| |
| |||||||
Alles rund um Windows: Vram 85-99%+ ausgelastet. Mining Bot?Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
 |
01.12.2021, 11:11
| #1 |
 |  Problem: Vram 85-99%+ ausgelastet. Mining Bot? Guten Morgen Leute, seit ein paar Tagen plagt mich, schätze ich, ein Trojaner. Angefangen hat es mit ständigen Internet problemen (z.B. Zoom -> Internet Instabil (WG und Elternhaus lief vorher stabil)) oder abbrüche. Nun ist mir aufgefallen dass mein Vram immer bei 85-99%+ (AMD Software) auslastung hat. Programme die GPU verwenden haben im Taskmanager erhöhte werte sowie "Stromverbrauch" ist auf Mittel und Hoch. Vorher war alles auf Niedrig/Sehr Niedrig. Lüfter geht dreht hoch und wieder runter wenn keine anderen Programme laufen, wenn man jedoch den Browser o.ä. startet dann legt der püsterich los. Mein System:
Bis jetzt probiert:
Schon mal vielen Dank euch! Wovan FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2021
durchgeführt von wowts (Administrator) auf WOWTSCHIK (LENOVO 81X2) (01-12-2021 10:43:35)
Gestartet von C:\Users\wowts\AppData\Local\Temp\scoped_dir17072_825760356
Geladene Profile: wowts
Plattform: Microsoft Windows 11 Home Version 21H2 22000.348 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Opera
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366689.inf_amd64_4f0d6991b007c8f1\B366217\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366689.inf_amd64_4f0d6991b007c8f1\B366217\atiesrxx.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.Amd64.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.exe <4>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.x86.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\YMC.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_b9fd1528982e300f\LenovoUtilityService.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.SmartAppearance_1.1.10.0_neutral__5grkq8ppsgwt4\CameraConfiguration\CameraConfiguration.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.34\msedgewebview2.exe <12>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_10.2103.6.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\regedit.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20045.455.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(Nextcloud GmbH -> Nextcloud GmbH) C:\Program Files\Nextcloud\nextcloud.exe
(Opera Software AS -> Opera Software) C:\Users\wowts\AppData\Local\Programs\Opera\81.0.4196.60\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Users\wowts\AppData\Local\Programs\Opera\opera.exe <27>
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(UFRO INCORPORATION -> Ufro) C:\Windows\System32\DriverStore\FileRepository\wtabletserviceisd.inf_amd64_043e8a72e05dd9f4\ColorWatcher.exe
(Wacom Co., Ltd. -> Wacom Technology, Corp.) C:\Windows\System32\DriverStore\FileRepository\wtabletserviceisd.inf_amd64_043e8a72e05dd9f4\WTabletServiceISD.exe <2>
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\wowts\AppData\Roaming\Zoom\bin\CptHost.exe
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\wowts\AppData\Roaming\Zoom\bin\Zoom.exe <2>
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1141552 2020-08-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3180256 2021-10-14] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2015-01-29] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4517376 2014-11-11] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6787856 2019-03-19] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\wowts\AppData\Local\Microsoft\Teams\Update.exe [2459280 2021-11-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [Amazon Music Helper] => C:\Users\wowts\AppData\Local\Amazon Music\Amazon Music Helper.exe [2356312 2021-09-17] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [Amazon Music] => C:\Users\wowts\AppData\Local\Amazon Music\Amazon Music.exe [21370456 2021-09-17] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIREE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [Discord] => C:\Users\wowts\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [Nextcloud] => C:\Program Files\Nextcloud\nextcloud.exe [2739008 2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [Opera Browser Assistant] => C:\Users\wowts\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [] => [X]
HKLM\...\Print\Monitors\EPSON XP-342 343 345 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBREE.DLL [182784 2015-12-09] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb] -> IIS Express Application Compatibility Database for x64
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb [2012-05-29]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb [2012-05-29]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\95.1.13052.72\Installer\chrmstp.exe [2021-11-25] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\93.0.4577.82\Installer\chrmstp.exe [2021-09-15] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2021-10-16]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xxx.exe.lnk [2021-04-15]
ShortcutTarget: xxx.exe.lnk -> C:\Windows\System32\net.exe (Microsoft Windows -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {03F07486-C0CB-4C90-B85F-FA414BE53CBC} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758792 2021-09-22] (Lenovo -> )
Task: {06F0F01B-6273-4087-B329-6BE218DCF0B5} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-02-25] (Piriform Software Ltd -> Piriform Software)
Task: {18F8950B-F4E0-4B2C-8E8B-31195C06F079} - System32\Tasks\Opera scheduled Autoupdate 1608812151 => C:\Users\wowts\AppData\Local\Programs\Opera\launcher.exe [1753808 2021-11-23] (Opera Software AS -> Opera Software)
Task: {1FB52FAD-EEC7-497B-BC46-B24D5D63EA54} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (Keine Datei)
Task: {21C9A622-AA70-45B5-9D75-74079446771E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-23] (Google LLC -> Google LLC)
Task: {239A1A46-AF4F-47B2-B042-A8AE5FFAE370} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {246D2A2F-6508-4B14-A7A7-8D5134D6E57B} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4190800 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {29219B9B-C059-4ADF-8E70-904A40083A61} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.SScan => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {2D38D28F-50D2-4FEC-A450-A7225056836B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-05-10] (Avast Software s.r.o. -> Avast Software)
Task: {323C8F6D-6FDB-4A0F-AD29-9EDBE8A115CE} - System32\Tasks\CCleanerSkipUAC - wowts => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {34BB7D71-EA5D-41D4-86EB-5EB752DA7AA4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8314824 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {3C899A3B-5DDD-43CE-97BB-14764136F913} - System32\Tasks\Lenovo\Lenovo MigrationAssistant start event task => C:\Program Files\Lenovo\Lenovo Migration Assistant\Lenovo Migration Assistant Srv.exe [291216 2020-11-11] (Lenovo -> )
Task: {4125DEFD-A8F3-4412-AEB6-24F6A0795C87} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)
Task: {4970B72F-FA6C-489E-B9DF-F13B7293EABE} - System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Auffrischen der Anti-Beacon-Immunisierung => C:\Program Files (x86)\Safer-Networking Ltd\Spybot Anti-Beacon\Spybot3AntiBeacon.exe [8790696 2019-12-18] (Safer-Networking Ltd. -> )
Task: {541ED3B8-4DC0-4F59-8F71-C9BCA3A4FE33} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [81920 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {54F176B0-3B92-443E-B25A-76182A28D4FB} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {587253DE-D92C-4730-98F8-5E1C36EDFC2E} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {5C20F4C5-D57B-42A3-9E9B-071DC8196ECA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [6189624 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {5E68E165-9DAA-41E0-8272-F19324B00ABF} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {62A3D3AF-3C2C-41B5-A666-FF1CA33D2E1D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-23] (Google LLC -> Google LLC)
Task: {6B35CDD0-F331-4A2F-889E-B81A0D79BA9C} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2515248 2021-11-13] (Piriform Software Ltd -> Piriform Software)
Task: {6E959406-A2C1-4C1D-A2A9-CE47F618BCB4} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {71DD2352-C63D-4F74-BB81-1972F958EBC3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {75CFED51-D11E-4674-8330-FDD1898DC283} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2648424 2021-10-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {79CEF269-205F-4630-9CBD-89A3634C826C} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2515248 2021-11-13] (Piriform Software Ltd -> Piriform Software)
Task: {820D4038-BB8D-4390-8189-0692B530D1CF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [7177168 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {8D31A86D-8A11-4007-9511-4FD92A416C72} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (Keine Datei)
Task: {90FE37F6-C391-4BF9-96C8-D047B8A3EB56} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [443248 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
Task: {9188FD63-9FAB-4B0D-8C5E-DC2AD8FABBE5} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-04-21] () [Datei ist nicht signiert]
Task: {9361E511-201D-4D05-A00E-D56DA024A0F2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1600416 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E115AB0-D9D7-460D-B159-B62EE6C74BE2} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0691F33-8890-4099-9EC4-7A389F9E6AF7} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (Keine Datei)
Task: {A4541692-1577-42A9-806A-0DA395A34FEB} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-02-25] (Piriform Software Ltd -> Piriform Software)
Task: {A7576BFE-7C5B-41C5-A995-B5B8089F1D8F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e214837f-a20e-4fe7-bd34-8d7fd397109d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {A8F668CC-AF81-4E90-BE33-1791252FC85B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5723640 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {AB39CFED-C536-4D25-9CD2-8804E70D243B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8314824 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {BAA18872-1A38-4BF6-9327-9CA0D261A690} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE49D86D-FF90-4DC1-AB7D-A3B43F9E900F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\11bf35b2-7352-4c33-ac61-111e3096fc49 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {C3805D6C-E3CB-4419-B372-0FA6F79BAC81} - System32\Tasks\Opera scheduled assistant Autoupdate 1608812155 => C:\Users\wowts\AppData\Local\Programs\Opera\launcher.exe [1753808 2021-11-23] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\wowts\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {CB8D3780-C150-44B2-829A-2A890CFD0179} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1673272 2021-11-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {CB8E1798-23ED-4523-8ABF-F8A54B6E2FD7} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Keine Datei)
Task: {CD55368D-9846-48D6-B0DF-27F72EFC093A} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [201584 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
Task: {D8608D73-0EFB-4777-8E02-F6AFFC48AAF2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a781c118-6932-4721-8109-d0629a5df60e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {D8CFC531-69CC-4D8A-9A3A-E0172235513C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f440c66d-5a05-4737-a356-38c0964976e2 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {DD9424D8-84F6-403C-8DE0-9B82F99A93A5} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [63728 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {E04D1A24-4418-4BFB-AA3C-D54D09044835} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {E0D17D85-EB28-4D37-AB0F-85A78E8ECF9E} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {EA7DCE23-1A3D-421E-9C70-6396CAF3C1AC} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-778103176-1376588227-3002950867-1001 => C:\Users\wowts\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [87896 2021-10-30] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {F89EBA5D-9851-4B2E-8F70-F0BB1264E868} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [237952 2021-11-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {FA7820A8-7D42-416F-8F6B-E9A3C1BC4AD1} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758792 2021-09-22] (Lenovo -> )
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ACHTUNG (Beschränkung - Zones)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{194b8a07-8a49-42e0-ba56-e2c84f8f5540}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{69129b5f-2abf-4956-9cb1-0da2b391e6f7}: [DhcpNameServer] 192.168.32.102
Tcpip\..\Interfaces\{6a13e067-204c-4049-b75d-0e9e01c79d60}: [DhcpNameServer] 192.168.0.38
Tcpip\..\Interfaces\{8532842c-0128-4504-a307-46ec5dcf05db}: [DhcpNameServer] 172.168.127.2
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\wowts\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-30]
Edge Session Restore: Default -> ist aktiviert.
Edge Extension: (Microsoft-Editor: Rechtschreibung- und Grammatikprüfung) - C:\Users\wowts\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hokifickgkhplphjiodbggjmoafhignh [2021-11-03]
Edge HKLM-x32\...\Edge\Extension: [mielbhbkcliienpdicphhecpodcaeefg]
FireFox:
========
FF DefaultProfile: 3ztst3tj.default
FF ProfilePath: C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3ztst3tj.default [2020-12-21]
FF ProfilePath: C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release [2021-11-30]
FF NetworkProxy: Mozilla\Firefox\Profiles\3cjbr8d3.default-release -> type", 0
FF Session Restore: Mozilla\Firefox\Profiles\3cjbr8d3.default-release -> ist aktiviert.
FF Notifications: Mozilla\Firefox\Profiles\3cjbr8d3.default-release -> hxxps://calendar.google.com; hxxps://app.libertex.com
FF Extension: (Dark Reader) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\addon@darkreader.org.xpi [2021-11-08]
FF Extension: (OneNote Web Clipper) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\Clipper@OneNote.com.xpi [2020-12-21]
FF Extension: (Ninja Cookie) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\debug@ninja-cookie.com.xpi [2021-11-17]
FF Extension: (uBlock Origin) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-11-26]
FF Extension: (Dark Mode) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{3f746ae8-9575-4e62-9855-aae624b11082}.xpi [2020-12-21]
FF Extension: (NoScript) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-07-28]
FF Extension: (ClearURLs) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{74145f27-f039-47ce-a470-a662b129930a}.xpi [2021-03-24]
FF Extension: (YouTube Playlist Download) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{753bfcdc-8bcc-4626-89f0-6d22dc209561}.xpi [2021-04-14]
FF Extension: (Google Docs Viewer) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{a734ba68-4aac-41e0-9141-9f8d00373d93}.xpi [2021-01-23]
FF Extension: (Matte Black (Red)) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{a7589411-c5f6-41cf-8bdc-f66527d9d930}.xpi [2021-10-06]
FF Extension: (The universe of ancient times.) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{b6d370bd-f532-4049-9a82-f53b47f369b3}.xpi [2020-12-21]
FF Extension: (Zoom Scheduler) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{bf855ead-d7c3-4c7b-9f88-9a7e75c0efdf}.xpi [2021-11-28]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3cjbr8d3.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-11-24]
FF ProfilePath: C:\Users\wowts\AppData\Roaming\kompozer.net\KompoZer\Profiles\l6xmpoac.default [2021-08-26]
FF Extension: (Citavi Picker) - C:\Program Files\Mozilla Firefox\distribution\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2021-07-09]
FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-02-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-02-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-02-25] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-02-25] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\antibeacon.js [2021-12-01] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
Chrome:
=======
CHR Profile: C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default [2021-11-30]
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Session Restore: Default -> ist aktiviert.
CHR Extension: (Präsentationen) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-23]
CHR Extension: (Docs) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-23]
CHR Extension: (Google Drive) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-23]
CHR Extension: (YouTube) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-23]
CHR Extension: (Slinky Vornehm) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2021-01-23]
CHR Extension: (Avira Password Manager) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-10-14]
CHR Extension: (Adblock für Youtube™) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2021-10-04]
CHR Extension: (Dark Reader) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2021-10-14]
CHR Extension: (Tabellen) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-23]
CHR Extension: (Google Docs Offline) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-14]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-10-14]
CHR Extension: (StudentBook) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiimjijildjkajollpjecaocbbjfobed [2021-01-23]
CHR Extension: (TiltShiftMaker) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjjofhgnhekhkccpcnnloagmdpafifeo [2021-01-23]
CHR Extension: (SnapPages) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\iedpncdncgcneohjpggphlkhjofphgkf [2021-01-23]
CHR Extension: (Zoom Scheduler) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2021-10-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (Citavi Picker) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2021-08-15]
CHR Extension: (Weather Underground) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2021-01-23]
CHR Extension: (Google Mail) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-23]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn]
Opera:
=======
OPR Profile: C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable [2021-12-01]
OPR Notifications: Opera Stable -> hxxps://app.libertex.com; hxxps://web.whatsapp.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-11-29]
OPR Extension: (I don't care about cookies) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\iambaeepkgdclnmbfdnnohkjjpdglbeo [2021-11-30]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-15]
OPR Extension: (uBlock Origin) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2021-10-15]
OPR Extension: (Zoom Scheduler) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2021-11-29]
OPR Extension: (Install Chrome Extensions) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2021-01-24]
OPR Extension: (Ninja Cookie) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\naomjjbmcadiepggkdoknhklmklcobna [2021-11-17]
OPR Extension: (Avira Password Manager) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngohaaocccbohaffogpbgfpmpgbcgccg [2021-02-12]
OPR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2021-10-04]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1206648 2021-07-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [538000 2021-07-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485048 2021-07-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485048 2021-07-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574672 2021-07-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [272448 2021-11-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [275088 2021-11-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [159080 2021-04-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [289792 2014-10-23] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S3 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-02-25] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\95.1.13052.72\elevation_service.exe [1713640 2021-11-13] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-02-25] (Piriform Software Ltd -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
S3 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [12002208 2019-12-16] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2020-12-22] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-06-30] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-06-30] (GOG Sp. z o.o. -> GOG.com)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_b9fd1528982e300f\LenovoUtilityService.exe [539128 2021-08-26] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe [31248 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\WINDOWS\System32\LNBITSSvc.exe [1820080 2021-02-06] (Lenovo -> Lenovo(beijing) Limited)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-11-29] (Malwarebytes Inc -> Malwarebytes)
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [45368 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2557144 2021-09-10] (Electronic Arts, Inc. -> Electronic Arts)
S3 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3475672 2021-09-10] (Electronic Arts, Inc. -> Electronic Arts)
