|
Log-Analyse und Auswertung: Win 10 Start dauert sehr langeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
16.11.2021, 19:02 | #16 |
| Win 10 Start dauert sehr langeCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-11-2021 durchgeführt von Rufuz (14-11-2021 03:18:18) Gestartet von C:\Users\Rufuz\Desktop Microsoft Windows 10 Pro Version 21H1 19043.1348 (X64) (2021-03-13 17:40:21) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-1354302738-180291989-3184307785-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1354302738-180291989-3184307785-503 - Limited - Disabled) Gast (S-1-5-21-1354302738-180291989-3184307785-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1354302738-180291989-3184307785-1003 - Limited - Enabled) Rufuz (S-1-5-21-1354302738-180291989-3184307785-1001 - Administrator - Enabled) => C:\Users\Rufuz WDAGUtilityAccount (S-1-5-21-1354302738-180291989-3184307785-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 1C Online Games Launcher version 0.3.13.0 (HKLM-x32\...\{94A3D295-C31D-4A69-8C70-AE6973FB0FF9}_is1) (Version: 0.3.13.0 - 1C Online Games , LLC) 4K Video Downloader (HKLM\...\{180B9AE1-F87B-4107-8C68-4265E927D6A8}) (Version: 4.18.2.4520 - Open Media LLC) 5KPlayer (HKLM-x32\...\5KPlayer) (Version: 6.2 - DearMob, Inc.) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) ACC Results Companion (HKLM-x32\...\{3EE65D51-9B17-4C27-AEAA-E1FC9FFF7DC0}) (Version: 1.11.3 - BoHo) ACCSetupTool (HKLM-x32\...\{AEF584B1-EFEE-4787-9AB1-24A3282A1D77}) (Version: 1.0.0 - Wally Masterson) ACCTV (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\08cef7feea6e5132) (Version: 2.10.0.0 - ACCTV) Advanced IP Scanner 2.5 (HKLM-x32\...\{CB67C185-D2DF-455E-B9B7-00C8E505186F}) (Version: 2.5.3850 - Famatech) Amazon Games (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\{4DD10B06-78A4-4E6F-AA39-25E9C38FA568}) (Version: 2.0.4983.3 - Amazon.com Services, Inc.) AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.04.28.626 - Advanced Micro Devices, Inc.) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.) AMD_Chipset_Drivers (HKLM-x32\...\{6f87e20b-2c1c-4788-9380-541e79886292}) (Version: 2.04.28.626 - Advanced Micro Devices, Inc.) Hidden Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.) BakkesMod version 3.0 (HKLM\...\{BF029534-4334-4CFC-B771-50B7EE54346F}_is1) (Version: 3.0 - BakkesMod) Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield V™ Open Beta (HKLM-x32\...\{2B3B5324-E6E1-4E32-9938-898AD1CA8D8A}) (Version: 1.0.57.30348 - Electronic Arts) Breitbandmessung 2.0.3 (HKLM\...\14607473-30db-509f-94f0-bb7c085c619e) (Version: 2.0.3 - zafaco GmbH) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.0.69 - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.3.0 - Canon Inc.) CanoScan LiDE 400 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4813S) (Version: 1.00 - Canon Inc.) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6282 - CDBurnerXP) Citrix Receiver 4.12 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.12.0.18020 - Citrix Systems, Inc.) CloneBD (HKLM-x32\...\CloneBD) (Version: 1.2.4.0 - Elaborate Bytes) Core Temp 1.17 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17 - ALCPU) CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.) Designer 2.0 (HKLM-x32\...\Designer 2.0_is1) (Version: 7.9.8 - Fomanu AG) Discord (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Discord) (Version: 0.0.309 - Discord Inc.) ElsterFormular (HKLM-x32\...\{1E78D7AC-9C74-4644-8DDD-4173D10CF4F4}) (Version: 21.3 - Thüringer Landesfinanzdirektion) Epic Games Launcher (HKLM-x32\...\{CB809CC8-FB0E-4947-8BAE-749A5113CF21}) (Version: 1.1.149.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden EXIF Date Changer v3.3.6 (HKLM-x32\...\{26CA1B07-BC53-4196-B9C2-A11C6F6F3E08}_is1) (Version: - Rellik Software) FANATEC driver package (HKLM\...\{10DC60FB-89A2-4EB7-B4F2-9E103CEE2030}) (Version: 8.41.2 - Endor AG Fanatec) FileZilla Client 3.56.2 (HKLM-x32\...\FileZilla Client) (Version: 3.56.2 - Tim Kosse) GIMP 2.10.28 (HKLM\...\GIMP-2_is1) (Version: 2.10.28 - The GIMP Team) G'MIC-Qt for GIMP Version 2.9.6 (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\G'MIC-Qt for GIMP_is1) (Version: 2.9.6 - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.69 - Google LLC) Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 52.0.6.0 - Google LLC) Google Earth Pro (HKLM\...\{9BFB06CD-3925-49E2-BAB7-EA695821CE4C}) (Version: 7.3.4.8248 - Google) GPU Temp version 1.0 (HKLM-x32\...\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1) (Version: 1.0 - gputemp.com) GrabIt 1.7.2 Beta 6 (build 1008) (HKLM-x32\...\GrabIt_is1) (Version: - Ilan Shemes) Greenshot 1.2.8.12 (HKLM\...\Greenshot_is1) (Version: 1.2.8.12 - Greenshot) HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software) HideVolumeOSD 1.2 (HKLM-x32\...\HideVolumeOSD_is1) (Version: 1.2 - Venturi) HTC Package for DirectX 9.0 (HKLM-x32\...\{1f4410e4-d28c-48e1-8745-e4a2cb505d5f}) (Version: 1.3.0.0 - HTC Corp.) Hidden HTC Package for DirectX 9.0 (x86/x64) (HKLM-x32\...\{C36F2FA2-BF52-4D61-9812-CFEF43D2EE2C}) (Version: 1.3.0.0 - HTC Corp.) Hidden Hue Sync (HKLM\...\{C0270355-35E2-4862-8B57-A7C1A258AF77}) (Version: 1.7.0.19 - Signify Netherlands B.V.) Huion Tablet v14.8.166.1482 (HKLM\...\{62047893-F186-48B8-83A5-1C74D8666D19}_is1) (Version: v14.8.166.1482 - ) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.4.1186 - Intel Corporation) Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation) Intel(R) Smart Connect Technology (HKLM\...\{94A137EA-92EF-441C-A7E2-6757CC08EA82}) (Version: 5.0.10.2907 - Intel Corporation) Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation) Java SE Development Kit 8 Update 111 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180111}) (Version: 8.0.1110.14 - Oracle Corporation) JiveX DICOM Viewer Light 4.7.2 (HKLM-x32\...\JiveX DICOM Viewer Light 4.7.2) (Version: - VISUS Technology Transfer GmbH) Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation) Kodi (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Kodi) (Version: - XBMC Foundation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Leawo Blu-ray Player Version 1.10.0.2 (HKLM-x32\...\{CF7F52BF-DEE0-44CD-A7E1-AADD5CCECCDD}_is1) (Version: 1.10.0.2 - Leawo Software) Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2021.11.8744 - Logitech) Malwarebytes version 4.4.10.144 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.10.144 - Malwarebytes) ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version: - Nadeo) Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.44 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 95.0.1020.44 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.14527.20234 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\OneDriveSetup.exe) (Version: 21.205.1003.0005 - Microsoft Corporation) Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation) Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation) Microsoft Server Speech Recognition Language - TELE (de-DE) (HKLM-x32\...\{955F43D9-38C4-4C22-BEE3-1A6C63F968FA}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft Server Speech Recognition Language - TELE (en-US) (HKLM-x32\...\{66D57636-BD4B-402F-9E7D-5E89C28C8136}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft Server Speech Text to Speech Voice (de-DE, Hedda) (HKLM-x32\...\{ACFCC7B5-C028-40AE-A5F5-9778B41F22A2}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{f9b04b37-35d5-4a19-a51b-fcf4a8734851}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{82f2609e-68ba-408d-963f-530ad8809435}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{577ff5ba-39aa-4d8c-a3a9-f95012763438}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 5.0.7 (x64) (HKLM-x32\...\{4545d600-b3a9-467c-a68b-e70ae51c8382}) (Version: 5.0.7.30113 - Microsoft Corporation) MoTeC i2 Pro (x64) 1.1 (HKLM\...\{DB478073-FDF0-4544-AAA5-14D84EE17084}) (Version: 7.01.5255 - MoTeC) Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 94.0.1 (x64 de)) (Version: 94.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 94.0.1.7977 - Mozilla) Mp3tag v2.90a (HKLM-x32\...\Mp3tag) (Version: 2.90a - Florian Heidenreich) MPC-HC 1.9.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.9.8 - MPC-HC Team) MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.15 - F.J. Wechselberger) Nextcloud (HKLM\...\{3A99002F-BABA-4378-BB20-44C94A159696}) (Version: 3.3.6.20211028 - Nextcloud GmbH) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 8.1.2 - Notepad++ Team) NVIDIA Broadcast 1.3.0.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIABroadcast) (Version: 1.3.0.45 - NVIDIA Corporation) NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation) NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation) NVIDIA Grafiktreiber 496.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 496.49 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.38.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.92 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation) NWMM - New World MiniMap (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Overwolf_mdhcjmlgojogdppbljcopjlggkpgnhhjedllcecm) (Version: 0.1.5 - Overwolf app) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project) OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden Online Plug-in (HKLM-x32\...\{2E9881CA-E41C-45E5-8055-61A4CC1BF93F}) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenVR Advanced Settings (HKLM-x32\...\OpenVRAdvancedSettings) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 10.5.90.45798 - Electronic Arts, Inc.) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.184.0.35 - Overwolf Ltd.) OvGME version 1.7.4 (HKLM\...\{B1539DF0-0BB5-48A8-BF6F-1099D861B4F8}_is1) (Version: 1.7.4 - Ovoid) PDF24 Creator 10.0.12 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.0.12 - PDF24.org) PDFCreator (HKLM\...\{00010FEF-82A2-497E-983A-7105A0364FA7}) (Version: 4.2.0 - pdfforge GmbH) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.317.1 - Tracker Software Products Ltd) Plex Media Server (HKLM-x32\...\{6713f73b-dbfe-45da-a517-33a93ff8c390}) (Version: 1.2.7.2987 - Plex, Inc.) Plex Media Server (HKLM-x32\...\{D2C8A865-4227-46D0-AD2B-D2BDFE3CFF48}) (Version: 1.2.2987 - Plex, Inc.) Hidden QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8710.1 - Realtek Semiconductor Corp.) REDlauncher (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com) Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.) Riftcat 2 (HKLM-x32\...\{e09280fa-4176-4170-8c77-f600baec4e38}) (Version: 2.0.3 - Riftcat) Riftcat 2.0 Client (HKLM-x32\...\{79E6C20C-D6F7-4F9E-997E-A62398ED4591}) (Version: 2.0.0.0 - Riftcat) Hidden Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.36.344 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.9 - Rockstar Games) Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.1 - Samsung) Samsung DeX (HKLM-x32\...\{5E2BEDEC-EEE1-49B7-A9D0-6971AFA9B5F2}) (Version: 1.0.2.26 - Samsung Electronics Co., Ltd.) Hidden Samsung DeX (HKLM-x32\...\{bc458b5f-1945-4287-8fae-353650fd3109}) (Version: 1.0.2.26 - Samsung Electronics Co., Ltd.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.31.0 - Samsung Electronics Co., Ltd.) Self-Service Plug-in (HKLM-x32\...\{7A029AB7-8CC4-4FE8-904F-A090248C1BC7}) (Version: 4.12.0.18013 - Citrix Systems, Inc.) Hidden Shotcut (HKLM\...\Shotcut) (Version: 20.11.28 - Meltytech, LLC) Signal 5.23.1 (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 5.23.1 - Open Whisper Systems) SimHub version 7.1.4 (HKLM-x32\...\{019253FE-5A17-42BE-A6B8-D71A729FA5DE}_is1) (Version: 7.1.4 - Wotever) Skype Meetings App (HKLM-x32\...\{BC1D9E47-8927-4AA1-A891-7763BC2475B7}) (Version: 16.2.0.511 - Microsoft Corporation) Skype Version 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.) SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group) Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18124.4 - Samsung Electronics Co., Ltd.) Hidden Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18124.4 - Samsung Electronics Co., Ltd.) Smart View (HKLM-x32\...\{C7B50A89-F1D6-41C1-9375-0AF0C4CFE66F}) (Version: 1.0.0.0 - Samsung ) Spotify (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Spotify) (Version: 1.1.44.538.g8057de92 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stopping Plex (HKLM-x32\...\{B0ACB88E-38A1-4712-BD0C-C5463959127F}) (Version: 1.2.2987 - Plex, Inc.) Hidden Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 6.2-24922 - Synology) Tacview (beta) (HKLM-x32\...\{96BA4CFE-E018-44D2-B04D-4272A6C807E7}) (Version: 1.8.7 beta 8 - Raia Software Inc.) Tacview (HKLM-x32\...\{0C8810C3-63D0-4B23-BAB3-257FF8AF8BCC}) (Version: 1.8.6 - Raia Software Inc.) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer) Tobii VRU02 Runtime (HKLM-x32\...\{E74E378C-4C07-416C-A6CC-B241BD002E1F}) (Version: 1.16.36 - Tobii AB) Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH) TreeSize Free V4.5.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.5.2 - JAM Software) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 29.0 - Ubisoft) VAICOM PRO for DCS World (HKLM-x32\...\{032E60E8-A323-445C-B0D6-53ADDD09072A}) (Version: 2.5.23 - 315 Interactive Software) VdhCoApp 1.6.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) Virtual Desktop Service (HKLM\...\{EC4A7B11-5AD2-49A7-BB93-15D0EB9E7106}) (Version: 1.18.5 - Virtual Desktop, Inc.) vJoy Device Driver 2.1.9.1 (HKLM\...\{8E31F76F-74C3-47F1-9550-E041EEDC5FBB}_is1) (Version: 2.1.9.1 - Shaul Eizikovich) VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN) VPC Software Suite version 20210102 (HKLM-x32\...\{2D922289-8AA1-49FF-9CCF-F2833A69D857}_is1) (Version: 20210102 - VIRPIL Controls) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Wargaming.net Game Center (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Wargaming.net Game Center) (Version: 21.1.1.4281 - Wargaming.net) WebP Codec for Windows 0.19 (HKLM\...\{9D2F4EB8-98AD-4C8B-A0C5-4C114B3F1287}) (Version: 0.19.9 - Google Inc) Windows10FirewallControl Free 8.4.0.79 (HKLM\...\Windows10FirewallControl_is1) (Version: 8.4.0.79 - BTR Technologies Corp) Windows-PC-Integritätsprüfung (HKLM\...\{63EFBDB5-01B0-4614-BE9F-7F1908E42275}) (Version: 3.1.2109.29003 - Microsoft Corporation) Windows-Treiberpaket - Graphics Tablet (WinUsb) USBDevice (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet) Windows-Treiberpaket - Graphics Tablet (WinUsb) USBDevice (04/10/2017 8.33.30.0) (HKLM\...\C1E56E8DB50F6668739EA600882230E1A899978E) (Version: 04/10/2017 8.33.30.0 - Graphics Tablet) WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) World_of_Warships_Eu (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\WOWS.EU.PRODUCTION) (Version: - Wargaming.net) Packages: ========= Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-20] (Canon Inc.) Forza Horizon 5 -> C:\Program Files\WindowsApps\Microsoft.624F8B84B80_3.405.2.0_x64__8wekyb3d8bbwe [2021-10-31] (Microsoft Studios) Forza Horizon 5 Expansion 1 -> C:\Program Files\WindowsApps\Microsoft.Expansion1FH5_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-22] (Microsoft Studios) Forza Horizon 5 Expansion 2 -> C:\Program Files\WindowsApps\Microsoft.Expansion2FH5_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-22] (Microsoft Studios) Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation) Free Color Picker -> C:\Program Files\WindowsApps\AnywaySoftInc.FreeColorPicker_1.2.0.0_x64__0qkrc2qacwvfm [2021-11-11] (AnywaySoft, Inc.) [MS Ad] HoloTour -> C:\Program Files\WindowsApps\Microsoft.6191099C588EB_100.1803.9001.0_x64__8wekyb3d8bbwe [2021-11-11] (Microsoft Corporation) HP Reverb G2 VR Headset Setup -> C:\Program Files\WindowsApps\AD2F1837.HPReverbG2VRHeadsetSetup_1.0.8.0_x64__v10z8vjag6ke6 [2021-11-11] (HP Inc.) Image Resizer for Windows 10 -> C:\Program Files\WindowsApps\22450.ImageResizerforWindows10_2.0.0.0_x64__0aqw1zw0x2snt [2021-11-11] (韵华软件) Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-06-12] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-06-12] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-06-12] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-11-11] (Microsoft Studios) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-08-12] (Netflix, Inc.) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-10-26] (NVIDIA Corp.) OpenXR Entwicklertools für Windows Mixed Reality -> C:\Program Files\WindowsApps\Microsoft.MixedRealityRuntimeDeveloperPreview_108.2109.21002.0_x64__8wekyb3d8bbwe [2021-09-27] (Microsoft Corporation) OpenXR Preview Runtime for Windows Mixed Reality -> C:\Program Files\WindowsApps\Microsoft.WindowsMixedReality.PreviewRuntime_108.2109.21002.0_x64__8wekyb3d8bbwe [2021-09-27] (Microsoft Platform Extensions) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2020-06-12] (Realtek Semiconductor Corp) Resize Image -> C:\Program Files\WindowsApps\8273mfetzel.ResizeImage_21.3.426.0_x64__c0krq7an0ms3c [2021-03-21] (Get-the-solution) SBB Uhr -> C:\Program Files\WindowsApps\SchweizerischeBundesbahne.SBBUhr_2.1.1.21_neutral__cacfmp0t4hxer [2021-05-19] (Schweizerische Bundesbahnen SBB) Search Bar Connector -> C:\Program Files\WindowsApps\35998AlexanderSworski.CortanaConnector_1.4.7.0_x64__f1p03rq2y10n8 [2021-11-11] (Alexander Sworski) Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.15.163.0_x64__43tkc6nmykmb6 [2021-11-11] (Ookla) Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-13] (Twitter Inc.) Windbg Preview -> C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2111.9001.0_neutral__8wekyb3d8bbwe [2021-11-11] (Microsoft Corporation) Xbox Zubehör -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_300.2110.13001.0_x64__8wekyb3d8bbwe [2021-10-24] (Microsoft Corporation) XboxInsiderHub -> C:\Program Files\WindowsApps\Microsoft.XboxInsider_1.2110.21001.0_x64__8wekyb3d8bbwe [2021-11-11] (Microsoft Corporation) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{07474513-7B58-45c7-B3E6-13A3669B1AFD}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\IntelDTSReader.dll (Orbmu2k) [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\CoreTempGadget2.8.gadget\CoreTempReader.dll () [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{0d049955-5051-42fe-a154-85670ad2d993} -> [Nextcloud] => C:\Users\Rufuz\HAVERdrive [2021-06-24 09:32] CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Network_Meter_V8.4.gadget\netlib.dll (AddGadgets IT -> Jonathan Abbott) CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{2F5DA951-82C6-471e-90BD-CAB15552A932}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\QuadCoreUsage18.gadget\SharedMemoryReader.dll (Orbmu2k) [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPU_Meter.gadget\GPUStatusReader.dll (AddGadgets IT -> Orbmu2k) CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{771CF1A6-FC96-45cf-B011-6469F0E56F64}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\SpeedfanMeter.gadget\SpeedfanReader.dll (Orbmu2k) [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{97D17A04-4438-4C8E-BAC7-BC21B8B9E999}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPUObserver36c.gadget\GPUStatusReader.dll (Orbmu2k) [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{A4FEF2CE-E494-419e-ABCC-B2E993FB6BC0}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GlassyCPUMonitor.gadget\Release\ProcessMonitor64.dll (TODO: <Firmenname>) [Datei ist nicht signiert] ShellIconOverlayIdentifiers: [ NextcloudError] -> {E0342B74-7593-4C70-9D61-22F294AAFE05} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH) ShellIconOverlayIdentifiers: [ NextcloudOK] -> {E1094E94-BE93-4EA2-9639-8475C68F3886} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH) ShellIconOverlayIdentifiers: [ NextcloudOKShared] -> {E243AD85-F71B-496B-B17E-B8091CBE93D2} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH) ShellIconOverlayIdentifiers: [ NextcloudSync] -> {E3D6DB20-1D83-4829-B5C9-941B31C0C35A} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH) ShellIconOverlayIdentifiers: [ NextcloudWarning] -> {E4977F33-F93A-4A0A-9D3C-83DEA0EE8483} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH) ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2021-07-16] (Notepad++ -> ) ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.) ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-09-23] (Florian Heidenreich) [Datei ist nicht signiert] ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [Datei ist nicht signiert] ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2020-07-10] (Dev Code-Sign -> pdfforge GmbH) [Datei ist nicht signiert] [Datei wird verwendet] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-09-23] (Florian Heidenreich) [Datei ist nicht signiert] ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-11-13] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [NextcloudContextMenuHandler] -> {BC6988AB-ACE2-4B81-84DC-DC34F9B24401} => C:\Program Files\Nextcloud\shellext\NCContextMenu.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.) ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-09-23] (Florian Heidenreich) [Datei ist nicht signiert] ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\nvshext.dll [2021-10-21] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-11-13] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== ==================== Verknüpfungen & WMI ======================== ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2021-10-28 12:29 - 2021-10-28 12:29 - 000099328 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\nextcloudsync_vfs_cfapi.dll 2021-10-28 12:30 - 2021-10-28 12:30 - 000030208 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\nextcloudsync_vfs_suffix.dll 2018-09-23 12:23 - 2018-09-23 12:23 - 000424448 _____ (Florian Heidenreich) [Datei ist nicht signiert] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll 2018-05-04 17:47 - 2020-09-08 09:59 - 000221184 _____ (Graphics Tablet) [Datei ist nicht signiert] C:\WINDOWS\system32\wintab32.dll 2016-12-27 10:22 - 2016-10-04 15:51 - 000076800 _____ (Igor Pavlov) [Datei ist nicht signiert] C:\Program Files\7-Zip\7-zip.dll 2020-12-06 10:04 - 2020-12-06 10:04 - 000116736 _____ (pdfforge GmbH) [Datei ist nicht signiert] C:\WINDOWS\System32\pdfcmon.dll 2021-01-05 00:34 - 2020-03-16 14:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] E:\Origin\LIBEAY32.dll 2021-01-05 00:34 - 2020-03-16 14:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] E:\Origin\ssleay32.dll 2021-01-05 00:34 - 2020-01-15 11:24 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] E:\Origin\platforms\qwindows.dll 2021-01-05 00:34 - 2020-01-15 11:24 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] E:\Origin\Qt5Core.dll 2021-01-05 00:34 - 2020-01-15 11:24 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] E:\Origin\Qt5Gui.dll 2021-01-05 00:34 - 2020-01-15 11:24 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] E:\Origin\Qt5Network.dll 2021-01-05 00:34 - 2020-01-15 11:25 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] E:\Origin\Qt5WebSockets.dll 2021-01-05 00:34 - 2020-01-15 11:25 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] E:\Origin\Qt5Widgets.dll 2021-01-05 00:34 - 2020-01-15 11:25 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] E:\Origin\Qt5Xml.dll 2021-10-28 12:34 - 2021-10-28 12:34 - 005972464 _____ (The Qt Company Oy -> The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5Core.