\three_kingdoms.exe] => (Block) C:\total war three kingdoms\three_kingdoms.exe => Keine Datei FirewallRules: [TCP Query User{265F50FD-0CAC-40A6-92D4-1801EBD03B1F}D:\games\crusader kings iii\game\binaries\ck3.exe] => (Block) D:\games\crusader kings iii\game\binaries\ck3.exe (Paradox Interactive AB (publ) -> ) FirewallRules: [UDP Query User{A2432DED-4549-4FC1-8334-44C4CDBA9152}D:\games\crusader kings iii\game\binaries\ck3.exe] => (Block) D:\games\crusader kings iii\game\binaries\ck3.exe (Paradox Interactive AB (publ) -> ) FirewallRules: [{E81EC49A-857B-4943-8290-942D5B9FEA7A}] => (Allow) C:\Users\Kasimal\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{E3476814-2FB5-4561-87B1-871ED04618FF}] => (Allow) C:\Users\Kasimal\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei FirewallRules: [{604785A2-570A-4C5A-AFDC-050E274F9F1D}] => (Allow) C:\Users\Kasimal\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei FirewallRules: [TCP Query User{D8067954-7B65-4320-A252-C3141F0F3D6F}D:\games\old games\space run v1.0\ospacegame.exe] => (Block) D:\games\old games\space run v1.0\ospacegame.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{F2C5583A-C8C1-4302-8AA4-05A2DC0678A4}D:\games\old games\space run v1.0\ospacegame.exe] => (Block) D:\games\old games\space run v1.0\ospacegame.exe () [Datei ist nicht signiert] FirewallRules: [{1B49D674-374D-4874-9BB1-5FDB5840E368}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E543ADC3-248D-4EB0-ACCD-4F977C12A3DD}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{E9E7F5B9-7205-4569-8FEA-8BB7328798AC}D:\games\curious.expedition.2.v0.10.6\ce2.exe] => (Allow) D:\games\curious.expedition.2.v0.10.6\ce2.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{AC7EC920-80FB-4CB5-8289-C6CD903E99CE}D:\games\curious.expedition.2.v0.10.6\ce2.exe] => (Allow) D:\games\curious.expedition.2.v0.10.6\ce2.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{A95D6BC6-B051-4818-8042-34BFB62C1072}C:\users\kasimal\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\kasimal\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{AC69EF10-6109-483A-B7C9-E8C8DBC54178}C:\users\kasimal\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\kasimal\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{ADEA3713-8410-4940-A858-0F1FF7DF58AB}D:\games\valheim\valheim.exe] => (Allow) D:\games\valheim\valheim.exe => Keine Datei FirewallRules: [UDP Query User{6FF7B23E-8B91-4422-B519-AA183A9B8627}D:\games\valheim\valheim.exe] => (Allow) D:\games\valheim\valheim.exe => Keine Datei FirewallRules: [TCP Query User{05204B67-2EF0-479C-9BAA-B90EA1F12295}D:\games\humankind\humankind.exe] => (Allow) D:\games\humankind\humankind.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{7CA9C66F-2A74-4DA4-A0D8-FEEE2BC2DB9A}D:\games\humankind\humankind.exe] => (Allow) D:\games\humankind\humankind.exe () [Datei ist nicht signiert] FirewallRules: [{54843D76-B425-45CC-A2C4-A2DF1307B93C}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{12C9DEC3-6AE5-479A-ACD7-60CEF796FE92}] => (Allow) LPort=54925 FirewallRules: [{7532C8A8-81D5-4B4C-A54C-2FC355358DC4}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.) FirewallRules: [{F73E2EE8-7284-4717-A31D-691F0497F6DC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C94E5C9E-A0C4-4985-9778-119A03A27B9A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{355575AA-CED6-402F-BF71-2F9FD4A6AD31}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Datei ist nicht signiert] FirewallRules: [UDP Query User{24723D04-8CD6-4AE3-A157-4975521C0CB1}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Datei ist nicht signiert] FirewallRules: [{A4D1344B-9597-48D7-87F8-F31282952A8E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E0B324D1-C1DC-4F14-A7BC-C42703DAD28B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{B249DB3E-74FC-4718-B590-C127C63E1C3D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{42ECAACC-E05E-44D0-B151-3D6CB6DB9F9E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\95.0.1020.30\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F40EDE3F-FE3D-4CEE-98E1-041E81D0F278}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{186B28E1-D6C6-4834-B760-767725861D30}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{0F9C725A-F6EF-450B-B44A-AEBF9B965E96}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{4821CE27-E3E3-498A-99B6-5C5D96F8383E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{571A04A6-1268-4F27-8788-B1FF758932BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{3D62E666-457C-4BFD-AE7B-A3A7E393DA76}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{52471F6E-2898-43C2-B092-65D7BA0FCD1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) ==================== Wiederherstellungspunkte ========================= 28-10-2021 09:13:14 Installed Windows PC Health Check 28-10-2021 10:37:14 Removed Bonjour 28-10-2021 11:03:57 Removed Windows-PC-Integritätsprüfung 28-10-2021 11:04:15 Removed Windows-PC-Integritätsprüfung 28-10-2021 11:04:53 Removed WallHack Inc 28-10-2021 11:52:28 Windows Modules Installer 28-10-2021 17:06:13 Wiederherstellungsvorgang ==================== Fehlerhafte Geräte im Gerätemanager ============ ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (10/28/2021 07:17:24 PM) (Source: ESENT) (EventID: 474) (User: ) Description: SearchIndexer (1192,D,0) Windows: Bei der Überprüfung der aus Datei "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb" bei Offset 44138496 (0x0000000002a18000) (Datenbankseite 1346 (0x542)) für 32768 (0x00008000) Bytes gelesenen Datenbankseite ist durch eine Inkonsistenz der Seitenprüfsumme ein Fehler aufgetreten. Die gespeicherte Prüfsumme war [785087af82bb0e5a:0d750e8af6e4ab50:87a187a1763e67fd:02e702e7f829159b], die berechnete Prüfsumme [785087af82bb0e5a:fd75028af6e4ab50:87a187a1763e67fd:02e702e7f829159b]. Der Lesevorgang wird mit dem Fehler -1018 (0xfffffc06) beendet. Wenn dieser Zustand andauert, stellen Sie die Datenbank aus einer vorherigen Sicherung wieder her. Dieses Problem ist vermutlich durch fehlerhafte Hardware bedingt. Wenden Sie sich für weitere Unterstützung bei der Diagnose des Problems an Ihren Hardwarehersteller. Error: (10/28/2021 07:17:24 PM) (Source: ESENT) (EventID: 474) (User: ) Description: SearchIndexer (1192,D,0) Windows: Bei der Überprüfung der aus Datei "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb" bei Offset 18120704 (0x0000000001148000) (Datenbankseite 552 (0x228)) für 32768 (0x00008000) Bytes gelesenen Datenbankseite ist durch eine Inkonsistenz der Seitenprüfsumme ein Fehler aufgetreten. Die gespeicherte Prüfsumme war [fd2f02d0d53ffc97:00150015fad6022a:ff7aff7a2883008b:00e800e87fb60222], die berechnete Prüfsumme [fd2f02d0d53ffc97:3c15c015fad6022a:ff7aff7a2883008b:00e800e87fb60222]. Der Lesevorgang wird mit dem Fehler -1018 (0xfffffc06) beendet. Wenn dieser Zustand andauert, stellen Sie die Datenbank aus einer vorherigen Sicherung wieder her. Dieses Problem ist vermutlich durch fehlerhafte Hardware bedingt. Wenden Sie sich für weitere Unterstützung bei der Diagnose des Problems an Ihren Hardwarehersteller. Error: (10/28/2021 07:12:06 PM) (Source: ESENT) (EventID: 474) (User: ) Description: Catalog Database (6364,D,0) Catalog Database: Bei der Überprüfung der aus Datei "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" bei Offset 36253696 (0x0000000002293000) (Datenbankseite 8850 (0x2292)) für 4096 (0x00001000) Bytes gelesenen Datenbankseite ist durch eine Inkonsistenz der Seitenprüfsumme ein Fehler aufgetreten. Die gespeicherte Prüfsumme war [068f0570466f0203], die berechnete Prüfsumme [528f2d70466f0203]. Der Lesevorgang wird mit dem Fehler -1018 (0xfffffc06) beendet. Wenn dieser Zustand andauert, stellen Sie die Datenbank aus einer vorherigen Sicherung wieder her. Dieses Problem ist vermutlich durch fehlerhafte Hardware bedingt. Wenden Sie sich für weitere Unterstützung bei der Diagnose des Problems an Ihren Hardwarehersteller. Error: (10/28/2021 07:12:00 