R3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14204760 2021-11-18] (ADLICE (ASCOET JULIEN) -> )
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2747312 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4583240 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [940976 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 UDCService; C:\WINDOWS\System32\drivers\Lenovo\udc\Service\UDClientService.exe [116592 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10163312 2021-10-14] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2599312 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 YMC; C:\WINDOWS\System32\YMC.exe [856920 2020-06-17] (Lenovo -> Lenovo Group Ltd.)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 64347b00; C:\WINDOWS\System32\Drivers\64347b00.sys [299544 2021-11-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0366689.inf_amd64_4f0d6991b007c8f1\B366217\amdkmdag.sys [82677912 2021-04-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2021-02-27] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22848 2021-07-11] (Microsoft Windows Early Launch Anti-Malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2021-10-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-02-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [184424 2020-07-14] (BayHub Technology Inc. -> BayHubTech/O2Micro)
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60312 2020-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [192824 2021-10-14] (Microsoft Windows -> Microsoft Corporation)
S1 gvm; C:\WINDOWS\system32\DRIVERS\gvm.sys [393712 2021-05-03] (Google LLC -> Google LLC)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2021-11-29] (Microsoft Windows -> Microsoft Corporation)
S3 klupd_64347b00a_arkmon_6D66C841; C:\KVRT2020_Data\Temp\6D66C841DE4E80E48D94B67F324D5423\klupd_64347b00a_arkmon.sys [276064 2021-11-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2021-02-27] (IBM Polska Sp. z o.o. -> IBM)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-11-29] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-30] (Malwarebytes Inc -> Malwarebytes)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [74744 2021-04-21] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2020-08-21] (Daniel Terhell -> Resplendence Software Projects Sp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S0 Spybot3ELAM; C:\WINDOWS\System32\drivers\Spybot3ELAM.sys [19904 2019-06-21] (Microsoft Windows Early Launch Anti-Malware Publisher -> Windows (R) Win 7 DDK provider)
R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SymTAP; C:\WINDOWS\System32\drivers\SymTAP.sys [52104 2020-05-28] (Symantec Corporation -> The OpenVPN Project)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2021-12-01] (Adlice -> )
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8217168 2021-10-14] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [90112 2021-10-14] (Microsoft Windows -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [49560 2021-06-05] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [421112 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [73960 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
U1 avgbdisk; kein ImagePath
S0 klupd_64347b00a_arkmon; System32\Drivers\klupd_64347b00a_arkmon.sys [X]
S3 klupd_64347b00a_klark; System32\Drivers\klupd_64347b00a_klark.sys [X]
S0 klupd_64347b00a_klbg; System32\Drivers\klupd_64347b00a_klbg.sys [X]
S3 klupd_64347b00a_mark; System32\Drivers\klupd_64347b00a_mark.sys [X]
U4 npcap_wifi; kein ImagePath
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-12-01 10:42 - 2021-12-01 10:43 - 027509160 _____ (Adlice Software ) C:\Users\wowts\Downloads\UCheck_setup.exe
2021-12-01 10:28 - 2021-12-01 10:40 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2021-12-01 10:28 - 2021-12-01 10:36 - 000000000 ____D C:\ProgramData\RogueKiller
2021-12-01 10:28 - 2021-12-01 10:28 - 000000910 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2021-12-01 10:28 - 2021-12-01 10:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2021-12-01 10:28 - 2021-12-01 10:28 - 000000000 ____D C:\Program Files\RogueKiller
2021-11-30 18:15 - 2021-11-30 17:10 - 000455026 _____ C:\WINDOWS\system32\Drivers\etc\hosts.original-30.11.2021
2021-11-30 18:14 - 2021-11-30 17:10 - 000455026 _____ C:\Users\wowts\Desktop\hosts.original-30.11.2021
2021-11-30 17:59 - 2021-11-30 17:59 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\wowts\Downloads\rkill.exe
2021-11-30 17:58 - 2021-11-30 17:59 - 041660008 _____ (Adlice Software ) C:\Users\wowts\Downloads\RogueKiller_setup.exe
2021-11-30 17:58 - 2021-11-30 17:58 - 008540344 _____ (Malwarebytes) C:\Users\wowts\Downloads\AdwCleaner.exe
2021-11-30 17:57 - 2021-12-01 10:43 - 000000000 ____D C:\FRST
2021-11-30 17:56 - 2021-11-30 17:56 - 002311680 _____ (Farbar) C:\Users\wowts\Downloads\FRST64.exe
2021-11-30 17:17 - 2021-11-30 17:55 - 000000000 ___HD C:\$SysReset
2021-11-29 15:10 - 2021-11-29 15:10 - 000352568 _____ C:\WINDOWS\system32\vp9fs.dll
2021-11-29 15:10 - 2021-11-29 15:10 - 000040960 _____ C:\WINDOWS\system32\prxyqry.dll
2021-11-29 15:10 - 2021-11-29 15:10 - 000015040 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-29 15:10 - 2021-11-29 15:10 - 000013824 _____ C:\WINDOWS\SysWOW64\prxyqry.dll
2021-11-29 15:09 - 2021-11-29 15:09 - 000000000 ___HD C:\$WinREAgent
2021-11-29 15:04 - 2021-11-29 15:04 - 000215552 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2021-11-29 13:30 - 2021-11-29 13:30 - 000000000 ____D C:\ProgramData\Emsisoft
2021-11-29 13:29 - 2021-11-29 14:30 - 000000000 ____D C:\EEK
2021-11-29 13:26 - 2021-11-29 13:26 - 000299544 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\64347b00.sys
2021-11-29 13:26 - 2021-11-29 13:26 - 000000000 ____D C:\KVRT2020_Data
2021-11-29 13:23 - 2021-11-29 13:26 - 110789120 _____ (AO Kaspersky Lab) C:\Users\wowts\Downloads\KVRT.exe
2021-11-29 13:13 - 2021-11-29 13:13 - 000040960 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2021-11-29 13:12 - 2021-11-29 13:13 - 000000000 ____D C:\ProgramData\HitmanPro
2021-11-29 13:11 - 2021-11-29 13:11 - 011332032 _____ (SurfRight B.V.) C:\Users\wowts\Downloads\HitmanPro_x64.exe
2021-11-29 13:10 - 2021-11-29 13:28 - 327981224 _____ C:\Users\wowts\Downloads\EmsisoftEmergencyKit.exe
2021-11-29 12:45 - 2021-11-29 14:43 - 000000000 ____D C:\ProgramData\AVG
2021-11-29 12:44 - 2021-11-29 12:44 - 000224072 _____ (AVG Technologies CZ, s.r.o.) C:\Users\wowts\Downloads\avg_antivirus_free_setup.exe
2021-11-29 12:20 - 2021-11-29 12:20 - 000425230 _____ C:\Users\wowts\Downloads\OneDrive_1_29.11.2021.zip
2021-11-29 10:36 - 2021-12-01 10:27 - 000000681 _____ C:\Users\wowts\Desktop\ESET Online Scanner.lnk
2021-11-29 10:35 - 2021-11-29 10:35 - 014562400 _____ (ESET spol. s r.o.) C:\Users\wowts\Downloads\ESETOnlineScanner_DEU.exe
2021-11-29 10:35 - 2021-11-29 10:35 - 000000780 _____ C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-11-29 10:35 - 2021-11-29 10:35 - 000000000 ____D C:\Users\wowts\AppData\Local\ESET
2021-11-29 09:46 - 2021-11-29 09:46 - 001790024 _____ (Malwarebytes) C:\Users\wowts\Downloads\JRT (1).exe
2021-11-29 09:42 - 2021-11-29 09:42 - 001798976 ____N (Malwarebytes) C:\Users\wowts\Downloads\JRT.exe
2021-11-29 09:34 - 2021-11-29 09:35 - 007025360 ____N (Malwarebytes) C:\Users\wowts\Downloads\adwcleaner_7.3.exe
2021-11-29 09:20 - 2021-11-30 17:03 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-11-29 09:20 - 2021-11-29 09:20 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-11-29 09:20 - 2021-11-29 09:20 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-11-29 09:20 - 2021-11-29 09:20 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-11-29 09:20 - 2021-11-29 09:20 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-11-29 09:20 - 2021-11-29 09:20 - 000000000 ____D C:\Users\wowts\AppData\Local\mbam
2021-11-29 09:17 - 2021-11-29 09:17 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-11-29 09:17 - 2021-11-29 09:17 - 000000000 ____D C:\Program Files\Malwarebytes
2021-11-29 09:13 - 2021-11-29 09:13 - 002101944 _____ (Malwarebytes) C:\Users\wowts\Downloads\MBSetup.exe
2021-11-28 23:51 - 2021-11-28 21:21 - 000454567 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20211128-235106.backup
2021-11-27 22:24 - 2021-11-27 22:24 - 000000000 ____D C:\Users\wowts\AppData\Local\Bigpoint GmbH
2021-11-27 22:22 - 2021-11-27 22:22 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DarkOrbit
2021-11-27 22:19 - 2021-11-27 22:24 - 000000000 ____D C:\Users\wowts\Dark Orbit
2021-11-27 22:18 - 2021-11-27 22:19 - 021649640 _____ C:\Users\wowts\Downloads\DarkOrbitInstaller.392.172257406.exe
2021-11-26 16:40 - 2021-11-26 16:42 - 009451378 _____ C:\Users\wowts\Downloads\Feedback-Stieben-Milyayev-V3.pdf
2021-11-26 14:18 - 2021-11-26 14:18 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Delphi
2021-11-26 14:18 - 2021-11-26 14:18 - 000000000 ____D C:\ProgramData\Delphi
2021-11-26 14:11 - 2021-11-26 14:12 - 000000000 ____D C:\Users\wowts\Desktop\Diagnose
2021-11-26 13:49 - 2021-11-26 13:50 - 1585034671 _____ C:\Users\wowts\Downloads\Delphi Cars 2015.R3.zip
2021-11-26 11:37 - 2021-11-26 14:18 - 000000249 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2021-11-26 11:37 - 2021-11-26 11:37 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Autocom
2021-11-26 11:37 - 2021-11-26 11:37 - 000000000 ____D C:\ProgramData\Common Diagnostics
2021-11-26 11:37 - 2021-11-26 11:37 - 000000000 ____D C:\ProgramData\Autocom
2021-11-26 11:25 - 2021-11-26 11:25 - 000000000 ____D C:\Users\wowts\Documents\CarPort
2021-11-26 11:25 - 2021-11-26 11:25 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Obsidium
2021-11-26 11:25 - 2021-11-26 11:25 - 000000000 ____D C:\Users\wowts\AppData\Roaming\MPP-Engineering
2021-11-26 11:25 - 2021-11-26 11:25 - 000000000 ____D C:\Users\wowts\AppData\Local\MPP-Engineering
2021-11-25 13:52 - 2021-11-25 13:52 - 000000000 _____ C:\Users\wowts\Downloads\Eraser_6.2.0.2993.exe.part
2021-11-25 13:22 - 2021-11-25 13:22 - 1554618368 _____ C:\Users\wowts\Downloads\AUTOCOM 2017.1 CAR.iso
2021-11-24 17:21 - 2021-11-24 17:21 - 071373831 _____ C:\Users\wowts\Downloads\21.3.0 DE unupdatable.zip
2021-11-23 19:05 - 2021-11-23 19:06 - 008814674 _____ C:\Users\wowts\Downloads\Praktikum Gedaempfte Schwingung (1) (2).pdf
2021-11-23 10:07 - 2021-11-23 12:04 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-11-22 18:21 - 2021-11-22 18:24 - 008814674 _____ C:\Users\wowts\Downloads\Praktikum Gedaempfte Schwingung (1) (1).pdf
2021-11-22 12:53 - 2021-11-22 12:53 - 000159961 _____ C:\Users\wowts\Downloads\202111091348408430_2213437_200919.pdf
2021-11-22 12:52 - 2021-11-22 12:53 - 000410438 _____ C:\Users\wowts\Downloads\202111091921079470_2239425_200919.eml
2021-11-22 09:24 - 2021-11-22 09:24 - 008814674 _____ C:\Users\wowts\Downloads\Praktikum Gedaempfte Schwingung (1).pdf
2021-11-19 16:13 - 2021-11-19 16:13 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-11-19 14:19 - 2021-11-19 14:21 - 023061073 _____ C:\Users\wowts\Downloads\01 Vorlesungsunterlagen.zip
2021-11-18 13:00 - 2019-06-05 04:43 - 000135667 _____ C:\WINDOWS\system32\Drivers\rtldata.txt
2021-11-18 10:49 - 2021-11-07 22:36 - 000109296 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-11-18 03:31 - 2021-11-18 03:31 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7c0f368e88e72
2021-11-16 20:43 - 2021-11-16 20:44 - 048334535 _____ C:\Users\wowts\Downloads\405.pdf
2021-11-15 10:15 - 2021-11-15 10:15 - 000000018 _____ C:\Users\wowts\delte
2021-11-15 10:14 - 2021-11-15 10:14 - 000000011 _____ C:\Users\wowts\delete
2021-11-12 12:38 - 2021-11-12 12:38 - 000401898 _____ C:\Users\wowts\Desktop\SHA-Antragsformular_Version_SARS-CoV-2.pdf
2021-11-12 03:13 - 2021-04-23 08:23 - 001865880 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-11-12 03:13 - 2021-04-23 08:23 - 001865880 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-11-12 03:13 - 2021-04-23 08:23 - 001446544 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-11-12 03:13 - 2021-04-23 08:23 - 001446544 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-11-12 03:13 - 2021-04-23 08:23 - 001101752 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 001101752 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000954920 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000954920 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000744600 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000628888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000098456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000083096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000054408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000051336 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000504472 _____ C:\WINDOWS\system32\GameManager64.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000500888 _____ C:\WINDOWS\system32\dgtrayicon.exe
2021-11-12 03:13 - 2021-04-23 08:22 - 000440448 _____ C:\WINDOWS\system32\EEURestart.exe
2021-11-12 03:13 - 2021-04-23 08:22 - 000387712 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000354432 _____ C:\WINDOWS\system32\clinfo.exe
2021-11-12 03:13 - 2021-04-23 08:22 - 000253064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000220808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000174752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000174216 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000148608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000027888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000027864 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 081591432 _____ C:\WINDOWS\system32\amd_comgr.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 067170952 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 005528184 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 001510008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiacm64.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 001339504 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000829064 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2021-11-12 03:13 - 2021-04-23 08:21 - 000476296 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000464008 _____ C:\WINDOWS\system32\atieah64.exe
2021-11-12 03:13 - 2021-04-23 08:21 - 000359560 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2021-11-12 03:13 - 2021-04-23 08:21 - 000190088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000166360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000143480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000138880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000133256 _____ C:\WINDOWS\system32\atidxx64.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000123528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000115336 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000077936 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2021-11-12 03:13 - 2021-04-23 08:20 - 072489608 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2021-11-12 03:13 - 2021-04-23 08:20 - 000948888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2021-11-12 03:13 - 2021-04-23 08:20 - 000776344 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2021-11-12 03:13 - 2021-04-23 08:20 - 000497288 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2021-11-12 03:13 - 2021-04-23 08:20 - 000474272 _____ C:\WINDOWS\system32\amdlogum.exe
2021-11-12 03:13 - 2021-04-23 08:20 - 000387720 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 001708432 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 001384944 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000559704 _____ C:\WINDOWS\system32\amdmiracast.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000145304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000139576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000139576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000129464 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000117304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000117288 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2021-11-12 03:13 - 2021-04-23 07:49 - 059070488 _____ C:\WINDOWS\system32\amdxc64.so
2021-11-12 03:13 - 2021-04-23 07:49 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2021-11-12 03:13 - 2021-04-23 07:49 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2021-11-12 03:13 - 2021-04-23 07:49 - 000557888 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2021-11-12 03:13 - 2021-04-23 07:49 - 000557888 _____ C:\WINDOWS\system32\atiapfxx.blb
2021-11-12 03:13 - 2021-04-23 07:49 - 000128048 _____ C:\WINDOWS\system32\kapp_ci.sbin
2021-11-12 03:13 - 2021-04-23 07:49 - 000076237 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2021-11-12 03:13 - 2021-04-23 07:49 - 000012344 _____ C:\WINDOWS\system32\brandingWS_RSX.bmp
2021-11-12 03:13 - 2021-04-23 07:49 - 000012344 _____ C:\WINDOWS\system32\brandingRSX.bmp
2021-11-12 03:13 - 2021-04-23 07:49 - 000011014 _____ C:\WINDOWS\system32\atiacmLocalisation.ini
2021-11-12 03:13 - 2021-04-23 07:49 - 000000822 _____ C:\WINDOWS\system32\branding.bmp
2021-11-12 00:15 - 2021-11-12 00:15 - 000106344 _____ C:\Users\wowts\Documents\Praktikum1.mw
2021-11-12 00:00 - 2021-11-12 00:00 - 000699151 _____ C:\Users\wowts\Documents\Praktikum 2.mw
2021-11-11 21:26 - 2021-11-11 21:26 - 000048681 _____ C:\Users\wowts\Documents\Mathe 2 Praktikum Aufgabe 7 DGl 2.O. Randwert.mw
2021-11-11 19:16 - 2021-11-11 19:16 - 000000000 ____D C:\Users\wowts\Maple
2021-11-11 18:58 - 2021-11-11 18:58 - 000001105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maple 2021.lnk
2021-11-11 18:58 - 2021-11-11 18:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maple 2021
2021-11-11 18:51 - 2021-11-11 19:08 - 000000000 ____D C:\Program Files\Maple 2021
2021-11-11 18:29 - 2021-11-12 17:01 - 000035841 _____ C:\Users\wowts\Documents\Aufgabe 7.2.mw
2021-11-11 18:29 - 2021-11-12 17:01 - 000035507 _____ C:\Users\wowts\Documents\aufgabe 7.mw
2021-11-11 15:26 - 2021-11-11 15:26 - 011349663 _____ C:\Users\wowts\Downloads\Endfeedback-Stieben-Milyayev-V2.pdf
2021-11-11 13:47 - 2021-10-08 11:00 - 000160376 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys
2021-11-11 10:25 - 2021-11-11 10:25 - 000190883 _____ C:\Users\wowts\Downloads\KL_Kran-Projektaufgabe_WS 21-22.pdf
2021-11-11 10:25 - 2021-11-11 10:25 - 000169344 _____ C:\Users\wowts\Downloads\KL_Kran-Projektaufgabe_Deckblatt_WS 21-22.pdf
2021-11-10 18:58 - 2021-11-11 20:34 - 000036049 _____ C:\Users\wowts\Documents\,,,.mw
2021-11-10 12:57 - 2021-11-10 12:57 - 000000000 ____D C:\Users\wowts\AppData\Roaming\VS Revo Group
2021-11-10 09:53 - 2021-12-01 09:40 - 000000000 ____D C:\Users\wowts\Desktop\Alles
2021-11-10 02:58 - 2021-11-10 02:58 - 000286720 _____ C:\WINDOWS\system32\AggregatorHost.exe
2021-11-10 02:58 - 2021-11-10 02:58 - 000077824 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-09 20:00 - 2021-11-09 20:00 - 000157859 _____ C:\Users\wowts\Downloads\202110062004282930_2150114_200919.pdf
2021-11-09 14:40 - 2021-11-09 14:41 - 015920937 _____ C:\Users\wowts\Downloads\Praktikum Absorbtion.V2.pdf
2021-11-09 00:52 - 2021-11-09 00:52 - 000118814 _____ C:\Users\wowts\Documents\asxaxasxa.mw
2021-11-06 00:45 - 2021-11-06 00:45 - 000032768 _____ C:\WINDOWS\system32\hnsproxy.dll
2021-11-06 00:44 - 2021-11-06 00:44 - 000121344 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-06 00:44 - 2021-11-06 00:44 - 000024576 _____ C:\WINDOWS\system32\nrtapi.dll
2021-11-06 00:44 - 2021-11-06 00:44 - 000006656 _____ C:\WINDOWS\SysWOW64\nrtapi.dll
2021-11-06 00:43 - 2021-11-06 00:43 - 000258048 _____ C:\WINDOWS\system32\CoreMas.dll
2021-11-06 00:43 - 2021-11-06 00:43 - 000208896 _____ C:\WINDOWS\system32\IHDS.dll
2021-11-06 00:43 - 2021-11-06 00:43 - 000167936 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-04 23:25 - 2021-11-04 23:25 - 000001935 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nextcloud.lnk
2021-11-04 22:40 - 2021-11-29 10:26 - 000000000 ____D C:\Users\wowts\AppData\Roaming\FileZilla
2021-11-04 22:40 - 2021-11-28 11:25 - 000000000 ____D C:\Users\wowts\AppData\Local\FileZilla
2021-11-04 22:37 - 2021-11-04 22:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2021-11-04 22:37 - 2021-11-04 22:37 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2021-11-04 09:40 - 2021-11-04 09:40 - 000040763 _____ C:\Users\wowts\Downloads\eBay-Widerrufsbelehrung (1).pdf
2021-11-04 09:40 - 2021-11-04 09:40 - 000005456 _____ C:\Users\wowts\Downloads\eBay-Widerrufsbelehrung (1).html
2021-11-04 09:40 - 2021-11-04 09:40 - 000005298 _____ C:\Users\wowts\Downloads\eBay-Widerrufsbelehrung (1).txt
2021-11-04 09:39 - 2021-11-04 09:39 - 000056309 _____ C:\Users\wowts\Downloads\EBAY-AGB_BASIC-INKL.DATENSCHUTZ (1).pdf
2021-11-04 09:39 - 2021-11-04 09:39 - 000023370 _____ C:\Users\wowts\Downloads\EBAY-AGB_BASIC-INKL.DATENSCHUTZ (4).html
2021-11-04 09:27 - 2021-11-04 09:27 - 000310915 _____ C:\Users\wowts\Downloads\Retourenformular (1).pdf
2021-11-04 09:27 - 2021-11-04 09:27 - 000299132 _____ C:\Users\wowts\Downloads\Muster_Versand-_und_Zahlungsinformationen (1).pdf
2021-11-04 09:27 - 2021-11-04 09:27 - 000225153 _____ C:\Users\wowts\Downloads\Zugangsbestaetigung.pdf
2021-11-04 09:27 - 2021-11-04 09:27 - 000197292 _____ C:\Users\wowts\Downloads\Auftragsbestaetigung.pdf