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\Public\AppData:CSM [464] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1354302738-180291989-3184307785-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ SearchScopes: HKU\S-1-5-21-1354302738-180291989-3184307785-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00 SearchScopes: HKU\S-1-5-21-1354302738-180291989-3184307785-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00 BHO: Kein Name -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> Keine Datei BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation) DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation) Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2015-10-30 08:24 - 2021-02-12 00:16 - 000001043 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 na1r.services.adobe.com 127.0.0.1 hlrcv.stage.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 activate.adobe.com ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\ HKU\S-1-5-21-1354302738-180291989-3184307785-1001\Control Panel\Desktop\\Wallpaper -> \\beryllium\photo\sonstige\wallpapers\5120x1440\0sjha6.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKLM\...\StartupApproved\StartupFolder: => "Huion Tablet.lnk" HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk" HKLM\...\StartupApproved\Run: => "TabletDriver" HKLM\...\StartupApproved\Run: => "PDF24" HKLM\...\StartupApproved\Run32: => "ConnectionCenter" HKLM\...\StartupApproved\Run32: => "Redirector" HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\StartupApproved\Run: => "Magnet.bootstrap_Vive" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{6DFCE2A7-84B6-4836-9CB7-0D338205ACCB}] => (Allow) D:\Steam\SteamApps\common\Phasmophobia\Phasmophobia.exe () [Datei ist nicht signiert] FirewallRules: [{663F25F9-4658-4D03-BD65-29411817C6A1}] => (Allow) D:\Steam\SteamApps\common\Phasmophobia\Phasmophobia.exe () [Datei ist nicht signiert] FirewallRules: [{2BE017DF-DF8B-487C-B1D2-B35CF2FC4004}] => (Allow) D:\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [Datei ist nicht signiert] FirewallRules: [{80615B34-4507-4359-9448-94ADD0A76896}] => (Allow) D:\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [Datei ist nicht signiert] FirewallRules: [UDP Query User{B1643D93-F033-4890-A76C-DE96317A274C}C:\program files (x86)\simhub\simhubwpf.exe] => (Allow) C:\program files (x86)\simhub\simhubwpf.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{A2D2E195-EAB7-45AB-9568-701FC782D935}C:\program files (x86)\simhub\simhubwpf.exe] => (Allow) C:\program files (x86)\simhub\simhubwpf.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{9C860FD9-FFC2-4935-9704-206D70CD6CBB}D:\steam\steamapps\common\awayout\haze1\binaries\win64\awayout.exe] => (Allow) D:\steam\steamapps\common\awayout\haze1\binaries\win64\awayout.exe => Keine Datei FirewallRules: [TCP Query User{F1D52B6E-F626-480E-BFCB-69E269FDF443}D:\steam\steamapps\common\awayout\haze1\binaries\win64\awayout.exe] => (Allow) D:\steam\steamapps\common\awayout\haze1\binaries\win64\awayout.exe => Keine Datei FirewallRules: [{60115772-AA16-433E-9369-0E554BE30382}] => (Allow) E:\SteamLibrary\steamapps\common\OVR_AdvancedSettings\AdvancedSettings.exe () [Datei ist nicht signiert] FirewallRules: [{CDF908F8-FAA9-4039-B580-8648AB8AEE4D}] => (Allow) E:\SteamLibrary\steamapps\common\OVR_AdvancedSettings\AdvancedSettings.exe () [Datei ist nicht signiert] FirewallRules: [{7944A3A7-7FCF-4B4D-AE3C-04A3184FD00B}] => (Allow) D:\Steam\SteamApps\common\MicrosoftFlightSimulator\FlightSimulator.exe (Asobo Studio) [Datei ist nicht signiert] FirewallRules: [{5BF94A08-C4A1-4620-B222-6DFA592319D3}] => (Allow) D:\Steam\SteamApps\common\MicrosoftFlightSimulator\FlightSimulator.exe (Asobo Studio) [Datei ist nicht signiert] FirewallRules: [UDP Query User{7D42D9E3-3D99-41BA-92F7-16220DCCE0F3}C:\program files\motec\discovery\1.0\motec.discovery.exe] => (Allow) C:\program files\motec\discovery\1.0\motec.discovery.exe (MoTeC Pty Ltd -> MoTeC Pty Ltd) FirewallRules: [TCP Query User{B93F3C7E-36F7-4208-B00B-9AD5F61E51D8}C:\program files\motec\discovery\1.0\motec.discovery.exe] => (Allow) C:\program files\motec\discovery\1.0\motec.discovery.exe (MoTeC Pty Ltd -> MoTeC Pty Ltd) FirewallRules: [{7FEAD71B-AC35-4069-9135-494B9D1BBEE6}] => (Allow) D:\Steam\SteamApps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [Datei ist nicht signiert] FirewallRules: [{D215CB7A-6178-46C0-B6CB-6C6C9A5FAB24}] => (Allow) D:\Steam\SteamApps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [Datei ist nicht signiert] FirewallRules: [{DC83D692-CD9F-4FC3-82FA-DE604EBE0827}] => (Allow) E:\SteamLibrary\steamapps\common\respawn-entertainment-medal-of-honor-above-and-beyond\Mohab.exe (Respawn) [Datei ist nicht signiert] FirewallRules: [{DB1F597E-30C9-46AC-B1AF-859B65DE0B13}] => (Allow) E:\SteamLibrary\steamapps\common\respawn-entertainment-medal-of-honor-above-and-beyond\Mohab.exe (Respawn) [Datei ist nicht signiert] FirewallRules: [UDP Query User{3BE9AE5B-EA8A-4486-93FE-065438E1CAB6}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [TCP Query User{047B7161-C565-4EB0-8EF6-7086A7519461}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{693EB636-F90C-4233-B947-C7953C46FA48}] => (Allow) D:\Steam\SteamApps\common\Assetto Corsa Competizione\acc.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{04F13AFB-6715-4716-A034-D80EDB014A37}] => (Allow) D:\Steam\SteamApps\common\Assetto Corsa Competizione\acc.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [UDP Query User{EA9BEE2F-5E8E-4EBA-8B15-DDF5F32FD760}C:\users\rufuz\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\rufuz\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{3A1FD87C-D149-45B6-9C44-B06C95F77D38}C:\users\rufuz\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\rufuz\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{825D23AF-31EC-4AAC-883E-DAE159D46861}] => (Allow) D:\Steam\SteamApps\common\IL-2 Sturmovik Battle of Stalingrad\bin\game\Il-2.exe (1C-777 Limited) [Datei ist nicht signiert] FirewallRules: [{39CFD715-9D21-46C2-9CC7-504CA47F46E2}] => (Allow) D:\Steam\SteamApps\common\IL-2 Sturmovik Battle of Stalingrad\bin\game\Il-2.exe (1C-777 Limited) [Datei ist nicht signiert] FirewallRules: [UDP Query User{70515237-DE72-48EE-945F-74B26CED7E38}C:\program files (x86)\plex\plex media server\plex dlna server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex dlna server.exe (Plex, Inc -> Plex, Inc.) FirewallRules: [TCP Query User{9870F2AD-F1FC-4CCD-8BF7-4CB377610EDB}C:\program files (x86)\plex\plex media server\plex dlna server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex dlna server.exe (Plex, Inc -> Plex, Inc.) FirewallRules: [UDP Query User{9995B9DA-A6A9-4477-98D5-D0BB668F3DA1}C:\program files (x86)\plex\plex media server\plex media server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex media server.exe (Plex, Inc -> Plex, Inc.) FirewallRules: [TCP Query User{D496B77A-9622-4D34-BB50-3D6160C20118}C:\program files (x86)\plex\plex media server\plex media server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex media server.exe (Plex, Inc -> Plex, Inc.) FirewallRules: [{349ED576-32E3-4F50-A48D-FB395D775A35}] => (Allow) D:\Steam\SteamApps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [Datei ist nicht signiert] FirewallRules: [{7207B2BB-3940-48D5-8CF3-23056AC24B6B}] => (Allow) D:\Steam\SteamApps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [Datei ist nicht signiert] FirewallRules: [{D8976998-DB13-49AB-BED1-56DE561E7BF7}] => (Allow) E:\SteamLibrary\steamapps\common\Elite Dangerous\EDLaunch.exe (Frontier Developments) [Datei ist nicht signiert] FirewallRules: [{FF8707FB-0D8F-4759-B7C2-68B24A4D6C31}] => (Allow) E:\SteamLibrary\steamapps\common\Elite Dangerous\EDLaunch.exe (Frontier Developments) [Datei ist nicht signiert] FirewallRules: [{A90707E5-D197-47C4-A4D0-0252C27A28B1}] => (Allow) D:\Steam\SteamApps\common\Phoenix\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{02F9DB18-D7AD-4A6A-BB12-1A65065E6E4A}] => (Allow) D:\Steam\SteamApps\common\Phoenix\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6BC64586-955F-49C3-B48D-1AE6D581D1EB}] => (Allow) D:\Steam\SteamApps\common\Cyberpunk 2077\REDprelauncher.exe => Keine Datei FirewallRules: [{4F6965D0-E268-496B-A7BF-7B950DFA1F41}] => (Allow) D:\Steam\SteamApps\common\Cyberpunk 2077\REDprelauncher.exe => Keine Datei FirewallRules: [{EAC02788-848D-44B5-8E5A-3A1EEEA9820C}] => (Allow) D:\Steam\SteamApps\common\Beat Saber\Beat Saber.exe () [Datei ist nicht signiert] FirewallRules: [{D53134ED-4DF4-49EF-9BF9-601A5925E4E4}] => (Allow) D:\Steam\SteamApps\common\Beat Saber\Beat Saber.exe () [Datei ist nicht signiert] FirewallRules: [{38574E4A-D984-471F-A9EF-1E133EE0798B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{DCD531B3-9CDE-4F84-8FCC-A9607F5F6C5D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{51C70A05-8C21-4D79-A058-11EF626F4C45}] => (Allow) D:\Steam\SteamApps\common\F1 2020\F1_2020.exe => Keine Datei FirewallRules: [{98AE7DF9-873C-4BDF-B98F-9F1E93649F6D}] => (Allow) D:\Steam\SteamApps\common\F1 2020\F1_2020.exe => Keine Datei FirewallRules: [{89EC73F4-0B65-4F9C-BBBD-002F5AC264A2}] => (Allow) D:\Steam\SteamApps\common\F1 2020\F1_2020_dx12.exe => Keine Datei FirewallRules: [{CC378F5B-6C27-4481-8E53-0FFB6D6885F0}] => (Allow) D:\Steam\SteamApps\common\F1 2020\F1_2020_dx12.exe => Keine Datei FirewallRules: [{106397BE-F0C7-4C71-9E82-8275E8081175}] => (Allow) E:\SteamLibrary\steamapps\common\STAR WARS Squadrons\starwarssquadrons_launcher.exe (Electronic Arts, Inc. -> Epic Games, Inc) FirewallRules: [{36676DB2-C137-468C-AD0F-DC494C047F35}] => (Allow) E:\SteamLibrary\steamapps\common\STAR WARS Squadrons\starwarssquadrons_launcher.exe (Electronic Arts, Inc. -> Epic Games, Inc) FirewallRules: [{264B52AB-5267-4F16-849F-18DEE6D7887F}] => (Allow) D:\Steam\SteamApps\common\Assetto Corsa Competizione Dedicated Server\server\accServer.exe () [Datei ist nicht signiert] FirewallRules: [{EF175CFB-05BA-45AC-9B5E-6F4719B8C4F0}] => (Allow) D:\Steam\SteamApps\common\Assetto Corsa Competizione Dedicated Server\server\accServer.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{CF73872B-856A-438A-9250-A7DD90DB51FF}D:\steam\steamapps\common\raw data\rawdata\binaries\win64\rawdata-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\raw data\rawdata\binaries\win64\rawdata-win64-shipping.exe (Survios) [Datei ist nicht signiert] FirewallRules: [TCP Query User{4B9A381E-C673-46D0-A450-F4959672CCCA}D:\steam\steamapps\common\raw data\rawdata\binaries\win64\rawdata-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\raw data\rawdata\binaries\win64\rawdata-win64-shipping.exe (Survios) [Datei ist nicht signiert] FirewallRules: [UDP Query User{4D2EA82C-93CA-4D34-9F8C-AE59FF391203}E:\steamlibrary\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe (NordicTrolls) [Datei ist nicht signiert] FirewallRules: [TCP Query User{0CCEF87B-94B6-4E65-BA79-CF4E46A81FD9}E:\steamlibrary\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe (NordicTrolls) [Datei ist nicht signiert] FirewallRules: [{0F3C6704-A05D-40CA-91CF-2AE8CC0696FE}] => (Allow) E:\SteamLibrary\steamapps\common\IronWolf\IW.exe () [Datei ist nicht signiert] FirewallRules: [{A337BE97-CA76-41FA-97B1-31C364F901DF}] => (Allow) E:\SteamLibrary\steamapps\common\IronWolf\IW.exe () [Datei ist nicht signiert] FirewallRules: [{015EF755-4C03-494A-9858-D0CA82F073E7}] => (Allow) D:\Steam\SteamApps\common\Bigscreen\Bigscreen.exe () [Datei ist nicht signiert] FirewallRules: [{213D12B3-8CF4-40B0-9E3B-879A0FAE909D}] => (Allow) D:\Steam\SteamApps\common\Bigscreen\Bigscreen.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{1C6BA039-6DE7-41C4-9C01-D7F1B0A9DFA6}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe (Digiarty Software, Inc. -> DearMob) FirewallRules: [TCP Query User{F4238CE6-330F-4020-BBE9-03804CAF8287}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe (Digiarty Software, Inc. -> DearMob) FirewallRules: [{C1A2B18A-B673-4788-A3C6-23FF6A42B66C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{EABE0C5C-4B2F-4DA8-A8A3-DD72A4EF567F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{F0D60AA1-1CBE-43A0-8599-460873FC1120}C:\users\rufuz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rufuz\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{46813E09-5D20-442B-9EC9-DB184ABAC332}C:\users\rufuz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rufuz\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{0DE845DC-BFB8-4908-9AD6-5ECDD1FBFC58}] => (Allow) D:\Steam\SteamApps\common\DCSWorld\bin\DCS.exe (Eagle Dynamics SA -> Eagle Dynamics) FirewallRules: [{22E619AB-B972-429E-8AA2-9CDFE7BF2E0F}] => (Allow) D:\Steam\SteamApps\common\DCSWorld\bin\DCS.exe (Eagle Dynamics SA -> Eagle Dynamics) FirewallRules: [UDP Query User{79E1537D-C5A0-4FB8-9820-C8B1A3AC72BF}D:\steam\steamapps\common\skybox vr video player\steamvr_sourcevrplayer.exe] => (Allow) D:\steam\steamapps\common\skybox vr video player\steamvr_sourcevrplayer.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{29B0749B-AC4C-4D1F-AC08-C31AE47A13F8}D:\steam\steamapps\common\skybox vr video player\steamvr_sourcevrplayer.exe] => (Allow) D:\steam\steamapps\common\skybox vr video player\steamvr_sourcevrplayer.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{4C168705-ACC7-4FC9-B524-7EA0D905E2C5}D:\steam\steamapps\common\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe (Kunos Simulazioni) [Datei ist nicht signiert] FirewallRules: [TCP Query User{84DB46CA-9C4C-4B38-A972-E3B2B4CC076A}D:\steam\steamapps\common\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe (Kunos Simulazioni) [Datei ist nicht signiert] FirewallRules: [{CB87A5E3-C403-44A5-9844-F1A0D4249ABA}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{464F19C7-4E7A-4623-AB0D-9E6871B051F8}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [UDP Query User{270BD580-2386-40DD-BB85-272227BDB5B0}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{EDA14681-8DB2-4D7F-94B3-73028C154560}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe (Valve -> Valve Corporation) FirewallRules: [UDP Query User{B9917407-9239-486B-B697-E6BAE76D291E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe => Keine Datei FirewallRules: [TCP Query User{6F913F71-6935-4251-A29A-874B6440FA9A}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe => Keine Datei FirewallRules: [TCP Query User{433503CA-7315-4FEC-BDAE-C2ECDDBEDAAB}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe (NADEO SASU -> Nadeo) FirewallRules: [UDP Query User{7180A4BB-7662-4DC4-84DE-AD89D129DB90}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe (NADEO SASU -> Nadeo) FirewallRules: [{48CAFA87-21C2-4B4D-91FD-EF38D63532B7}] => (Allow) D:\Steam\SteamApps\common\Star Trek Bridge Crew\stbc.exe (UBISOFT ENTERTAINMENT INC. -> ) FirewallRules: [{ED26BFD9-A618-4229-AE64-E8C60357D1B6}] => (Allow) D:\Steam\SteamApps\common\Star Trek Bridge Crew\stbc.exe (UBISOFT ENTERTAINMENT INC. -> ) FirewallRules: [{5EDE037A-8CCA-4F22-B80E-99D7A07B8697}] => (Allow) D:\Steam\SteamApps\common\VTOL VR\VTOLVR.exe () [Datei ist nicht signiert] FirewallRules: [{95E31994-1A77-4BC9-857E-349492402F00}] => (Allow) D:\Steam\SteamApps\common\VTOL VR\VTOLVR.exe () [Datei ist nicht signiert] FirewallRules: [{C1C42096-77B6-4B28-93CA-719C6C0EE86D}] => (Allow) E:\SteamLibrary\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com) FirewallRules: [{A8E20B8E-8273-404C-8219-873B7773C39E}] => (Allow) E:\SteamLibrary\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com) FirewallRules: [{EDADD362-EDF2-405C-A94F-098D7DEAC5DB}] => (Allow) D:\Steam\SteamApps\common\Eleven Table Tennis VR\pong_waves_vr.exe () [Datei ist nicht signiert] FirewallRules: [{2E2D951D-F2F5-4AB2-92CB-DEF04885EE04}] => (Allow) D:\Steam\SteamApps\common\Eleven Table Tennis VR\pong_waves_vr.exe () [Datei ist nicht signiert] FirewallRules: [{C5C859BA-0688-4825-B7FC-A175C98B1AD8}] => (Allow) D:\Steam\SteamApps\common\Virtual Desktop\Virtual Desktop.exe (Virtual Desktop, Inc. -> Virtual Desktop, Inc.) FirewallRules: [{1478A62E-698C-4324-ACC2-1959F8C982EC}] => (Allow) D:\Steam\SteamApps\common\Virtual Desktop\Virtual Desktop.exe (Virtual Desktop, Inc. -> Virtual Desktop, Inc.) FirewallRules: [{EDA26395-947E-48F5-9D12-C6D37240FBB1}] => (Allow) E:\SteamLibrary\steamapps\common\Black Mesa\bms.exe () [Datei ist nicht signiert] FirewallRules: [{227DED97-1373-4585-AE41-BEB933BCABDD}] => (Allow) E:\SteamLibrary\steamapps\common\Black Mesa\bms.exe () [Datei ist nicht signiert] FirewallRules: [{8A0DCA61-C03E-4E5C-B028-45140272B3D4}] => (Allow) D:\Steam\SteamApps\common\Portal Reloaded\portal2.exe () [Datei ist nicht signiert] FirewallRules: [{017C8944-4C80-4115-965A-C5A7E0ED5BA6}] => (Allow) D:\Steam\SteamApps\common\Portal Reloaded\portal2.exe () [Datei ist nicht signiert] FirewallRules: [{6DFFF3B8-4654-48DC-9197-C30036930497}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F54CE614-413C-4A64-8F12-5945AC6B89B0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D600DDA3-0D5D-46C6-8E24-22A564BE7529}] => (Allow) D:\Steam\SteamApps\common\fpsVR\fpsVR.exe (SBSoftLab) [Datei ist nicht signiert] FirewallRules: [{D87E2FE5-41BB-4BCB-8870-06F9BFED25A6}] => (Allow) D:\Steam\SteamApps\common\fpsVR\fpsVR.exe (SBSoftLab) [Datei ist nicht signiert] FirewallRules: [TCP Query User{93F2ED1B-ABB1-47A6-92B4-9E2CF28D7570}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [UDP Query User{871C2B86-168D-4089-9514-516EC42B70B7}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [{5EE7885F-AA1A-4384-8447-F8BD80B28B21}] => (Allow) D:\Steam\SteamApps\common\VoiceAttack\VoiceAttack.exe (VoiceAttack.com -> VoiceAttack.com) FirewallRules: [{81DF333E-8785-4893-A2B7-94050CA15F8D}] => (Allow) D:\Steam\SteamApps\common\VoiceAttack\VoiceAttack.exe (VoiceAttack.com -> VoiceAttack.com) FirewallRules: [TCP Query User{D1643BAF-A0C0-49B3-B289-56FACFC10AD3}D:\steam\steamapps\common\voiceattack\apps\vaicompro\vaicompro.exe] => (Allow) D:\steam\steamapps\common\voiceattack\apps\vaicompro\vaicompro.exe (315 Interactive Software) [Datei ist nicht signiert] FirewallRules: [UDP Query User{9A10DB95-9F8A-4052-B157-CCA54BB0A140}D:\steam\steamapps\common\voiceattack\apps\vaicompro\vaicompro.exe] => (Allow) D:\steam\steamapps\common\voiceattack\apps\vaicompro\vaicompro.exe (315 Interactive Software) [Datei ist nicht signiert] FirewallRules: [{555BA286-40C9-4B06-8B3A-EFBF0FABBAC3}] => (Allow) D:\Steam\SteamApps\common\raceroom racing experience\Game\x64\RRRE64.exe => Keine Datei FirewallRules: [{734A9EE3-60D8-4FD2-B7FC-21BABEDD989E}] => (Allow) D:\Steam\SteamApps\common\raceroom racing experience\Game\x64\RRRE64.exe => Keine Datei FirewallRules: [{BD85B917-A7DA-4B1F-8F99-56F466B4C3D7}] => (Allow) D:\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe => Keine Datei FirewallRules: [{30A70D26-E6BD-41AA-8E67-967B3405445D}] => (Allow) D:\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe => Keine Datei FirewallRules: [TCP Query User{875DC99B-E17B-4483-B210-E8D83B605B8D}C:\program files\dcs-simpleradio-standalone\sr-clientradio.exe] => (Allow) C:\program files\dcs-simpleradio-standalone\sr-clientradio.exe (Open Source Developer, Ciaran Fisher -> Ciribob - GitHub.com/Ciribob) FirewallRules: [UDP Query User{AB4ADB19-0434-4515-8EBC-C3B765043679}C:\program files\dcs-simpleradio-standalone\sr-clientradio.exe] => (Allow) C:\program files\dcs-simpleradio-standalone\sr-clientradio.exe (Open Source Developer, Ciaran Fisher -> Ciribob - GitHub.com/Ciribob) FirewallRules: [{1F1974EA-EE4C-40C5-BE5F-F43411D3C7D7}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei FirewallRules: [{86D3DA85-E242-4233-8367-7D9889A35851}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei FirewallRules: [TCP Query User{0836BB90-FAEE-4107-81DC-5653D548502D}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [UDP Query User{8EBD0CA8-D83E-430F-B93E-4E8A164F9EA7}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [{8BB8D9FD-27F7-47E4-A2E6-6B03A38DA2A0}] => (Allow) D:\Steam\SteamApps\common\ContractorsVR\Contractors.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{4D49DBA0-FF2C-4C44-B9B0-E47B416EED06}] => (Allow) D:\Steam\SteamApps\common\ContractorsVR\Contractors.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{BAB50C1B-73C3-4088-84DD-92F070AD017F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei FirewallRules: [{371216CB-A92D-4958-99E7-561C63DB5BC5}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei FirewallRules: [{DADB2C9E-F897-475A-8154-5C3CD0E4071F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei FirewallRules: [{BFAEC499-D9F7-401C-B75D-69B8E40C1F62}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei FirewallRules: [{EEEC2BE4-175F-4EA7-B30D-893C5B3D8C67}] => (Allow) D:\Steam\SteamApps\common\EarthVR\Earth.exe (Google Inc -> Google Inc) FirewallRules: [{0C9BD9F9-867B-4337-96F1-7A148DFE64A1}] => (Allow) D:\Steam\SteamApps\common\EarthVR\Earth.exe (Google Inc -> Google Inc) FirewallRules: [{FFCD1FA2-D8EE-4C73-AB8A-F573F05AF2F0}] => (Allow) E:\SteamLibrary\steamapps\common\KartKraft\project_k.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{E44C6044-7289-4532-AC13-4B570A34E4F7}] => (Allow) E:\SteamLibrary\steamapps\common\KartKraft\project_k.