PM) (Source: ESENT) (EventID: 474) (User: ) Description: Catalog Database (6364,D,0) Catalog Database: Bei der Überprüfung der aus Datei "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" bei Offset 7262208 (0x00000000006ed000) (Datenbankseite 1772 (0x6EC)) für 4096 (0x00001000) Bytes gelesenen Datenbankseite ist durch eine Inkonsistenz der Seitenprüfsumme ein Fehler aufgetreten. Die gespeicherte Prüfsumme war [385c385cc2276c7d], die berechnete Prüfsumme [345c485cc2276c7d]. Der Lesevorgang wird mit dem Fehler -1018 (0xfffffc06) beendet. Wenn dieser Zustand andauert, stellen Sie die Datenbank aus einer vorherigen Sicherung wieder her. Dieses Problem ist vermutlich durch fehlerhafte Hardware bedingt. Wenden Sie sich für weitere Unterstützung bei der Diagnose des Problems an Ihren Hardwarehersteller. Error: (10/28/2021 07:11:54 PM) (Source: ESENT) (EventID: 474) (User: ) Description: Catalog Database (6364,D,0) Catalog Database: Bei der Überprüfung der aus Datei "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" bei Offset 13430784 (0x0000000000ccf000) (Datenbankseite 3278 (0xCCE)) für 4096 (0x00001000) Bytes gelesenen Datenbankseite ist durch eine Inkonsistenz der Seitenprüfsumme ein Fehler aufgetreten. Die gespeicherte Prüfsumme war [2446244666acc089], die berechnete Prüfsumme [55542aab66ace089]. Der Lesevorgang wird mit dem Fehler -1018 (0xfffffc06) beendet. Wenn dieser Zustand andauert, stellen Sie die Datenbank aus einer vorherigen Sicherung wieder her. Dieses Problem ist vermutlich durch fehlerhafte Hardware bedingt. Wenden Sie sich für weitere Unterstützung bei der Diagnose des Problems an Ihren Hardwarehersteller. Error: (10/28/2021 07:11:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -1018. Error: (10/28/2021 07:11:43 PM) (Source: ESENT) (EventID: 454) (User: ) Description: Catalog Database (6364,R,98) Catalog Database: Unerwarteter Fehler "-1018" bei der Datenbankwiederherstellung. Error: (10/28/2021 07:11:40 PM) (Source: ESENT) (EventID: 419) (User: ) Description: Catalog Database (6364,R,98) Catalog Database: Unable to read page 3714 of database C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb. Additional information: Error code: -1018 Log position: (0000001E,0191,0ACC) Page timestamp: 0x0 Systemfehler: ============= Error: (10/28/2021 07:12:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Microsoft Office Click-to-Run Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts. Error: (10/28/2021 07:10:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Kryptografiedienste" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert. Error: (10/28/2021 07:10:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (10/28/2021 07:10:03 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Der Dienst "Windows Search" wurde mit dem folgenden dienstspezifischen Fehler beendet: %%2147749126 Error: (10/28/2021 07:09:43 PM) (Source: nvlddmkm) (EventID: 13) (User: ) Description: Event-ID 13 Error: (10/28/2021 07:09:43 PM) (Source: nvlddmkm) (EventID: 13) (User: ) Description: Event-ID 13 Error: (10/28/2021 07:09:43 PM) (Source: nvlddmkm) (EventID: 13) (User: ) Description: Event-ID 13 Error: (10/28/2021 07:09:43 PM) (Source: nvlddmkm) (EventID: 13) (User: ) Description: Event-ID 13 Windows Defender: ================ Date: 2021-10-28 11:54:15 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {891392DF-D919-4337-929F-167BF956C8CB} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2021-10-27 20:11:22 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Name: HackTool:Win32/AutoKMS Schweregrad: Hoch Kategorie: Tool Pfad: rootcert:_F81F111D0E5AB58D396F7BF525577FD30FDC95AA Erkennungsursprung: Unbekannt Erkennungstype: Konkret Erkennungsquelle: System Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: Unknown Sicherheitsversion: AV: 1.351.1180.0, AS: 1.351.1180.0, NIS: 1.351.1180.0 Modulversion: AM: 1.1.18600.4, NIS: 1.1.18600.4 Date: 2021-10-27 20:10:52 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0 