2021-11-04 09:26 - 2021-11-04 09:27 - 000177885 _____ C:\Users\wowts\Downloads\Muster-Rechnungen (1).pdf
2021-11-04 09:26 - 2021-11-04 09:26 - 000180429 _____ C:\Users\wowts\Downloads\Vertrag_ueber_die_Ueberlassung_und_Verwendung_von_Model-Bildern_mit_Datenschutzhinweisen.pdf
2021-11-04 09:25 - 2021-11-04 09:25 - 000226971 _____ C:\Users\wowts\Downloads\Muster_fuer_eine_Geheimhaltungsvereinbarung.pdf
2021-11-04 09:25 - 2021-11-04 09:25 - 000150333 _____ C:\Users\wowts\Downloads\E-Mail_Signatur_fuer_Kaufleute (1).pdf
2021-11-04 09:24 - 2021-11-04 09:24 - 000155203 _____ C:\Users\wowts\Downloads\E-Mail_Signatur_fuer_GmbH_und_UG.pdf
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-12-01 10:44 - 2020-12-02 02:01 - 000000512 _____ C:\Users\Public\amdsfhdcd.bin
2021-12-01 10:40 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-01 10:24 - 2020-12-24 12:52 - 000000000 ____D C:\Program Files\CCleaner
2021-12-01 10:04 - 2021-10-14 13:01 - 001768198 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-01 10:04 - 2021-06-05 18:53 - 000766156 _____ C:\WINDOWS\system32\perfh007.dat
2021-12-01 10:04 - 2021-06-05 18:53 - 000158958 _____ C:\WINDOWS\system32\perfc007.dat
2021-12-01 10:04 - 2021-06-05 13:09 - 000000000 ____D C:\WINDOWS\INF
2021-12-01 10:04 - 2021-01-18 13:34 - 000000000 ____D C:\Users\wowts\Documents\Outlook-Dateien
2021-12-01 10:01 - 2021-04-19 08:41 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Nextcloud
2021-12-01 10:01 - 2020-12-02 02:07 - 000000000 ____D C:\Program Files (x86)\Lenovo
2021-12-01 10:00 - 2021-10-14 13:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-12-01 10:00 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-12-01 10:00 - 2020-12-21 13:40 - 000000000 ____D C:\Users\wowts\AppData\Local\Lenovo
2021-12-01 10:00 - 2020-12-02 02:00 - 000000000 ____D C:\ProgramData\Lenovo
2021-12-01 09:58 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-01 09:58 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-01 09:58 - 2020-12-21 13:40 - 000000000 ____D C:\Users\wowts\AppData\Local\Packages
2021-12-01 09:58 - 2020-12-21 13:30 - 000000000 ____D C:\ProgramData\Packages
2021-12-01 09:57 - 2021-10-14 13:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-01 09:57 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ServiceState
2021-12-01 09:57 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-01 09:57 - 2021-06-05 13:01 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-12-01 09:57 - 2021-04-14 13:05 - 000001524 _____ C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Delphi Toasts App.lnk
2021-12-01 09:57 - 2021-04-14 13:05 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-12-01 09:57 - 2020-05-06 19:33 - 000012288 ___SH C:\DumpStack.log.tmp
2021-12-01 09:40 - 2020-12-21 20:53 - 000000000 ___RD C:\Users\wowts\Desktop\Spiele
2021-12-01 09:30 - 2021-03-01 12:30 - 000000000 ____D C:\Users\wowts\AppData\Local\CrashDumps
2021-12-01 09:28 - 2020-12-23 15:51 - 000007630 _____ C:\Users\wowts\AppData\Local\Resmon.ResmonCfg
2021-11-30 22:17 - 2020-12-21 14:45 - 000000000 ____D C:\Users\wowts\AppData\LocalLow\Mozilla
2021-11-30 22:00 - 2020-12-21 14:45 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-30 21:05 - 2021-04-19 10:31 - 000000000 ___SD C:\Homecloud
2021-11-30 21:04 - 2021-10-14 13:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-30 18:40 - 2020-12-02 02:07 - 000000000 ____D C:\WINDOWS\TempInst
2021-11-30 18:37 - 2021-10-14 12:13 - 000000000 ____D C:\Users\wowts
2021-11-30 17:14 - 2020-12-02 02:01 - 000000000 ____D C:\Program Files\Lenovo
2021-11-30 17:12 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-11-30 17:11 - 2020-12-24 15:39 - 000000000 ___RD C:\Users\wowts\Desktop\Programe
2021-11-30 17:10 - 2021-10-14 13:00 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2021-11-30 17:10 - 2021-10-14 12:12 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-11-30 17:10 - 2019-12-07 10:14 - 000455026 _____ C:\WINDOWS\system32\Drivers\etc\.hosts
2021-11-29 21:38 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-11-29 21:38 - 2021-02-01 20:18 - 000000000 ____D C:\Users\wowts\AppData\Local\ElevatedDiagnostics
2021-11-29 19:44 - 2020-12-02 01:59 - 000000000 ____D C:\ProgramData\Package Cache
2021-11-29 15:48 - 2021-10-14 13:00 - 000545736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-29 15:48 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\system32\lxss
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\id-ID
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-29 15:47 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\servicing
2021-11-29 15:04 - 2021-10-14 13:01 - 003086336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-11-29 14:43 - 2021-01-24 17:12 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-11-29 14:33 - 2020-12-21 13:40 - 000000000 ____D C:\Users\wowts\AppData\Local\D3DSCache
2021-11-29 12:46 - 2021-06-05 13:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-11-29 11:05 - 2021-02-14 23:12 - 000000000 ____D C:\Users\wowts\Documents\Citavi 6
2021-11-29 11:02 - 2021-02-25 17:44 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2021-11-29 10:24 - 2021-10-14 13:12 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-11-29 10:23 - 2021-06-05 13:01 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-11-29 10:18 - 2020-12-24 13:10 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-11-29 09:38 - 2021-08-26 20:19 - 000000000 ____D C:\Users\wowts\AppData\LocalLow\IObit
2021-11-29 09:38 - 2021-05-06 12:30 - 000000000 ____D C:\Program Files (x86)\IObit
2021-11-29 09:38 - 2021-05-06 12:14 - 000000000 ____D C:\ProgramData\IObit
2021-11-29 09:38 - 2021-05-06 12:13 - 000000000 ____D C:\Users\wowts\AppData\Roaming\IObit
2021-11-28 18:10 - 2021-02-12 17:50 - 000000128 _____ C:\Users\wowts\AppData\Local\PUTTY.RND
2021-11-28 12:16 - 2020-12-24 13:12 - 000000000 ____D C:\Program Files (x86)\Avira
2021-11-28 11:58 - 2020-12-24 13:12 - 000000000 ____D C:\ProgramData\Avira
2021-11-26 14:40 - 2021-10-14 13:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-11-26 11:30 - 2021-08-26 20:18 - 000000000 ____D C:\ProgramData\WinZip
2021-11-26 11:27 - 2021-02-14 23:09 - 000000000 ____D C:\Users\wowts\AppData\Local\Docker
2021-11-26 10:53 - 2020-12-21 14:29 - 000000000 ____D C:\Program Files\Maple 2020
2021-11-25 22:42 - 2020-12-21 15:39 - 000000000 ____D C:\Users\wowts\Downloads\Uni
2021-11-25 16:21 - 2021-02-25 17:45 - 000002390 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2021-11-25 12:49 - 2021-10-14 13:12 - 000004196 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1608812151
2021-11-25 12:49 - 2020-12-24 13:15 - 000001400 _____ C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2021-11-25 09:36 - 2020-12-02 01:59 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-25 00:43 - 2020-12-21 15:39 - 000000000 ____D C:\Users\wowts\Downloads\Programe
2021-11-23 12:04 - 2020-12-21 14:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-23 11:55 - 2020-12-21 14:45 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-22 18:49 - 2021-10-20 08:15 - 000005202 _____ C:\WINDOWS\storelibdebug.txt
2021-11-22 14:59 - 2021-10-14 13:12 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-778103176-1376588227-3002950867-1001
2021-11-22 14:59 - 2020-12-21 13:34 - 000002406 _____ C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-19 16:13 - 2020-12-21 16:38 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Zoom
2021-11-19 09:59 - 2021-01-23 02:34 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-11-18 22:07 - 2021-10-14 13:12 - 000003636 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2021-11-18 22:07 - 2021-05-06 21:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-11-18 03:31 - 2021-10-14 13:12 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-16 20:59 - 2021-10-16 11:28 - 000002380 _____ C:\Users\wowts\Desktop\WK2.lnk
2021-11-14 14:27 - 2020-12-02 02:01 - 000000000 ____D C:\Program Files\Microsoft Office
2021-11-12 17:01 - 2021-01-02 10:46 - 000000000 ____D C:\Users\wowts\.maplesoft
2021-11-11 19:08 - 2021-01-02 19:08 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Maple
2021-11-10 12:55 - 2021-04-14 14:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-11-10 12:52 - 2021-08-26 20:20 - 000000000 ____D C:\Program Files (x86)\KompoZer
2021-11-10 09:53 - 2021-10-16 11:28 - 000002037 _____ C:\Users\wowts\Desktop\Physik 2.lnk
2021-11-10 09:52 - 2021-10-09 10:34 - 000001860 _____ C:\Users\wowts\Desktop\Semester 4 WS21.lnk
2021-11-10 09:52 - 2020-12-21 14:33 - 000001542 _____ C:\Users\wowts\Desktop\OneDrive.lnk
2021-11-10 05:00 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-11-10 05:00 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-10 03:07 - 2020-12-24 12:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-10 03:01 - 2020-12-24 12:31 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-07 22:36 - 2021-08-17 23:01 - 000429952 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2021-11-07 22:36 - 2021-08-17 23:01 - 000063728 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-11-07 22:36 - 2020-12-02 02:00 - 000109296 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2021-11-07 02:40 - 2021-08-21 13:11 - 000001040 _____ C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2021-11-06 22:00 - 2021-10-31 15:13 - 000000000 ____D C:\WINDOWS\SysWOW64\ncp
2021-11-06 04:46 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2021-11-06 04:46 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-11-06 04:46 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-11-06 00:55 - 2021-04-28 07:32 - 000000000 ____D C:\Users\wowts\AppData\Roaming\vlc
2021-11-04 23:57 - 2021-02-21 23:50 - 000002286 ____H C:\Users\wowts\Documents\Default.rdp
2021-11-04 23:25 - 2021-10-13 16:47 - 000000000 ____D C:\Program Files\Nextcloud
2021-11-04 22:54 - 2021-01-24 15:53 - 000000439 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-11-04 22:30 - 2021-05-14 22:12 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2021-11-03 09:28 - 2020-12-21 16:38 - 000002375 _____ C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-12-26 15:12 - 2021-07-23 10:16 - 000000128 _____ () C:\Users\wowts\AppData\Roaming\winscp.rnd
2021-02-06 10:12 - 2021-02-10 12:20 - 000018267 _____ () C:\Users\wowts\AppData\Local\PlariumPlay.log
2021-02-12 17:50 - 2021-11-28 18:10 - 000000128 _____ () C:\Users\wowts\AppData\Local\PUTTY.RND
2021-05-15 09:26 - 2021-05-15 09:26 - 000015975 _____ () C:\Users\wowts\AppData\Local\recently-used.xbel
2020-12-23 15:51 - 2021-12-01 09:28 - 000007630 _____ () C:\Users\wowts\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Geändert von Wovan (01.12.2021 um 11:25 Uhr) |
|
01.12.2021, 11:12
| #2 |
| | Vram 85-99%+ ausgelastet. Mining Bot? Anleitung / Hilfe Addition
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 26-11-2021
durchgeführt von wowts (01-12-2021 10:44:46)
Gestartet von C:\Users\wowts\AppData\Local\Temp\scoped_dir17072_825760356
Microsoft Windows 11 Home Version 21H2 22000.348 (X64) (2021-10-14 12:12:39)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-778103176-1376588227-3002950867-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-778103176-1376588227-3002950867-503 - Limited - Disabled)
Gast (S-1-5-21-778103176-1376588227-3002950867-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-778103176-1376588227-3002950867-504 - Limited - Disabled)
wowts (S-1-5-21-778103176-1376588227-3002950867-1001 - Administrator - Enabled) => C:\Users\wowts
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Spybot - Search and Destroy (Enabled - Up to date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Avira Antivirus (Enabled - Up to date) {8A154ED8-4428-DB2D-0E3F-BD82C448FD94}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Amazon Amazon Music) (Version: 8.7.1.2286 - Amazon.com Services LLC)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.10.13.408 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{4fedae1b-6980-4848-9ba0-229c946a3dac}) (Version: 2.10.13.408 - Advanced Micro Devices, Inc.) Hidden
Apache NetBeans IDE 12.2 (HKLM\...\nbi-nb-all-12.2.0.0.201121) (Version: 12.2 - Apache NetBeans)
AusweisApp2 (HKLM-x32\...\{F3E22721-7F7E-472F-BBBA-6B5572E15A58}) (Version: 1.22.0 - Governikus GmbH & Co. KG)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1189.1 - AVAST Software) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2111.2126 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.58.25058 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;)
Avira Software Updater (HKLM-x32\...\{5FFF909D-D88F-42B9-9A85-328A1290611C}) (Version: 2.0.6.48309 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BrLauncher (HKLM-x32\...\{C661197A-6B93-4E37-9E3F-2A1DFCD64234}) (Version: 1.1.15.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{B556F816-FF4D-4BB6-9339-ED28639E2EF3}) (Version: 1.0.2.1 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{0648F446-BAE9-402F-9BEC-8B333959D8FB}) (Version: 1.2.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{A242EB06-0518-48A3-AF7A-5973BE9CAF7B}) (Version: 1.0.7.3 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{F8F9EB58-33BA-4FF8-80E7-66D87D2E0C3C}) (Version: 1.0.9.0 - Brother Industries Ltd.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.87 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
Citavi 6 (HKLM-x32\...\{6A331045-8FF4-4BC9-9C56-E593ACAE28C2}) (Version: 6.10.0.0 - Swiss Academic Software)
CodeMeter Runtime Kit v7.00 (HKLM\...\{9054FBAC-C4FD-4FC2-B3F2-E4E41E49A20B}) (Version: 7.00.3918.500 - WIBU-SYSTEMS AG)
ControlCenter4 (HKLM-x32\...\{9ADB625A-7F6D-4C48-9058-4767A55D5424}) (Version: 4.2.438.1 - Brother Insutries Ltd.) Hidden
Dark Orbit (HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\{80d70823-f874-42a3-82af-2b7a4425bede}) (Version: 1.0.0 - Bigpoint GmbH)
DeviceDetect (HKLM-x32\...\{F805D16D-AB79-4DC7-A60F-436621995275}) (Version: 1.2.1.0 - Brother Industries Ltd.) Hidden
Discord (HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Docker Desktop (HKLM\...\Docker Desktop) (Version: 3.1.0 - Docker Inc.)
Druckerdeinstallation für EPSON XP-342 343 345 Series (HKLM\...\EPSON XP-342 343 345 Series) (Version: - Seiko Epson Corporation)
Epic Games Launcher (HKLM-x32\...\{07D9F8F3-EC99-4133-919D-DA341C62937C}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version: - Ubisoft)
FileZilla Client 3.56.2 (HKLM-x32\...\FileZilla Client) (Version: 3.56.2 - Tim Kosse)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
GIMP 2.10.24 (HKLM\...\GIMP-2_is1) (Version: 2.10.24 - The GIMP Team)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 93.0.4577.82 - Google LLC)
GRAPHISOFT BIMx Desktop Viewer (HKLM\...\BIMx Viewer 23.0 GEN FULL R1 1) (Version: 2019.2.2328.0 - GRAPHISOFT SE)
GRAPHISOFT License Manager Tool (HKLM\...\License Manager Tool 20.0 GER FULL R1 1) (Version: 20.0.0.4800 - GRAPHISOFT SE)
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation)
Java 8 Update 281 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180281F0}) (Version: 8.0.2810.9 - Oracle Corporation)
Java(TM) SE Development Kit 15.0.2 (64-bit) (HKLM\...\{2041CF7D-1F63-5C58-9F35-C445251E39C9}) (Version: 15.0.2.0 - Oracle Corporation)
LatencyMon 7.00 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Migration Assistant (HKLM\...\Lenovo Migration Assistant_is1) (Version: 2.1.4.6 - Lenovo)
Lenovo Pen Settings Service (HKLM\...\ISD Tablet Driver) (Version: 7.6.1.57 - Wacom Technology Corp.)
Lenovo Service Bridge (HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.8 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0131 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.9.23.0 - Lenovo Group Ltd.)
Malwarebytes version 4.4.11.149 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.11.149 - Malwarebytes)
Maple 2021 (HKLM\...\Maple 2021) (Version: 2021 - Maplesoft)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.14527.20276 - Microsoft Corporation)
Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.14527.20276 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.34 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.34 - Microsoft Corporation)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft OneNote - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 16.0.14527.20276 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{BAF67399-85CD-4555-9B49-1F80EB921C35}) (Version: 12.3.6024.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Teams) (Version: 1.4.00.29469 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2FA9DAAC-895B-4E99-99D9-DC2965FBE79C}) (Version: 2.87.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 94.0.2 (x64 de)) (Version: 94.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.10.1 - Mozilla)
Mozilla Thunderbird 78.10.1 (x64 de) (HKLM\...\Mozilla Thunderbird 78.10.1 (x64 de)) (Version: 78.10.1 - Mozilla)
NetworkRepairTool (HKLM-x32\...\{4694AD3E-D4A2-4D98-9848-662A0475E872}) (Version: 1.2.11.0 - Brother Insutries Ltd.) Hidden
Nextcloud (HKLM\...\{3A99002F-BABA-4378-BB20-44C94A159696}) (Version: 3.3.6.20211028 - Nextcloud GmbH)
Npcap OEM (HKLM-x32\...\NpcapInst) (Version: 1.31 - Nmap Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
OpenOffice 4.1.8 (HKLM-x32\...\{3C1972F6-E411-4B54-AD4C-EF24894301D6}) (Version: 4.18.9803 - Apache Software Foundation)
Opera Stable 81.0.4196.60 (HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Opera 81.0.4196.60) (Version: 81.0.4196.60 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.104.48966 - Electronic Arts, Inc.)
PDFsam Basic (HKLM\...\{5F69C3E1-65F3-4B53-99A1-AABF8E9FFBA6}) (Version: 4.2.1.0 - Sober Lemur S.a.s. di Vacondio Andrea)
PS Remote Play (HKLM-x32\...\{77FAB2DD-F7FB-41E5-AE39-F9C878736A58}) (Version: 4.5.0.08250 - Sony Interactive Entertainment Inc.)
PuTTY release 0.74 (64-bit) (HKLM\...\{127B996B-5308-4012-865B-9446451EA326}) (Version: 0.74.0.0 - Simon Tatham)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.3.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.5 - VS Revo Group, Ltd.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
RogueKiller Version 15.1.4.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.1.4.0 - Adlice Software)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
SD Card Formatter (HKLM-x32\...\{A61131DC-B92D-4AD8-A925-E2D6D5FE217C}) (Version: 5.0.1 - SD Association)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.8.68.0 - Safer-Networking Ltd.)
Spybot Anti-Beacon (HKLM-x32\...\{419A7FCF-93E1-474D-BFE9-987CF3F90C88}_is1) (Version: 3.5 - Safer-Networking Ltd.)
StatusMonitor (HKLM-x32\...\{86D16055-3C14-44C6-BCD7-5514B83BAD34}) (Version: 1.12.4.0 - Brother Insutries Ltd.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 10.0.1216 - SUPERAntiSpyware.com)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.26064 - Microsoft Corporation)
Telegram Desktop Version 2.8.11 (HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.8.11 - Telegram FZ-LLC)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 85.0 - Ubisoft)
UsbRepairTool (HKLM-x32\...\{523276A4-5779-4105-9163-CA1CF94EC533}) (Version: 1.4.0.0 - Brother Insutries Ltd.) Hidden
VALORANT (HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WATCH_DOGS2 (HKLM-x32\...\Uplay Install 2688) (Version: - Ubisoft)
Windows Journal (HKLM\...\{DDB2B280-7947-42CF-92F6-A96003588F69}) (Version: 10.0.237.0 - Microsoft Corporation)
Windows Subsystem for Linux Update (HKLM\...\{8BC9BA1B-F6F3-471D-8773-5283F0C52B84}) (Version: 5.10.60.1 - Microsoft Corporation)
Windows Subsystem for Linux WSLg Preview (HKLM\...\{E04B0005-A349-4BCC-9662-CA0132007E14}) (Version: 1.0.26 - Microsoft Corporation)
Windows*11-Installationsassistent (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.1285 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{63EFBDB5-01B0-4614-BE9F-7F1908E42275}) (Version: 3.1.2109.29003 - Microsoft Corporation)
WinISD v0.7 (HKLM-x32\...\WinISD) (Version: v0.7 - Linearteam)
WinRAR 6.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH)
WinSCP 5.17.10 (HKLM-x32\...\winscp3_is1) (Version: 5.17.10 - Martin Prikryl)
Zoom (HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\ZoomUMX) (Version: 5.8.4 (1736) - Zoom Video Communications, Inc.)
Packages:
=========
Amazon Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.82.0_x64__pwbj9vvecjh7j [2021-11-06] (Amazon Development Centre (London) Ltd)
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m [2021-10-14] (Advanced Micro Devices Inc.) [Startup Task]
AnyConnect -> C:\Program Files\WindowsApps\CiscoSystems.AnyConnect_4.10.72.0_x64__edjcgkw48dhxt [2021-05-23] (Cisco Systems)
Bamboo Paper -> C:\Program Files\WindowsApps\D91E29CF.BambooPaper_1.7.15.0_x64__38kynpdw5g1aw [2021-09-24] (Wacom Europe GmbH)
Drawboard PDF -> C:\Program Files\WindowsApps\DRAWBOARD.DRAWBOARDPDF_6.7.3.0_x64__gqbn7fs4pywxm [2021-11-29] (Drawboard)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4 [2021-11-21] (LENOVO INC) [Startup Task]
Lenovo Pen Settings -> C:\Program Files\WindowsApps\WacomTechnologyCorp.157535B83C264_7.7.35.0_neutral__ss941bf8mfs8a [2021-08-11] (Wacom Technology Corp.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2110.17.0_x64__k1h2ywk1493x8 [2021-11-19] (LENOVO INC.)