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{E0FFEFA6-201B-4F2C-881A-2F6F21265010}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{096CAD80-CE33-4140-9B26-9AE6EA0DB72E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{0B2D0545-127F-4930-A6AA-7B74AA2E1CB4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{D9E20C33-7F0E-409A-8E4D-7598B486BCD1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{207B2904-1B1A-4CCC-A5F4-66C3CEE2DF5C}] => (Allow) D:\Steam\SteamApps\common\rocketleague\Binaries\Win64\RocketLeague.exe => Keine Datei FirewallRules: [{916D2D99-0184-475B-AF89-089F617737A6}] => (Allow) D:\Steam\SteamApps\common\rocketleague\Binaries\Win64\RocketLeague.exe => Keine Datei FirewallRules: [TCP Query User{3F864BD7-DB25-483A-8C0A-3661F7C1E086}C:\program files\hue sync\huesync.exe] => (Allow) C:\program files\hue sync\huesync.exe (Signify Netherlands B.V. -> Signify Netherlands B.V.) FirewallRules: [UDP Query User{58158E38-10B5-47E4-A2EA-C4712715036B}C:\program files\hue sync\huesync.exe] => (Allow) C:\program files\hue sync\huesync.exe (Signify Netherlands B.V. -> Signify Netherlands B.V.) FirewallRules: [{CFE662B8-9720-4546-B6ED-EF99009BD4BF}] => (Allow) C:\Program Files (x86)\Tacview\Tacview64.exe (Raia Software Inc. -> ) FirewallRules: [{F1C91DEE-46B1-4E9B-8038-10C1F93CC792}] => (Allow) C:\Program Files (x86)\Tacview\Tacview64.exe (Raia Software Inc. -> ) FirewallRules: [{ED1C5A47-EA3B-449F-83A1-5CA1095EA345}] => (Allow) E:\SteamLibrary\steamapps\common\Vox Machinae\vm.exe () [Datei ist nicht signiert] FirewallRules: [{A3C7B38B-D1E2-40E6-9C60-9C930B16FB8E}] => (Allow) E:\SteamLibrary\steamapps\common\Vox Machinae\vm.exe () [Datei ist nicht signiert] FirewallRules: [{6C66162E-DC31-4A14-96ED-01365D3D5B0D}] => (Allow) D:\Steam\SteamApps\common\Project CARS 2\pCARS2.exe (Slightly Mad Studios Ltd) [Datei ist nicht signiert] FirewallRules: [{17A09B31-E8A1-4C68-A36B-B11680D218FA}] => (Allow) D:\Steam\SteamApps\common\Project CARS 2\pCARS2.exe (Slightly Mad Studios Ltd) [Datei ist nicht signiert] FirewallRules: [{DAC6260E-4896-43E0-9C31-F4F9D20EC4AA}] => (Allow) E:\SteamLibrary\steamapps\common\Company of Heroes 3 - Pre-Alpha Preview\RelicAnvil.exe => Keine Datei FirewallRules: [{402E6560-5373-4624-9023-4C629E7814ED}] => (Allow) E:\SteamLibrary\steamapps\common\Company of Heroes 3 - Pre-Alpha Preview\RelicAnvil.exe => Keine Datei FirewallRules: [{A3BE5DE2-CD36-4AEF-9B88-65CDD58766AC}] => (Allow) E:\SteamLibrary\steamapps\common\New World Closed Beta\NewWorldLauncher.exe (Amazon.com Services LLC -> EasyAntiCheat Ltd) FirewallRules: [{C8889C6B-92CD-40C3-9E26-CE696B7A3949}] => (Allow) E:\SteamLibrary\steamapps\common\New World Closed Beta\NewWorldLauncher.exe (Amazon.com Services LLC -> EasyAntiCheat Ltd) FirewallRules: [TCP Query User{5479A169-FEAE-4500-838F-47814FDB31D9}E:\steamlibrary\steamapps\common\new world closed beta\bin64\newworld.exe] => (Allow) E:\steamlibrary\steamapps\common\new world closed beta\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.) FirewallRules: [UDP Query User{FD9400AB-2A58-4C2D-93FE-B44DFC9CA95C}E:\steamlibrary\steamapps\common\new world closed beta\bin64\newworld.exe] => (Allow) E:\steamlibrary\steamapps\common\new world closed beta\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.) FirewallRules: [{4F2B5090-A240-4668-83C4-C8D14CC65C25}] => (Allow) C:\Program Files (x86)\Tacview (beta)\Tacview64.exe (Raia Software Inc. -> ) FirewallRules: [{1F35A41E-A8FF-4697-ACA4-E7AB98F97242}] => (Allow) C:\Program Files (x86)\Tacview (beta)\Tacview64.exe (Raia Software Inc. -> ) FirewallRules: [{85516D45-F80D-42A9-BD79-7C95C8A710F3}] => (Allow) D:\Steam\SteamApps\common\SteamVR\bin\win32\vrstartup.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{280022B0-D087-4367-968E-6343DACC74C5}] => (Allow) D:\Steam\SteamApps\common\SteamVR\bin\win32\vrstartup.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{671A0606-675E-4839-B86C-D9CB0B80D0C5}] => (Allow) D:\Steam\SteamApps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> ) FirewallRules: [{10F36E28-4537-4655-B4D1-EAE93F773B2F}] => (Allow) D:\Steam\SteamApps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> ) FirewallRules: [{74D0A1B9-31B5-400D-8391-4FA136A055CA}] => (Allow) D:\Steam\SteamApps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> ) FirewallRules: [{BB7EE3FE-8345-4762-B227-15932B41EA4C}] => (Allow) D:\Steam\SteamApps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> ) FirewallRules: [{EAF3B7F6-4209-444E-AD6F-E78A680CA62F}] => (Allow) E:\SteamLibrary\steamapps\common\Age of Empires IV Beta\RelicCardinal.exe => Keine Datei FirewallRules: [{AA079DFD-49AF-4971-A06B-F0FEAA69252E}] => (Allow) E:\SteamLibrary\steamapps\common\Age of Empires IV Beta\RelicCardinal.exe => Keine Datei FirewallRules: [TCP Query User{A46DC815-54C9-4C79-9F0E-D9DD01CF5B3B}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{07FF1E8D-4E5B-47C0-9CC7-B7138CE0C43C}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [TCP Query User{9DC69843-4D44-4BAA-A266-260707146669}F:\syncplay_1.6.8_portable\syncplayserver.exe] => (Allow) F:\syncplay_1.6.8_portable\syncplayserver.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{65083783-0E1F-4069-AF27-C5F483B8CB68}F:\syncplay_1.6.8_portable\syncplayserver.exe] => (Allow) F:\syncplay_1.6.8_portable\syncplayserver.exe () [Datei ist nicht signiert] FirewallRules: [{EDCC378D-A74B-405B-86D2-04675B96F261}] => (Allow) D:\Steam\SteamApps\common\The Lab\TheLab\win64\TheLab.exe () [Datei ist nicht signiert] FirewallRules: [{8356FA7C-D4A4-4792-A026-F9C02AACA8C9}] => (Allow) D:\Steam\SteamApps\common\The Lab\TheLab\win64\TheLab.exe () [Datei ist nicht signiert] FirewallRules: [{2BDAED27-8810-4622-9CF2-E0FE502EFCB8}] => (Allow) E:\SteamLibrary\steamapps\common\MixedRealityVRDriver\bin\win64\Launch.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{2A1BA7ED-D9A4-4ACB-8492-D4835FFAD82D}] => (Allow) E:\SteamLibrary\steamapps\common\MixedRealityVRDriver\bin\win64\Launch.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C08C3027-67C7-4FE5-8CBB-013E9CB4C518}] => (Allow) E:\SteamLibrary\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> EasyAntiCheat Ltd) FirewallRules: [{1B0DFF45-23D6-4E73-B12E-A49AE9A38405}] => (Allow) E:\SteamLibrary\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> EasyAntiCheat Ltd) FirewallRules: [TCP Query User{EF86BE1F-2C15-4767-88CE-F2ABDB5432F8}E:\steamlibrary\steamapps\common\new world\bin64\newworld.exe] => (Allow) E:\steamlibrary\steamapps\common\new world\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.) FirewallRules: [UDP Query User{09961B4C-686E-4FC0-9C81-BBBB31386CBA}E:\steamlibrary\steamapps\common\new world\bin64\newworld.exe] => (Allow) E:\steamlibrary\steamapps\common\new world\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.) FirewallRules: [{15F2C6E5-D15C-4522-937E-FF759FB31486}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6DD6B6AC-3BFE-4874-89D1-196C776A1D98}] => (Allow) E:\SteamLibrary\steamapps\common\Kayak VR Playtest\WindowsNoEditor\Kayak_VR.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{DE527FAF-FE05-487E-8313-63316556762E}] => (Allow) E:\SteamLibrary\steamapps\common\Kayak VR Playtest\WindowsNoEditor\Kayak_VR.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{7C8407D6-4AA9-483E-868F-8E3680AB84D4}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Datei ist nicht signiert] FirewallRules: [{52C3A62A-BEC1-4B55-ACC7-8B495E104EE8}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Datei ist nicht signiert] FirewallRules: [{57ADAD09-AE43-4485-B726-681168EFF058}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{4715E5A1-39C9-42C1-941A-BAC15FF28AF3}] => (Allow) E:\SteamLibrary\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment) FirewallRules: [{C15270E4-EB86-4765-974D-E66FD42596DB}] => (Allow) E:\SteamLibrary\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment) FirewallRules: [{4CBCFD7D-7F54-4A11-BB1D-4BE540E50008}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{2ADA76B9-ACDB-4928-8270-B9D8AA67B065}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{03264EA4-8409-4782-A993-4451C907B0F9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\95.0.1020.44\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C5DDE7AF-0B9B-4B2C-A62F-7CCB69832183}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2111.9001.0_neutral__8wekyb3d8bbwe\x86\EngHost.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6FE7E7AC-1B8D-4E2F-9C43-0D7C7B39711F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2111.9001.0_neutral__8wekyb3d8bbwe\x86\EngHost.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E02375E0-5DD5-4F45-B018-71BF55BDDD75}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2111.9001.0_neutral__8wekyb3d8bbwe\amd64\EngHost.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E0BD2C14-5597-47BF-92F2-D54B878A0392}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2111.9001.0_neutral__8wekyb3d8bbwe\amd64\EngHost.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{1ED5FCBB-A343-4C90-8414-16B11581EF3A}] => (Allow) D:\Steam\SteamApps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> ) FirewallRules: [{0F4C3F28-A535-40A4-BACF-565AE8C2408A}] => (Allow) D:\Steam\SteamApps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> ) FirewallRules: [{553D0CED-A2E3-489E-982C-D74A922EA88E}] => (Allow) C:\Program Files (x86)\Overwolf\0.184.0.35\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{36925F74-AFFB-4015-8429-EBCFA0FC0E2E}] => (Allow) C:\Program Files (x86)\Overwolf\0.184.0.35\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{85E5D838-9FBC-4241-B76D-6D66931EB0A9}] => (Block) C:\Program Files (x86)\Overwolf\0.184.0.35\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{DC4E667A-74DD-4592-ABD8-B79828A0A92F}] => (Block) C:\Program Files (x86)\Overwolf\0.184.0.35\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\fotobuch.de\Designer 2.0\Designer.exe] => Designer.exe ==================== Wiederherstellungspunkte ========================= 12-11-2021 08:11:04 Windows Modules Installer ==================== Fehlerhafte Geräte im Gerätemanager ============ ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (11/13/2021 07:52:46 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DURANIUM) Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode. Error: (11/13/2021 07:51:27 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DURANIUM) Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode. Error: (11/13/2021 12:18:56 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: RocketLeague.exe, Version: 1.0.10897.0, Zeitstempel: 0x616f76e8 Name des fehlerhaften Moduls: EOSSDK-Win64-Shipping.dll, Version: 1.13.0.0, Zeitstempel: 0x614289bc Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000406ccf ID des fehlerhaften Prozesses: 0x67c0 Startzeit der fehlerhaften Anwendung: 0x01d7d80fe53c002f Pfad der fehlerhaften Anwendung: E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe Pfad des fehlerhaften Moduls: E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\EOSSDK-Win64-Shipping.dll Berichtskennung: e497f48c-e045-4fb5-b790-38a6f7bfcc7f Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (11/12/2021 09:42:52 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DURANIUM) Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode. Error: (11/12/2021 03:13:23 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DURANIUM) Description: Windows kann die erweiterbare Leistungsindikator-DLL "C:\WINDOWS\system32\sysmain.dll" nicht laden (Win32-Fehlercode 126). Error: (11/12/2021 09:27:14 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren. . Error: (11/12/2021 09:27:14 AM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren. ] Error: (11/12/2021 09:27:14 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren. . Systemfehler: ============= Error: (11/13/2021 10:41:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "SRanipalService" wurde aufgrund folgenden Fehlers nicht gestartet: Das System kann die angegebene Datei nicht finden. Error: (11/13/2021 10:40:51 AM) (Source: DCOM) (EventID: 10010) (User: DURANIUM) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/13/2021 10:40:51 AM) (Source: DCOM) (EventID: 10010) (User: DURANIUM) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/13/2021 10:40:51 AM) (Source: DCOM) (EventID: 10010) (User: DURANIUM) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/13/2021 10:40:51 AM) (Source: DCOM) (EventID: 10010) (User: DURANIUM) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/13/2021 10:40:51 AM) (Source: DCOM) (EventID: 10010) (User: DURANIUM) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/13/2021 10:40:51 AM) (Source: DCOM) (EventID: 10010) (User: DURANIUM) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/13/2021 10:40:51 AM) (Source: DCOM) (EventID: 10010) (User: DURANIUM) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Windows Defender: ================ Date: 2021-11-14 03:01:05 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/OpenCandy&threatid=223695&enterprise=0 Name: PUA:Win32/OpenCandy Schweregrad: Noch nicht klassifiziert Kategorie: Unbekannt Pfad: file:_C:\$Recycle.Bin\S-1-5-21-1354302738-180291989-3184307785-1001\$R7AEKJK.exe; file:_C:\$Recycle.Bin\S-1-5-21-1354302738-180291989-3184307785-1001\$RAPT9JD.exe Erkennungsursprung: Lokaler Computer Erkennungstype: FastPath Erkennungsquelle: Echtzeitschutz Benutzer: Prozessname: C:\Users\Rufuz\Downloads\RogueKiller_portable64.exe Sicherheitsversion: AV: 1.353.929.0, AS: 1.353.929.0, NIS: 1.353.929.0 Modulversion: AM: 1.1.18700.4, NIS: 1.1.18700.4 Date: 2021-11-06 11:44:59 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {1F5F0A47-1A9C-439C-A086-2F6F5BA5061F} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2021-10-31 14:35:29 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/DownloadSponsor&threatid=311978&enterprise=0 Name: PUADlManager:Win32/DownloadSponsor Schweregrad: Niedrig Kategorie: Potenziell unerwünschte Software Pfad: file:_C:\$Recycle.Bin\S-1-5-21-1354302738-180291989-3184307785-1001\$RGHDD34.exe Erkennungsursprung: Lokaler Computer Erkennungstype: Konkret Erkennungsquelle: Echtzeitschutz Benutzer: DURANIUM\Rufuz Prozessname: C:\Windows\explorer.exe Sicherheitsversion: AV: 1.353.137.0, AS: 1.353.137.0, NIS: 1.353.137.0 Modulversion: AM: 1.1.18700.4, NIS: 1.1.18700.4 Date: 2021-10-31 14:35:24 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/OpenCandy&threatid=223695&enterprise=0 Name: PUA:Win32/OpenCandy Schweregrad: Noch nicht klassifiziert Kategorie: Unbekannt Pfad: file:_C:\$Recycle.Bin\S-1-5-21-1354302738-180291989-3184307785-1001\$R7AEKJK.exe; file:_C:\$Recycle.Bin\S-1-5-21-1354302738-180291989-3184307785-1001\$RAPT9JD.exe Erkennungsursprung: Lokaler Computer Erkennungstype: FastPath Erkennungsquelle: Echtzeitschutz Benutzer: DURANIUM\Rufuz Prozessname: C:\Windows\explorer.exe Sicherheitsversion: AV: 1.353.137.0, AS: 1.353.137.0, NIS: 1.353.137.0 Modulversion: AM: 1.1.18700.4, NIS: 1.1.18700.4 Date: 2021-10-31 14:34:54 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/OpenCandy&threatid=223695&enterprise=0 Name: PUA:Win32/OpenCandy Schweregrad: Noch nicht klassifiziert Kategorie: Unbekannt Pfad: file:_C:\$Recycle.Bin\S-1-5-21-1354302738-180291989-3184307785-1001\$R7AEKJK.exe Erkennungsursprung: Lokaler Computer Erkennungstype: FastPath Erkennungsquelle: Echtzeitschutz Benutzer: DURANIUM\Rufuz Prozessname: C:\Windows\explorer.exe Sicherheitsversion: AV: 1.353.137.0, AS: 1.353.137.0, NIS: 1.353.137.0 Modulversion: AM: 1.1.18700.4, NIS: 1.1.18700.4 CodeIntegrity: =============== Date: 2021-10-17 11:43:42 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume5\Program Files\Google\Drive File Stream\51.0.16.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements. ==================== Speicherinformationen =========================== BIOS: American Megatrends Inc. P4.00 04/15/2021 Hauptplatine: ASRock X570 Pro4 Prozessor: AMD Ryzen 5 5600X 6-Core Processor Prozentuale Nutzung des RAM: 27% Installierter physikalischer RAM: 32686.45 MB Verfügbarer physikalischer RAM: 23634.18 MB Summe virtueller Speicher: 37550.45 MB Verfügbarer virtueller Speicher: 24484.82 MB ==================== Laufwerke ================================ Drive c: (System) (Fixed) (Total:464.19 GB) (Free:126.01 GB) NTFS Drive d: (Games) (Fixed) (Total:931.51 GB) (Free:168.2 GB) NTFS Drive e: (Games) (Fixed) (Total:931.51 GB) (Free:212.12 GB) NTFS Drive f: (Daten) (Fixed) (Total:1863.01 GB) (Free:79.59 GB) NTFS Drive g: (rufuz64@gmail.com - Google Drive) (Fixed) (Total:100 GB) (Free:36.28 GB) FAT32 Drive h: (casual.racing.league@gmail.co...) (Fixed) (Total:100 GB) (Free:45.34 GB) FAT32 \\?\Volume{00092176-0000-0000-0000-100000000000}\ (System-reserviert) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS \\?\Volume{538a6a1f-4dc8-6248-5b5f-13c49b28a56a}\ () (Fixed) (Total:101.08 GB) (Free:0 GB) NTFS \\?\Volume{2c8d4a56-5754-8dc0-bdb2-51d4222273ae}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS \\?\Volume{5a1847b4-f61e-e681-1673-885e9dc9b270}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS \\?\Volume{00092176-0000-0000-0000-702b74000000}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS \\?\Volume{00092176-0000-0000-0000-474e74000000}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 68CA5102) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: C99D012A) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ========================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 000896DA) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ========================================================== Disk: 3 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 00092176) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=464.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=556 MB) - (Type=27) Partition 4: (Not Active) - (Size=550 MB) - (Type=27) Attempted reading MBR returned 0 bytes. Could not read MBR for disk 4. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 5. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 6. ==================== Ende von Addition.txt ======================= |
16.11.2021, 21:53 | #17 | |
/// TB-Ausbilder | Win 10 Start dauert sehr langeZitat:
Ich brauche nach dem FRST-Fix und nach der Datenträgerbereinigung schon neue Logdateien... Bitte FRST neu ausführen und beide Logdateien posten:
|
17.11.2021, 08:39 | #18 |
| Win 10 Start dauert sehr lange Entschuldige, da ging etwas durcheinander. Hier nach nochmaligem Durchlauf die
__________________FRST.txt - Addition.txt - Shortcut.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-11-2021 durchgeführt von Rufuz (Administrator) auf DURANIUM (17-11-2021 08:24:27) Gestartet von C:\Users\Rufuz\Desktop\Trojaner-Board Geladene Profile: Rufuz Plattform: Microsoft Windows 10 Pro Version 21H1 19043.1348 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: FF Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) () [Datei ist nicht signiert] C:\Program Files\BakkesMod\BakkesMod.exe (3 Play Networks, Inc. -> Sphinx Software) C:\Program Files\Windows10FirewallControl\Windows10FirewallControl.exe (3 Play Networks, Inc. -> Sphinx Software) C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe (ALCPU -> ALCPU) C:\Program Files\Core Temp\Core Temp.exe (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe (Discord Inc. -> Discord Inc.) C:\Users\Rufuz\AppData\Local\Discord\app-1.0.9003\Discord.exe <6> (Electronic Arts, Inc. -> Electronic Arts) E:\Origin\OriginWebHelperService.exe (Endor AG -> ) C:\Program Files\Fanatec\Fanatec Wheel\FWPnpService.exe (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe (Google LLC -> ) C:\Program Files\Google\Drive File Stream\52.0.6.0\crashpad_handler.exe <2> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe <7> (gputemp.com) [Datei ist nicht signiert] C:\Program Files (x86)\GPU Temp\GPUTemp.exe (Greenshot) [Datei ist nicht signiert] C:\Program Files\Greenshot\Greenshot.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe (Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3> (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.59.1001.0_x64__8wekyb3d8bbwe\gamingservices.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.59.1001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Spectrum.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <6> (Nextcloud GmbH -> Nextcloud GmbH) C:\Program Files\Nextcloud\nextcloud.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4> (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NvVirtualCamera\NVIDIA Broadcast.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\NVDisplay.Container.exe <2> (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.184.0.35\OverwolfHelper.exe (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.184.0.35\OverwolfHelper64.exe (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.184.0.35\OverwolfBrowser.exe <3> (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe (Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (Scarlet.Crush Productions) [Datei ist nicht signiert] F:\_Portable\PS3 Controller\bin\ScpService.exe (Shenzhen Huion Animation Technology Co.,LTD -> ) C:\Huion Tablet\x64\TabletDriverCore.exe (Signal Messenger, LLC -> Open Whisper Systems) C:\Users\Rufuz\AppData\Local\Programs\signal-desktop\Signal.exe <5> (Signify Netherlands B.V. -> Signify Netherlands B.V.) C:\Program Files\Hue Sync\HueSync.exe (Synology Inc. -> ) C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Tobii AB -> ) C:\Program Files (x86)\Tobii\Tobii VRU02 Runtime\platform_runtime_VR4U2P2_service.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe (Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7> (Valve -> Valve Corporation) D:\Steam\steam.exe (Virtual Desktop, Inc. -> Virtual Desktop, Inc.) C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [528384 2015-11-10] (Greenshot) [Datei ist nicht signiert] HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [878584 2019-05-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Windows10FirewallControl] => C:\Program Files\Windows10FirewallControl\Windows10FirewallControl.exe [1803824 2019-07-28] (3 Play Networks, Inc. -> Sphinx Software) HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [564928 2021-03-25] (geek software GmbH -> geek software GmbH) HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [638352 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.) HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [TabletDriver] => C:\Huion Tablet\x64\TabletDriverCore.exe [333544 2020-10-24] (Shenzhen Huion Animation Technology Co.,LTD -> ) HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [136443968 2021-11-03] (Logitech Inc -> Logitech, Inc.) HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [Nextcloud] => C:\Program Files\Nextcloud\nextcloud.exe [2739008 2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH) HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [HueSync] => C:\Program Files\Hue Sync\HueSync.exe [20154280 2021-08-23] (Signify Netherlands B.V. -> Signify Netherlands B.V.) HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [Magnet.bootstrap_Vive] => "C:\Program Files (x86)\VIVE\PCClient\Vive.exe" --silent (Keine Datei) HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [BakkesMod] => C:\Program Files\BakkesMod\BakkesMod.exe [16066560 2021-05-04] () [Datei ist nicht signiert] HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.) HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [org.whispersystems.signal-desktop] => C:\Users\Rufuz\AppData\Local\Programs\signal-desktop\Signal.exe [136232376 2021-11-10] (Signal Messenger, LLC -> Open Whisper Systems) HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1806680 2021-10-31] (Overwolf Ltd -> Overwolf Ltd.) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.) HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2020-12-06] (pdfforge GmbH) [Datei ist nicht signiert] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-15] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HideVolumeOSD.lnk [2017-07-22] ShortcutTarget: HideVolumeOSD.lnk -> C:\Program Files (x86)\HideVolumeOSD\HideVolumeOSD.exe (Venturi) [Datei ist nicht signiert] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Huion Tablet.lnk [2020-12-30] ShortcutTarget: Huion Tablet.lnk -> C:\Huion Tablet\Huion Tablet.exe (Shenzhen Huion Animation Technology Co.,LTD -> ) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {02CF22A1-5833-47DF-BB75-FAE02A89E3A3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8314824 2021-11-14] (Microsoft Corporation -> Microsoft Corporation) Task: {1CDC08B6-AA17-46BE-8F00-F6F58DCCB450} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {216D93D7-6AE1-4652-AE4A-102910A452DA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation) Task: {242507AC-76A8-4967-90A9-26D4D667D381} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {287FA373-DDD1-4C4C-8439-FDBA944ADFEC} - System32\Tasks\Core Temp Autostart Rufuz => C:\Program Files\Core Temp\Core Temp.exe [1031512 2021-04-01] (ALCPU -> ALCPU) Task: {2AC8F50D-84ED-4BFE-91F1-C4452F045471} - System32\Tasks\NvBroadcast_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe [22267088 2021-09-01] (Nvidia Corporation -> NVIDIA Corporation) Task: {2E41A145-077C-4011-BE9C-E3A5810B215E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {318676CD-3B2A-4E70-BF19-D5855AA58963} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2484568 2021-10-31] (Overwolf Ltd -> Overwolf LTD) Task: {31E71847-2604-464D-B777-A6BDEACB8861} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {45FAEDFC-35D5-4812-9AB7-B59DF3102217} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {586A2693-EE96-49A1-8E3C-584C153B4C85} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5C7040EA-3D9E-4277-BEF4-25CCFACBE8F8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8314824 2021-11-14] (Microsoft Corporation -> Microsoft Corporation) Task: {644EC301-90E6-4333-B017-ED24CC34D3B2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6D3A225A-5A2C-458B-96CF-1E634104DD52} - System32\Tasks\{D97764FA-C04F-472B-9BF2-3B712677EF82} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe" Task: {82E28161-F2F0-422D-898F-9CA3DC8438C4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation) Task: {842D6D20-4D20-4E1A-B7BD-B6281AD84463} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9084BCE0-F4F5-46B2-A729-2C8659420242} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-25] (Google Inc -> Google Inc.) Task: {909EA4A5-1859-485C-9E7B-9ADBF44589D3} - System32\Tasks\SafeZone scheduled Autoupdate 1464429621 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0) (Keine Datei) Task: {925D4D1C-E3B7-45F2-BB92-055F3FB97D38} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-14] (Microsoft Corporation -> Microsoft Corporation) Task: {A1C66833-1B7A-4F99-B8D5-DD71489D693A} - System32\Tasks\GPU Temp\Startup => C:\Program Files (x86)\GPU Temp\GPUTemp.exe [1032192 2011-10-01] (gputemp.com) [Datei ist nicht signiert] Task: {A9465F63-FD74-4A24-813A-A2A950BCC071} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {AAF982D1-4C4C-402E-A5BE-B5C396CB3B4B} - System32\Tasks\elevator_b58b0b144169daf1a5b3ae13ea6f5142 => C:\Program Files (x86)\SimHub\SimHubWPF.exe [2995200 2020-10-11] () [Datei ist nicht signiert] Task: {ACD24385-C79A-4362-99DB-B447FD921C20} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-25] (Google Inc -> Google Inc.) Task: {C0B57FA7-3524-4AB8-8060-0EE5FED22BDE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {C4FDB2CF-0B83-41E8-B12B-92071ECB0469} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-14] (Microsoft Corporation -> Microsoft Corporation) Task: {C999D290-0D1E-4CF6-BC43-B2C5642E4FD7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {CA7380EC-BBC6-48A6-BBE6-018A3553F891} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {D418ACA5-9373-4766-9E06-9376C0157677} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E1E50819-412A-42CE-A697-2A627195A00F} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4487904 2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.) Task: {EDDB44B2-22E5-4604-8856-E982D562329F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation) Task: {F1387320-E286-44DD-93A5-8AC5F76EDE71} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F4142315-99D1-4D76-BFCF-66965117A6D2} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-04] (Mozilla Corporation -> Mozilla Foundation) Task: {FA00E159-5FB4-4572-A406-90D11DFDE23D} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{430afc92-c19b-4475-b66c-ee649c05e911}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{6a9f485a-f821-43c2-a828-e1e22575ec8c}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{9aef3068-3555-4aab-9389-f3da809d5d4a}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{bb73d5f1-614a-49e7-aa81-a6c312f842fb}: [DhcpNameServer] 192.168.178.1 Edge: ======= DownloadDir: C:\Users\Rufuz\Downloads Edge DefaultProfile: Default Edge Profile: C:\Users\Rufuz\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-05] Edge DownloadDir: Default -> C:\Users\Rufuz\Downloads Edge StartupUrls: Default -> "hxxps://google.de/" Edge Profile: C:\Users\Rufuz\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2020-12-17] FireFox: ======== FF DefaultProfile: b3mulky7.default FF ProfilePath: C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\ou1uqo97.Anonym [2021-11-15] FF ProfilePath: C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\paukqpxj.CRL [2021-11-16] FF Homepage: Mozilla\Firefox\Profiles\paukqpxj.CRL -> www.google.de FF ProfilePath: C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default [2021-11-17] FF Homepage: Mozilla\Firefox\Profiles\b3mulky7.default -> www.google.de FF Notifications: Mozilla\Firefox\Profiles\b3mulky7.default -> hxxps://rltracker.pro; hxxps://www.hardwareluxx.de; hxxps://forums.newworld.com FF Extension: (Netflix Super Browse) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\@cyris.xpi [2017-10-21] [] FF Extension: (AdBlocker Ultimate) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\adblockultimate@adblockultimate.net.xpi [2021-10-08] FF Extension: (Tampermonkey) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\firefox@tampermonkey.net.xpi [2021-07-08] FF Extension: (Netflix Plus) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\jid0-thbzZj1IIKe4A7ggnuyqMnmaa5U@jetpack.xpi [2017-10-21] FF Extension: (Decentraleyes) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2021-09-03] FF Extension: (I don't care about cookies) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2021-10-28] FF Extension: (Dark Background and Light Text) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\jid1-QoFqdK4qzUfGWQ@jetpack.xpi [2021-02-09] FF Extension: (FindFlix: Netflix Secret Category Finder) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\njgopmododdceghkcgbmgfffamnjbjno@chrome-store-foxified-unsigned.xpi [2017-10-21] FF Extension: (uMatrix) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\uMatrix@raymondhill.net.xpi [2021-07-20] FF Extension: (Dark Theme for Google™) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{026cca71-a2e2-4020-840d-f2759849d62e}.xpi [2021-09-12] FF Extension: (All-in-One Sidebar) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2017-08-18] [] FF Extension: (Stylus Blue) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{11a41736-a1d5-4b1d-9cc3-983ed6a3ad30}.xpi [2019-06-30] FF Extension: (Firefox Carbon) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{155bf27e-5389-49ee-bda7-b7a91631b899}.xpi [2019-06-30] FF Extension: (NoScript) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-08-31] FF Extension: (Tab Auto Refresh) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{7fee47a1-8299-4576-90bf-5fd88d756926}.xpi [2021-07-21] FF Extension: (ReloadEvery) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2017-03-12] [] FF Extension: (Password Exporter) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2017-07-04] [] FF Extension: (Video DownloadHelper) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-03] FF Extension: (Greasemonkey) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2021-07-08] FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei] FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=5.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2016-03-16] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin HKU\S-1-5-21-1354302738-180291989-3184307785-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-1354302738-180291989-3184307785-1001: jpl.nasa.gov/NASAEyes -> C:\Users\Rufuz\AppData\Roaming\JPL-NASA-Caltech\NASA's Eyes\npNASAEyes.dll [2018-12-05] (NASA Jet Propulsion Laboratory -> Jet Propulsion Laboratory) FF Plugin HKU\S-1-5-21-1354302738-180291989-3184307785-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\Rufuz\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin HKU\S-1-5-21-1354302738-180291989-3184307785-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\Rufuz\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default [2021-11-14] CHR HomePage: Default -> hxxp://www.google.de/ CHR Extension: (Präsentationen) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-09] CHR Extension: (Docs) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-09] CHR Extension: (Google Drive) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-09] CHR Extension: (YouTube) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-09] CHR Extension: (Tabellen) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-09] CHR Extension: (Google Docs Offline) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-01] CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-11-01] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-09] CHR Extension: (Benutzerdefiniertes Profilbild für Netflix™) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\olimcenppncifgiahopimblidefpdffi [2021-11-01] CHR Extension: (Google Mail) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-09] CHR HKU\S-1-5-21-1354302738-180291989-3184307785-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2019-11-21] (BattlEye Innovations e.K. -> ) R2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [144784 2018-04-18] (Canon Inc. -> CANON INC.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-11-04] (Microsoft Corporation -> Microsoft Corporation) S3 Creative Media Toolbox 6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [79360 2017-04-23] (Creative Labs) [Datei ist nicht signiert] R2 Ds3Service; F:\_Portable\PS3 Controller\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [Datei ist nicht signiert] S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-08-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1113864 2020-09-20] (Bayerisches Landesamt fuer Steuern -> ) S3 fpsVR Service - CPU Temperature Counter; C:\Program Files\fpsVR\fpsvrCPUTempCounterService.exe [10752 2021-05-13] () [Datei ist nicht signiert] R2 FWPnpService; C:\Program Files\Fanatec\Fanatec Wheel\FWPnpService.exe [423288 2021-01-06] (Endor AG -> ) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> ) S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [Datei ist nicht signiert] R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [Datei ist nicht signiert] R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11148864 2021-11-03] (Logitech Inc -> Logitech, Inc.) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-13] (Malwarebytes Inc -> Malwarebytes) S3 Origin Client Service; E:\Origin\OriginClientService.exe [2523448 2020-12-02] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; E:\Origin\OriginWebHelperService.exe [3478336 2020-12-02] (Electronic Arts, Inc. -> Electronic Arts) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2484568 2021-10-31] (Overwolf Ltd -> Overwolf LTD) R2 PDF24; C:\Program Files\PDF24\pdf24.exe [564928 2021-03-25] (geek software GmbH -> geek software GmbH) R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1897456 2016-11-08] (Plex, Inc -> Plex, Inc.) S3 Rockstar Service; E:\Rockstar Games\Launcher\RockstarService.exe [1676696 2021-03-15] (Rockstar Games, Inc. -> Rockstar Games) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6103464 2021-11-12] (Microsoft Windows Publisher -> Microsoft Corporation) S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-06-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [935352 2020-06-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 Tobii VRU02 Runtime; C:\Program Files (x86)\Tobii\Tobii VRU02 Runtime\platform_runtime_VR4U2P2_service.exe [4010344 2020-01-29] (Tobii AB -> ) R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [253912 2019-10-30] (Synology Inc. -> ) R2 VirtualDesktop.Service.exe; C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe [1964824 2021-05-26] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) R2 Windows10FirewallService; C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe [4170264 2019-07-28] (3 Play Networks, Inc. -> Sphinx Software) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 ALSysIO; C:\Users\Rufuz\AppData\Local\Temp\ALSysIO64.sys [47240 2021-11-17] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ACHTUNG S3 AsrDrv101; C:\WINDOWS\SysWOW64\Drivers\AsrDrv101.sys [22280 2017-02-05] (ASROCK Incorporation -> ASRock Incorporation) R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96616 2020-05-27] (Bitdefender SRL -> BitDefender) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert] S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [75560 2021-06-17] (Broadcom Corporation -> Broadcom Corporation.) R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG) S3 FanatecWheelFilterUsb; C:\WINDOWS\System32\drivers\FWFilterUsb.sys [91152 2020-08-11] (Endor AG -> Endor AG) R3 FWVirtualInputDevice; C:\WINDOWS\System32\drivers\FWVirtualInputDevice.sys [35344 2020-08-11] (Endor AG -> Endor AG) R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-09-09] (Google LLC -> Google, Inc.) S3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech -> Logitech Inc.) R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [37200 2021-05-16] (Logitech Inc -> Logitech) R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [25928 2021-05-16] (Logitech Inc -> Logitech) R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66896 2021-05-16] (Logitech Inc -> Logitech) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-11-13] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-13] (Malwarebytes Inc -> Malwarebytes) R3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (Windows Central Build Account - X -> MediaTek Inc.) S3 oculusvad_oculusvad; C:\WINDOWS\System32\drivers\oculusvad.sys [74248 2019-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> ) R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> ) S3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider) R3 vdvad_WaveExtensible; C:\WINDOWS\System32\drivers\vdvad.sys [41072 2019-12-21] (Virtual Desktop, Inc. -> Virtual Desktop) R3 vjoy; C:\WINDOWS\System32\drivers\vjoy.sys [67448 2019-07-14] (On-site Dental Systems (Justin Shafer) -> Shaul Eizikovich) R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2018-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation) R3 WinRing0_1_2_0; C:\Users\Rufuz\AppData\Local\Temp\tmp4BBE.tmp [14544 2021-11-17] (Noriyuki MIYAZAKI -> OpenLibSys.org) <==== ACHTUNG ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2021-11-16 21:29 - 2021-11-16 21:29 - 000000000 ____D C:\WINDOWS\LastGood 2021-11-16 21:28 - 2021-11-11 03:36 - 001874664 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2021-11-16 21:28 - 2021-11-11 03:36 - 001874664 _____ C:\WINDOWS\system32\vulkaninfo.exe 2021-11-16 21:28 - 2021-11-11 03:36 - 001464960 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2021-11-16 21:28 - 2021-11-11 03:36 - 001450216 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2021-11-16 21:28 - 2021-11-11 03:36 - 001450216 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2021-11-16 21:28 - 2021-11-11 03:36 - 001208248 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2021-11-16 21:28 - 2021-11-11 03:36 - 001111272 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2021-11-16 21:28 - 2021-11-11 03:36 - 001111272 _____ C:\WINDOWS\system32\vulkan-1.dll 2021-11-16 21:28 - 2021-11-11 03:36 - 000965352 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2021-11-16 21:28 - 2021-11-11 03:36 - 000965352 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2021-11-16 21:28 - 2021-11-11 03:33 - 001597568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2021-11-16 21:28 - 2021-11-11 03:33 - 001523328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2021-11-16 21:28 - 2021-11-11 03:33 - 001174456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2021-11-16 21:28 - 2021-11-11 03:33 - 000802232 _____ C:\WINDOWS\system32\nvofapi64.dll 2021-11-16 21:28 - 2021-11-11 03:33 - 000709560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2021-11-16 21:28 - 2021-11-11 03:33 - 000678328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2021-11-16 21:28 - 2021-11-11 03:33 - 000656512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2021-11-16 21:28 - 2021-11-11 03:33 - 000635008 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2021-11-16 21:28 - 2021-11-11 03:33 - 000564352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2021-11-16 21:28 - 2021-11-11 03:32 - 008725944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2021-11-16 21:28 - 2021-11-11 03:32 - 007845816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2021-11-16 21:28 - 2021-11-11 03:32 - 005730224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2021-11-16 21:28 - 2021-11-11 03:32 - 004940728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2021-11-16 21:28 - 2021-11-11 03:32 - 000452224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2021-11-16 21:28 - 2021-11-11 03:31 - 000850872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2021-11-16 21:28 - 2021-11-11 03:30 - 006432960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2021-11-16 21:28 - 2021-11-09 23:27 - 000085718 _____ C:\WINDOWS\system32\nvinfo.pb 2021-11-16 21:28 - 2021-11-09 23:27 - 000038016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll 2021-11-16 00:21 - 2021-11-16 00:26 - 000010720 _____ C:\Users\Rufuz\Desktop\Würzofix.xlsx 2021-11-15 16:55 - 2021-11-15 16:59 - 000000000 ____D C:\Users\Rufuz\Desktop\Trojaner-Board 2021-11-15 16:05 - 2021-11-15 16:05 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2021-11-15 00:02 - 2021-11-15 00:02 - 000736740 _____ C:\Users\Rufuz\Desktop\MediaElch_movies_2021-11-15_00-00-38.xlsx 2021-11-15 00:00 - 2021-11-15 00:00 - 001815392 _____ C:\Users\Rufuz\Desktop\MediaElch_movies_2021-11-15_00-00-38.csv 2021-11-14 15:20 - 2021-11-14 15:20 - 000002120 _____ C:\Users\Rufuz\Downloads\ACCTV.application 2021-11-14 09:45 - 2021-11-14 09:45 - 000000000 ____D C:\WINDOWS\SysWOW64\NV 2021-11-14 09:45 - 2021-11-14 09:45 - 000000000 ____D C:\WINDOWS\system32\NV 2021-11-14 02:36 - 2021-11-14 03:02 - 000000000 ____D C:\ProgramData\RogueKiller 2021-11-14 02:36 - 2021-11-14 02:36 - 032596312 _____ C:\Users\Rufuz\Downloads\RogueKiller_portable64.exe 2021-11-13 12:10 - 2021-11-17 08:24 - 000000000 ____D C:\FRST 2021-11-13 10:16 - 2021-11-13 10:38 - 000000000 ____D C:\Users\Rufuz\AppData\LocalLow\IGDump 2021-11-13 10:14 - 2021-11-13 10:14 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-11-13 10:14 - 2021-11-13 10:14 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-11-13 10:14 - 2021-11-13 10:14 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-11-13 10:14 - 2021-11-13 10:14 - 000002039 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-11-13 10:14 - 2021-11-13 10:14 - 000002027 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-11-13 10:13 - 2021-11-13 10:13 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-11-13 10:13 - 2021-11-13 10:13 - 000000000 ____D C:\Program Files\Malwarebytes 2021-11-13 10:05 - 2021-11-13 10:05 - 002101944 _____ (Malwarebytes) C:\Users\Rufuz\Desktop\MBSetup.exe 2021-11-12 15:14 - 2021-11-17 08:01 - 000002323 _____ C:\Users\Rufuz\Desktop\NWMM - New World MiniMap.lnk 2021-11-12 15:14 - 2021-11-12 15:14 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf 2021-11-12 15:13 - 2021-11-17 08:01 - 000000000 ____D C:\Users\Rufuz\AppData\Local\Overwolf 2021-11-12 15:13 - 2021-11-12 15:13 - 000004382 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task 2021-11-12 15:13 - 2021-11-12 15:13 - 000000000 ____D C:\ProgramData\Overwolf 2021-11-12 15:13 - 2021-11-12 15:13 - 000000000 ____D C:\Program Files (x86)\Overwolf 2021-11-12 08:13 - 2021-11-12 08:13 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-11-12 08:13 - 2021-11-12 08:13 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-11-12 08:13 - 2021-11-12 08:13 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-11-12 08:13 - 2021-11-12 08:13 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-11-12 08:11 - 2021-11-12 08:11 - 000000000 ___HD C:\$WinREAgent 2021-11-11 08:40 - 2021-10-08 11:00 - 000160376 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys 2021-11-09 11:31 - 2021-11-09 11:31 - 000020518 _____ C:\Users\Rufuz\AppData\Local\recently-used.xbel 2021-11-05 01:11 - 2021-11-05 01:11 - 000005446 _____ C:\Users\Rufuz\Desktop\New-World-Server.xlsx - Verknüpfung.lnk 2021-11-04 19:29 - 2021-11-05 08:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2021-11-03 08:03 - 2021-11-03 08:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi 2021-11-03 08:03 - 2021-11-03 08:03 - 000000000 ____D C:\Program Files\LGHUB 2021-11-01 20:21 - 2021-11-01 20:21 - 011792608 _____ (Tim Kosse) C:\Users\Rufuz\Downloads\FileZilla_3.56.2_win64-setup.exe 2021-11-01 01:16 - 2021-11-01 01:16 - 000000952 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.28.lnk 2021-11-01 01:14 - 2021-11-01 01:14 - 043472272 _____ ( ) C:\Users\Rufuz\Downloads\gimp-help-2.10.0-de-setup.exe 2021-11-01 01:13 - 2021-11-01 01:13 - 249654104 _____ (The GIMP Team ) C:\Users\Rufuz\Downloads\gimp-2.10.28-setup.exe 2021-10-31 13:07 - 2021-10-31 13:07 - 000062159 _____ C:\Users\Rufuz\Downloads\CRL - 2021-10-30 07:50 - 2021-10-30 07:50 - 000001930 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nextcloud.lnk 2021-10-30 07:50 - 2021-10-30 07:50 - 000000000 ____D C:\Program Files\Nextcloud 2021-10-26 19:25 - 2021-10-26 19:25 - 000000931 _____ C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UCR.lnk 2021-10-26 19:00 - 2021-11-11 03:33 - 002116536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2021-10-26 19:00 - 2021-11-11 03:32 - 000981120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2021-10-25 12:10 - 2021-10-25 12:10 - 000008858 _____ C:\Users\Rufuz\Downloads\CCIP_Abstande.xlsx ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2021-11-17 08:25 - 2017-11-20 22:13 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\discord 2021-11-17 08:22 - 2018-10-25 16:03 - 000000000 ____D C:\Program Files (x86)\Google 2021-11-17 08:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-11-17 08:16 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-11-17 08:08 - 2021-03-13 18:37 - 001590252 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-11-17 08:08 - 2019-12-07 15:51 - 000684798 _____ C:\WINDOWS\system32\perfh007.dat 2021-11-17 08:08 - 2019-12-07 15:51 - 000141256 _____ C:\WINDOWS\system32\perfc007.dat 2021-11-17 08:08 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2021-11-17 08:04 - 2019-02-02 01:09 - 000000000 ____D C:\ProgramData\Mozilla 2021-11-17 08:03 - 2021-10-09 23:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-11-17 08:03 - 2019-01-09 20:57 - 000000000 ____D C:\Users\Rufuz\AppData\Local\Discord 2021-11-17 08:03 - 2017-04-23 09:23 - 000000000 ____D C:\ProgramData\NVIDIA 2021-11-17 08:03 - 2016-11-19 09:35 - 000000000 ____D C:\Users\Rufuz\AppData\LocalLow\Mozilla 2021-11-17 08:01 - 2021-06-24 09:32 - 000000000 ___SD C:\Users\Rufuz\HAVERdrive 2021-11-17 08:01 - 2021-05-16 09:14 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\LGHUB 2021-11-17 08:01 - 2021-05-16 09:14 - 000000000 ____D C:\Users\Rufuz\AppData\Local\LGHUB 2021-11-17 08:01 - 2021-03-13 18:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-11-17 08:01 - 2021-03-13 18:27 - 000008192 ___SH C:\DumpStack.log.tmp 2021-11-17 08:01 - 2021-02-14 09:31 - 000000000 ___RD C:\Users\Rufuz\Google Drive (casual.racing.league@gmail.com) 2021-11-17 08:01 - 2021-01-20 09:41 - 000000000 ___RD C:\Users\Rufuz\Google Drive 2021-11-17 08:01 - 2021-01-11 13:36 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\Signal 2021-11-17 08:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-11-17 08:01 - 2016-08-20 09:59 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-11-17 03:02 - 2021-06-24 08:50 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\Nextcloud 2021-11-17 03:02 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-11-17 00:15 - 2016-05-29 11:05 - 000000000 ____D C:\Users\Rufuz\AppData\Local\CrashDumps 2021-11-16 22:41 - 2018-07-14 18:55 - 000000000 ____D C:\Users\Rufuz\AppData\Local\D3DSCache 2021-11-16 22:39 - 2021-09-24 11:22 - 000000000 ____D C:\Users\Rufuz\Desktop\New World 2021-11-16 19:28 - 2020-11-17 12:22 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\vlc 2021-11-16 08:05 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-11-16 01:58 - 2016-07-26 22:40 - 000000000 ____D C:\Users\Rufuz\AppData\Local\QuickPar 2021-11-15 20:06 - 2020-05-23 10:05 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\AdvancedSettings-Team 2021-11-15 20:05 - 2021-09-01 19:04 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR 2021-11-15 13:25 - 2021-10-09 23:51 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-11-15 13:25 - 2021-10-09 23:51 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-11-15 08:01 - 2021-06-28 14:39 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\HueSync 2021-11-14 17:43 - 2021-03-03 18:38 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\obs-studio 2021-11-14 15:21 - 2021-09-12 10:18 - 000000000 ____D C:\Users\Rufuz\AppData\Local\Deployment 2021-11-14 15:13 - 2016-10-25 18:38 - 000000000 ____D C:\Program Files\Microsoft Office 2021-11-14 13:11 - 2017-04-29 23:04 - 000000000 ____D C:\Users\Rufuz\AppData\Local\Spotify 2021-11-14 13:11 - 2017-04-29 23:03 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\Spotify 2021-11-14 10:35 - 2020-06-18 05:47 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-11-14 09:50 - 2016-06-12 10:05 - 000000000 ____D C:\Users\Rufuz\AppData\LocalLow\Temp 2021-11-14 09:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2021-11-14 09:45 - 2015-10-30 08:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2021-11-13 21:33 - 2021-06-28 21:06 - 000000000 ____D C:\Users\Rufuz\Documents\Tacview 2021-11-13 10:41 - 2021-03-13 18:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-11-13 10:14 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-11-12 09:27 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-11-12 09:27 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-11-12 09:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-11-12 09:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-11-12 09:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-11-12 08:13 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-11-12 08:10 - 2016-05-29 11:44 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-11-12 08:09 - 2016-05-29 11:44 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-11-11 03:32 - 2021-09-29 00:21 - 000792192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2021-11-11 03:32 - 2021-01-20 19:57 - 002850432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2021-11-11 03:30 - 2021-01-20 19:57 - 007582144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2021-11-10 17:26 - 2017-11-19 12:13 - 000000000 ____D C:\Users\Rufuz\AppData\Local\Packages 2021-11-09 23:27 - 2021-02-04 23:13 - 000125568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2021-11-09 16:55 - 2020-11-26 19:09 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\FileZilla 2021-11-09 11:31 - 2020-04-24 09:23 - 000000000 ____D C:\Users\Rufuz\AppData\Local\gtk-2.0 2021-11-09 11:31 - 2020-04-24 09:02 - 000000000 ____D C:\Users\Rufuz\AppData\Local\babl-0.1 2021-11-08 18:27 - 2021-05-23 22:10 - 000002278 _____ C:\Users\Rufuz\Desktop\Teglami.rdp 2021-11-07 15:42 - 2021-09-12 10:20 - 000000000 ____D C:\Users\Rufuz\AppData\Local\ACC_TV 2021-11-07 15:18 - 2021-03-13 18:40 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1354302738-180291989-3184307785-1001 2021-11-07 15:18 - 2021-03-13 18:29 - 000002441 _____ C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-11-05 16:31 - 2021-03-13 18:27 - 005149232 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-11-05 16:30 - 2019-12-07 15:54 - 000000000 ___SD C:\WINDOWS\system32\AppV 2021-11-05 16:30 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-11-05 16:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-11-05 16:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-11-05 16:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-11-05 16:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-11-05 16:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-11-05 16:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-11-05 16:30 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2021-11-05 15:53 - 2018-05-31 03:56 - 000000000 ____D C:\Users\Rufuz\AppData\Local\PlaceholderTileLogoFolder 2021-11-05 08:11 - 2016-05-28 11:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-11-04 21:30 - 2021-06-25 21:32 - 002220464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll 2021-11-04 21:30 - 2021-06-25 21:32 - 000324016 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll 2021-11-04 21:30 - 2021-06-25 21:32 - 000217520 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll 2021-11-04 21:30 - 2021-06-25 21:32 - 000197048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll 2021-11-04 21:30 - 2021-06-25 21:32 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2021-11-04 21:30 - 2021-06-25 21:32 - 000061872 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe 2021-11-04 20:40 - 2016-05-28 11:05 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-11-03 08:04 - 2018-05-24 16:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-11-01 20:21 - 2020-11-26 19:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2021-11-01 20:21 - 2020-11-26 19:09 - 000000000 ____D C:\Program Files\FileZilla FTP Client 2021-11-01 01:27 - 2018-10-25 16:03 - 000000000 ____D C:\Users\Rufuz\AppData\Local\Google 2021-10-31 10:04 - 2016-06-03 21:57 - 000000000 ____D C:\Users\Rufuz\AppData\Local\Greenshot 2021-10-26 19:25 - 2021-09-16 18:17 - 000000837 _____ C:\Users\Rufuz\Desktop\UCR.lnk 2021-10-25 17:23 - 2021-09-13 07:18 - 000002063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2021-10-25 17:23 - 2021-09-13 07:18 - 000001905 _____ C:\Users\Default\Desktop\Google Slides.lnk 2021-10-25 17:23 - 2021-09-13 07:18 - 000001905 _____ C:\Users\Default\Desktop\Google Sheets.lnk 2021-10-25 17:23 - 2021-09-13 07:18 - 000001893 _____ C:\Users\Default\Desktop\Google Docs.lnk 2021-10-22 00:44 - 2018-07-11 16:52 - 000000000 ____D C:\ProgramData\Packages 2021-10-21 18:00 - 2021-06-28 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hue Sync 2021-10-21 18:00 - 2021-06-28 14:39 - 000000000 ____D C:\Program Files\Hue Sync 2021-10-19 11:51 - 2020-11-06 09:14 - 000000000 ____D C:\Users\Rufuz\Scan ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2016-05-29 01:25 - 2020-03-19 13:38 - 000107161 _____ () C:\Users\Rufuz\IP_Log_Data.js 2016-05-29 02:00 - 2020-03-19 13:05 - 000240855 _____ () C:\Users\Rufuz\Network_Meter_Data.js 2019-12-26 14:16 - 2019-12-26 23:21 - 000000000 _____ () C:\Users\Rufuz\AppData\Roaming\.OculusDebugToolGUI 2021-06-12 15:52 - 2021-06-12 15:52 - 000000764 _____ () C:\Users\Rufuz\AppData\Roaming\.syncplay.log 2016-05-28 22:43 - 2019-12-30 13:04 - 000000626 _____ () C:\Users\Rufuz\AppData\Roaming\All CPU MeterV3_Settings.ini 2016-06-01 19:32 - 2016-10-17 10:23 - 000000841 _____ () C:\Users\Rufuz\AppData\Roaming\Drives Meter_Settings.ini 2016-05-28 22:44 - 2016-05-28 22:44 - 000000541 _____ () C:\Users\Rufuz\AppData\Roaming\Drives Monitor_Settings.ini 2016-05-29 01:26 - 2020-03-08 19:52 - 000000283 _____ () C:\Users\Rufuz\AppData\Roaming\GPU MeterV2_Settings.ini 2016-05-29 01:26 - 2019-12-26 12:04 - 000001178 _____ () C:\Users\Rufuz\AppData\Roaming\Network Meter_Settings.ini 2016-05-29 03:18 - 2020-03-19 12:38 - 000000030 _____ () C:\Users\Rufuz\AppData\Roaming\Network Meter_Usage.ini 2016-09-20 16:48 - 2017-02-04 19:27 - 000000897 _____ () C:\Users\Rufuz\AppData\Roaming\Network Monitor II_#0_Settings.ini 2016-09-21 01:43 - 2017-11-19 10:27 - 000000143 _____ () C:\Users\Rufuz\AppData\Roaming\Network Monitor II_#0_Traffic.ini 2021-05-25 18:32 - 2021-05-25 18:32 - 000000016 _____ () C:\Users\Rufuz\AppData\Roaming\obs-virtualcam.txt 2019-11-24 19:58 - 2019-12-26 12:02 - 000001760 _____ () C:\Users\Rufuz\AppData\Roaming\Ping Monitor_Settings.ini 2019-12-31 09:31 - 2019-12-31 09:31 - 000003984 _____ () C:\Users\Rufuz\AppData\Roaming\System Monitor II_CPU0_Settings.ini 2019-12-31 09:31 - 2019-12-31 15:59 - 000000116 _____ () C:\Users\Rufuz\AppData\Roaming\System Monitor II_UptimeRecord.ini 2021-05-04 20:09 - 2021-05-04 20:25 - 000006135 _____ () C:\Users\Rufuz\AppData\Roaming\VoiceMeeterDefault.xml 2016-09-20 16:51 - 2016-09-20 16:54 - 000000367 _____ () C:\Users\Rufuz\AppData\Roaming\Weather Meter_Settings.ini 2020-03-15 01:02 - 2020-03-15 01:38 - 000021547 _____ () C:\Users\Rufuz\AppData\Local\.starboard.aHR0cHM6Ly93d3cueW91dHViZS5jb20vdHY=.storage 2020-03-15 01:02 - 2020-03-15 01:02 - 000000000 _____ () C:\Users\Rufuz\AppData\Local\.starboard.storage 2016-07-03 21:06 - 2020-04-17 09:51 - 000001456 _____ () C:\Users\Rufuz\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2021-06-12 08:21 - 2021-06-12 08:21 - 000000128 _____ () C:\Users\Rufuz\AppData\Local\PUTTY.RND 2021-11-09 11:31 - 2021-11-09 11:31 - 000020518 _____ () C:\Users\Rufuz\AppData\Local\recently-used.xbel 2016-06-03 21:02 - 2019-07-23 23:32 - 000007629 _____ () C:\Users\Rufuz\AppData\Local\Resmon.ResmonCfg 2021-06-17 12:41 - 2021-06-17 12:41 - 000012288 _____ () C:\Users\Rufuz\AppData\Local\vita_uranus.data ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
17.11.2021, 08:40 | #19 |
| Win 10 Start dauert sehr langeCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-11-2021 durchgeführt von Rufuz (17-11-2021 08:25:20) Gestartet von C:\Users\Rufuz\Desktop\Trojaner-Board Microsoft Windows 10 Pro Version 21H1 19043.1348 (X64) (2021-03-13 17:40:21) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-1354302738-180291989-3184307785-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1354302738-180291989-3184307785-503 - Limited - Disabled) Gast (S-1-5-21-1354302738-180291989-3184307785-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1354302738-180291989-3184307785-1003 - Limited - Enabled) Rufuz (S-1-5-21-1354302738-180291989-3184307785-1001 - Administrator - Enabled) => C:\Users\Rufuz WDAGUtilityAccount (S-1-5-21-1354302738-180291989-3184307785-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 1C Online Games Launcher version 0.3.13.0 (HKLM-x32\...\{94A3D295-C31D-4A69-8C70-AE6973FB0FF9}_is1) (Version: 0.3.13.0 - 1C Online Games , LLC) 4K Video Downloader (HKLM\...\{180B9AE1-F87B-4107-8C68-4265E927D6A8}) (Version: 4.18.2.4520 - Open Media LLC) 5KPlayer (HKLM-x32\...\5KPlayer) (Version: 6.2 - DearMob, Inc.) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) ACC Results Companion (HKLM-x32\...\{3EE65D51-9B17-4C27-AEAA-E1FC9FFF7DC0}) (Version: 1.11.3 - BoHo) ACCSetupTool (HKLM-x32\...\{AEF584B1-EFEE-4787-9AB1-24A3282A1D77}) (Version: 1.0.0 - Wally Masterson) ACCTV (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\08cef7feea6e5132) (Version: 2.10.1.0 - ACCTV) Advanced IP Scanner 2.5 (HKLM-x32\...\{CB67C185-D2DF-455E-B9B7-00C8E505186F}) (Version: 2.5.3850 - Famatech) Amazon Games (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\{4DD10B06-78A4-4E6F-AA39-25E9C38FA568}) (Version: 2.0.4983.3 - Amazon.com Services, Inc.) AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.04.28.626 - Advanced Micro Devices, Inc.) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.) AMD_Chipset_Drivers (HKLM-x32\...\{6f87e20b-2c1c-4788-9380-541e79886292}) (Version: 2.04.28.626 - Advanced Micro Devices, Inc.) Hidden Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.) BakkesMod version 3.0 (HKLM\...\{BF029534-4334-4CFC-B771-50B7EE54346F}_is1) (Version: 3.0 - BakkesMod) Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield V™ Open Beta (HKLM-x32\...\{2B3B5324-E6E1-4E32-9938-898AD1CA8D8A}) (Version: 1.0.57.30348 - Electronic Arts) Breitbandmessung 2.0.3 (HKLM\...\14607473-30db-509f-94f0-bb7c085c619e) (Version: 2.0.3 - zafaco GmbH) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.0.69 - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.3.0 - Canon Inc.) CanoScan LiDE 400 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4813S) (Version: 1.00 - Canon Inc.) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6282 - CDBurnerXP) Citrix Receiver 4.12 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.12.0.18020 - Citrix Systems, Inc.) CloneBD (HKLM-x32\...\CloneBD) (Version: 1.2.4.0 - Elaborate Bytes) Core Temp 1.17 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17 - ALCPU) CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.) Designer 2.0 (HKLM-x32\...\Designer 2.0_is1) (Version: 7.9.8 - Fomanu AG) Discord (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Discord) (Version: 0.0.309 - Discord Inc.) ElsterFormular (HKLM-x32\...\{1E78D7AC-9C74-4644-8DDD-4173D10CF4F4}) (Version: 21.3 - Thüringer Landesfinanzdirektion) Epic Games Launcher (HKLM-x32\...\{CB809CC8-FB0E-4947-8BAE-749A5113CF21}) (Version: 1.1.149.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden EXIF Date Changer v3.3.6 (HKLM-x32\...\{26CA1B07-BC53-4196-B9C2-A11C6F6F3E08}_is1) (Version: - Rellik Software) FANATEC driver package (HKLM\...\{10DC60FB-89A2-4EB7-B4F2-9E103CEE2030}) (Version: 8.41.2 - Endor AG Fanatec) FileZilla Client 3.56.2 (HKLM-x32\...\FileZilla Client) (Version: 3.56.2 - Tim Kosse) GIMP 2.10.28 (HKLM\...\GIMP-2_is1) (Version: 2.10.28 - The GIMP Team) G'MIC-Qt for GIMP Version 2.9.6 (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\G'MIC-Qt for GIMP_is1) (Version: 2.9.6 - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.45 - Google LLC) Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 52.0.6.0 - Google LLC) Google Earth Pro (HKLM\...\{9BFB06CD-3925-49E2-BAB7-EA695821CE4C}) (Version: 7.3.4.8248 - Google) GPU Temp version 1.0 (HKLM-x32\...\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1) (Version: 1.0 - gputemp.com) GrabIt 1.7.2 Beta 6 (build 1008) (HKLM-x32\...\GrabIt_is1) (Version: - Ilan Shemes) Greenshot 1.2.8.12 (HKLM\...\Greenshot_is1) (Version: 1.2.8.12 - Greenshot) HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software) HideVolumeOSD 1.2 (HKLM-x32\...\HideVolumeOSD_is1) (Version: 1.2 - Venturi) HTC Package for DirectX 9.0 (HKLM-x32\...\{1f4410e4-d28c-48e1-8745-e4a2cb505d5f}) (Version: 1.3.0.0 - HTC Corp.) Hidden HTC Package for DirectX 9.0 (x86/x64) (HKLM-x32\...\{C36F2FA2-BF52-4D61-9812-CFEF43D2EE2C}) (Version: 1.3.0.0 - HTC Corp.) Hidden Hue Sync (HKLM\...\{C0270355-35E2-4862-8B57-A7C1A258AF77}) (Version: 1.7.0.19 - Signify Netherlands B.V.) Huion Tablet v14.8.166.1482 (HKLM\...\{62047893-F186-48B8-83A5-1C74D8666D19}_is1) (Version: v14.8.166.1482 - ) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.4.1186 - Intel Corporation) Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation) Intel(R) Smart Connect Technology (HKLM\...\{94A137EA-92EF-441C-A7E2-6757CC08EA82}) (Version: 5.0.10.2907 - Intel Corporation) Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation) Java SE Development Kit 8 Update 111 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180111}) (Version: 8.0.1110.14 - Oracle Corporation) JiveX DICOM Viewer Light 4.7.2 (HKLM-x32\...\JiveX DICOM Viewer Light 4.7.2) (Version: - VISUS Technology Transfer GmbH) Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation) Kodi (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Kodi) (Version: - XBMC Foundation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Leawo Blu-ray Player Version 1.10.0.2 (HKLM-x32\...\{CF7F52BF-DEE0-44CD-A7E1-AADD5CCECCDD}_is1) (Version: 1.10.0.2 - Leawo Software) Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2021.11.8744 - Logitech) Malwarebytes version 4.4.10.144 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.10.144 - Malwarebytes) ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version: - Nadeo) Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.53 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 95.0.1020.53 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.14527.20276 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\OneDriveSetup.exe) (Version: 21.205.1003.0005 - Microsoft Corporation) Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation) Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation) Microsoft Server Speech Recognition Language - TELE (de-DE) (HKLM-x32\...\{955F43D9-38C4-4C22-BEE3-1A6C63F968FA}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft Server Speech Recognition Language - TELE (en-US) (HKLM-x32\...\{66D57636-BD4B-402F-9E7D-5E89C28C8136}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft Server Speech Text to Speech Voice (de-DE, Hedda) (HKLM-x32\...\{ACFCC7B5-C028-40AE-A5F5-9778B41F22A2}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{f9b04b37-35d5-4a19-a51b-fcf4a8734851}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{82f2609e-68ba-408d-963f-530ad8809435}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{577ff5ba-39aa-4d8c-a3a9-f95012763438}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 5.0.7 (x64) (HKLM-x32\...\{4545d600-b3a9-467c-a68b-e70ae51c8382}) (Version: 5.0.7.30113 - Microsoft Corporation) MoTeC i2 Pro (x64) 1.1 (HKLM\...\{DB478073-FDF0-4544-AAA5-14D84EE17084}) (Version: 7.01.5255 - MoTeC) Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 94.0.1 (x64 de)) (Version: 94.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 94.0.1.7977 - Mozilla) Mp3tag v2.90a (HKLM-x32\...\Mp3tag) (Version: 2.90a - Florian Heidenreich) MPC-HC 1.9.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.9.8 - MPC-HC Team) MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.15 - F.J. Wechselberger) Nextcloud (HKLM\...\{3A99002F-BABA-4378-BB20-44C94A159696}) (Version: 3.3.6.20211028 - Nextcloud GmbH) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 8.1.2 - Notepad++ Team) NVIDIA Broadcast 1.3.0.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIABroadcast) (Version: 1.3.0.45 - NVIDIA Corporation) NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation) NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation) NVIDIA Grafiktreiber 496.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 496.76 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.38.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.94 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation) NWMM - New World MiniMap (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Overwolf_mdhcjmlgojogdppbljcopjlggkpgnhhjedllcecm) (Version: 0.1.5 - Overwolf app) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project) OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden Online Plug-in (HKLM-x32\...\{2E9881CA-E41C-45E5-8055-61A4CC1BF93F}) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenVR Advanced Settings (HKLM-x32\...\OpenVRAdvancedSettings) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 10.5.90.45798 - Electronic Arts, Inc.) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.184.0.35 - Overwolf Ltd.) OvGME version 1.7.4 (HKLM\...\{B1539DF0-0BB5-48A8-BF6F-1099D861B4F8}_is1) (Version: 1.7.4 - Ovoid) PDF24 Creator 10.0.12 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.0.12 - PDF24.org) PDFCreator (HKLM\...\{00010FEF-82A2-497E-983A-7105A0364FA7}) (Version: 4.2.0 - pdfforge GmbH) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.317.1 - Tracker Software Products Ltd) Plex Media Server (HKLM-x32\...\{6713f73b-dbfe-45da-a517-33a93ff8c390}) (Version: 1.2.7.2987 - Plex, Inc.) Plex Media Server (HKLM-x32\...\{D2C8A865-4227-46D0-AD2B-D2BDFE3CFF48}) (Version: 1.2.2987 - Plex, Inc.) Hidden QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8710.1 - Realtek Semiconductor Corp.) REDlauncher (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com) Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.) Riftcat 2 (HKLM-x32\...\{e09280fa-4176-4170-8c77-f600baec4e38}) (Version: 2.0.3 - Riftcat) Riftcat 2.0 Client (HKLM-x32\...\{79E6C20C-D6F7-4F9E-997E-A62398ED4591}) (Version: 2.0.0.0 - Riftcat) Hidden Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.36.344 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.9 - Rockstar Games) Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.1 - Samsung) Samsung DeX (HKLM-x32\...\{5E2BEDEC-EEE1-49B7-A9D0-6971AFA9B5F2}) (Version: 1.0.2.26 - Samsung Electronics Co., Ltd.) Hidden Samsung DeX (HKLM-x32\...\{bc458b5f-1945-4287-8fae-353650fd3109}) (Version: 1.0.2.26 - Samsung Electronics Co., Ltd.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.31.0 - Samsung Electronics Co., Ltd.) Self-Service Plug-in (HKLM-x32\...\{7A029AB7-8CC4-4FE8-904F-A090248C1BC7}) (Version: 4.12.0.18013 - Citrix Systems, Inc.) Hidden Shotcut (HKLM\...\Shotcut) (Version: 20.11.28 - Meltytech, LLC) Signal 5.23.1 (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 5.23.1 - Open Whisper Systems) SimHub version 7.1.4 (HKLM-x32\...\{019253FE-5A17-42BE-A6B8-D71A729FA5DE}_is1) (Version: 7.1.4 - Wotever) Skype Meetings App (HKLM-x32\...\{BC1D9E47-8927-4AA1-A891-7763BC2475B7}) (Version: 16.2.0.511 - Microsoft Corporation) Skype Version 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.) SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group) Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18124.4 - Samsung Electronics Co., Ltd.) Hidden Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18124.4 - Samsung Electronics Co., Ltd.) Smart View (HKLM-x32\...\{C7B50A89-F1D6-41C1-9375-0AF0C4CFE66F}) (Version: 1.0.0.0 - Samsung ) Spotify (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Spotify) (Version: 1.1.44.538.g8057de92 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stopping Plex (HKLM-x32\...\{B0ACB88E-38A1-4712-BD0C-C5463959127F}) (Version: 1.2.2987 - Plex, Inc.) Hidden Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 6.2-24922 - Synology) Tacview (beta) (HKLM-x32\...\{96BA4CFE-E018-44D2-B04D-4272A6C807E7}) (Version: 1.8.7 beta 8 - Raia Software Inc.) Tacview (HKLM-x32\...\{0C8810C3-63D0-4B23-BAB3-257FF8AF8BCC}) (Version: 1.8.6 - Raia Software Inc.) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer) Tobii VRU02 Runtime (HKLM-x32\...