Name: HackTool:Win64/AutoKMS Schweregrad: Hoch Kategorie: Tool Pfad: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe Erkennungsursprung: Lokaler Computer Erkennungstype: Konkret Erkennungsquelle: Echtzeitschutz Benutzer: NT-AUTORITÄT\SYSTEM Prozessname: C:\Program Files (x86)\TotalAV\SecurityService.exe Sicherheitsversion: AV: 1.351.1180.0, AS: 1.351.1180.0, NIS: 1.351.1180.0 Modulversion: AM: 1.1.18600.4, NIS: 1.1.18600.4 CodeIntegrity: =============== Date: 2021-10-28 17:13:09 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2021-10-28 17:13:08 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements. Date: 2021-10-28 17:13:08 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. ==================== Speicherinformationen =========================== BIOS: American Megatrends Inc. F7 04/22/2015 Hauptplatine: Gigabyte Technology Co., Ltd. Z97P-D3 Prozessor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz Prozentuale Nutzung des RAM: 55% Installierter physikalischer RAM: 8053.34 MB Verfügbarer physikalischer RAM: 3601.68 MB Summe virtueller Speicher: 13685.34 MB Verfügbarer virtueller Speicher: 8505.39 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:464.75 GB) (Free:236.92 GB) NTFS Drive d: (Tetra) (Fixed) (Total:3725.9 GB) (Free:604.71 GB) NTFS \\?\Volume{1a7c4b36-0000-0000-0000-100000000000}\ (System-reserviert) (Fixed) (Total:0.49 GB) (Free:0.42 GB) NTFS \\?\Volume{1a7c4b36-0000-0000-0000-604f74000000}\ () (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 1A7C4B36) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=464.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=532 MB) - (Type=27) ========================================================== Disk: 1 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000) Partition: GPT. ==================== Ende von Addition.txt ======================= |
28.10.2021, 20:27 | #5 | |
/// TB-Ausbilder | Win 10: verschiedenste Abstürze, Firefox, Outlook, Kalender, Avast und weitereZitat:
Cracks, Keygens und andere illegale Software - so kommt Malware (Schadsoftware) auf den PC Bitte lesen => Cracks, Keygens und andere illegale Software Es geht weiter wenn du alles Illegale (Craft the World + Office) entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems. |
28.10.2021, 20:56 | #6 |
| Win 10: verschiedenste Abstürze, Firefox, Outlook, Kalender, Avast und weitere Craft the world ist deinstalliert. Ansonsten hab ich OpenOffice und Office 365 in der 2019er Version mit meinem Studentenkonto installiert und verknüpft. Was genau muss ich deinstallieren bzw. wie werde ich das erste los? |
29.10.2021, 13:14 | #7 |
/// TB-Ausbilder | Win 10: verschiedenste Abstürze, Firefox, Outlook, Kalender, Avast und weitere Schritt 1 Führe Malwarebytes' AntiMalware (MBAM) gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. |
30.10.2021, 10:54 | #8 |
| Win 10: verschiedenste Abstürze, Firefox, Outlook, Kalender, Avast und weitere Hallo, ich schreibe gerade von einem anderen Rechner. Ich habe mich entschieden zu versuchen auf dem Problemrechner Windows usw. neu aufzusetzen. Da war einfach zuviel Mist drauf. Bitte entschuldigt die Umstände, danke für die erste Hilfe und für dieses Forum allgemein. Der Thread kann zu. |
30.10.2021, 13:31 | #9 |
/// TB-Ausbilder | Win 10: verschiedenste Abstürze, Firefox, Outlook, Kalender, Avast und weitere Anleitung: Cleanup & Maßnahmen zur Absicherung des Rechners Neuaufsetzen des Systems mit Windows 10/11 (UEFI) Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Jeder andere bitte hier klicken und ein eigenes Thema erstellen. |
Themen zu Win 10: verschiedenste Abstürze, Firefox, Outlook, Kalender, Avast und weitere |
.dll, adobe, antivirus, avast, bcrypt.dll, defender, desktop, explorer, failed, firefox, flash player, google, hängt, internet, internet explorer, monitor, mozilla, nvcontainer, nvcontainer.exe, prozesse, realtek, registry, rundll, software, starten, temp, windows, öffnet |