LiquidText -> C:\Program Files\WindowsApps\LiquidText.LiquidText_2.1.26.0_x64__rx5mtpcf576t0 [2021-11-06] (LiquidText)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-05-23] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-10-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-10-14] (Microsoft Corporation) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.57.43142.0_x64__8wekyb3d8bbwe [2021-11-16] (Microsoft Corporation) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_51.10913.5790.0_x64__8wekyb3d8bbwe [2021-11-22] (Microsoft Corporation)
MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-26] (Microsoft Corporation)
Offlineerweiterung für plastischen Reader -> C:\Program Files\WindowsApps\Microsoft.ImmersiveReader_1.4.0.0_x64__8wekyb3d8bbwe [2021-09-24] (Microsoft Corporation)
Penbook -> C:\Program Files\WindowsApps\36376UserCamp.Penbook_2.1.30.0_x64__t7afzrbtd67z0 [2021-09-24] (User Camp)
PenNotes -> C:\Program Files\WindowsApps\59553DiegoTonetti.PenNotes_3.0.2.0_x64__zztq7ygp8fse6 [2021-12-01] (Diego Tonetti)
PowerPoint Mobile -> C:\Program Files\WindowsApps\Microsoft.Office.PowerPoint_16001.14326.20588.0_x64__8wekyb3d8bbwe [2021-11-10] (Microsoft Corporation)
Samsung Notes -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungNotes_4.2.47.0_x64__wyx1vj98g3asy [2021-11-16] (Samsung Electronics Co, Ltd.)
Smart Appearance -> C:\Program Files\WindowsApps\E0469640.SmartAppearance_1.1.10.0_neutral__5grkq8ppsgwt4 [2021-11-29] (LENOVO INC) [Startup Task]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0 [2021-11-29] (Spotify AB) [Startup Task]
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2021-09-24] (VideoLAN)
Wacom Notes -> C:\Program Files\WindowsApps\D91E29CF.WacomNotes_1.5.8.0_x64__38kynpdw5g1aw [2021-09-26] (Wacom Europe GmbH)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2144.11.0_x64__cv1g1gvanyjgm [2021-11-22] (WhatsApp Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-778103176-1376588227-3002950867-1001_Classes\CLSID\{04271989-C4D2-7AB6-8593-307A4B278444} -> [OneDrive - smail.th-koeln.de] => C:\Users\wowts\Desktop\Datein\OneDrive - th-koeln.de\OneDrive - smail.th-koeln.de [2020-12-21 14:41]
CustomCLSID: HKU\S-1-5-21-778103176-1376588227-3002950867-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\wowts\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-778103176-1376588227-3002950867-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\wowts\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-778103176-1376588227-3002950867-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\wowts\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21209.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-778103176-1376588227-3002950867-1001_Classes\CLSID\{88ce18a3-8d45-462e-98ee-5719a3dbf8cc} -> [Nextcloud] => C:\Homecloud [2021-04-19 10:31]
ShellIconOverlayIdentifiers: [ NextcloudError] -> {E0342B74-7593-4C70-9D61-22F294AAFE05} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudOK] -> {E1094E94-BE93-4EA2-9639-8475C68F3886} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudOKShared] -> {E243AD85-F71B-496B-B17E-B8091CBE93D2} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudSync] -> {E3D6DB20-1D83-4829-B5C9-941B31C0C35A} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudWarning] -> {E4977F33-F93A-4A0A-9D3C-83DEA0EE8483} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-07-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-11-29] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [NextcloudContextMenuHandler] -> {BC6988AB-ACE2-4B81-84DC-DC34F9B24401} => C:\Program Files\Nextcloud\shellext\NCContextMenu.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-04-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-11-29] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-07-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2021-10-28 13:29 - 2021-10-28 13:29 - 000099328 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\nextcloudsync_vfs_cfapi.dll
2021-10-28 13:30 - 2021-10-28 13:30 - 000030208 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\nextcloudsync_vfs_suffix.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 000017920 _____ () [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\libEGL.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 003567616 _____ () [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\libGLESv2.dll
2021-10-14 13:13 - 2021-10-14 13:14 - 000258048 _____ () [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\WirelessVR-windesktop64.dll
2020-12-21 16:36 - 2005-04-22 13:36 - 000143360 _____ () [Datei ist nicht signiert] C:\WINDOWS\system32\BrSNMP64.dll
2020-12-21 16:36 - 2013-03-08 15:44 - 000087040 _____ (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\WINDOWS\system32\BrNetSti.dll
2020-12-02 02:01 - 2020-12-02 02:01 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-12-02 02:01 - 2020-12-02 02:01 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2021-11-06 14:34 - 2021-11-06 14:35 - 000137184 _____ (Microsoft Windows -> Microsoft Corporation) [Datei ist nicht signiert] C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20045.455.0_x64__cw5n1h2txyewy\Dashboard\WebView2Loader.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 000031744 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\plugins\imageformats\qgif.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 000039424 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\plugins\imageformats\qicns.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 000031744 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\plugins\imageformats\qico.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 000413696 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\plugins\imageformats\qjpeg.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 000025088 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\plugins\imageformats\qsvg.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 000025088 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\plugins\imageformats\qtga.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 000023552 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\plugins\imageformats\qwbmp.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 000519168 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\plugins\imageformats\qwebp.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 001431040 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\plugins\platforms\qwindows.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 001180672 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\plugins\sqldrivers\qsqlite.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 000135680 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\plugins\styles\qwindowsvistastyle.dll
2021-10-14 13:13 - 2021-10-14 13:14 - 000058368 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\Qt\labs\folderlistmodel\qmlfolderlistmodelplugin.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 006010880 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\Qt5Core.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 006345216 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\Qt5Gui.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 001078272 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\Qt5Network.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 000313856 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\Qt5Positioning.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 004000256 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\Qt5Qml.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 003802624 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\Qt5Quick.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 000171008 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\Qt5QuickControls2.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 001083904 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\Qt5QuickTemplates2.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 000205312 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\Qt5Sql.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 000329728 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\Qt5Svg.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 000113152 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\Qt5WebChannel.dll
2021-10-14 13:13 - 2021-10-14 13:13 - 000376320 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\Qt5WebEngine.dll
2021-10-14 13:13 - 2021-10-14 13:14 - 092323328 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\Qt5WebEngineCore.dll
2021-10-14 13:13 - 2021-10-14 13:14 - 005560832 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\Qt5Widgets.dll
2021-10-14 13:13 - 2021-10-14 13:14 - 000463360 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\Qt5WinExtras.dll
2021-10-14 13:13 - 2021-10-14 13:14 - 000188416 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\Qt5Xml.dll
2021-10-14 13:13 - 2021-10-14 13:14 - 002888704 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\Qt5XmlPatterns.dll
2021-10-14 13:13 - 2021-10-14 13:14 - 000053760 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-10-14 13:13 - 2021-10-14 13:14 - 000059392 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-10-14 13:13 - 2021-10-14 13:14 - 000017408 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\QtQuick.2\qtquick2plugin.dll
2021-10-14 13:13 - 2021-10-14 13:14 - 000287232 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-10-14 13:13 - 2021-10-14 13:14 - 000329216 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-10-14 13:13 - 2021-10-14 13:14 - 000136192 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\QtQuick\Dialogs\dialogplugin.dll
2021-10-14 13:13 - 2021-10-14 13:14 - 000089088 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-10-14 13:13 - 2021-10-14 13:14 - 000312320 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-10-14 13:13 - 2021-10-14 13:14 - 000017920 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\QtQuick\Window.2\windowplugin.dll
2021-10-14 13:13 - 2021-10-14 13:14 - 000085504 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonSoftware\QtWebEngine\qtwebengineplugin.dll
2021-10-28 13:34 - 2021-10-28 13:34 - 005972464 _____ (The Qt Company Oy -> The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5Core.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\64347b00.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\64347b00.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKLM -> DefaultScope {88056C61-C84B-4838-9355-0DE7B3C95802} URL = hxxp://www.bing.com/search?q={SearchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {88056C61-C84B-4838-9355-0DE7B3C95802} URL = hxxp://www.bing.com/search?q={SearchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
SearchScopes: HKLM-x32 -> DefaultScope {88056C61-C84B-4838-9355-0DE7B3C95802} URL = hxxp://www.bing.com/search?q={SearchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {88056C61-C84B-4838-9355-0DE7B3C95802} URL = hxxp://www.bing.com/search?q={SearchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
SearchScopes: HKU\S-1-5-21-778103176-1376588227-3002950867-1001 -> DefaultScope {88056C61-C84B-4838-9355-0DE7B3C95802} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: Kein Name -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> Keine Datei
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_281\bin\ssv.dll [2021-02-14] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_281\bin\jp2ssv.dll [2021-02-14] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Kein Name -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> Keine Datei
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7940 mehr Seiten.
IE trusted site: HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\sharepoint.com -> hxxps://smailthkoelnde-files.sharepoint.com
IE restricted site: HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\123simsen.com -> www.123simsen.com
Da befinden sich 7940 mehr Seiten.
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2021-11-30 18:17 - 2021-12-01 09:58 - 000001334 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 analytics.ff.avast.com
0.0.0.0 analytics.ns1.ff.avast.com
0.0.0.0 v7event.stats.avcdn.net
0.0.0.0 v7.stats.avcdn.net
0.0.0.0 flow.lavasoft.com
0.0.0.0 telemetry.malwarebytes.com
0.0.0.0 ws.mcafee.com
0.0.0.0 analytics.ccs.mcafee.com
0.0.0.0 analyticsdcs.ccs.mcafee.com
0.0.0.0 carcharodon.trendmicro.com
2021-01-24 15:53 - 2021-11-04 22:54 - 000000439 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.20.64.1 Wowtschik.mshome.net # 2026 11 2 3 21 54 43 36
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64_win\compiler;C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\Docker\Docker\resources\bin;C:\ProgramData\DockerDesktop\version-bin;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
ist aktiviert.
Network Binding:
=============
WLAN: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk"
HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Netzwerk Server.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run: => ""
HKLM\...\StartupApproved\Run: => "WinZip FAH"
HKLM\...\StartupApproved\Run: => "WinZip UN"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "CORSAIR iCUE Software"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "FileZilla Server Interface"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\StartupFolder: => "xxx.exe.lnk"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "Adobe Reader Synchronizer"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "SurfEasy"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "Amazon Music Helper"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "icq.desktop"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "Windscribe"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "Discord"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{CE58D672-AFC3-4045-8360-33F36F09CA3C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9DB10886-038A-44BB-B8E2-E6D242A0FE9F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{BE460EA9-4AF2-4D6C-8AE0-895673425CBD}C:\users\wowts\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\wowts\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{22C5778E-0A06-46BD-82AE-7FE5F43234F1}C:\users\wowts\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\wowts\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EF9D515A-B2B5-49DB-ACE5-B895C7FD6838}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.34\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1CE93924-7FD7-4289-99F1-4640AB57B7D3}] => (Allow) C:\Users\wowts\AppData\Local\Programs\Opera\81.0.4196.60\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{9CDD18E0-DD88-46D0-80EE-DDC27C54FDE8}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [TCP Query User{143B664D-0D9B-443F-BCDE-70B080EDDF3A}C:\users\wowts\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\wowts\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{642298ED-0976-49C6-BF00-5985E5E43099}C:\users\wowts\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\wowts\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{98B4716D-86E5-40A8-AFFB-AE4844539040}C:\program files\lenovo\lenovo migration assistant\lenovo migration assistant srv.exe] => (Allow) C:\program files\lenovo\lenovo migration assistant\lenovo migration assistant srv.exe (Lenovo -> )
FirewallRules: [UDP Query User{0C553E74-DA35-4342-A830-0DD8C6409F5A}C:\program files\lenovo\lenovo migration assistant\lenovo migration assistant srv.exe] => (Allow) C:\program files\lenovo\lenovo migration assistant\lenovo migration assistant srv.exe (Lenovo -> )
FirewallRules: [{521B5AD0-5B17-4CD9-B323-F64763145A9E}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{C10541A5-A92A-41C5-B982-E454105BAF47}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{0DF84D2A-F814-4150-AA13-957A9AC71B72}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{B7AADBB0-A522-4582-83E7-3FECAB63A979}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5EA72659-E4BD-4D9F-91B8-54498BFD724D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8D3F8363-247B-4802-8468-D8A4F4BCE485}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0DE86AA-E599-4667-9785-308B0DD02D0B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B4E9A786-B3ED-440B-8331-C546FFF87305}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1BBBA406-68F8-4F9D-9DFF-F503D9FF81B0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BB691E53-3A21-4D70-A8B1-27DD8DD6527B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{419C117E-B90F-4519-A612-CFEF1ECC9E24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
==================== Wiederherstellungspunkte =========================
29-11-2021 14:52:37 Windows Modules Installer
29-11-2021 15:01:12 Windows Modules Installer
29-11-2021 15:02:08 Windows Modules Installer
01-12-2021 09:56:49 AdwCleaner_BeforeCleaning_01/12/2021_09:56:49
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (12/01/2021 10:43:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SDUpdate.exe, Version: 2.8.68.100, Zeitstempel: 0x5ea5e0d1
Name des fehlerhaften Moduls: hhctrl.ocx_unloaded, Version: 10.0.22000.1, Zeitstempel: 0xfd09051e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00026e4e
ID des fehlerhaften Prozesses: 0x6e8
Startzeit der fehlerhaften Anwendung: 0x01d7e69356863caa
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Pfad des fehlerhaften Moduls: hhctrl.ocx
Berichtskennung: d53c57fb-8ca9-471e-812a-014d8e835a1e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/01/2021 10:10:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SDUpdate.exe, Version: 2.8.68.100, Zeitstempel: 0x5ea5e0d1
Name des fehlerhaften Moduls: SDUpdate.exe, Version: 2.8.68.100, Zeitstempel: 0x5ea5e0d1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00005c92
ID des fehlerhaften Prozesses: 0x6e8
Startzeit der fehlerhaften Anwendung: 0x01d7e69356863caa
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Berichtskennung: 9627ae58-ffe1-4221-adee-62692ce19896
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/01/2021 10:00:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SDUpdate.exe, Version: 2.8.68.100, Zeitstempel: 0x5ea5e0d1
Name des fehlerhaften Moduls: SDUpdate.exe, Version: 2.8.68.100, Zeitstempel: 0x5ea5e0d1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00005c92
ID des fehlerhaften Prozesses: 0x3e18
Startzeit der fehlerhaften Anwendung: 0x01d7e691f0e59230
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Berichtskennung: a902e23d-9ac3-439d-957a-9fc9b2742cc8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/01/2021 09:58:33 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\WOWTSCHIK$ über https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 01 Dec 2021 08:58:34 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: beb0d3db-daea-4d39-af70-faea5934fe4b
Methode: GET(2562ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (12/01/2021 09:58:30 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für Lokales System über https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 01 Dec 2021 08:58:30 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 8e874e77-5fad-462f-a077-378d9ec50aed
Methode: GET(2656ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (12/01/2021 09:54:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SDUpdate.exe, Version: 2.8.68.100, Zeitstempel: 0x5ea5e0d1
Name des fehlerhaften Moduls: hhctrl.ocx_unloaded, Version: 10.0.22000.1, Zeitstempel: 0xfd09051e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00026e4e
ID des fehlerhaften Prozesses: 0xb6c
Startzeit der fehlerhaften Anwendung: 0x01d7e69030729eb3
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Pfad des fehlerhaften Moduls: hhctrl.ocx
Berichtskennung: baa4f876-d72b-4d1e-ab8b-d93093926b41
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/01/2021 09:48:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SDUpdate.exe, Version: 2.8.68.100, Zeitstempel: 0x5ea5e0d1
Name des fehlerhaften Moduls: SDUpdate.exe, Version: 2.8.68.100, Zeitstempel: 0x5ea5e0d1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00005c92
ID des fehlerhaften Prozesses: 0xb6c
Startzeit der fehlerhaften Anwendung: 0x01d7e69030729eb3
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Berichtskennung: 90956f6e-a94f-445b-b6be-4f84a25eed3e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/01/2021 09:38:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SDUpdate.exe, Version: 2.8.68.100, Zeitstempel: 0x5ea5e0d1
Name des fehlerhaften Moduls: SDUpdate.exe, Version: 2.8.68.100, Zeitstempel: 0x5ea5e0d1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00005c92
ID des fehlerhaften Prozesses: 0x3184
Startzeit der fehlerhaften Anwendung: 0x01d7e68ecad18c32
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Berichtskennung: 90716c0a-ed36-4511-a918-d8fc496d25b6
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (12/01/2021 09:58:24 AM) (Source: DCOM) (EventID: 10001) (User: WOWTSCHIK)
Description: Ein DCOM-Server konnte nicht gestartet werden: {5250E46F-BB09-D602-5891-F476DC89B700} als Nicht verfügbar/Nicht verfügbar. Fehler:
"2147958016"
Aufgetreten beim Start dieses Befehls:
"C:\WINDOWS\system32\DllHost.exe" /Processid:{5250E46F-BB09-D602-5891-F476DC89B700}
Error: (12/01/2021 09:57:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/01/2021 09:57:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "System Interface Foundation Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/01/2021 09:57:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LenovoVantageService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/01/2021 09:57:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Security" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/01/2021 09:57:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Updater Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/01/2021 09:57:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Universal Device Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/01/2021 09:57:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Lenovo Notebook ITS Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Windows Defender:
================Event[0]
Date: 2021-11-26 10:04:29
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.335.493.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.18000.5
Fehlercode: 0x80090305
Fehlerbeschreibung: Das angeforderte Sicherheitspaket ist nicht vorhanden.
Date: 2021-11-26 10:04:29
Description:
N/A
Date: 2021-11-26 10:04:28
Description:
N/A
Date: 2021-11-26 10:04:28
Description:
N/A
Date: 2021-11-26 10:04:28
Description:
N/A
CodeIntegrity:
===============
Date: 2021-12-01 09:57:41
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
BIOS: LENOVO EECN36WW 05/17/2021
Hauptplatine: LENOVO LNVNB161216
Prozessor: AMD Ryzen 7 4700U with Radeon Graphics
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 15742.16 MB
Verfügbarer physikalischer RAM: 8136.43 MB
Summe virtueller Speicher: 23422.16 MB
Verfügbarer virtueller Speicher: 11806.93 MB
==================== Laufwerke ================================
Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:77.32 GB) NTFS
\\?\Volume{0e1952d6-4fe8-49ec-916e-3565231aebc6}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.37 GB) NTFS
\\?\Volume{27481c08-52bc-47ba-a4e4-a08dc146e489}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 15F42639)
Partition: GPT.