\{E74E378C-4C07-416C-A6CC-B241BD002E1F}) (Version: 1.16.36 - Tobii AB) Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH) TreeSize Free V4.5.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.5.2 - JAM Software) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 29.0 - Ubisoft) VAICOM PRO for DCS World (HKLM-x32\...\{032E60E8-A323-445C-B0D6-53ADDD09072A}) (Version: 2.5.23 - 315 Interactive Software) VdhCoApp 1.6.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) Virtual Desktop Service (HKLM\...\{EC4A7B11-5AD2-49A7-BB93-15D0EB9E7106}) (Version: 1.18.5 - Virtual Desktop, Inc.) vJoy Device Driver 2.1.9.1 (HKLM\...\{8E31F76F-74C3-47F1-9550-E041EEDC5FBB}_is1) (Version: 2.1.9.1 - Shaul Eizikovich) VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN) VPC Software Suite version 20210102 (HKLM-x32\...\{2D922289-8AA1-49FF-9CCF-F2833A69D857}_is1) (Version: 20210102 - VIRPIL Controls) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Wargaming.net Game Center (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Wargaming.net Game Center) (Version: 21.1.1.4281 - Wargaming.net) WebP Codec for Windows 0.19 (HKLM\...\{9D2F4EB8-98AD-4C8B-A0C5-4C114B3F1287}) (Version: 0.19.9 - Google Inc) Windows10FirewallControl Free 8.4.0.79 (HKLM\...\Windows10FirewallControl_is1) (Version: 8.4.0.79 - BTR Technologies Corp) Windows-PC-Integritätsprüfung (HKLM\...\{63EFBDB5-01B0-4614-BE9F-7F1908E42275}) (Version: 3.1.2109.29003 - Microsoft Corporation) Windows-Treiberpaket - Graphics Tablet (WinUsb) USBDevice (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet) Windows-Treiberpaket - Graphics Tablet (WinUsb) USBDevice (04/10/2017 8.33.30.0) (HKLM\...\C1E56E8DB50F6668739EA600882230E1A899978E) (Version: 04/10/2017 8.33.30.0 - Graphics Tablet) WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) World_of_Warships_Eu (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\WOWS.EU.PRODUCTION) (Version: - Wargaming.net) Packages: ========= Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-20] (Canon Inc.) Forza Horizon 5 -> C:\Program Files\WindowsApps\Microsoft.624F8B84B80_3.405.2.0_x64__8wekyb3d8bbwe [2021-10-31] (Microsoft Studios) Forza Horizon 5 Expansion 1 -> C:\Program Files\WindowsApps\Microsoft.Expansion1FH5_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-22] (Microsoft Studios) Forza Horizon 5 Expansion 2 -> C:\Program Files\WindowsApps\Microsoft.Expansion2FH5_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-22] (Microsoft Studios) Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation) Free Color Picker -> C:\Program Files\WindowsApps\AnywaySoftInc.FreeColorPicker_1.2.0.0_x64__0qkrc2qacwvfm [2021-11-11] (AnywaySoft, Inc.) [MS Ad] HoloTour -> C:\Program Files\WindowsApps\Microsoft.6191099C588EB_100.1803.9001.0_x64__8wekyb3d8bbwe [2021-11-11] (Microsoft Corporation) HP Reverb G2 VR Headset Setup -> C:\Program Files\WindowsApps\AD2F1837.HPReverbG2VRHeadsetSetup_1.0.8.0_x64__v10z8vjag6ke6 [2021-11-11] (HP Inc.) Image Resizer for Windows 10 -> C:\Program Files\WindowsApps\22450.ImageResizerforWindows10_2.0.0.0_x64__0aqw1zw0x2snt [2021-11-11] (韵华软件) Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-06-12] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-06-12] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-06-12] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-11-11] (Microsoft Studios) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-08-12] (Netflix, Inc.) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-11-16] (NVIDIA Corp.) OpenXR Entwicklertools für Windows Mixed Reality -> C:\Program Files\WindowsApps\Microsoft.MixedRealityRuntimeDeveloperPreview_108.2109.21002.0_x64__8wekyb3d8bbwe [2021-09-27] (Microsoft Corporation) OpenXR Preview Runtime for Windows Mixed Reality -> C:\Program Files\WindowsApps\Microsoft.WindowsMixedReality.PreviewRuntime_108.2109.21002.0_x64__8wekyb3d8bbwe [2021-09-27] (Microsoft Platform Extensions) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2020-06-12] (Realtek Semiconductor Corp) Resize Image -> C:\Program Files\WindowsApps\8273mfetzel.ResizeImage_21.3.426.0_x64__c0krq7an0ms3c [2021-03-21] (Get-the-solution) SBB Uhr -> C:\Program Files\WindowsApps\SchweizerischeBundesbahne.SBBUhr_2.1.1.21_neutral__cacfmp0t4hxer [2021-05-19] (Schweizerische Bundesbahnen SBB) Search Bar Connector -> C:\Program Files\WindowsApps\35998AlexanderSworski.CortanaConnector_1.4.7.0_x64__f1p03rq2y10n8 [2021-11-11] (Alexander Sworski) Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.15.163.0_x64__43tkc6nmykmb6 [2021-11-11] (Ookla) Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-13] (Twitter Inc.) Windbg Preview -> C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2111.9001.0_neutral__8wekyb3d8bbwe [2021-11-11] (Microsoft Corporation) Xbox Zubehör -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_300.2110.13001.0_x64__8wekyb3d8bbwe [2021-10-24] (Microsoft Corporation) XboxInsiderHub -> C:\Program Files\WindowsApps\Microsoft.XboxInsider_1.2110.21001.0_x64__8wekyb3d8bbwe [2021-11-11] (Microsoft Corporation) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{07474513-7B58-45c7-B3E6-13A3669B1AFD}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\IntelDTSReader.dll (Orbmu2k) [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\CoreTempGadget2.8.gadget\CoreTempReader.dll () [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{0d049955-5051-42fe-a154-85670ad2d993} -> [Nextcloud] => C:\Users\Rufuz\HAVERdrive [2021-06-24 09:32] CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Network_Meter_V8.4.gadget\netlib.dll (AddGadgets IT -> Jonathan Abbott) CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{2F5DA951-82C6-471e-90BD-CAB15552A932}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\QuadCoreUsage18.gadget\SharedMemoryReader.dll (Orbmu2k) [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPU_Meter.gadget\GPUStatusReader.dll (AddGadgets IT -> Orbmu2k) CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{771CF1A6-FC96-45cf-B011-6469F0E56F64}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\SpeedfanMeter.gadget\SpeedfanReader.dll (Orbmu2k) [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{97D17A04-4438-4C8E-BAC7-BC21B8B9E999}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPUObserver36c.gadget\GPUStatusReader.dll (Orbmu2k) [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{A4FEF2CE-E494-419e-ABCC-B2E993FB6BC0}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GlassyCPUMonitor.gadget\Release\ProcessMonitor64.dll (TODO: <Firmenname>) [Datei ist nicht signiert] ShellIconOverlayIdentifiers: [ NextcloudError] -> {E0342B74-7593-4C70-9D61-22F294AAFE05} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH) ShellIconOverlayIdentifiers: [ NextcloudOK] -> {E1094E94-BE93-4EA2-9639-8475C68F3886} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH) ShellIconOverlayIdentifiers: [ NextcloudOKShared] -> {E243AD85-F71B-496B-B17E-B8091CBE93D2} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH) ShellIconOverlayIdentifiers: [ NextcloudSync] -> {E3D6DB20-1D83-4829-B5C9-941B31C0C35A} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH) ShellIconOverlayIdentifiers: [ NextcloudWarning] -> {E4977F33-F93A-4A0A-9D3C-83DEA0EE8483} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH) ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2021-07-16] (Notepad++ -> ) ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.) ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-09-23] (Florian Heidenreich) [Datei ist nicht signiert] ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [Datei ist nicht signiert] ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2020-07-10] (Dev Code-Sign -> pdfforge GmbH) [Datei ist nicht signiert] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-09-23] (Florian Heidenreich) [Datei ist nicht signiert] ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-11-13] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [NextcloudContextMenuHandler] -> {BC6988AB-ACE2-4B81-84DC-DC34F9B24401} => C:\Program Files\Nextcloud\shellext\NCContextMenu.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.) ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-09-23] (Florian Heidenreich) [Datei ist nicht signiert] ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\nvshext.dll [2021-11-11] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-11-13] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== ==================== Verknüpfungen & WMI ======================== ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2021-11-03 08:03 - 2021-11-03 08:02 - 000635904 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\LGHUB\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node 2021-11-10 09:19 - 2021-11-10 03:39 - 001999360 _____ () [Datei ist nicht signiert] \\?\C:\Users\Rufuz\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\@signalapp\signal-client\prebuilds\win32-x64\node.napi.node 2021-11-10 09:19 - 2021-11-10 03:39 - 004978688 _____ () [Datei ist nicht signiert] \\?\C:\Users\Rufuz\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\better-sqlite3\build\Release\better_sqlite3.node 2021-11-10 09:19 - 2021-11-10 03:39 - 000659968 _____ () [Datei ist nicht signiert] \\?\C:\Users\Rufuz\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\ffi-napi\build\Release\ffi_bindings.node 2021-11-10 09:19 - 2021-11-10 03:39 - 000195072 _____ () [Datei ist nicht signiert] \\?\C:\Users\Rufuz\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\ffi-napi\node_modules\ref-napi\prebuilds\win32-x64\electron.napi.node 2021-11-10 09:19 - 2021-11-10 03:39 - 000195584 _____ () [Datei ist nicht signiert] \\?\C:\Users\Rufuz\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\ref-napi\prebuilds\win32-x64\electron.napi.node 2021-11-10 09:19 - 2021-11-10 03:39 - 011915264 _____ () [Datei ist nicht signiert] \\?\C:\Users\Rufuz\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\ringrtc\build\win32\libringrtc-x64.node 2020-07-28 08:34 - 2020-07-28 08:34 - 000087040 _____ () [Datei ist nicht signiert] C:\Program Files\Hue Sync\aws-c-common.dll 2020-07-28 08:34 - 2020-07-28 08:34 - 000028160 _____ () [Datei ist nicht signiert] C:\Program Files\Hue Sync\aws-c-event-stream.dll 2020-07-28 08:34 - 2020-07-28 08:34 - 000046080 _____ () [Datei ist nicht signiert] C:\Program Files\Hue Sync\aws-checksums.dll 2020-07-28 08:34 - 2020-07-28 08:34 - 001590784 _____ () [Datei ist nicht signiert] C:\Program Files\Hue Sync\aws-cpp-sdk-core.dll 2020-07-28 08:34 - 2020-07-28 08:34 - 006056448 _____ () [Datei ist nicht signiert] C:\Program Files\Hue Sync\aws-cpp-sdk-s3.dll 2021-10-28 12:29 - 2021-10-28 12:29 - 000099328 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\nextcloudsync_vfs_cfapi.dll 2021-10-28 12:30 - 2021-10-28 12:30 - 000030208 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\nextcloudsync_vfs_suffix.dll 2021-11-10 09:19 - 2021-11-10 03:39 - 002679296 _____ () [Datei ist nicht signiert] C:\Users\Rufuz\AppData\Local\Programs\signal-desktop\ffmpeg.dll 2021-11-10 09:19 - 2021-11-10 03:39 - 000439296 _____ () [Datei ist nicht signiert] C:\Users\Rufuz\AppData\Local\Programs\signal-desktop\libegl.dll 2021-11-10 09:19 - 2021-11-10 03:39 - 007938560 _____ () [Datei ist nicht signiert] C:\Users\Rufuz\AppData\Local\Programs\signal-desktop\libglesv2.dll 2021-11-10 09:19 - 2021-11-10 03:39 - 000847872 _____ () [Datei ist nicht signiert] C:\Users\Rufuz\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\zkgroup\libzkgroup-x64.dll 2018-05-04 17:47 - 2020-09-08 09:59 - 000221184 _____ (Graphics Tablet) [Datei ist nicht signiert] C:\WINDOWS\system32\wintab32.dll 2020-04-17 16:51 - 2020-04-17 16:51 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll 2020-04-17 16:51 - 2020-04-17 16:51 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll 2020-12-06 10:04 - 2020-12-06 10:04 - 000116736 _____ (pdfforge GmbH) [Datei ist nicht signiert] C:\WINDOWS\System32\pdfcmon.dll 2021-01-05 00:34 - 2020-03-16 14:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] E:\Origin\LIBEAY32.dll 2021-01-05 00:34 - 2020-03-16 14:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] E:\Origin\ssleay32.dll 2021-01-05 00:34 - 2020-01-15 11:24 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] E:\Origin\platforms\qwindows.dll 2021-01-05 00:34 - 2020-01-15 11:24 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] E:\Origin\Qt5Core.dll 2021-01-05 00:34 - 2020-01-15 11:24 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] E:\Origin\Qt5Gui.dll 2021-01-05 00:34 - 2020-01-15 11:24 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] E:\Origin\Qt5Network.dll 2021-01-05 00:34 - 2020-01-15 11:25 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] E:\Origin\Qt5WebSockets.dll 2021-01-05 00:34 - 2020-01-15 11:25 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] E:\Origin\Qt5Widgets.dll 2021-01-05 00:34 - 2020-01-15 11:25 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] E:\Origin\Qt5Xml.dll 2021-10-28 12:34 - 2021-10-28 12:34 - 005972464 _____ (The Qt Company Oy -> The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5Core.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1354302738-180291989-3184307785-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKU\S-1-5-21-1354302738-180291989-3184307785-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00 SearchScopes: HKU\S-1-5-21-1354302738-180291989-3184307785-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00 BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation) DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation) Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\localhost -> localhost ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2021-11-15 02:23 - 2021-11-15 02:23 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\ HKU\S-1-5-21-1354302738-180291989-3184307785-1001\Control Panel\Desktop\\Wallpaper -> \\beryllium\photo\sonstige\wallpapers\5120x1440\0sjha6.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKLM\...\StartupApproved\StartupFolder: => "Huion Tablet.lnk" HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk" HKLM\...\StartupApproved\Run: => "TabletDriver" HKLM\...\StartupApproved\Run: => "PDF24" HKLM\...\StartupApproved\Run32: => "ConnectionCenter" HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\StartupApproved\Run: => "Magnet.bootstrap_Vive" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [TCP Query User{556D7BF1-EF27-481C-8857-17A9279A5837}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [UDP Query User{8B788FC8-1684-42BD-8FB5-0EB5EC6D5325}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [{DEAFB284-879B-4556-B58D-385884BA495E}] => (Allow) D:\Steam\steam.exe (Valve -> Valve Corporation) FirewallRules: [{BF296F74-5668-4BFE-AEB8-C238BABCBF82}] => (Allow) D:\Steam\steam.exe (Valve -> Valve Corporation) FirewallRules: [{DDC3D756-EA7B-458D-948C-37A195BC4E3F}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{02543E9C-C488-48DD-9C73-308D67E964B0}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{D54B76B8-E6F4-4892-8F0C-AD024A51983C}] => (Allow) D:\Steam\SteamApps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [Datei ist nicht signiert] FirewallRules: [{54180AC8-3F2B-4B1E-96AE-7EC8D6202848}] => (Allow) D:\Steam\SteamApps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [Datei ist nicht signiert] FirewallRules: [{E99BEC3A-19B6-4071-948F-8EDFBFC01095}] => (Allow) E:\SteamLibrary\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com) FirewallRules: [{384F5DBF-EE72-4B31-BDDD-5125A65C893E}] => (Allow) E:\SteamLibrary\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com) FirewallRules: [{F8AA8527-C8ED-4A74-907B-0D9E9861AFB8}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{31DD8F5B-1C70-46E5-961E-83A795DD4B88}E:\steamlibrary\steamapps\common\new world\bin64\newworld.exe] => (Allow) E:\steamlibrary\steamapps\common\new world\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.) FirewallRules: [UDP Query User{B6DD3F1D-8C24-478D-85E4-067C3880C90A}E:\steamlibrary\steamapps\common\new world\bin64\newworld.exe] => (Allow) E:\steamlibrary\steamapps\common\new world\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.) FirewallRules: [TCP Query User{C556A606-5418-4132-B5AC-474CBE6D4F45}D:\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe] => (Allow) D:\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> ) FirewallRules: [UDP Query User{3B94F2AC-0CA3-4A04-A7A8-EFD40B4A97C1}D:\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe] => (Allow) D:\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> ) FirewallRules: [{3CEE045B-3BBC-420A-A532-B76A099AAFCA}] => (Allow) D:\Steam\SteamApps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> ) FirewallRules: [{F1082520-F3AE-4622-86BC-198B732E898B}] => (Allow) D:\Steam\SteamApps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> ) FirewallRules: [{DB4EEBAF-CF9B-4E77-A7CC-B6FAA2508EDE}] => (Allow) E:\SteamLibrary\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> EasyAntiCheat Ltd) FirewallRules: [{04EED9F6-7086-42E5-AE40-B09411DE7C97}] => (Allow) E:\SteamLibrary\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> EasyAntiCheat Ltd) FirewallRules: [{43DE857D-3124-4549-91EE-BCF70589E715}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Datei ist nicht signiert] FirewallRules: [{8FB2EA75-6C78-4287-9C02-0150A22A4FEB}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Datei ist nicht signiert] FirewallRules: [{91629B37-3BD1-492A-A4C0-1B9F9CAF3B65}] => (Allow) D:\Steam\SteamApps\common\MicrosoftFlightSimulator\FlightSimulator.exe (Asobo Studio) [Datei ist nicht signiert] FirewallRules: [{E8051B7A-95BF-4189-BE62-A447C94FE7B9}] => (Allow) D:\Steam\SteamApps\common\MicrosoftFlightSimulator\FlightSimulator.exe (Asobo Studio) [Datei ist nicht signiert] StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\fotobuch.de\Designer 2.0\Designer.exe] => Designer.exe ==================== Wiederherstellungspunkte ========================= ==================== Fehlerhafte Geräte im Gerätemanager ============ ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (11/17/2021 03:02:31 AM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren. ] Error: (11/17/2021 03:02:23 AM) (Source: NVIDIA OpenGL Driver) (EventID: 1) (User: ) Description: The GPU has been disconnected and this application may become unresponsive. Error code: 10 (pid=15992 tid=16220 nextcloud.exe 64bit) Visit hxxp://www.nvidia.com/page/support.html for more information. Error: (11/17/2021 12:15:50 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: RocketLeague.exe, Version: 1.0.10897.0, Zeitstempel: 0x616f76e8 Name des fehlerhaften Moduls: EOSSDK-Win64-Shipping.dll, Version: 1.13.0.0, Zeitstempel: 0x614289bc Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000406ccf ID des fehlerhaften Prozesses: 0x5044 Startzeit der fehlerhaften Anwendung: 0x01d7db32d1f43b5d Pfad der fehlerhaften Anwendung: E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe Pfad des fehlerhaften Moduls: E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\EOSSDK-Win64-Shipping.dll Berichtskennung: 40ff7f80-de93-452a-9fc9-67b1b1590b47 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (11/16/2021 10:41:38 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: RocketLeague.exe, Version: 1.0.10897.0, Zeitstempel: 0x616f76e8 Name des fehlerhaften Moduls: EOSSDK-Win64-Shipping.dll, Version: 1.13.0.0, Zeitstempel: 0x614289bc Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000406ccf ID des fehlerhaften Prozesses: 0xf60 Startzeit der fehlerhaften Anwendung: 0x01d7db3273cf9eae Pfad der fehlerhaften Anwendung: E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe Pfad des fehlerhaften Moduls: E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\EOSSDK-Win64-Shipping.dll Berichtskennung: cd6ee331-41ed-4f47-92df-22c0098b486b Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (11/16/2021 09:29:34 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: NVIDIA Broadcast.exe, Version: 1.3.0.45, Zeitstempel: 0x612e67e9 Name des fehlerhaften Moduls: nvinfer.dll, Version: 0.0.0.0, Zeitstempel: 0x60256eee Ausnahmecode: 0xc0000409 Fehleroffset: 0x0000000000d83825 ID des fehlerhaften Prozesses: 0x3410 Startzeit der fehlerhaften Anwendung: 0x01d7db1061e8d74d Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NvVirtualCamera\NVIDIA Broadcast.exe Pfad des fehlerhaften Moduls: C:\ProgramData\NVIDIA\NGX\models\nvbroadcast\versions\1026\files\160_E658703\nvinfer.dll Berichtskennung: 21e38dab-e1f1-4864-a6fa-1b0d16460bfa Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (11/16/2021 06:35:03 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren. ] Error: (11/16/2021 02:31:58 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren. . Error: (11/16/2021 02:31:58 AM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren. ] Systemfehler: ============= Error: (11/16/2021 09:29:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts. Error: (11/16/2021 09:29:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "NVIDIA LocalSystem Container" wurde mit folgendem Fehler beendet: Für einen allgemeinen Befehl wurde ein Ergebnis zurückgegeben, das auf einen Fehler hinweist. Error: (11/16/2021 06:35:02 PM) (Source: DCOM) (EventID: 10010) (User: DURANIUM) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/16/2021 06:35:02 PM) (Source: DCOM) (EventID: 10010) (User: DURANIUM) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/16/2021 06:35:02 PM) (Source: DCOM) (EventID: 10010) (User: DURANIUM) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/16/2021 06:35:02 PM) (Source: DCOM) (EventID: 10010) (User: DURANIUM) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/16/2021 06:35:02 PM) (Source: DCOM) (EventID: 10010) (User: DURANIUM) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/16/2021 06:35:01 PM) (Source: DCOM) (EventID: 10010) (User: DURANIUM) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Windows Defender: ================ Date: 2021-11-14 03:01:05 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/OpenCandy&threatid=223695&enterprise=0 Name: PUA:Win32/OpenCandy Schweregrad: Noch nicht klassifiziert Kategorie: Unbekannt Pfad: file:_C:\$Recycle.Bin\S-1-5-21-1354302738-180291989-3184307785-1001\$R7AEKJK.exe; file:_C:\$Recycle.Bin\S-1-5-21-1354302738-180291989-3184307785-1001\$RAPT9JD.exe Erkennungsursprung: Lokaler Computer Erkennungstype: FastPath Erkennungsquelle: Echtzeitschutz Benutzer: Prozessname: C:\Users\Rufuz\Downloads\RogueKiller_portable64.exe Sicherheitsversion: AV: 1.353.929.0, AS: 1.353.929.0, NIS: 1.353.929.0 Modulversion: AM: 1.1.18700.4, NIS: 1.1.18700.4 Date: 2021-11-06 11:44:59 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {1F5F0A47-1A9C-439C-A086-2F6F5BA5061F} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2021-10-31 14:35:29 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/DownloadSponsor&threatid=311978&enterprise=0 Name: PUADlManager:Win32/DownloadSponsor Schweregrad: Niedrig Kategorie: Potenziell unerwünschte Software Pfad: file:_C:\$Recycle.Bin\S-1-5-21-1354302738-180291989-3184307785-1001\$RGHDD34.exe Erkennungsursprung: Lokaler Computer Erkennungstype: Konkret Erkennungsquelle: Echtzeitschutz Benutzer: DURANIUM\Rufuz Prozessname: C:\Windows\explorer.exe Sicherheitsversion: AV: 1.353.137.0, AS: 1.353.137.0, NIS: 1.353.137.0 Modulversion: AM: 1.1.18700.4, NIS: 1.1.18700.4 Date: 2021-10-31 14:35:24 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/OpenCandy&threatid=223695&enterprise=0 Name: PUA:Win32/OpenCandy Schweregrad: Noch nicht klassifiziert Kategorie: Unbekannt Pfad: file:_C:\$Recycle.Bin\S-1-5-21-1354302738-180291989-3184307785-1001\$R7AEKJK.exe; file:_C:\$Recycle.Bin\S-1-5-21-1354302738-180291989-3184307785-1001\$RAPT9JD.exe Erkennungsursprung: Lokaler Computer Erkennungstype: FastPath Erkennungsquelle: Echtzeitschutz Benutzer: DURANIUM\Rufuz Prozessname: C:\Windows\explorer.exe Sicherheitsversion: AV: 1.353.137.0, AS: 1.353.137.0, NIS: 1.353.137.0 Modulversion: AM: 1.1.18700.4, NIS: 1.1.18700.4 Date: 2021-10-31 14:34:54 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/OpenCandy&threatid=223695&enterprise=0 Name: PUA:Win32/OpenCandy Schweregrad: Noch nicht klassifiziert Kategorie: Unbekannt Pfad: file:_C:\$Recycle.Bin\S-1-5-21-1354302738-180291989-3184307785-1001\$R7AEKJK.exe Erkennungsursprung: Lokaler Computer Erkennungstype: FastPath Erkennungsquelle: Echtzeitschutz Benutzer: DURANIUM\Rufuz Prozessname: C:\Windows\explorer.exe Sicherheitsversion: AV: 1.353.137.0, AS: 1.353.137.0, NIS: 1.353.137.0 Modulversion: AM: 1.1.18700.4, NIS: 1.1.18700.4 CodeIntegrity: =============== Date: 2021-11-14 15:17:15 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume5\Program Files\Google\Drive File Stream\52.0.6.