==================== Ende von Addition.txt =======================
|
|
01.12.2021, 11:12
| #3 |
| | Vram 85-99%+ ausgelastet. Mining Bot? Details Shortcut
__________________Code:
ATTFilter Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 26-11-2021
durchgeführt von wowts (01-12-2021 10:46:45)
Gestartet von C:\Users\wowts\AppData\Local\Temp\scoped_dir17072_825760356
Start-Modus: Normal
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Forte\Forte 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\reaction\forte.win64\bin\run_forte.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\EnSight\EnSight 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\CEI\bin\ensighticon211.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\EnSight\EnSight Launcher 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\CEI\bin\ensightlaunchericon211.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\EnSight\EnVe 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\CEI\bin\enve211icon.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\EnSight\EnVideo 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\CEI\bin\envideo211.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\EnSight\EnVision 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\CEI\bin\envisionicon211.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{C51411C0-11DB-AD74-0008-BDAB669A0C20}\SupportTasks\1\Guild Wars 2 Support Webseite.lnk -> hxxp://support.guildwars2.com
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{C51411C0-11DB-AD74-0008-BDAB669A0C20}\SupportTasks\0\Guild Wars 2 Webseite.lnk -> hxxp://www.guildwars2.com
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Docker Desktop.lnk -> C:\Program Files\Docker\Docker\Docker Desktop.exe (Docker Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AusweisApp2.lnk -> C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.24.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.10.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maple 2021.lnk -> C:\Program Files\Maple 2021\bin.X86_64_WINDOWS\maplew.exe (Maplesoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nextcloud.lnk -> C:\Program Files\Nextcloud\nextcloud.exe (Nextcloud GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS Remote Play.lnk -> C:\Program Files (x86)\Sony\PS Remote Play\RemotePlay.exe (Sony Interactive Entertainment Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk -> C:\Program Files\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk -> C:\Program Files (x86)\WinSCP\WinSCP.exe (Martin Prikryl)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Alternate Start.lnk -> C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE (SUPERAdBlocker.com and SUPERAntiSpyware.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Free Edition.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot Anti-Beacon\Spybot Anti-Beacon.lnk -> C:\Program Files (x86)\Safer-Networking Ltd\Spybot Anti-Beacon\Spybot3AntiBeacon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Create System Report.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLogReport.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\File Scan.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFiles.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Immunization.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Rootkit Scan.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDRootAlyzer.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Spybot-S&D Start Center.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\System Scan.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Tray Icon (Live Protection).lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Uninstall Spybot-S&D.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SD Association\SD Card Formatter\SD Card Formatter.lnk -> C:\Windows\Installer\{A61131DC-B92D-4AD8-A925-E2D6D5FE217C}\NewShortcut1_69C2B9A012C943F8B6BC658D1AC73474.exe (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller\RogueKiller.lnk -> C:\Program Files\RogueKiller\RogueKiller64.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games\Riot Client.lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller entfernen.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller\unins001.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller Help.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller\Revo Uninstaller Help.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe (VS Revo Group)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\Pageant.lnk -> C:\Program Files\PuTTY\pageant.exe (Simon Tatham)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PSFTP.lnk -> C:\Program Files\PuTTY\psftp.exe (Simon Tatham)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTY Manual.lnk -> C:\Program Files\PuTTY\putty.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTY Web Site.lnk -> C:\Program Files\PuTTY\website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTY.lnk -> C:\Program Files\PuTTY\putty.exe (Simon Tatham)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTYgen.lnk -> C:\Program Files\PuTTY\puttygen.exe (Simon Tatham)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFsam Basic\PDFsam Basic.lnk -> C:\Program Files (x86)\PDFsam Basic\pdfsam.exe (Sober Lemur S.a.s di Vacondio Andrea)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.8\OpenOffice Base.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sbase.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.8\OpenOffice Calc.lnk -> C:\Program Files (x86)\OpenOffice 4\program\scalc.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.8\OpenOffice Draw.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.8\OpenOffice Impress.lnk -> C:\Program Files (x86)\OpenOffice 4\program\simpress.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.8\OpenOffice Math.lnk -> C:\Program Files (x86)\OpenOffice 4\program\smath.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.8\OpenOffice Writer.lnk -> C:\Program Files (x86)\OpenOffice 4\program\swriter.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.8\OpenOffice.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Aufzeichnungs-Manager von Skype for Business.lnk -> C:\Program Files\Microsoft Office\root\Office16\OcPubMgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office-Spracheinstellungen.lnk -> C:\Program Files\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetriedashboard für Office.lnk -> C:\Program Files\Microsoft Office\root\Office16\msotd.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetrieprotokoll für Office.lnk -> C:\Program Files\Microsoft Office\root\Office16\msoev.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression\Microsoft Expression Web 4 SuperPreview.lnk -> C:\Program Files (x86)\Microsoft Expression\Web 4\SuperPreview.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression\Microsoft Expression Web 4.lnk -> C:\Program Files (x86)\Microsoft Expression\Web 4\ExpressionWeb.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maple 2021\Activate Maple 2021.lnk -> C:\Program Files\Maple 2021\bin.X86_64_WINDOWS\activation.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maple 2021\Maple 2021 (Command-line).lnk -> C:\Program Files\Maple 2021\bin.X86_64_WINDOWS\cmaple.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maple 2021\Maple 2021 Help.lnk -> C:\Program Files\Maple 2021\bin.X86_64_WINDOWS\maplelaunchhelp.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maple 2021\Mint.lnk -> C:\Program Files\Maple 2021\bin.X86_64_WINDOWS\wmint.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maple 2021\Readme.lnk -> C:\Program Files\Maple 2021\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maple 2021\Uninstall Maple 2021.lnk -> C:\Program Files\Maple 2021\uninstall\uninstall.exe (Maplesoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Migration Assistant\Lenovo Migration Assistant entfernen.lnk -> C:\Program Files\Lenovo\Lenovo Migration Assistant\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Migration Assistant\Lenovo Migration Assistant.lnk -> C:\Program Files\Lenovo\Lenovo Migration Assistant\MigrationAssistant.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lenovo\System Update.lnk -> C:\Program Files (x86)\Lenovo\System Update\tvsu.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon\LatencyMon.lnk -> C:\Program Files\LatencyMon\LatMon.exe (Resplendence Software Projects Sp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files\Java\jre1.8.0_281\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 20.lnk -> C:\Program Files\Image-Line\FL Studio 20\FL64.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2\Guild Wars 2.lnk -> C:\Program Files\Guild Wars 2\Gw2-64.exe (ArenaNet)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRAPHISOFT\License Manager Tool\GS License Manager Tool.lnk -> C:\Program Files\GRAPHISOFT\License Manager Tool\GRAPHISOFT License Manager Tool.exe (GRAPHISOFT SE)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRAPHISOFT\BIMx Desktop Viewer\BIMx Desktop Viewer.lnk -> C:\Program Files\GRAPHISOFT\BIMx Desktop Viewer\BIMx.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\GOG GALAXY\GOG GALAXY.lnk -> C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe (GOG.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\FileZilla.lnk -> C:\Program Files\FileZilla FTP Client\filezilla.exe (FileZilla Project)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\Uninstall.lnk -> C:\Program Files\FileZilla FTP Client\uninstall.exe (Tim Kosse)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter\Logs.lnk -> C:\ProgramData\CodeMeter\Logs ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 6\Citavi 6.lnk -> C:\Program Files (x86)\Citavi 6\bin\Citavi.exe (Swiss Academic Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Software Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\Brother Utilities.lnk -> C:\Program Files (x86)\Brother\BrLauncher\BrLauncher.exe (Brother Industries, Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira.lnk -> C:\Program Files (x86)\Avira\Security\Avira.Spotlight.UI.Application.exe (Avira Operations GmbH & Co. KG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apache NetBeans\Apache NetBeans IDE 12.2.lnk -> C:\Program Files\NetBeans-12.2\netbeans\bin\netbeans64.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\ANSYS Viewer 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\ANSYSViewer\ANSYSViewer.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Mechanical APDL Product Launcher 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\ansys\bin\winx64\launcher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Uninstall ANSYS 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Workbench 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\Framework\bin\Win64\RunWB2.exe (ANSYS, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Utilities\Animate 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\ansys\bin\winx64\animate.exe (ANSYS, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Utilities\ANS_ADMIN 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\ansys\bin\winx64\ANS_ADMIN.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Utilities\CAD Configuration Manager 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\commonfiles\CAD\bin\winx64\Ans.CadInt.CADConfigUtilityGUI.exe (ANSYS, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Utilities\File Association 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\commonfiles\tools\winx64\fileassoc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Utilities\Product & CAD Configuration 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\ProductConfig.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Remote Solve Manager\ARC Configuration 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\RSM\ARC\bin\ArcConfigConsole.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Remote Solve Manager\RSM Cluster Monitoring 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\RSM\bin\Ans.Rsm.ClusterMonitor.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Remote Solve Manager\RSM Configuration 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\RSM\bin\Ans.Rsm.ClusterConfig.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Remote Solve Manager\RSM Job Monitoring 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\RSM\bin\Ans.Rsm.JobMonitor.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Meshing\TurboGrid 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\TurboGrid\bin\cfxlaunch.exe (ANSYS, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Help\ANSYS Help 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\commonfiles\help\HelpViewer\ANSYSHelpViewer.exe (ANSYS, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Help\ANSYS Help Configuration 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\commonfiles\help\HelpViewer\ANSYSHelpConfigurationTool.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Fluid Dynamics\CFX 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\CFX\bin\cfx5.exe (ANSYS, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Fluid Dynamics\FENSAP-ICE 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\fensapice\bin\fensapiceGUI.exe (ANSYS Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Chemkin\Model Fuel Library 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\reaction\chemkinpro.win64\docs\Model_Fuel_Library.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Aqwa\Aqwa 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\aqwa\bin\winx64\Aqwa.exe (ANSYS, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Aqwa\AqwaGS 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\aqwa\bin\winx64\Ags.exe (ANSYS, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Aqwa\AqwaWave 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\aqwa\bin\winx64\AqwaWave.exe (ANSYS, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\ANSYS Client Licensing\ANSYS Client Licensing Settings 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\licensingclient\winx64\ClientSettings\ClientSettings.exe (GitHub, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\ACP\ACP 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\ACP\ACP.exe (ANSYS)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{C51411C0-11DB-AD74-0008-BDAB669A0C20}\PlayTasks\0\Play.lnk -> C:\Program Files\Guild Wars 2\Gw2-64.exe (ArenaNet)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\Users\Public\Desktop\RogueKiller.lnk -> C:\Program Files\RogueKiller\RogueKiller64.exe ()
Shortcut: C:\Users\wowts\Links\Desktop.lnk -> C:\Users\wowts\Desktop ()
Shortcut: C:\Users\wowts\Links\Downloads.lnk -> C:\Users\wowts\Downloads ()
Shortcut: C:\Users\wowts\Links\Homecloud.lnk -> C:\Homecloud ()
Shortcut: C:\Users\wowts\Desktop\EET1.lnk -> C:\Users\wowts\Desktop\Datein\OneDrive - th-koeln.de\OneDrive - smail.th-koeln.de\Uni\Semester 4 WS21\EET1 (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\EET2.lnk -> C:\Users\wowts\Desktop\Datein\OneDrive - th-koeln.de\OneDrive - smail.th-koeln.de\Uni\Semester 4 WS21\EET2 (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\ESET Online Scanner.lnk -> C:\Users\wowts\Downloads\ESETOnlineScanner_DEU.exe (ESET spol. s r.o.)
Shortcut: C:\Users\wowts\Desktop\KL.lnk -> C:\Users\wowts\Desktop\Datein\OneDrive - th-koeln.de\OneDrive - smail.th-koeln.de\Uni\Semester 4 WS21\Konstruktionslehre ()
Shortcut: C:\Users\wowts\Desktop\Mathe 2.lnk -> C:\Users\wowts\Desktop\Datein\OneDrive - th-koeln.de\OneDrive - smail.th-koeln.de\Uni\Semester 4 WS21\Mathe 2 ()
Shortcut: C:\Users\wowts\Desktop\Mechanik 2.lnk -> C:\Users\wowts\Desktop\Datein\OneDrive - th-koeln.de\OneDrive - smail.th-koeln.de\Uni\Semester 4 WS21\Mechanik 2 ()
Shortcut: C:\Users\wowts\Desktop\OneDrive.lnk -> C:\Users\wowts\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\wowts\Desktop\Physik 2.lnk -> C:\Users\wowts\Desktop\Datein\OneDrive - th-koeln.de\OneDrive - smail.th-koeln.de\Uni\Semester 4 WS21\Physik 2 ()
Shortcut: C:\Users\wowts\Desktop\Semester 4 WS21.lnk -> C:\Users\wowts\Desktop\Datein\OneDrive - th-koeln.de\OneDrive - smail.th-koeln.de\Uni\Semester 4 WS21 ()
Shortcut: C:\Users\wowts\Desktop\WK2.lnk -> C:\Users\wowts\Desktop\Datein\OneDrive - th-koeln.de\OneDrive - smail.th-koeln.de\Uni\Semester 4 WS21\Wirtschaftsrecht\Werkstoffkunde 2 (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\Spiele\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\Users\wowts\Desktop\Spiele\DarkOrbit.lnk -> C:\Users\wowts\Dark Orbit\DarkOrbit.exe ()
Shortcut: C:\Users\wowts\Desktop\Spiele\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.)
Shortcut: C:\Users\wowts\Desktop\Spiele\GOG GALAXY.lnk -> C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe (GOG.com)
Shortcut: C:\Users\wowts\Desktop\Spiele\Guild Wars 2.lnk -> C:\Program Files\Guild Wars 2\Gw2-64.exe (ArenaNet)
Shortcut: C:\Users\wowts\Desktop\Spiele\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\Users\wowts\Desktop\Spiele\Riot Client.lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.)
Shortcut: C:\Users\wowts\Desktop\Spiele\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\Users\wowts\Desktop\Spiele\Ubisoft Connect.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftConnect.exe (Ubisoft)
Shortcut: C:\Users\wowts\Desktop\Programe\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\wowts\Desktop\Programe\AirDroid.lnk -> C:\Program Files (x86)\AirDroid\AirDroid.exe (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\Programe\Amazon Music.lnk -> C:\Users\wowts\AppData\Local\Amazon Music\Amazon Music.exe (Amazon.com Services LLC)
Shortcut: C:\Users\wowts\Desktop\Programe\Amazon Prime Video for Windows.lnk -> Tile and icon assets
Shortcut: C:\Users\wowts\Desktop\Programe\AOMEI Partition Assistant 9.1.lnk -> C:\Program Files (x86)\AOMEI Partition Assistant\PartAssist.exe (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\Programe\Apache NetBeans IDE 12.2.lnk -> C:\Program Files\NetBeans-12.2\netbeans\bin\netbeans64.exe ()
Shortcut: C:\Users\wowts\Desktop\Programe\ARCHICAD 24.lnk -> C:\Program Files\GRAPHISOFT\ARCHICAD 24\ARCHICAD Starter.exe (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\Programe\AusweisApp2.lnk -> C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG)
Shortcut: C:\Users\wowts\Desktop\Programe\Avast Free Antivirus.lnk -> C:\Program Files\Avast Software\Avast\AvastUI.exe (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\Programe\Avast SecureLine VPN.lnk -> C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\Programe\Avira.lnk -> C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\Programe\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Software Ltd)
Shortcut: C:\Users\wowts\Desktop\Programe\Citavi 6.lnk -> C:\Program Files (x86)\Citavi 6\bin\Citavi.exe (Swiss Academic Software)
Shortcut: C:\Users\wowts\Desktop\Programe\Docker Desktop.lnk -> C:\Program Files\Docker\Docker\Docker Desktop.exe (Docker Inc.)
Shortcut: C:\Users\wowts\Desktop\Programe\Eclipse IDE for Java Developers - 2020-12.lnk -> C:\Users\wowts\eclipse\java-2020-12\eclipse\eclipse.exe ()
Shortcut: C:\Users\wowts\Desktop\Programe\Eclipse*Installer.lnk -> C:\Users\wowts\eclipse-installer\eclipse-inst.exe ()
Shortcut: C:\Users\wowts\Desktop\Programe\FL Studio 20.lnk -> C:\Program Files\Image-Line\FL Studio 20\FL64.exe (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\Programe\Lenovo Migration Assistant.lnk -> C:\Program Files\Lenovo\Lenovo Migration Assistant\MigrationAssistant.exe ()
Shortcut: C:\Users\wowts\Desktop\Programe\Libertex MT4.lnk -> C:\Program Files (x86)\Libertex MT4\terminal.exe (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\Programe\Maple 2021.lnk -> C:\Program Files\Maple 2021\bin.X86_64_WINDOWS\maplew.exe (Maplesoft)
Shortcut: C:\Users\wowts\Desktop\Programe\MetaEditor 4.lnk -> C:\Program Files (x86)\XM MT4\metaeditor.exe (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\Programe\Mozilla Thunderbird.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Shortcut: C:\Users\wowts\Desktop\Programe\MSI Afterburner.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\Programe\Nextcloud.lnk -> C:\Program Files\Nextcloud\nextcloud.exe (Nextcloud GmbH)
Shortcut: C:\Users\wowts\Desktop\Programe\Opera-Browser.lnk -> C:\Users\wowts\AppData\Local\Programs\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\wowts\Desktop\Programe\PC Inspector File Recovery.lnk -> C:\Program Files (x86)\Convar\PC Inspector File Recovery\Filerecovery.exe ()
Shortcut: C:\Users\wowts\Desktop\Programe\Pi Network.lnk -> C:\Users\wowts\AppData\Local\Programs\pi-network-desktop\Pi Network.exe (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\Programe\PicPick.lnk -> C:\Program Files (x86)\PicPick\picpick.exe (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\Programe\PuTTY.lnk -> C:\Program Files\PuTTY\putty.exe (Simon Tatham)
Shortcut: C:\Users\wowts\Desktop\Programe\Revo Uninstaller.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe (VS Revo Group)
Shortcut: C:\Users\wowts\Desktop\Programe\Ryzen Controller.lnk -> C:\Program Files\Ryzen Controller\Ryzen Controller.exe (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\Programe\Spotify.lnk -> Tile and icon assets
Shortcut: C:\Users\wowts\Desktop\Programe\Spybot-S&D Start Center.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd.)
Shortcut: C:\Users\wowts\Desktop\Programe\Start Tor Browser.lnk -> C:\Users\wowts\Desktop\Tor Browser\Browser\firefox.exe (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\Programe\SUPERAntiSpyware Free Edition.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
Shortcut: C:\Users\wowts\Desktop\Programe\Telegram.lnk -> C:\Users\wowts\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC)
Shortcut: C:\Users\wowts\Desktop\Programe\VCDS DRV 15.7.lnk -> C:\Ross-Tech\VCDS-DRV\VCDS.exe (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\Programe\VCDS DRV 20.4.1.lnk -> C:\Ross-Tech\VCDS-DRV 20.4.1\vagcom.exe (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\Programe\VCDS Release 21.3.lnk -> C:\Ross-Tech\VCDS\VCDS.EXE (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\Programe\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\Users\wowts\Desktop\Programe\WinSCP.lnk -> C:\Program Files (x86)\WinSCP\WinSCP.exe (Martin Prikryl)
Shortcut: C:\Users\wowts\Desktop\Programe\XM MT4.lnk -> C:\Program Files (x86)\XM MT4\terminal.exe (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\Datein\Tor Browser\Start Tor Browser.lnk -> C:\Users\wowts\Desktop\Tor Browser\Browser\firefox.exe (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\Datein\OneDrive - th-koeln.de\OneDrive - smail.th-koeln.de\Türkei 2021\E4C2492212.pdf - Verknüpfung.lnk -> C:\Users\wowts\Downloads\E4C2492212.pdf ()
Shortcut: C:\Users\wowts\Desktop\Alles\Selbstständig.lnk -> C:\Users\wowts\Desktop\Datein\OneDrive - th-koeln.de\OneDrive - smail.th-koeln.de\Selbstständig ()
Shortcut: C:\Users\wowts\Desktop\Alles\Shop.lnk -> C:\Users\wowts\Desktop\Datein\OneDrive - th-koeln.de\OneDrive - smail.th-koeln.de\Selbstständig\Shop ()
Shortcut: C:\Users\wowts\Desktop\Alles\Uni Prog\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\wowts\Desktop\Alles\Uni Prog\Ausschneiden und skizzieren.lnk -> Tile and icon assets
Shortcut: C:\Users\wowts\Desktop\Alles\Uni Prog\Bamboo Paper.lnk -> Tile and icon assets
Shortcut: C:\Users\wowts\Desktop\Alles\Uni Prog\Drawboard PDF.lnk -> Tile and icon assets
Shortcut: C:\Users\wowts\Desktop\Alles\Uni Prog\Excel.lnk -> C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\Users\wowts\Desktop\Alles\Uni Prog\Maple 2020.lnk -> C:\Program Files\Maple 2020\bin.X86_64_WINDOWS\maplew.exe (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\Alles\Uni Prog\MathProf 5.0 Demo.lnk -> C:\Program Files (x86)\MathProf50_EL_EV_Demo\MathProf50-Demo-EV.exe (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\Alles\Uni Prog\OneNote for Windows 10.lnk -> Tile and icon assets
Shortcut: C:\Users\wowts\Desktop\Alles\Uni Prog\OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\Users\wowts\Desktop\Alles\Uni Prog\OpenOffice 4.1.8.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\Users\wowts\Desktop\Alles\Uni Prog\Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\Users\wowts\Desktop\Alles\Uni Prog\PDFsam.lnk -> C:\Program Files (x86)\PDFsam Basic\pdfsam.exe (Sober Lemur S.a.s di Vacondio Andrea)
Shortcut: C:\Users\wowts\Desktop\Alles\Uni Prog\Penbook.lnk -> Tile and icon assets
Shortcut: C:\Users\wowts\Desktop\Alles\Uni Prog\Word.lnk -> C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\Users\wowts\Desktop\Alles\Uni Prog\Xodo.lnk -> Tile and icon assets
Shortcut: C:\Users\wowts\Desktop\Alles\Uni Prog\Zoom.lnk -> C:\Users\wowts\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\wowts\Desktop\Alles\Auto\VCDS DRV 15.7.lnk -> C:\Ross-Tech\VCDS-DRV\VCDS.exe (Keine Datei)
Shortcut: C:\Users\wowts\Desktop\Alles\Auto\VCDS Release 19.6.lnk -> C:\Ross-Tech\VCDS\VCDS.EXE (Keine Datei)
Shortcut: C:\Users\wowts\AppData\Roaming\VS Revo Group\Revo Uninstaller\ADAU\CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music.lnk -> C:\Users\wowts\AppData\Local\Amazon Music\Amazon Music.exe (Amazon.com Services LLC)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Delphi Toasts App.lnk -> C:\Program Files (x86)\Safer-Networking Ltd\Spybot Anti-Beacon\Spybot3AntiBeacon.exe ()
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eclipse*Installer.lnk -> C:\Users\wowts\eclipse-installer\eclipse-inst.exe ()
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk -> C:\Users\wowts\Downloads\ESETOnlineScanner_DEU.exe (ESET spol. s r.o.)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\wowts\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk -> C:\Users\wowts\AppData\Local\Programs\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk -> C:\Users\wowts\AppData\Local\PCHealthCheck\PCHealthCheck.exe ()
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk -> C:\Users\wowts\Desktop\Datein\Tor Browser\Browser\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows-SSD (C).lnk -> C:\ ()
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISD.lnk -> C:\Program Files (x86)\WinISD\winisd.exe (Juha Hartikainen)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Zoom.lnk -> C:\Users\wowts\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\UbisoftConnect\Ubisoft Connect.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftConnect.exe (Ubisoft)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\UbisoftConnect\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Telegram entfernen.lnk -> C:\Users\wowts\AppData\Roaming\Telegram Desktop\unins000.exe (Telegram FZ-LLC )
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Telegram.lnk -> C:\Users\wowts\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge entfernen.lnk -> C:\Users\wowts\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\unins000.exe ()
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.lnk -> C:\Users\wowts\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe (Lenovo Group Limited)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\More....lnk -> C:\Program Files\Image-Line\Shared\Start (Keine Datei)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eclipse\Eclipse IDE for Java Developers - 2020-12.lnk -> C:\Users\wowts\eclipse\java-2020-12\eclipse\eclipse.exe ()
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DarkOrbit\DarkOrbit.lnk -> C:\Users\wowts\Dark Orbit\DarkOrbit.exe ()
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar\PC Inspector File Recovery\PC Inspector File Recovery Help.lnk -> C:\Program Files (x86)\Convar\PC Inspector File Recovery\help.chm ()
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar\PC Inspector File Recovery\PC Inspector File Recovery.lnk -> C:\Program Files (x86)\Convar\PC Inspector File Recovery\Filerecovery.exe ()
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar\PC Inspector File Recovery\Uninstaller.lnk -> C:\Program Files (x86)\Convar\PC Inspector File Recovery\Uninstall.exe ()
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music\Amazon Music.lnk -> C:\Users\wowts\AppData\Local\Amazon Music\Amazon Music.exe (Amazon.com Services LLC)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music\Uninstall Amazon Music.lnk -> C:\Users\wowts\AppData\Local\Amazon Music\Uninstall.exe (Amazon.com Services LLC)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\SendTo\PDFsam Basic.lnk -> C:\Program Files (x86)\PDFsam Basic\pdfsam.exe (Sober Lemur S.a.s di Vacondio Andrea)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WinISD.lnk -> C:\Program Files (x86)\WinISD\winisd.exe (Juha Hartikainen)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera-Browser.lnk -> C:\Users\wowts\AppData\Local\Programs\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\wowts\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Local\Programs\Lenovo\LENOVO SERVICE BRIDGE\LSB.exe.lnk -> C:\L\LSB\LSB\bin\Release\LSB.exe (Keine Datei)
Shortcut: C:\Users\wowts\AppData\Local\Microsoft\Windows Sidebar\Gadgets\LaunchControl.gadget\links\Show Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Local\Microsoft\Windows Sidebar\Gadgets\LaunchControl.gadget\links\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\Users\wowts\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\Users\wowts\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\wowts\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\wowts\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\wowts\AppData\Local\Amazon Music\Uninstall Amazon Music.lnk -> C:\Users\wowts\AppData\Local\Amazon Music\Uninstall.exe (Amazon.com Services LLC)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk -> C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software) -> --check-run=src=tile
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Registration-Activation.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware) -> /register
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games\VALORANT.lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=valorant --launch-patchline=live
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFsam Basic\Uninstall.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {5F69C3E1-65F3-4B53-99A1-AABF8E9FFBA6}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Database Compare.lnk -> C:\Program Files\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Office16\DCF\DATABASECOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Spreadsheet Compare.lnk -> C:\Program Files\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Office16\DCF\SPREADSHEETCOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maple 2021\Maple 2021 (Shared Server).lnk -> C:\Program Files\Maple 2021\bin.X86_64_WINDOWS\maplew.exe (Maplesoft) -> -km s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files\Java\jre1.8.0_281\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files\Java\jre1.8.0_281\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software\Epson Software Updater.lnk -> C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE (Seiko Epson Corporation) -> /ST
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter\CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG) -> -m
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter\Tools\CmDust.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\cmu32.exe (WIBU-SYSTEMS AG) -> --cmdust --gui -f"%userprofile%\CmDust-Result.log"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter\Tools\CodeMeter Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "set Path=%Path%;C:\Program Files (x86)\CodeMeter\Runtime\bin\&&cd /D %USERPROFILE%&&cmu32.exe -v"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\DC Evaluator (DCE) 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\dcs\dclauncher.exe (ANSYS) -> start evaluator -W
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Design Point Service (DPS) 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\dcs\dclauncher.exe (ANSYS) -> start server -W
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Mechanical 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\Framework\bin\Win64\RunWB2.exe (ANSYS, Inc.) -> -I -E Mechanical.CreateMechanicalModelSystemAndOpen()
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Mechanical APDL 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\ansys\bin\winx64\launcher.exe () -> -runae
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\System Coupling 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\SystemCoupling\bin\systemcoupling.bat () -> -G
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Help\Aqwa\AqwaGS Help 2021 R1.lnk -> C:\Windows\hh.exe (Microsoft Corporation) -> "C:\Program Files\ANSYS Inc\ANSYS Student\v211\aqwa\doc\AGSHelp.chm"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Forte\Forte Monitor 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\reaction\forte.win64\bin\run_forte.bat () -> MONITOR
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Forte\Forte Simulate 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\reaction\forte.win64\bin\run_forte.bat () -> AMG
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\Chemkin\Chemkin 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\reaction\chemkinpro.win64\bin\run_Chemkin.bat () -> Pro
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 2021 R1\ANSYS Discovery Suite\SpaceClaim 2021 R1.lnk -> C:\Program Files\ANSYS Inc\ANSYS Student\v211\scdm\SpaceClaim.exe (SpaceClaim) -> /UseLicenseMode=true
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Lenovo\IMCONTROLLER (18)\Plugins\LenovoBatteryGaugePackage\x86\HideBatteryGauge.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\LenovoBatteryGaugePackage.dll,HideBatteryGauge
ShortcutWithArgument: C:\ProgramData\Lenovo\IMCONTROLLER (18)\Plugins\LenovoBatteryGaugePackage\x86\LaunchPinVantageToolbarToast.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\LenovoBatteryGaugePackage.dll,LaunchPinVantageToolbarToast
ShortcutWithArgument: C:\ProgramData\Lenovo\IMCONTROLLER (18)\Plugins\LenovoBatteryGaugePackage\x86\SetMenuItemNameofBatteryGauge.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\LenovoBatteryGaugePackage.dll,SetMenuItemNameofBatteryGauge
ShortcutWithArgument: C:\ProgramData\Lenovo\IMCONTROLLER (18)\Plugins\LenovoBatteryGaugePackage\x86\ShowBatteryGauge.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\LenovoBatteryGaugePackage.dll,ShowBatteryGauge
ShortcutWithArgument: C:\ProgramData\Lenovo\IMCONTROLLER (18)\Plugins\LenovoBatteryGaugePackage\x86\UnloadBatteryGaugeFromExplorer.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\LenovoBatteryGaugePackage.dll,UnloadBatteryGaugeFromExplorer
ShortcutWithArgument: C:\ProgramData\Lenovo\IMCONTROLLER (18)\Plugins\LenovoBatteryGaugePackage\x86\UnpinFromTaskbar.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\LenovoBatteryGaugePackage.dll,UnpinFromTaskbar
ShortcutWithArgument: C:\ProgramData\Lenovo\IMCONTROLLER (18)\Plugins\LenovoBatteryGaugePackage\x86\UpdateBatteryGaugeToastInfo.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\LenovoBatteryGaugePackage.dll,UpdateBatteryGaugeToastInfo
ShortcutWithArgument: C:\ProgramData\Lenovo\IMCONTROLLER (18)\Plugins\LenovoBatteryGaugePackage\x64\HideBatteryGauge.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\LenovoBatteryGaugePackage.dll,HideBatteryGauge
ShortcutWithArgument: C:\ProgramData\Lenovo\IMCONTROLLER (18)\Plugins\LenovoBatteryGaugePackage\x64\LaunchPinVantageToolbarToast.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\LenovoBatteryGaugePackage.dll,LaunchPinVantageToolbarToast
ShortcutWithArgument: C:\ProgramData\Lenovo\IMCONTROLLER (18)\Plugins\LenovoBatteryGaugePackage\x64\SetMenuItemNameofBatteryGauge.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\LenovoBatteryGaugePackage.dll,SetMenuItemNameofBatteryGauge
ShortcutWithArgument: C:\ProgramData\Lenovo\IMCONTROLLER (18)\Plugins\LenovoBatteryGaugePackage\x64\ShowBatteryGauge.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\LenovoBatteryGaugePackage.dll,ShowBatteryGauge
ShortcutWithArgument: C:\ProgramData\Lenovo\IMCONTROLLER (18)\Plugins\LenovoBatteryGaugePackage\x64\UnloadBatteryGaugeFromExplorer.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\LenovoBatteryGaugePackage.dll,UnloadBatteryGaugeFromExplorer
ShortcutWithArgument: C:\ProgramData\Lenovo\IMCONTROLLER (18)\Plugins\LenovoBatteryGaugePackage\x64\UnpinFromTaskbar.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\LenovoBatteryGaugePackage.dll,UnpinFromTaskbar
ShortcutWithArgument: C:\ProgramData\Lenovo\IMCONTROLLER (18)\Plugins\LenovoBatteryGaugePackage\x64\UpdateBatteryGaugeToastInfo.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\LenovoBatteryGaugePackage.dll,UpdateBatteryGaugeToastInfo
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAbout
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\wowts\Desktop\Spiele\VALORANT.lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=valorant --launch-patchline=live
ShortcutWithArgument: C:\Users\wowts\Desktop\Programe\CCleaner Browser.lnk -> C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software) -> --check-run=src=desktop
ShortcutWithArgument: C:\Users\wowts\Desktop\Programe\Discord.lnk -> C:\Users\wowts\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\wowts\Desktop\Alles\Uni Prog\Teams.lnk -> C:\Users\wowts\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe"
ShortcutWithArgument: C:\Users\wowts\AppData\Roaming\Microsoft\Word\Erzwungene%20Schwingung309260891271202507\Erzwungene%20Schwingung.docx.lnk -> C:\Users\wowts\Desktop\Datein\OneDrive - th-koeln.de\OneDrive - smail.th-koeln.de\Uni\Semester 4 WS21\Physik 2\Praktikum\Erzwungene Schwingung.docx () -> 0
ShortcutWithArgument: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk -> C:\Users\wowts\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe"
ShortcutWithArgument: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\wowts\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Video Communications, Inc.) -> /uninstall
ShortcutWithArgument: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) -> /tsr
ShortcutWithArgument: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xxx.exe.lnk -> C:\Windows\System32\net.exe (Microsoft Corporation) -> use Z: \\192.168.0.38\Festplatte /user:Vovan Bikerboy@2020
ShortcutWithArgument: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GeoGebra\GeoGebra Classic.lnk -> C:\Users\wowts\AppData\Local\GeoGebra_6\Update.exe (GitHub) -> --processStart="GeoGebra.exe"
ShortcutWithArgument: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord.lnk -> C:\Users\wowts\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DarkOrbit\Uninstall.lnk -> C:\Users\wowts\Dark Orbit\maintenancetool.exe () -> --uninstall
ShortcutWithArgument: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\SendTo\WinSCP (zum Hochladen).lnk -> C:\Program Files (x86)\WinSCP\WinSCP.exe (Martin Prikryl) -> /upload
ShortcutWithArgument: C:\Users\wowts\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CCleaner Browser.lnk -> C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software) -> --check-run=src=quicklaunch
ShortcutWithArgument: C:\Users\wowts\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) -> /recycle
ShortcutWithArgument: C:\Users\wowts\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CCleaner Browser.lnk -> C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software) -> --check-run=src=taskbar
ShortcutWithArgument: C:\Users\wowts\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\wowts\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Teams.lnk -> C:\Users\wowts\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe" --process-start-args "--profile=AAD"
ShortcutWithArgument: C:\Users\wowts\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\4ac866364817f10c\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\wowts\AppData\Roaming\Microsoft\Excel\Praktikum%20Physik%203%20u.%204309260912766529954\Praktikum%20Physik%203%20u.%204.xlsx.lnk -> C:\Users\wowts\Desktop\Datein\OneDrive - th-koeln.de\OneDrive - smail.th-koeln.de\Uni\Semester 4 WS21\Physik 2\Praktikum\Praktikum Physik 3 u. 4.xlsx () -> 50
ShortcutWithArgument: C:\Users\wowts\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Control_System.gadget\Hibernate.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> PowrProf,SetSuspendState Hibernate
ShortcutWithArgument: C:\Users\wowts\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Control_System.gadget\Logoff.lnk -> C:\Windows\System32\shutdown.exe (Microsoft Corporation) -> -L
ShortcutWithArgument: C:\Users\wowts\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Control_System.gadget\Restart.lnk -> C:\Windows\System32\shutdown.exe (Microsoft Corporation) -> -r -f -t 01
ShortcutWithArgument: C:\Users\wowts\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Control_System.gadget\Shutdown.lnk -> C:\Windows\System32\shutdown.exe (Microsoft Corporation) -> -s -f -t 01
ShortcutWithArgument: C:\Users\wowts\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Control_System.gadget\Standby.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> PowrProf,SetSuspendState
ShortcutWithArgument: C:\Users\wowts\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\wowts\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\wowts\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\wowts\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\wowts\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\wowts\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\wowts\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\wowts\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\wowts\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\wowts\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller im Internet.url -> URL: hxxps://www.revouninstaller.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFsam Basic\PDFsam on the Web.url -> URL: hxxps://pdfsam.org/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Reference Documentation.url -> URL: hxxp://docs.oracle.com/javase/15/index.html
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.url -> URL: hxxp://java.com/help
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.url -> URL: hxxp://java.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2\Guild Wars 2 Support Webseite.url -> URL: hxxp://support.guildwars2.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2\Guild Wars 2 Webseite.url -> URL: hxxp://www.guildwars2.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> URL: hxxp://www.ccleaner.com/ccleaner
InternetURL: C:\Users\wowts\OneDrive - th-koeln.de\Mein Notizbuch @ th-koeln.de.url -> URL: hxxps://thkoelnde-my.sharepoint.com/personal/waldemar_stieben_smail_th-koeln_de/_layouts/15/SkySyncRedir.aspx?Type=2&ResourceId=65f61fb1c45647c7af6343d0cc8bb998
InternetURL: C:\Users\wowts\OneDrive - th-koeln.de\Physik.url -> URL: hxxps://thkoelnde-my.sharepoint.com/personal/waldemar_stieben_smail_th-koeln_de/_layouts/15/SkySyncRedir.aspx?Type=2&ResourceId=36bb03e5ce674ebc8b8e917f894005cc
InternetURL: C:\Users\wowts\OneDrive - TH Köln\Mein Notizbuch @ th-koeln.de.url -> URL: hxxps://thkoelnde-my.sharepoint.com/personal/waldemar_stieben_smail_th-koeln_de/_layouts/15/SkySyncRedir.aspx?Type=2&ResourceId=65f61fb1c45647c7af6343d0cc8bb998
InternetURL: C:\Users\wowts\OneDrive - TH Köln\Physik.url -> URL: hxxps://thkoelnde-my.sharepoint.com/personal/waldemar_stieben_smail_th-koeln_de/_layouts/15/SkySyncRedir.aspx?Type=2&ResourceId=36bb03e5ce674ebc8b8e917f894005cc
InternetURL: C:\Users\wowts\OneDrive\Dokumente\Projekt EET1.url -> URL: hxxps://onedrive.live.com/redir.aspx?cid=daff92531a2a45a4&resid=DAFF92531A2A45A4!105&type=3
InternetURL: C:\Users\wowts\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\wowts\Favorites\Lenovo\Lenovo Support.url -> URL: hxxp://support.lenovo.com/
InternetURL: C:\Users\wowts\Favorites\Lenovo\Lenovo.url -> URL: hxxp://www.lenovo.com/
InternetURL: C:\Users\wowts\Desktop\Spiele\Counter-Strike Global Offensive.url -> URL: steam://rungameid/730