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements. Date: 2021-10-17 11:43:42 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume5\Program Files\Google\Drive File Stream\51.0.16.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements. ==================== Speicherinformationen =========================== BIOS: American Megatrends Inc. P4.00 04/15/2021 Hauptplatine: ASRock X570 Pro4 Prozessor: AMD Ryzen 5 5600X 6-Core Processor Prozentuale Nutzung des RAM: 24% Installierter physikalischer RAM: 32686.45 MB Verfügbarer physikalischer RAM: 24820.27 MB Summe virtueller Speicher: 37550.45 MB Verfügbarer virtueller Speicher: 26157.67 MB ==================== Laufwerke ================================ Drive c: (System) (Fixed) (Total:464.19 GB) (Free:229.25 GB) NTFS Drive d: (Games) (Fixed) (Total:931.51 GB) (Free:168.21 GB) NTFS Drive e: (Games) (Fixed) (Total:931.51 GB) (Free:210.97 GB) NTFS Drive f: (Daten) (Fixed) (Total:1863.01 GB) (Free:73.28 GB) NTFS Drive g: (rufuz64@gmail.com - Google Drive) (Fixed) (Total:100 GB) (Free:36.22 GB) FAT32 Drive h: (casual.racing.league@gmail.co...) (Fixed) (Total:100 GB) (Free:45.28 GB) FAT32 \\?\Volume{00092176-0000-0000-0000-100000000000}\ (System-reserviert) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS \\?\Volume{538a6a1f-4dc8-6248-5b5f-13c49b28a56a}\ () (Fixed) (Total:101.08 GB) (Free:0 GB) NTFS \\?\Volume{2c8d4a56-5754-8dc0-bdb2-51d4222273ae}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS \\?\Volume{5a1847b4-f61e-e681-1673-885e9dc9b270}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS \\?\Volume{00092176-0000-0000-0000-702b74000000}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS \\?\Volume{00092176-0000-0000-0000-474e74000000}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 68CA5102) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: C99D012A) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ========================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 000896DA) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ========================================================== Disk: 3 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 00092176) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=464.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=556 MB) - (Type=27) Partition 4: (Not Active) - (Size=550 MB) - (Type=27) Attempted reading MBR returned 0 bytes. Could not read MBR for disk 4. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 5. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 6. ==================== Ende von Addition.txt ======================= |
17.11.2021, 08:41 | #20 |
| Win 10 Start dauert sehr langeCode:
ATTFilter Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 14-11-2021 durchgeführt von Rufuz (17-11-2021 08:26:17) Gestartet von C:\Users\Rufuz\Desktop\Trojaner-Board Start-Modus: Normal ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\ACC Race Control.lnk -> F:\_Portable\ACC Race Control 1.0.0\Start.bat () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows10FirewallControl\Deinstallieren.lnk -> C:\Program Files\Windows10FirewallControl\uninst.bat () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1C Online Games Launcher.lnk -> C:\1CGames\1C Online Games Launcher\1Cgames.exe (1C Entertainment) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACCSetupTool.lnk -> C:\Windows\Installer\{AEF584B1-EFEE-4787-9AB1-24A3282A1D77}\_79EB54669D5DA02B0364DD.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BakkesMod.lnk -> C:\Program Files\BakkesMod\BakkesMod.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Breitbandmessung.lnk -> C:\Program Files\Breitbandmessung\Breitbandmessung.exe (zafaco GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk -> C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe (Canneverbe Limited) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DCS-SRS Client.lnk -> C:\Program Files\DCS-SimpleRadio-Standalone\SR-ClientRadio.exe (Ciribob - GitHub.com/Ciribob) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk -> E:\Epic Games\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.28.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.10.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe (Google, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk -> C:\Program Files\Google\Google Earth Pro\client\googleearth.exe (Google) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Huion Tablet entfernen.lnk -> C:\Huion Tablet\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nextcloud.lnk -> C:\Program Files\Nextcloud\nextcloud.exe (Nextcloud GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO don.h@free.fr) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OvGME.lnk -> C:\Program Files\OvGME\OvGME.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung DeX.lnk -> C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics Co., Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shotcut.lnk -> C:\Program Files\Shotcut\shotcut.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk -> C:\Program Files\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPC Configuration Tool.lnk -> C:\Program Files (x86)\VPC Software Suite\VPC_JOY_SETUP.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPC Joystick Tester.lnk -> C:\Program Files (x86)\VPC Software Suite\tools\VPC_JOY_TEST.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPC Shift Tool.lnk -> C:\Program Files (x86)\VPC Software Suite\tools\vpc_shift.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows10FirewallControl\Hilfe.lnk -> C:\Program Files\Windows10FirewallControl\Windows10FirewallControl.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows10FirewallControl\Mehr....lnk -> C:\Program Files\Windows10FirewallControl\More.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows10FirewallControl\Windows10FirewallControl im Internet.lnk -> C:\Program Files\Windows10FirewallControl\Windows10FirewallControl.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows10FirewallControl\Windows10FirewallControl.lnk -> C:\Program Files\Windows10FirewallControl\Windows10FirewallControl.exe (Sphinx Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vJoy\Configure vJoy.lnk -> C:\Program Files\vJoy\x64\vJoyConf.exe (Shaul Eizikovich) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vJoy\Monitor vJoy.lnk -> C:\Program Files\vJoy\x64\JoyMonitor.exe (Shaul Eizikovich) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vJoy\Uninstall vJoy.lnk -> C:\Program Files\vJoy\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vJoy\vJoy Device List.lnk -> C:\Program Files\vJoy\x64\vJoyList.exe (Shaul Eizikovich) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vJoy\vJoy Feeder (Demo).lnk -> C:\Program Files\vJoy\x64\vJoyFeeder.exe (Shaul Eizikovich) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files\VideoLAN\VLC\Documentation.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files\VideoLAN\VLC\NEWS.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files\VideoLAN\VLC\VideoLAN Website.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free\TreeSize Free (Administrator).lnk -> C:\Program Files (x86)\JAM Software\TreeSize Free\TreeSizeFree.exe (JAM Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free\TreeSize Free Hilfe.lnk -> C:\Program Files (x86)\JAM Software\TreeSize Free\TreeSizeFree.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tacview (beta)\FSX2ACMI (FSX & P3D).lnk -> C:\Program Files (x86)\Tacview (beta)\FSX2ACMI.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tacview (beta)\MSFS2ACMI (Microsoft Flight Simulator).lnk -> C:\Program Files (x86)\Tacview (beta)\MSFS2ACMI.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tacview (beta)\Tacview (beta).lnk -> C:\Program Files (x86)\Tacview (beta)\Tacview64.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tacview\FSX2ACMI (FSX & P3D).lnk -> C:\Program Files (x86)\Tacview\FSX2ACMI.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tacview\MSFS2ACMI (Microsoft Flight Simulator).lnk -> C:\Program Files (x86)\Tacview\MSFS2ACMI.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tacview\Tacview.lnk -> C:\Program Files (x86)\Tacview\Tacview64.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology\Synology Assistant.lnk -> C:\Program Files (x86)\Synology\Assistant\DSAssistant.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology\Uninstall Synology Assistant.lnk -> C:\Program Files (x86)\Synology\Assistant\Uninstall.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> D:\Steam\steam.exe (Valve Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimHub\SimHub.lnk -> C:\Program Files (x86)\SimHub\SimHubWPF.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimHub\Uninstall SimHub.lnk -> C:\Program Files (x86)\SimHub\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimHub\Utilities\Arduino Configuration.lnk -> C:\Program Files (x86)\SimHub\_Addons\Arduino\SimhubArduinoSetup.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimHub\Utilities\Game Plugins.lnk -> C:\Program Files (x86)\SimHub\_Addons\GamePlugins () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimHub\Utilities\PluginSdk (VS 2015).lnk -> C:\Program Files (x86)\SimHub\PluginSdk () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimHub\Utilities\SimHub nextion editor.lnk -> C:\Program Files (x86)\SimHub\_Addons\SimHubNextionEditor\SimHubNextionEditor.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Smart Switch.lnk -> C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe (Samsung) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Data Migration\Data Migration.lnk -> C:\Program Files (x86)\Samsung\Samsung Data Migration\Data Migration.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riftcat\Riftcat 2.0.lnk -> C:\Program Files (x86)\Riftcat 2\RiftCat.exe (RiftCat sp. z o. o.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller entfernen.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller Help.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller\Revo Uninstaller Help.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe (VS Revo Group) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server\Plex Media Server.lnk -> C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator.lnk -> C:\Program Files\PDFCreator\PDFCreator.exe (pdfforge) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24\PDF24.lnk -> C:\Program Files\PDF24\pdf24-Toolbox.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer\PDF-Viewer License.lnk -> C:\Program Files\Tracker Software\PDF Viewer\Help\PDFVLicense.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer\PDF-Viewer Users Manual.lnk -> C:\Program Files\Tracker Software\PDF Viewer\Help\PDFVwrManSm.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer\PDF-Viewer.lnk -> C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe (Tracker Software Products (Canada) Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer\Tracker Updater.lnk -> C:\Program Files\Tracker Software\Update\TrackerUpdate.exe (Tracker Software Products (Canada) Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer\Uninstall.lnk -> C:\Program Files\Tracker Software\PDF Viewer\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin Fehlermelder.lnk -> E:\Origin\OriginER.exe (Electronic Arts) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk -> E:\Origin\Origin.exe (Electronic Arts) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (64bit).lnk -> C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\Uninstall.lnk -> C:\Program Files\obs-studio\uninstall.exe (obsproject.com) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\NVIDIA Broadcast.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe (NVIDIA Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer\MyPhoneExplorer.lnk -> C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe (F.J. Wechselberger) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer\Uninstall.lnk -> C:\Program Files (x86)\MyPhoneExplorer\uninstall.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\MPC-HC entfernen.lnk -> C:\Program Files\MPC-HC\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\MPC-HC x64.lnk -> C:\Program Files\MPC-HC\mpc-hc64.exe (MPC-HC Team) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Mp3tag Hilfe.lnk -> C:\Program Files (x86)\Mp3tag\help\index.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Mp3tag.lnk -> C:\Program Files (x86)\Mp3tag\Mp3tag.exe (Florian Heidenreich) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Neu in dieser Version.lnk -> C:\Program Files (x86)\Mp3tag\Mp3tagVersion.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MoTeC\MoTeC i2 Pro 1.1.lnk -> C:\Windows\Installer\{DB478073-FDF0-4544-AAA5-14D84EE17084}\MenuShortcut_528510489AB94AD0A5E83DD850A0DD5E.exe (Flexera Software LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Aufzeichnungs-Manager von Skype for Business.lnk -> C:\Program Files\Microsoft Office\root\Office16\OcPubMgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office-Spracheinstellungen.lnk -> C:\Program Files\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetriedashboard für Office.lnk -> C:\Program Files\Microsoft Office\root\Office16\msotd.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetrieprotokoll für Office.lnk -> C:\Program Files\Microsoft Office\root\Office16\msoev.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManiaPlanet\ManiaPlanet spielen.lnk -> C:\Program Files (x86)\ManiaPlanet\ManiaPlanetLauncher.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi\Logitech G HUB.lnk -> C:\Program Files\LGHUB\lghub.exe (Logitech, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leawo\Blu-ray Player\ Blu-ray Player Uninstall.lnk -> C:\Program Files (x86)\Leawo\Blu-ray Player\unins001.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leawo\Blu-ray Player\Blu-ray Player.lnk -> C:\Program Files (x86)\Leawo\Blu-ray Player\Leawo Blu-ray Player.exe (Leawo) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi\Kodi.lnk -> C:\Program Files\Kodi\kodi.exe (XBMC Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi\Uninstall Kodi.lnk -> C:\Program Files\Kodi\Uninstall.exe (XBMC Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JiveX DICOM Viewer Light\JiveX [dv] Light.LNK -> C:\Program Files (x86)\jivexdvlight\DVStart.exe (VISUS Technology Transfer) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JiveX DICOM Viewer Light\Visus TT Homepage.LNK -> C:\Program Files (x86)\jivexdvlight\HomepageVisusTT.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Java Mission Control.lnk -> C:\Program Files\Java\jdk1.8.0_111\bin\jmc.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Huion Tablet\Huion Tablet entfernen.lnk -> C:\Huion Tablet\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Huion Tablet\Huion Tablet.lnk -> C:\Huion Tablet\Huion Tablet.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hue Sync\Hue Sync.lnk -> C:\Program Files\Hue Sync\HueSync.exe (Signify Netherlands B.V.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HideVolumeOSD\HideVolumeOSD.lnk -> C:\Program Files (x86)\HideVolumeOSD\HideVolumeOSD.exe (Venturi) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune Manual.lnk -> C:\Program Files (x86)\HD Tune\hdtune.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune on the Web.lnk -> C:\Program Files (x86)\HD Tune\HDTune.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune.lnk -> C:\Program Files (x86)\HD Tune\HDTune.exe (EFD Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\Uninstall HD Tune.lnk -> C:\Program Files (x86)\HD Tune\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot\Greenshot.lnk -> C:\Program Files\Greenshot\Greenshot.exe (Greenshot) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot\License.txt.lnk -> C:\Program Files\Greenshot\license.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot\Readme.txt.lnk -> C:\Program Files\Greenshot\readme.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot\Uninstall Greenshot.lnk -> C:\Program Files\Greenshot\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GrabIt\Changes.lnk -> C:\Program Files (x86)\GrabIt\Changes.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GrabIt\GrabIt.lnk -> C:\Program Files (x86)\GrabIt\GrabIt.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GrabIt\License.lnk -> C:\Program Files (x86)\GrabIt\License.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GrabIt\Uninstall GrabIt.lnk -> C:\Program Files (x86)\GrabIt\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fotobuch.de\Designer 2.0 aktualisieren.lnk -> C:\Program Files (x86)\fotobuch.de\Designer 2.0\updater.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fotobuch.de\Designer 2.0 deinstallieren.lnk -> C:\Program Files (x86)\fotobuch.de\Designer 2.0\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fotobuch.de\Designer 2.0.lnk -> C:\Program Files (x86)\fotobuch.de\Designer 2.0\designer.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\FileZilla.lnk -> C:\Program Files\FileZilla FTP Client\filezilla.exe (FileZilla Project) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\Uninstall.lnk -> C:\Program Files\FileZilla FTP Client\uninstall.exe (Tim Kosse) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EXIF Date Changer\EXIF Date Changer.lnk -> C:\Program Files (x86)\EXIF Date Changer\EXIFDateChanger.exe (Rellik Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\ElsterFormular.lnk -> C:\Program Files (x86)\ElsterFormular\bin\pica.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Infodatei - Support.lnk -> C:\Program Files (x86)\ElsterFormular\bin\hotlinetool.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Lizenzvertrag.lnk -> C:\Program Files (x86)\ElsterFormular\lizenzvertrag.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes\CloneBD\CloneBD.lnk -> C:\Program Files (x86)\Elaborate Bytes\CloneBD\CloneBD.exe (Elaborate Bytes) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes\CloneBD\Register CloneBD.lnk -> C:\Program Files (x86)\Elaborate Bytes\CloneBD\RegCloneBD.exe (Elaborate Bytes AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.exe (CPUID) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Edit CPU-Z Config File.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.ini () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Uninstall CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Scan Utility\IJ Scan Utility.lnk -> C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe (CANON INC.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk -> E:\Battle.net\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools\AVD Manager.lnk -> C:\Program Files (x86)\Android\android-sdk\AVD Manager.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools\SDK Manager.lnk -> C:\Program Files (x86)\Android\android-sdk\SDK Manager.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools\Uninstall Android SDK Tools.lnk -> C:\Program Files (x86)\Android\android-sdk\uninstall.exe (Google Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced IP Scanner v2\Advanced IP Scanner.lnk -> C:\Program Files (x86)\Advanced IP Scanner\advanced_ip_scanner.exe (Famatech Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced IP Scanner v2\Anwenderhandbuch für Advanced IP Scanner.lnk -> C:\Windows\Installer\{CB67C185-D2DF-455E-B9B7-00C8E505186F}\OnlineHelpIcon () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACC Results Companion\ACC Results Companion.lnk -> C:\Program Files (x86)\BoHo\ACC Results Companion\ACCResults.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files\7-Zip\7zFM.exe (Igor Pavlov) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files\7-Zip\7-zip.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\5KPlayer\5KPlayer.lnk -> C:\Program Files (x86)\DearMob\5KPlayer\5KPlayer.exe (DearMob) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\5KPlayer\Deinstallieren 5KPlayer.lnk -> C:\Program Files (x86)\DearMob\5KPlayer\uninstaller.exe (DearMob, Inc.) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Rufuz\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\Public\Desktop\Breitbandmessung.lnk -> C:\Program Files\Breitbandmessung\Breitbandmessung.exe (zafaco GmbH) Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\Users\Public\Desktop\Google Earth Pro.lnk -> C:\Program Files\Google\Google Earth Pro\client\googleearth.exe (Google) Shortcut: C:\Users\Public\Desktop\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes) Shortcut: C:\Users\Rufuz\OneDrive\Personal Vault.lnk -> C:\Users\Rufuz\AppData\Local\Microsoft\OneDrive\21.002.0104.0005\FileSync.Resources.dll (Keine Datei) Shortcut: C:\Users\Rufuz\Links\Desktop.lnk -> C:\Users\Rufuz\Desktop () Shortcut: C:\Users\Rufuz\Links\Downloads.lnk -> C:\Users\Rufuz\Downloads () Shortcut: C:\Users\Rufuz\Links\Google Drive.lnk -> C:\Users\Rufuz\Google Drive (casual.racing.league@gmail.com) () Shortcut: C:\Users\Rufuz\Links\HAVERdrive.lnk -> C:\Users\Rufuz\HAVERdrive () Shortcut: C:\Users\Rufuz\Desktop\ACC TV Benutzerhandbuch.lnk -> \\BERYLLIUM\home\Software\ACCTV\ACC TV Broadcast Client Benutzerhandbuch v2.7.pdf () Shortcut: C:\Users\Rufuz\Desktop\Geräte und Drucker - Verknüpfung.lnk -> [LF@ph&DqdɆ!9qXf}:$D$i\zc1SPS0%G`9Gerte und Drucker-Systemordner1SPSjc(=OйT::{26EE0668-A00A-44D7-9371-BEB064C98683}\2\::{A8A91A66-3A7D-4424-8D24-04E180695C7A}] Shortcut: C:\Users\Rufuz\Desktop\New-World-Server.xlsx - Verknüpfung.lnk -> C:\Users\Rufuz\Desktop\New World\New-World-Server.xlsx () Shortcut: C:\Users\Rufuz\Desktop\PC Health Check.lnk -> C:\Users\Rufuz\AppData\Local\PCHealthCheck\PCHealthCheck.exe () Shortcut: C:\Users\Rufuz\Desktop\UCR.lnk -> F:\UCR\UCR.exe () Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\VTOL VR Mod Loader.lnk -> D:\Steam\SteamApps\common\VTOL VR\VTOLVR_ModLoader\VTOLVR-ModLoader.exe (vtolvr-mods.com) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4K Video Downloader.lnk -> C:\Program Files\4KDownload\4kvideodownloader\4kvideodownloader.exe (Open Media LLC) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ACCDirector.lnk -> F:\_Portable\ACCDirector_1_0_4\ACCDirector.exe (Epic Games, Inc.) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Games.lnk -> C:\Users\Rufuz\AppData\Local\Amazon Games\App\Amazon Games.exe (Amazon) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Content Manager.lnk -> C:\Users\Rufuz\Downloads\Content Manager.exe (Keine Datei) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Geräte und Drucker - Verknüpfung.lnk -> [LF@ph&DqdɆ!9qXf}:$D$i\zI1SPS0%G`9Gerte und Drucker-Systemordner1SPSU(Ly9K-T::{26EE0668-A00A-44D7-9371-BEB064C98683}\2\::{A8A91A66-3A7D-4424-8D24-04E180695C7A}1SPSjc(=OйT::{26EE0668-A00A-44D7-9371-BEB064C98683}\2\::{A8A91A66-3A7D-4424-8D24-04E180695C7A}] Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ksBroadcastingTestClient.lnk -> D:\Steam\SteamApps\common\Assetto Corsa Competizione Dedicated Server\sdk\broadcasting\Testclient\ksBroadcastingTestClient.exe () Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaElch.exe - Verknüpfung.lnk -> F:\_Portable\MediaElch\MediaElch.exe () Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Rufuz\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk -> C:\Users\Rufuz\AppData\Local\PCHealthCheck\PCHealthCheck.exe () Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\promethium.lnk -> [LFX,!PCsg<;-1SPSsCCOi܆3nE1SPS0%G`)promethium-1SPS:7CD)\\promethium\\promethiumwk1SPSU(Ly9K--\\promethium] Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RSMapper.exe - Verknüpfung.lnk -> F:\_Portable\RS Mapper 0.52\RSMapper.exe () Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Signal.lnk -> C:\Users\Rufuz\AppData\Local\Programs\signal-desktop\Signal.exe (Open Whisper Systems) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Users\Rufuz\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk -> C:\Users\Rufuz\Desktop\Tor Browser\Browser\firefox.exe (Keine Datei) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Syncplay.exe - Verknüpfung.lnk -> F:\Syncplay_1.6.8_Portable\Syncplay.exe () Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UCR.lnk -> F:\UCR\UCR.exe () Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\USBDeview.exe - Verknüpfung.lnk -> F:\_Portable\usbdeview_german\USBDeview.exe (NirSoft) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt () Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm () Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt () Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VAICOM PRO for DCS World\VAICOM PRO for DCS World.lnk -> C:\Users\Rufuz\AppData\Roaming\Microsoft\Installer\{032E60E8-A323-445C-B0D6-53ADDD09072A}\_BBBDC3F3FFD6ABB089A1D1.exe () Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\UbisoftConnect\Ubisoft Connect.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftConnect.exe (Ubisoft) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\UbisoftConnect\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> D:\Steam\steam.exe (Valve Corporation) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Rockstar Games Launcher.lnk -> E:\Rockstar Games\Launcher\LauncherPatcher.exe (Rockstar Games) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar\QuickPar.lnk -> C:\Program Files (x86)\QuickPar\QuickPar.exe (Peter B Clements) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar\Uninstall.lnk -> C:\Program Files (x86)\QuickPar\uninst.exe (Peter B Clements) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar\Website.lnk -> C:\Program Files (x86)\QuickPar\QuickPar.url () Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NASA's Eyes\NASA's Eyes.lnk -> C:\Users\Rufuz\AppData\Roaming\JPL-NASA-Caltech\NASA's Eyes\EyesLauncher.exe () Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NASA's Eyes\Uninstall.lnk -> C:\Users\Rufuz\AppData\Roaming\JPL-NASA-Caltech\NASA's Eyes\Uninstall.exe () Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Rufuz\target.lnk -> \\DURANIUM\Users\Rufuz () Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\5KPlayer.lnk -> C:\Program Files (x86)\DearMob\5KPlayer\5KPlayer.exe (DearMob) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GrabIt.lnk -> C:\Program Files (x86)\GrabIt\GrabIt.exe () Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk -> C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe (Samsung) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\1C Online Games Launcher.lnk -> C:\1CGames\1C Online Games Launcher\1Cgames.exe (1C Entertainment) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Amazon Games.lnk -> C:\Users\Rufuz\AppData\Local\Amazon Games\App\Amazon Games.exe (Amazon) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Battle.net.lnk -> E:\Battle.net\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Epic.lnk -> E:\Epic Games\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\FileZilla.lnk -> C:\Program Files\FileZilla FTP Client\filezilla.exe (FileZilla Project) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\IJ Scan Utility.lnk -> C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe (CANON INC.) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Origin.lnk -> E:\Origin\Origin.exe (Electronic Arts) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Outlook 2016.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Rockstar.lnk -> E:\Rockstar Games\Launcher\LauncherPatcher.exe (Rockstar Games) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Signal.lnk -> C:\Users\Rufuz\AppData\Local\Programs\signal-desktop\Signal.exe (Open Whisper Systems) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Steam.lnk -> D:\Steam\steam.exe (Valve Corporation) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft) Shortcut: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Wargaming.lnk -> C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming.net) Shortcut: C:\Users\Rufuz\AppData\Local\PCHealthCheck\PC Health Check.lnk -> C:\Users\Rufuz\AppData\Local\PCHealthCheck\PCHealthCheck.exe () Shortcut: C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\LaunchControl.gadget\links\Show Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\LaunchControl.gadget\links\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Rufuz\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Rufuz\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Rufuz\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Receiver.lnk -> C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe (Citrix Systems, Inc.) -> -showAppPicker ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free\TreeSize Free.lnk -> C:\Program Files (x86)\JAM Software\TreeSize Free\TreeSizeFree.exe (JAM Software) -> /NOADMIN ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\HideVolumeOSD.lnk -> C:\Program Files (x86)\HideVolumeOSD\HideVolumeOSD.exe (Venturi) -> -hide ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Huion Tablet.lnk -> C:\Huion Tablet\Huion Tablet.exe () -> huion-hklm ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Uninstall Smart Switch.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}\setup.exe (Samsung Electronics Co., Ltd.) -> /removeonly ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Database Compare.lnk -> C:\Program Files\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Office16\DCF\DATABASECOMPARE.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Spreadsheet Compare.lnk -> C:\Program Files\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Office16\DCF\SPREADSHEETCOMPARE.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManiaPlanet\TMCanyon spielen.lnk -> C:\Program Files (x86)\ManiaPlanet\ManiaPlanetLauncher.exe () -> /StartupTitle=TMCanyon ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JiveX DICOM Viewer Light\de-Handbuch.LNK -> C:\Program Files (x86)\jivexdvlight\DVStart.exe (VISUS Technology Transfer) -> -cp jar/jiveXDVViewer_light.jar;jar/pdf-renderer.jar;jar/skinlf.jar;jar/visusclient.jar;jar/modernthemepack.jar -main com.visustt.jiveX.client.actions.pdf.impl.PDFViewerSun docs/usermanual_jdv_light_de.pdf ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JiveX DICOM Viewer Light\en-User Manual.LNK -> C:\Program Files (x86)\jivexdvlight\DVStart.exe (VISUS Technology Transfer) -> -cp jar/jiveXDVViewer_light.jar;jar/pdf-renderer.jar;jar/skinlf.jar;jar/visusclient.jar;jar/modernthemepack.jar -main com.visustt.jiveX.client.actions.pdf.impl.PDFViewerSun docs/usermanual_jdv_light_en.pdf ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hue Sync\Hue Sync (compatibility mode).lnk -> C:\Program Files\Hue Sync\HueSync.exe (Signify Netherlands B.V.) -> -gles ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HideVolumeOSD\HideVolumeOSD (Hide).lnk -> C:\Program Files (x86)\HideVolumeOSD\HideVolumeOSD.exe (Venturi) -> -hide ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HideVolumeOSD\HideVolumeOSD (Show).lnk -> C:\Program Files (x86)\HideVolumeOSD\HideVolumeOSD.exe (Venturi) -> -show ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Hilfe.lnk -> C:\Program Files (x86)\ElsterFormular\bin\hilfepica.exe (Digia Plc and/or its subsidiary(-ies)) -> -collectionFile "C:\Program Files (x86)\ElsterFormular\/hilfe/elfo.bedienung.qhc" -showUrl "qthelp://elfo.bedienung/hilfe/bed_kap01/910000.html" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Installationsverwaltung.lnk -> C:\Program Files (x86)\ElsterFormular\bin\installationsverwaltung.exe () -> --zeigeDlg ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Integritätsprüfer.lnk -> C:\Program Files (x86)\ElsterFormular\bin\integritaetspruefer.exe () -> -path "C:\Program Files (x86)\ElsterFormular\ ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Screenreadermodus.lnk -> C:\Program Files (x86)\ElsterFormular\bin\pica.exe () -> --sehbehindertenmodus ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced IP Scanner v2\Advanced IP Scanner deinstallieren.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {CB67C185-D2DF-455E-B9B7-00C8E505186F} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX ShortcutWithArgument: C:\Users\Default\Desktop\Google Docs.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat () -> -open_gdocs_root ShortcutWithArgument: C:\Users\Default\Desktop\Google Sheets.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat () -> -open_gsheets_root ShortcutWithArgument: C:\Users\Default\Desktop\Google Slides.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat () -> -open_gslides_root ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\Public\Desktop\Fanatec Wheel Property Page.lnk -> C:\Windows\Installer\{10DC60FB-89A2-4EB7-B4F2-9E103CEE2030}\ShortCutIcon.exe () -> joy.cpl ShortcutWithArgument: C:\Users\Rufuz\Desktop\NWMM - New World MiniMap.lnk -> C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe (Overwolf Ltd.) -> -launchapp mdhcjmlgojogdppbljcopjlggkpgnhhjedllcecm -from-desktop ShortcutWithArgument: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net\Wargaming.net Game Center.lnk -> C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming.net) -> '' ShortcutWithArgument: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net\World_of_Warships_Eu\World_of_Warships_Eu deinstallieren.lnk -> E:\Wargaming\World_of_Warships_Eu\wgc_api.exe (Wargaming) -> --uninstall ShortcutWithArgument: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net\World_of_Warships_Eu\World_of_Warships_Eu.lnk -> E:\Wargaming\World_of_Warships_Eu\wgc_api.exe (Wargaming) -> --open ShortcutWithArgument: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf\NWMM - New World MiniMap.lnk -> C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe (Overwolf Ltd.) -> -launchapp mdhcjmlgojogdppbljcopjlggkpgnhhjedllcecm -from-startmenu ShortcutWithArgument: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf\Overwolf.lnk -> C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe (Overwolf Ltd.) -> -from-desktop ShortcutWithArgument: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord.lnk -> C:\Users\Rufuz\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe ShortcutWithArgument: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto ShortcutWithArgument: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) -> /recycle ShortcutWithArgument: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Discord.lnk -> C:\Users\Rufuz\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe ShortcutWithArgument: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Energie sparen.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> powrprof.dll,SetSuspendState ShortcutWithArgument: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Herunterfahren.lnk -> C:\Windows\System32\shutdown.exe (Microsoft Corporation) -> -s -t 02 ShortcutWithArgument: C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TMCanyon spielen.lnk -> C:\Program Files (x86)\ManiaPlanet\ManiaPlanetLauncher.exe () -> /StartupTitle=TMCanyon ShortcutWithArgument: C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Control_System.gadget\Hibernate.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> PowrProf,SetSuspendState Hibernate ShortcutWithArgument: C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Control_System.gadget\Logoff.lnk -> C:\Windows\System32\shutdown.exe (Microsoft Corporation) -> -L ShortcutWithArgument: C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Control_System.gadget\Restart.lnk -> C:\Windows\System32\shutdown.exe (Microsoft Corporation) -> -r -f -t 01 ShortcutWithArgument: C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Control_System.gadget\Shutdown.lnk -> C:\Windows\System32\shutdown.exe (Microsoft Corporation) -> -s -f -t 01 ShortcutWithArgument: C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Control_System.gadget\Standby.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> PowrProf,SetSuspendState ShortcutWithArgument: C:\Users\Rufuz\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E} ShortcutWithArgument: C:\Users\Rufuz\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\Rufuz\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Rufuz\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System ShortcutWithArgument: C:\Users\Rufuz\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\Rufuz\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions ShortcutWithArgument: C:\Users\Rufuz\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\Rufuz\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\Rufuz\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures ShortcutWithArgument: C:\Users\Rufuz\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Rufuz\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Rufuz\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Rufuz\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Rufuz\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\Rufuz\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vJoy\vJoy Home.url -> URL: hxxp://vjoystick.sourceforge.net/site InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vJoy\vJoy SDK.url -> URL: hxxp://vjoystick.sourceforge.net/redirect_download_vJoy2SDK.php InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller im Internet.url -> URL: hxxps://www.revouninstaller.com/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\MPC-HC im Internet.url -> URL: hxxps://github.com/clsid2/mpc-hc/releases InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Mp3tag Website.url -> URL: hxxp://www.mp3tag.de InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi\Visit Kodi Online.url -> URL: hxxp://kodi.tv InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Referenzdokumentation.url -> URL: hxxps://docs.oracle.com/javase/8/docs InternetURL: C:\Users\Rufuz\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142 InternetURL: C:\Users\Rufuz\Desktop\httpsforums.eagle.ruuploadsmonthly_2021_03465511220_GUNFIGHTERVIRPILCHFANATEC.png.c379d914ff1a6156418b9c01368d4053.png.URL -> URL: hxxps://forums.eagle.ru/uploads/monthly_2021_03/465511220_GUNFIGHTERVIRPILCHFANATEC.png.c379d914ff1a6156418b9c01368d4053.png InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\ADR1FT.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\Aperture Hand Lab.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\Assetto Corsa Competizione.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\Assetto Corsa.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\Beat Saber.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\Bigscreen Beta.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\Contractors VR.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\DCS World Steam Edition.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\DiRT Rally 2.0.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\Eleven Table Tennis.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\Elite Dangerous.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\fpsVR.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\Google Earth VR.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\Half-Life Alyx.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\IL-2 Sturmovik Battle of Stalingrad.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\IronWolf VR.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\Karnage Chronicles.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\KartKraft.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\Kayak VR Playtest.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\Medal of Honor™ Above and Beyond.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\Microsoft Flight Simulator.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\No Man's Sky.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\Phasmophobia.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\Project CARS 2.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\Raw Data.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\SKYBOX VR Video Player.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\Star Trek Bridge Crew.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\STAR WARS™ Squadrons.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\SteamVR.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\The Body VR Journey Inside a Cell.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\The Dawn of Art.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\The Lab.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\Tower Tag.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\Virtual Desktop.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\Vox Machinae.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR\VTOL VR.url -> InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Contractors VR.url -> URL: steam://rungameid/963930 InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Eleven Table Tennis.url -> URL: steam://rungameid/488310 InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\fpsVR.url -> URL: steam://rungameid/908520 InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Portal Reloaded.url -> URL: steam://rungameid/1255980 InternetURL: C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\VoiceAttack.url -> URL: steam://rungameid/583010 ==================== Ende vom Shortcut.txt ============================= |
17.11.2021, 10:54 | #21 |
/// TB-Ausbilder | Win 10 Start dauert sehr lange Gut gemacht. Die Logdateien sehen schon besser aus. Vielen Dank für dein Video bezüglich Windows Defender und Open Candy. Wir sollten den Schutzverlauf von Windows Defender zurücksetzen. Das geht mit Schritt 1 und Schritt 2. Schritt 1 WARNUNG AN ALLE MITLESER !!! Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System angewendet werden!
Schritt 2 Folder dem Pfad Start > Einstellungen > Update und Sicherheit > Windows-Sicherheit > Viren- & Bedrohungsschutz > Einstellungen verwalten Deaktiviere die folgenden Optionen:
Klicke weiter unten auf Ausschlüsse hinzufügen oder entfernen. Entferne alle Ausschlüsse, sofern welche vorhanden sind. Starte den Rechner zum Abschluss neu. Schritt 3
Bitte poste mit deiner nächsten Antwort:
|
17.11.2021, 13:53 | #22 |
| Win 10 Start dauert sehr lange Der letzte Schritt hat sich erledigt. Ich habe jetzt erst begriffen, dass es nicht nur einen Papierkorb gibt. Alle Papierkörbe geleert. Defender nochmal vollständig durchlaufen lassen. Bedrohungen entfernt. Falls es das gewesen ist möchte ich mich bei dir persönlich aber auch bei dem Team noch einmal herzlich bedanken. Ihr seid großartig. Und den Spendenbutton habe ich auch gefunden Liebe Grüße Rufuz |
17.11.2021, 14:28 | #23 | |
/// TB-Ausbilder | Win 10 Start dauert sehr lange Es wäre trotzdem gut, wenn du Schritt 1 und 2 ausführst, weil damit Einstellungen zurückgesetzt werden. Abschließend gibt es noch zwei letzte Schritte und einen Lesestoff für dich. Schritt 1
Schritt 2 Auf deinem Computer fehlt das aktuelle Funktionsupdate Version 21H2. Zitat:
Dann wären wir durch! Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber. Abschließend bitte noch einen Cleanup mit unserem TBCleanUpTool durchführen und unbedingt die Sicherheitsmaßnahmen lesen und umsetzen - beides ist in folgendem Lesestoff verlinkt: Wenn Du möchtest, kannst Du hier sagen, ob du mit mir und meiner Hilfe zufrieden warst... Vielleicht möchtest du das Forum mit einer kleinen Spende unterstützen. Hinweis: Bitte gib mir eine kurze Rückmeldung, sobald du die oben verlinkten Informationen gelesen hast, alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
17.11.2021, 18:59 | #24 |
| Win 10 Start dauert sehr lange Letzte FRST log Datei. 21H2 installiert. System sauber. Schnelles Booten. Lebe lang und in Frieden. Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-11-2021 durchgeführt von Rufuz (17-11-2021 17:48:14) Run:4 Gestartet von C:\Users\Rufuz\Desktop\Trojaner-Board Geladene Profile: Rufuz Start-Modus: Normal ============================================== fixlist Inhalt: ***************** DeleteQuarantine: Unlock: C:\FRST Reboot: ***************** "C:\FRST\Quarantine" => erfolgreich entfernt "C:\FRST" => wurde entsperrt Das System musste neu gestartet werden. ==== Ende von Fixlog 17:48:14 ==== Geändert von Rufuz (17.11.2021 um 19:04 Uhr) |
17.11.2021, 20:28 | #25 |
/// TB-Ausbilder | Win 10 Start dauert sehr lange Wir sind froh, dass wir helfen konnten Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Jeder andere bitte hier klicken und ein eigenes Thema erstellen. |
Themen zu Win 10 Start dauert sehr lange |
anleitung, aufsetzen, bedrohungen, build, bösartige, dauert, einiger, fertig, funde, gen, gestartet, kurze, lange, leitung, lösung, malwarebytes, neu, quarantäne, rechners, runde, start, suche, win, windows, woanders |