InternetURL: C:\Users\wowts\Desktop\Spiele\Counter-Strike.url -> URL: steam://rungameid/10
InternetURL: C:\Users\wowts\Desktop\Spiele\Metro 2033 Redux.url -> URL: com.epicgames.launcher://apps/Petunia?action=launch&silent=true
InternetURL: C:\Users\wowts\Desktop\Spiele\Watch Dogs 2.url -> URL: com.epicgames.launcher://apps/Angelonia?action=launch&silent=true
InternetURL: C:\Users\wowts\Desktop\Datein\OneDrive - th-koeln.de\OneDrive - smail.th-koeln.de\Semester WS21.url -> URL: hxxps://smailthkoelnde-my.sharepoint.com/personal/waldemar_stieben_smailthkoelnde_onmicrosoft_com/_layouts/15/SkySyncRedir.aspx?Type=2&ResourceId=975ab737b38e4c89a82ac20779dd505c&CallerScenarioId=OneNote-Prod&CallerId=Sync-Windows
InternetURL: C:\Users\wowts\Desktop\Datein\OneDrive - th-koeln.de\OneDrive - smail.th-koeln.de\Alles\Physik 1.url -> URL: hxxps://smailthkoelnde-my.sharepoint.com/personal/waldemar_stieben_smailthkoelnde_onmicrosoft_com/_layouts/15/SkySyncRedir.aspx?Type=2&ResourceId=18a786879c6043e3b37df6ff797e0c14&CallerScenarioId=OneNote-Prod&CallerId=Sync-Windows
InternetURL: C:\Users\wowts\Desktop\Datein\OneDrive - th-koeln.de\OneDrive - smail.th-koeln.de\Alles\Physik.url -> URL: hxxps://smailthkoelnde-my.sharepoint.com/personal/waldemar_stieben_smailthkoelnde_onmicrosoft_com/_layouts/15/SkySyncRedir.aspx?Type=2&ResourceId=5781ac1c97d84001ba355fdfe9799b97&CallerScenarioId=OneNote-Prod&CallerId=Sync-Windows
InternetURL: C:\Users\wowts\Desktop\Datein\OneDrive - th-koeln.de\OneDrive - smail.th-koeln.de\Alles\Waldemar @ smail.th-koeln.de.url -> URL: hxxps://smailthkoelnde-my.sharepoint.com/personal/waldemar_stieben_smailthkoelnde_onmicrosoft_com/_layouts/15/SkySyncRedir.aspx?Type=2&ResourceId=ce5adb9d31a34e78982517a924282e4d&CallerScenarioId=OneNote-Prod&CallerId=Sync-Windows
InternetURL: C:\Users\wowts\Desktop\Datein\OneDrive - th-koeln.de\OneDrive - smail.th-koeln.de\Alles\Waldemar @ th-koeln.de.url -> URL: hxxps://smailthkoelnde-my.sharepoint.com/personal/waldemar_stieben_smailthkoelnde_onmicrosoft_com/_layouts/15/SkySyncRedir.aspx?Type=2&ResourceId=663d1701d9764a80aec5b798c508dfad&CallerScenarioId=OneNote-Prod&CallerId=Sync-Windows
InternetURL: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Counter-Strike Global Offensive.url -> URL: steam://rungameid/730
InternetURL: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Counter-Strike.url -> URL: steam://rungameid/10
==================== Ende vom Shortcut.txt =============================
|
|
01.12.2021, 13:33
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Lösung: Vram 85-99%+ ausgelastet. Mining Bot? Welchen Sinn hat, von der Anzahl der Funde von wie Malwarebytes zu sprechen, aber dann alle Informationen dazu zu verschweigen?! Hier steht doch überall, dass man die Logs mit Funden posten muss. Abgesehen davon sieht dein System planlos zugemüllt aus - wurde Windows 11 sauber neu installiert oder über ein bestehendes Windows 10 drübergebügelt?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
01.12.2021, 14:10
| #5 |
| | Wie Vram 85-99%+ ausgelastet. Mining Bot? Mahlzeit Cosinus, Danke für deine Antwort. Malwarebytes hatte ich vor einigen Tagen laufen lassen, bevor ich das Forum gefunden hab. Hatte es wieder gelöscht, da es nebenbei lief. Mit dem zugemüllt hast du nicht ganz unrecht, brauche jedoch Privat und für Uni. Windows 11 wurde als Update drüber installiert. |
|
01.12.2021, 14:15
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Wo Vram 85-99%+ ausgelastet. Mining Bot? Lösung!Zitat:
__________________ --> Vram 85-99%+ ausgelastet. Mining Bot? |
|
01.12.2021, 18:52
| #7 |
| | Vram 85-99%+ ausgelastet. Mining Bot? Leider kein Verlauf mehr  Nochmal laufen lassen, keine funde. Soll ich versuchen, Windows 11 zurückzusetzen? Oder hast Du eine andere Idee? VG |
|
01.12.2021, 23:28
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Vram 85-99%+ ausgelastet. Mining Bot? Störende, veraltete oder unnötige Programme deinstallieren Bitte über Programme und Features (appwiz.cpl) deinstallieren:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.12.2021, 20:23
| #9 |
| | Vram 85-99%+ ausgelastet. Mining Bot? Moin, Alles bis auf OpenOffce (ist das unbedingt nötig? Hab Vollversion..) runter geschmissen. Keine Besserung, keine funde. VG |
|
02.12.2021, 20:42
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Vram 85-99%+ ausgelastet. Mining Bot? [gelöst] Das OpenOffice steht abernicht aus Spaß auf der Liste. Ich versteh einfach nicht, warum das da euch Leuten da draußen einfach nicht ankommen will, OpenOffice ist praktisch tot und sollte durch LibreOffice ersetzt werden. Und es stand auch nirgends, dass wir nach dem Deinstallieren der aufgelisteten Programme komplett fertig seien.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.12.2021, 11:19
| #11 |
| | Vram 85-99%+ ausgelastet. Mining Bot? [gelöst] Moin, OpenOffice ist runter, Libre dafür nun da. VG |
|
03.12.2021, 12:49
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Vram 85-99%+ ausgelastet. Mining Bot? [gelöst] adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. adwcleaner zwecks Kontrolle bitte wiederholen, falls es Funde gab.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.12.2021, 13:26
| #13 |
| | Vram 85-99%+ ausgelastet. Mining Bot? [gelöst] So, hier die Logs: Run 1: Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-03-2021
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 16
# Awaiting reboot:1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
Deleted AVG Secure Search
Deleted Amazon
Deleted Bing
Deleted ICQ Search
Deleted ICQ Search
Deleted MyVideo
Deleted OTTO
Deleted Preisvergleich
Deleted Wikipedia
Deleted eBay.de
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\wowts\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Deleted Preinstalled.LenovoServiceBridge Folder C:\Users\wowts\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE
Needs Reboot Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\Windows\LENOVO\IMCONTROLLER
*************************
AdwCleaner[S00].txt - [2368 octets] - [03/12/2021 12:57:34]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Run 2: Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-03-2021
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 2
# Awaiting reboot:1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Needs Reboot Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\Windows\LENOVO\IMCONTROLLER
*************************
AdwCleaner[S00].txt - [2368 octets] - [03/12/2021 12:57:34]
AdwCleaner[C00].txt - [2626 octets] - [03/12/2021 12:59:04]
AdwCleaner[S01].txt - [1651 octets] - [03/12/2021 13:08:34]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
Run 3: =Run 2 VG |
|
03.12.2021, 14:32
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Vram 85-99%+ ausgelastet. Mining Bot? [gelöst] Dann jetzt ein neues FRST.txt und Addition.txt
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.12.2021, 16:08
| #15 |
| | Vram 85-99%+ ausgelastet. Mining Bot? [gelöst] FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-12-2021
durchgeführt von wowts (Administrator) auf WOWTSCHIK (LENOVO 81X2) (03-12-2021 15:57:55)
Gestartet von C:\Users\wowts\Downloads
Geladene Profile: wowts
Plattform: Microsoft Windows 11 Home Version 21H2 22000.348 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366689.inf_amd64_4f0d6991b007c8f1\B366217\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366689.inf_amd64_4f0d6991b007c8f1\B366217\atiesrxx.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\YMC.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_b9fd1528982e300f\LenovoUtilityService.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.SmartAppearance_1.1.10.0_neutral__5grkq8ppsgwt4\CameraConfiguration\CameraConfiguration.exe <2>
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.41\msedgewebview2.exe <6>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.14326.20588.0_x64__8wekyb3d8bbwe\onenoteim.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\regedit.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20045.455.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(Nextcloud GmbH -> Nextcloud GmbH) C:\Program Files\Nextcloud\nextcloud.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1141552 2020-08-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3180256 2021-10-14] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2015-01-29] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN (Keine Datei)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\wowts\AppData\Local\Microsoft\Teams\Update.exe [2459344 2021-12-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (Keine Datei)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [Amazon Music Helper] => C:\Users\wowts\AppData\Local\Amazon Music\Amazon Music Helper.exe [2356312 2021-09-17] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [Amazon Music] => C:\Users\wowts\AppData\Local\Amazon Music\Amazon Music.exe [21370456 2021-09-17] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIREE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [Discord] => C:\Users\wowts\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [Nextcloud] => C:\Program Files\Nextcloud\nextcloud.exe [2739008 2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Run: [] => [X]
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Policies\Explorer: [DissallowRun] 1
HKLM\...\Print\Monitors\EPSON XP-342 343 345 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBREE.DLL [182784 2015-12-09] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2021-12-01]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xxx.exe.lnk [2021-04-15]
ShortcutTarget: xxx.exe.lnk -> C:\Windows\System32\net.exe (Microsoft Windows -> Microsoft Corporation)
GroupPolicy: Beschränkung ? <==== ACHTUNG
GroupPolicy\User: Beschränkung ? <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {18F8950B-F4E0-4B2C-8E8B-31195C06F079} - System32\Tasks\Opera scheduled Autoupdate 1608812151 => C:\Users\wowts\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Keine Datei)
Task: {239A1A46-AF4F-47B2-B042-A8AE5FFAE370} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {246D2A2F-6508-4B14-A7A7-8D5134D6E57B} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4190800 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D38D28F-50D2-4FEC-A450-A7225056836B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-05-10] (Avast Software s.r.o. -> Avast Software)
Task: {30D6AB6A-D4EA-4A2D-B32E-F6113FCF007A} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {34BB7D71-EA5D-41D4-86EB-5EB752DA7AA4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8314824 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {4970B72F-FA6C-489E-B9DF-F13B7293EABE} - System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Auffrischen der Anti-Beacon-Immunisierung => C:\Program Files (x86)\Safer-Networking Ltd\Spybot Anti-Beacon\Spybot3AntiBeacon.exe /apply /silent /atlogon (Keine Datei)
Task: {54F176B0-3B92-443E-B25A-76182A28D4FB} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" <==== ACHTUNG
Task: {5E68E165-9DAA-41E0-8272-F19324B00ABF} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Keine Datei <==== ACHTUNG
Task: {71DD2352-C63D-4F74-BB81-1972F958EBC3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8D31A86D-8A11-4007-9511-4FD92A416C72} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (Keine Datei)
Task: {90FE37F6-C391-4BF9-96C8-D047B8A3EB56} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [443248 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
Task: {9361E511-201D-4D05-A00E-D56DA024A0F2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1600416 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {9CE36D85-6FB0-4EFE-AF7D-0C6826966698} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d0841792-83c8-42fe-8cb3-16ac7452c9cb => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {9E115AB0-D9D7-460D-B159-B62EE6C74BE2} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0691F33-8890-4099-9EC4-7A389F9E6AF7} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (Keine Datei)
Task: {AB39CFED-C536-4D25-9CD2-8804E70D243B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8314824 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {B8A519CB-8E88-4EA9-BBC6-6A4C0E0D2179} - \Lenovo\ImController\TimeBasedEvents\b5e72d1e-3c2b-4022-b8d4-05aaaf0ede3b -> Keine Datei <==== ACHTUNG
Task: {BAA18872-1A38-4BF6-9327-9CA0D261A690} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF3AF84D-5CA9-455D-A33C-F73F6F4E35B7} - \Lenovo\ImController\TimeBasedEvents\16fe7d6a-97e8-4a38-b239-16cce6426068 -> Keine Datei <==== ACHTUNG
Task: {C3805D6C-E3CB-4419-B372-0FA6F79BAC81} - System32\Tasks\Opera scheduled assistant Autoupdate 1608812155 => C:\Users\wowts\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\wowts\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Keine Datei)
Task: {CD55368D-9846-48D6-B0DF-27F72EFC093A} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [201584 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
Task: {D333FBA7-53F8-4995-A7DA-DF266DBFFF91} - \Lenovo\ImController\TimeBasedEvents\6e00c4de-d788-42d6-8ee4-e9f00def51ac -> Keine Datei <==== ACHTUNG
Task: {DCEE1E8E-E441-46AF-8B88-2C1EA0987ED0} - \Lenovo\ImController\TimeBasedEvents\9bd5d08d-2576-4846-8a3a-302919e6ef4d -> Keine Datei <==== ACHTUNG
Task: {DD9424D8-84F6-403C-8DE0-9B82F99A93A5} - \Lenovo\ImController\Lenovo iM Controller Monitor -> Keine Datei <==== ACHTUNG
Task: {E04D1A24-4418-4BFB-AA3C-D54D09044835} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ACHTUNG (Beschränkung - Zones)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{194b8a07-8a49-42e0-ba56-e2c84f8f5540}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{69129b5f-2abf-4956-9cb1-0da2b391e6f7}: [DhcpNameServer] 192.168.32.102
Tcpip\..\Interfaces\{6a13e067-204c-4049-b75d-0e9e01c79d60}: [DhcpNameServer] 192.168.0.38
Tcpip\..\Interfaces\{8532842c-0128-4504-a307-46ec5dcf05db}: [DhcpNameServer] 172.168.127.2
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\wowts\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-03]
Edge Session Restore: Default -> ist aktiviert.
Edge Extension: (Microsoft-Editor: Rechtschreibung- und Grammatikprüfung) - C:\Users\wowts\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hokifickgkhplphjiodbggjmoafhignh [2021-12-01]
Edge HKLM-x32\...\Edge\Extension: [mielbhbkcliienpdicphhecpodcaeefg]
FireFox:
========
FF DefaultProfile: 3ztst3tj.default
FF ProfilePath: C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\3ztst3tj.default [2020-12-21]
FF ProfilePath: C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\ac04xoor.default-release-1638383461723 [2021-12-03]
FF Session Restore: Mozilla\Firefox\Profiles\ac04xoor.default-release-1638383461723 -> ist aktiviert.
FF Extension: (Disconnect) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\ac04xoor.default-release-1638383461723\Extensions\2.0@disconnect.me.xpi [2021-12-01]
FF Extension: (Dark Reader) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\ac04xoor.default-release-1638383461723\Extensions\addon@darkreader.org.xpi [2021-12-01]
FF Extension: (OneNote Web Clipper) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\ac04xoor.default-release-1638383461723\Extensions\Clipper@OneNote.com.xpi [2021-12-01]
FF Extension: (Ninja Cookie) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\ac04xoor.default-release-1638383461723\Extensions\debug@ninja-cookie.com.xpi [2021-12-01]
FF Extension: (Decentraleyes) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\ac04xoor.default-release-1638383461723\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2021-12-01]
FF Extension: (Privacy Badger) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\ac04xoor.default-release-1638383461723\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-12-01]
FF Extension: (uBlock Origin) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\ac04xoor.default-release-1638383461723\Extensions\uBlock0@raymondhill.net.xpi [2021-12-01]
FF Extension: (NoScript) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\ac04xoor.default-release-1638383461723\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-12-01]
FF Extension: (ClearURLs) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\ac04xoor.default-release-1638383461723\Extensions\{74145f27-f039-47ce-a470-a662b129930a}.xpi [2021-12-01]
FF Extension: (YouTube Playlist Download) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\ac04xoor.default-release-1638383461723\Extensions\{753bfcdc-8bcc-4626-89f0-6d22dc209561}.xpi [2021-12-01]
FF Extension: (Citavi Picker) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\ac04xoor.default-release-1638383461723\Extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2021-12-01]
FF Extension: (Google Docs Viewer) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\ac04xoor.default-release-1638383461723\Extensions\{a734ba68-4aac-41e0-9141-9f8d00373d93}.xpi [2021-12-01]
FF Extension: (Matte Black (Red)) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\ac04xoor.default-release-1638383461723\Extensions\{a7589411-c5f6-41cf-8bdc-f66527d9d930}.xpi [2021-12-01]
FF Extension: (The universe of ancient times.) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\ac04xoor.default-release-1638383461723\Extensions\{b6d370bd-f532-4049-9a82-f53b47f369b3}.xpi [2021-12-01]
FF Extension: (Zoom Scheduler) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\ac04xoor.default-release-1638383461723\Extensions\{bf855ead-d7c3-4c7b-9f88-9a7e75c0efdf}.xpi [2021-12-01]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\wowts\AppData\Roaming\Mozilla\Firefox\Profiles\ac04xoor.default-release-1638383461723\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-12-01]
FF ProfilePath: C:\Users\wowts\AppData\Roaming\kompozer.net\KompoZer\Profiles\l6xmpoac.default [2021-08-26]
FF Extension: (Citavi Picker) - C:\Program Files\Mozilla Firefox\distribution\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2021-07-09]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\antibeacon.js [2021-12-02] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
Chrome:
=======
CHR Profile: C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default [2021-12-02]
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Session Restore: Default -> ist aktiviert.
CHR Extension: (Präsentationen) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-23]
CHR Extension: (Docs) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-23]
CHR Extension: (Google Drive) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-23]
CHR Extension: (YouTube) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-23]
CHR Extension: (Slinky Vornehm) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2021-01-23]
CHR Extension: (Avira Password Manager) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-10-14]
CHR Extension: (Adblock für Youtube™) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2021-10-04]
CHR Extension: (Dark Reader) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2021-10-14]
CHR Extension: (Tabellen) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-23]
CHR Extension: (Google Docs Offline) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-14]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-10-14]
CHR Extension: (StudentBook) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiimjijildjkajollpjecaocbbjfobed [2021-01-23]
CHR Extension: (TiltShiftMaker) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjjofhgnhekhkccpcnnloagmdpafifeo [2021-01-23]
CHR Extension: (SnapPages) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\iedpncdncgcneohjpggphlkhjofphgkf [2021-01-23]
CHR Extension: (Zoom Scheduler) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2021-10-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (Citavi Picker) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2021-08-15]
CHR Extension: (Weather Underground) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2021-01-23]
CHR Extension: (Google Mail) - C:\Users\wowts\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-23]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn]
Opera:
=======
OPR Profile: C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable [2021-12-02]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-11-29]
OPR Extension: (I don't care about cookies) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\iambaeepkgdclnmbfdnnohkjjpdglbeo [2021-11-30]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-15]
OPR Extension: (uBlock Origin) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2021-10-15]
OPR Extension: (Zoom Scheduler) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2021-11-29]
OPR Extension: (Install Chrome Extensions) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2021-01-24]
OPR Extension: (Privacy Badger) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\ldfkcgjipgfchpnojicdgpgiocoeelik [2021-12-01]
OPR Extension: (Ninja Cookie) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\naomjjbmcadiepggkdoknhklmklcobna [2021-11-17]
OPR Extension: (Avira Password Manager) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngohaaocccbohaffogpbgfpmpgbcgccg [2021-02-12]
OPR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\wowts\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2021-12-02]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
S3 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [12002208 2019-12-16] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
S4 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-06-30] (GOG Sp. z o.o. -> GOG.com)
S4 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-06-30] (GOG Sp. z o.o. -> GOG.com)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_b9fd1528982e300f\LenovoUtilityService.exe [539128 2021-08-26] (Lenovo -> Lenovo(beijing) Limited)
R2 LITSSVC; C:\WINDOWS\System32\LNBITSSvc.exe [1832944 2021-08-12] (Lenovo -> Lenovo(beijing) Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-12-01] (Malwarebytes Inc -> Malwarebytes)
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [45368 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2557144 2021-09-10] (Electronic Arts, Inc. -> Electronic Arts)
S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3475672 2021-09-10] (Electronic Arts, Inc. -> Electronic Arts)
R2 UDCService; C:\WINDOWS\System32\drivers\Lenovo\udc\Service\UDClientService.exe [116592 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
S4 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10163312 2021-10-14] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-12-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-12-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 YMC; C:\WINDOWS\System32\YMC.exe [856920 2020-06-17] (Lenovo -> Lenovo Group Ltd.)
S3 BrYNSvc; "C:\Program Files (x86)\Browny02\BrYNSvc.exe" [X]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [X]
S4 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 64347b00; C:\WINDOWS\System32\Drivers\64347b00.sys [299544 2021-11-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [41376 2021-07-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0366689.inf_amd64_4f0d6991b007c8f1\B366217\amdkmdag.sys [82677912 2021-04-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2021-02-27] (AVAST Software s.r.o. -> The OpenVPN Project)
R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [184424 2020-07-14] (BayHub Technology Inc. -> BayHubTech/O2Micro)
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60312 2020-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 gvm; C:\WINDOWS\system32\DRIVERS\gvm.sys [393712 2021-05-03] (Google LLC -> Google LLC)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2021-11-29] (Microsoft Windows -> Microsoft Corporation)
R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2021-02-27] (IBM Polska Sp. z o.o. -> IBM)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2021-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-12-01] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193448 2021-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2021-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-12-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2020-08-21] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SymTAP; C:\WINDOWS\System32\drivers\SymTAP.sys [52104 2020-05-28] (Symantec Corporation -> The OpenVPN Project)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8217168 2021-10-14] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2021-12-02] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435424 2021-12-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-12-02] (Microsoft Windows -> Microsoft Corporation)
U1 avgbdisk; kein ImagePath
S0 klupd_64347b00a_arkmon; System32\Drivers\klupd_64347b00a_arkmon.sys [X]
S3 klupd_64347b00a_arkmon_6D66C841; \??\C:\KVRT2020_Data\Temp\6D66C841DE4E80E48D94B67F324D5423\klupd_64347b00a_arkmon.sys [X]
S3 klupd_64347b00a_klark; System32\Drivers\klupd_64347b00a_klark.sys [X]
S0 klupd_64347b00a_klbg; System32\Drivers\klupd_64347b00a_klbg.sys [X]
S3 klupd_64347b00a_mark; System32\Drivers\klupd_64347b00a_mark.sys [X]
U4 npcap_wifi; kein ImagePath
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-12-03 15:53 - 2021-12-03 15:53 - 000000000 ____D C:\Users\wowts\AppData\LocalLow\IGDump
2021-12-03 15:52 - 2021-12-03 15:52 - 002311680 _____ (Farbar) C:\Users\wowts\Downloads\FRST64.exe
2021-12-03 14:36 - 2021-12-03 15:58 - 000032057 _____ C:\Users\wowts\Downloads\FRST.txt
2021-12-03 14:36 - 2021-12-03 15:55 - 000047314 _____ C:\Users\wowts\Downloads\Addition.txt
2021-12-03 13:58 - 2021-12-03 14:03 - 000000000 ____D C:\Users\wowts\Desktop\Forum
2021-12-03 13:57 - 2021-12-03 13:57 - 000000000 ____D C:\Users\wowts\Desktop\Blog
2021-12-03 13:14 - 2021-12-03 13:14 - 000000000 ____D C:\Program Files (x86)\Lenovo
2021-12-03 13:00 - 2021-12-03 13:00 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-12-03 12:59 - 2021-12-03 12:59 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-12-03 12:59 - 2021-12-03 12:59 - 000193448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-12-03 12:59 - 2021-12-03 12:59 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-12-03 11:10 - 2021-12-03 11:10 - 000000000 ____D C:\Users\wowts\AppData\LocalLow\AMD
2021-12-03 10:07 - 2021-12-03 10:07 - 000002409 _____ C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams (work or school).lnk
2021-12-02 21:25 - 2021-12-02 21:26 - 014349527 _____ C:\Users\wowts\Downloads\183672.zip
2021-12-02 21:24 - 2021-12-02 21:24 - 009931809 _____ C:\Users\wowts\Downloads\190222.zip
2021-12-02 20:48 - 2021-12-02 20:48 - 005022673 _____ C:\Users\wowts\Downloads\190233.zip
2021-12-02 18:53 - 2021-12-02 18:53 - 000000000 ____D C:\Users\wowts\Desktop\AskAdmin
2021-12-02 15:34 - 2021-07-30 13:17 - 000041376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdfendrmgr.sys
2021-12-02 15:15 - 2021-12-02 19:24 - 000047315 _____ C:\Users\wowts\Documents\Bolzen(Automatisch wiederhergestellt).xlsx
2021-12-02 13:33 - 2021-12-02 13:33 - 000006603 _____ C:\Users\wowts\Desktop\Bolzen.xlsx
2021-12-02 13:33 - 2021-12-02 13:33 - 000000165 ____H C:\Users\wowts\Desktop\~$Bolzen.xlsx
2021-12-02 11:37 - 2021-12-02 11:37 - 000000000 ____D C:\Users\wowts\AppData\Roaming\LibreOffice
2021-12-02 11:30 - 2021-12-02 11:30 - 000001153 _____ C:\Users\Public\Desktop\LibreOffice 7.2.lnk
2021-12-02 11:30 - 2021-12-02 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.2
2021-12-02 11:29 - 2021-12-02 11:30 - 000000000 ____D C:\Program Files\LibreOffice
2021-12-02 11:17 - 2021-12-02 11:22 - 339107840 _____ C:\Users\wowts\Downloads\LibreOffice_7.2.3_Win_x64.msi
2021-12-02 11:10 - 2021-12-02 11:10 - 000000085 _____ C:\WINDOWS\wininit.ini
2021-12-02 10:56 - 2021-12-02 10:56 - 000000000 ____H C:\ProgramData\rebootpending.txt
2021-12-01 19:31 - 2021-12-01 19:31 - 000000000 ____D C:\Users\wowts\Desktop\Alte Firefox-Daten
2021-12-01 13:58 - 2021-12-01 13:58 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-12-01 13:58 - 2021-12-01 13:58 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-12-01 13:58 - 2021-12-01 13:58 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-12-01 13:58 - 2021-12-01 13:58 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-12-01 13:58 - 2021-12-01 13:57 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-12-01 13:57 - 2021-12-01 13:57 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-11-30 18:15 - 2021-11-30 17:10 - 000455026 _____ C:\WINDOWS\system32\Drivers\etc\hosts.original-30.11.2021
2021-11-30 17:57 - 2021-12-03 15:58 - 000000000 ____D C:\FRST
2021-11-30 17:17 - 2021-11-30 17:55 - 000000000 ___HD C:\$SysReset
2021-11-29 15:10 - 2021-11-29 15:10 - 000040960 _____ C:\WINDOWS\system32\prxyqry.dll
2021-11-29 15:10 - 2021-11-29 15:10 - 000015040 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-29 15:10 - 2021-11-29 15:10 - 000013824 _____ C:\WINDOWS\SysWOW64\prxyqry.dll
2021-11-29 15:09 - 2021-11-29 15:09 - 000000000 ___HD C:\$WinREAgent
2021-11-29 15:04 - 2021-11-29 15:04 - 000215552 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2021-11-29 13:30 - 2021-11-29 13:30 - 000000000 ____D C:\ProgramData\Emsisoft
2021-11-29 13:29 - 2021-12-01 10:59 - 000000000 ____D C:\EEK
2021-11-29 13:26 - 2021-11-29 13:26 - 000299544 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\64347b00.sys
2021-11-29 13:13 - 2021-11-29 13:13 - 000040960 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2021-11-29 13:12 - 2021-11-29 13:13 - 000000000 ____D C:\ProgramData\HitmanPro
2021-11-29 12:45 - 2021-11-29 14:43 - 000000000 ____D C:\ProgramData\AVG
2021-11-29 12:20 - 2021-11-29 12:20 - 000425230 _____ C:\Users\wowts\Downloads\OneDrive_1_29.11.2021.zip
2021-11-29 10:36 - 2021-12-01 10:49 - 000000681 _____ C:\Users\wowts\Desktop\ESET Online Scanner.lnk
2021-11-29 10:35 - 2021-11-29 10:35 - 000000780 _____ C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-11-29 10:35 - 2021-11-29 10:35 - 000000000 ____D C:\Users\wowts\AppData\Local\ESET
2021-11-29 09:20 - 2021-11-29 09:20 - 000000000 ____D C:\Users\wowts\AppData\Local\mbam
2021-11-29 09:17 - 2021-12-01 13:57 - 000000000 ____D C:\Program Files\Malwarebytes
2021-11-28 23:51 - 2021-11-28 21:21 - 000454567 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20211128-235106.backup
2021-11-27 22:24 - 2021-11-27 22:24 - 000000000 ____D C:\Users\wowts\AppData\Local\Bigpoint GmbH
2021-11-27 22:22 - 2021-11-27 22:22 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DarkOrbit
2021-11-27 22:19 - 2021-11-27 22:24 - 000000000 ____D C:\Users\wowts\Dark Orbit
2021-11-26 16:40 - 2021-11-26 16:42 - 009451378 _____ C:\Users\wowts\Downloads\Feedback-XXXXXXXXX-V3.pdf
2021-11-26 14:18 - 2021-11-26 14:18 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Delphi
2021-11-26 14:18 - 2021-11-26 14:18 - 000000000 ____D C:\ProgramData\Delphi
2021-11-26 14:11 - 2021-11-26 14:12 - 000000000 ____D C:\Users\wowts\Desktop\Diagnose
2021-11-26 11:37 - 2021-11-26 14:18 - 000000249 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2021-11-26 11:37 - 2021-11-26 11:37 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Autocom
2021-11-26 11:37 - 2021-11-26 11:37 - 000000000 ____D C:\ProgramData\Common Diagnostics
2021-11-26 11:37 - 2021-11-26 11:37 - 000000000 ____D C:\ProgramData\Autocom
2021-11-26 11:25 - 2021-11-26 11:25 - 000000000 ____D C:\Users\wowts\Documents\CarPort
2021-11-26 11:25 - 2021-11-26 11:25 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Obsidium
2021-11-26 11:25 - 2021-11-26 11:25 - 000000000 ____D C:\Users\wowts\AppData\Roaming\MPP-Engineering
2021-11-26 11:25 - 2021-11-26 11:25 - 000000000 ____D C:\Users\wowts\AppData\Local\MPP-Engineering
2021-11-25 13:52 - 2021-11-25 13:52 - 000000000 _____ C:\Users\wowts\Downloads\Eraser_6.2.0.2993.exe.part
2021-11-23 19:05 - 2021-11-23 19:06 - 008814674 _____ C:\Users\wowts\Downloads\Praktikum Gedaempfte Schwingung (1) (2).pdf
2021-11-23 10:07 - 2021-11-23 12:04 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-11-22 18:21 - 2021-11-22 18:24 - 008814674 _____ C:\Users\wowts\Downloads\Praktikum Gedaempfte Schwingung (1) (1).pdf
2021-11-22 12:53 - 2021-11-22 12:53 - 000159961 _____ C:\Users\wowts\Downloads\202111091348408430_2213437_200919.pdf
2021-11-22 12:52 - 2021-11-22 12:53 - 000410438 _____ C:\Users\wowts\Downloads\202111091921079470_2239425_200919.eml
2021-11-22 09:24 - 2021-11-22 09:24 - 008814674 _____ C:\Users\wowts\Downloads\Praktikum Gedaempfte Schwingung (1).pdf
2021-11-19 16:13 - 2021-11-19 16:13 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-11-19 14:19 - 2021-11-19 14:21 - 023061073 _____ C:\Users\wowts\Downloads\01 Vorlesungsunterlagen.zip
2021-11-18 13:00 - 2019-06-05 04:43 - 000135667 _____ C:\WINDOWS\system32\Drivers\rtldata.txt
2021-11-18 10:49 - 2021-11-07 22:36 - 000109296 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-11-18 03:31 - 2021-11-18 03:31 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7c0f368e88e72
2021-11-16 20:43 - 2021-11-16 20:44 - 048334535 _____ C:\Users\wowts\Downloads\405.pdf
2021-11-15 10:15 - 2021-11-15 10:15 - 000000018 _____ C:\Users\wowts\delte
2021-11-15 10:14 - 2021-11-15 10:14 - 000000011 _____ C:\Users\wowts\delete
2021-11-12 12:38 - 2021-11-12 12:38 - 000401898 _____ C:\Users\wowts\Desktop\SHA-Antragsformular_Version_SARS-CoV-2.pdf
2021-11-12 03:13 - 2021-04-23 08:23 - 001865880 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-11-12 03:13 - 2021-04-23 08:23 - 001865880 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-11-12 03:13 - 2021-04-23 08:23 - 001446544 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-11-12 03:13 - 2021-04-23 08:23 - 001446544 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-11-12 03:13 - 2021-04-23 08:23 - 001101752 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 001101752 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000954920 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000954920 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000744600 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000628888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000098456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000083096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000054408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2021-11-12 03:13 - 2021-04-23 08:23 - 000051336 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000504472 _____ C:\WINDOWS\system32\GameManager64.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000500888 _____ C:\WINDOWS\system32\dgtrayicon.exe
2021-11-12 03:13 - 2021-04-23 08:22 - 000440448 _____ C:\WINDOWS\system32\EEURestart.exe
2021-11-12 03:13 - 2021-04-23 08:22 - 000387712 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000354432 _____ C:\WINDOWS\system32\clinfo.exe
2021-11-12 03:13 - 2021-04-23 08:22 - 000253064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000220808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000174752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000174216 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000148608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000027888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2021-11-12 03:13 - 2021-04-23 08:22 - 000027864 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 081591432 _____ C:\WINDOWS\system32\amd_comgr.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 067170952 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 005528184 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 001510008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiacm64.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 001339504 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000829064 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2021-11-12 03:13 - 2021-04-23 08:21 - 000476296 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000464008 _____ C:\WINDOWS\system32\atieah64.exe
2021-11-12 03:13 - 2021-04-23 08:21 - 000359560 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2021-11-12 03:13 - 2021-04-23 08:21 - 000190088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000166360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000143480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000138880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000133256 _____ C:\WINDOWS\system32\atidxx64.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000123528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000115336 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2021-11-12 03:13 - 2021-04-23 08:21 - 000077936 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2021-11-12 03:13 - 2021-04-23 08:20 - 072489608 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2021-11-12 03:13 - 2021-04-23 08:20 - 000948888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2021-11-12 03:13 - 2021-04-23 08:20 - 000776344 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2021-11-12 03:13 - 2021-04-23 08:20 - 000497288 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2021-11-12 03:13 - 2021-04-23 08:20 - 000474272 _____ C:\WINDOWS\system32\amdlogum.exe
2021-11-12 03:13 - 2021-04-23 08:20 - 000387720 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 001708432 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 001384944 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000559704 _____ C:\WINDOWS\system32\amdmiracast.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000145304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000139576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000139576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000129464 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000117304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2021-11-12 03:13 - 2021-04-23 08:19 - 000117288 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2021-11-12 03:13 - 2021-04-23 07:49 - 059070488 _____ C:\WINDOWS\system32\amdxc64.so
2021-11-12 03:13 - 2021-04-23 07:49 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2021-11-12 03:13 - 2021-04-23 07:49 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2021-11-12 03:13 - 2021-04-23 07:49 - 000557888 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2021-11-12 03:13 - 2021-04-23 07:49 - 000557888 _____ C:\WINDOWS\system32\atiapfxx.blb
2021-11-12 03:13 - 2021-04-23 07:49 - 000128048 _____ C:\WINDOWS\system32\kapp_ci.sbin
2021-11-12 03:13 - 2021-04-23 07:49 - 000076237 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2021-11-12 03:13 - 2021-04-23 07:49 - 000012344 _____ C:\WINDOWS\system32\brandingWS_RSX.bmp
2021-11-12 03:13 - 2021-04-23 07:49 - 000012344 _____ C:\WINDOWS\system32\brandingRSX.bmp
2021-11-12 03:13 - 2021-04-23 07:49 - 000011014 _____ C:\WINDOWS\system32\atiacmLocalisation.ini
2021-11-12 03:13 - 2021-04-23 07:49 - 000000822 _____ C:\WINDOWS\system32\branding.bmp
2021-11-12 00:15 - 2021-11-12 00:15 - 000106344 _____ C:\Users\wowts\Documents\Praktikum1.mw
2021-11-12 00:00 - 2021-11-12 00:00 - 000699151 _____ C:\Users\wowts\Documents\Praktikum 2.mw
2021-11-11 21:26 - 2021-11-11 21:26 - 000048681 _____ C:\Users\wowts\Documents\Mathe 2 Praktikum Aufgabe 7 DGl 2.O. Randwert.mw
2021-11-11 19:16 - 2021-11-11 19:16 - 000000000 ____D C:\Users\wowts\Maple
2021-11-11 18:58 - 2021-11-11 18:58 - 000001105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maple 2021.lnk
2021-11-11 18:58 - 2021-11-11 18:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maple 2021
2021-11-11 18:51 - 2021-11-11 19:08 - 000000000 ____D C:\Program Files\Maple 2021
2021-11-11 18:29 - 2021-11-12 17:01 - 000035841 _____ C:\Users\wowts\Documents\Aufgabe 7.2.mw
2021-11-11 18:29 - 2021-11-12 17:01 - 000035507 _____ C:\Users\wowts\Documents\aufgabe 7.mw
2021-11-11 15:26 - 2021-11-11 15:26 - 011349663 _____ C:\Users\wowts\Downloads\Endfeedback-XXXXXXXXX-V2.pdf
2021-11-11 13:47 - 2021-10-08 11:00 - 000160376 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys
2021-11-11 10:25 - 2021-11-11 10:25 - 000190883 _____ C:\Users\wowts\Downloads\KL_Kran-Projektaufgabe_WS 21-22.pdf
2021-11-11 10:25 - 2021-11-11 10:25 - 000169344 _____ C:\Users\wowts\Downloads\KL_Kran-Projektaufgabe_Deckblatt_WS 21-22.pdf
2021-11-10 18:58 - 2021-11-11 20:34 - 000036049 _____ C:\Users\wowts\Documents\,,,.mw
2021-11-10 12:57 - 2021-11-10 12:57 - 000000000 ____D C:\Users\wowts\AppData\Roaming\VS Revo Group
2021-11-10 09:53 - 2021-12-01 09:40 - 000000000 ____D C:\Users\wowts\Desktop\Alles
2021-11-10 02:58 - 2021-11-10 02:58 - 000286720 _____ C:\WINDOWS\system32\AggregatorHost.exe
2021-11-10 02:58 - 2021-11-10 02:58 - 000077824 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-09 20:00 - 2021-11-09 20:00 - 000157859 _____ C:\Users\wowts\Downloads\202110062004282930_2150114_200919.pdf
2021-11-09 14:40 - 2021-11-09 14:41 - 015920937 _____ C:\Users\wowts\Downloads\Praktikum Absorbtion.V2.pdf
2021-11-09 00:52 - 2021-11-09 00:52 - 000118814 _____ C:\Users\wowts\Documents\asxaxasxa.mw
2021-11-06 00:44 - 2021-11-06 00:44 - 000121344 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-06 00:44 - 2021-11-06 00:44 - 000024576 _____ C:\WINDOWS\system32\nrtapi.dll
2021-11-06 00:44 - 2021-11-06 00:44 - 000006656 _____ C:\WINDOWS\SysWOW64\nrtapi.dll
2021-11-06 00:43 - 2021-11-06 00:43 - 000258048 _____ C:\WINDOWS\system32\CoreMas.dll
2021-11-06 00:43 - 2021-11-06 00:43 - 000208896 _____ C:\WINDOWS\system32\IHDS.dll
2021-11-06 00:43 - 2021-11-06 00:43 - 000167936 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-04 23:25 - 2021-11-04 23:25 - 000001935 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nextcloud.lnk
2021-11-04 22:40 - 2021-11-29 10:26 - 000000000 ____D C:\Users\wowts\AppData\Roaming\FileZilla
2021-11-04 22:40 - 2021-11-28 11:25 - 000000000 ____D C:\Users\wowts\AppData\Local\FileZilla
2021-11-04 22:37 - 2021-11-04 22:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2021-11-04 22:37 - 2021-11-04 22:37 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2021-11-04 09:40 - 2021-11-04 09:40 - 000040763 _____ C:\Users\wowts\Downloads\eBay-Widerrufsbelehrung (1).pdf
2021-11-04 09:40 - 2021-11-04 09:40 - 000005456 _____ C:\Users\wowts\Downloads\eBay-Widerrufsbelehrung (1).html
2021-11-04 09:40 - 2021-11-04 09:40 - 000005298 _____ C:\Users\wowts\Downloads\eBay-Widerrufsbelehrung (1).txt
2021-11-04 09:39 - 2021-11-04 09:39 - 000056309 _____ C:\Users\wowts\Downloads\EBAY-AGB_BASIC-INKL.DATENSCHUTZ (1).pdf
2021-11-04 09:39 - 2021-11-04 09:39 - 000023370 _____ C:\Users\wowts\Downloads\EBAY-AGB_BASIC-INKL.DATENSCHUTZ (4).html
2021-11-04 09:27 - 2021-11-04 09:27 - 000310915 _____ C:\Users\wowts\Downloads\Retourenformular (1).pdf
2021-11-04 09:27 - 2021-11-04 09:27 - 000299132 _____ C:\Users\wowts\Downloads\Muster_Versand-_und_Zahlungsinformationen (1).pdf
2021-11-04 09:27 - 2021-11-04 09:27 - 000225153 _____ C:\Users\wowts\Downloads\Zugangsbestaetigung.pdf
2021-11-04 09:27 - 2021-11-04 09:27 - 000197292 _____ C:\Users\wowts\Downloads\Auftragsbestaetigung.pdf
2021-11-04 09:26 - 2021-11-04 09:27 - 000177885 _____ C:\Users\wowts\Downloads\Muster-Rechnungen (1).pdf
2021-11-04 09:26 - 2021-11-04 09:26 - 000180429 _____ C:\Users\wowts\Downloads\Vertrag_ueber_die_Ueberlassung_und_Verwendung_von_Model-Bildern_mit_Datenschutzhinweisen.pdf
2021-11-04 09:25 - 2021-11-04 09:25 - 000226971 _____ C:\Users\wowts\Downloads\Muster_fuer_eine_Geheimhaltungsvereinbarung.pdf
2021-11-04 09:25 - 2021-11-04 09:25 - 000150333 _____ C:\Users\wowts\Downloads\E-Mail_Signatur_fuer_Kaufleute (1).pdf
2021-11-04 09:24 - 2021-11-04 09:24 - 000155203 _____ C:\Users\wowts\Downloads\E-Mail_Signatur_fuer_GmbH_und_UG.pdf
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-12-03 15:57 - 2020-12-21 15:39 - 000000000 ____D C:\Users\wowts\Downloads\Programe
2021-12-03 15:55 - 2021-06-05 13:09 - 000000000 ____D C:\WINDOWS\INF
2021-12-03 15:54 - 2021-10-14 13:01 - 001768198 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-03 15:54 - 2021-06-05 18:53 - 000766156 _____ C:\WINDOWS\system32\perfh007.dat
2021-12-03 15:54 - 2021-06-05 18:53 - 000158958 _____ C:\WINDOWS\system32\perfc007.dat
2021-12-03 15:53 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-03 15:53 - 2020-12-21 14:45 - 000000000 ____D C:\Users\wowts\AppData\LocalLow\Mozilla
2021-12-03 15:50 - 2021-10-14 13:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-12-03 15:50 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-12-03 15:50 - 2020-12-21 14:45 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-03 15:47 - 2021-10-14 13:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-03 15:47 - 2021-10-14 13:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-03 15:47 - 2021-10-14 12:13 - 000000000 ____D C:\Users\wowts
2021-12-03 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ServiceState
2021-12-03 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-03 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-03 15:47 - 2021-04-19 10:31 - 000000000 ___SD C:\Homecloud
2021-12-03 15:47 - 2020-05-06 19:33 - 000012288 ___SH C:\DumpStack.log.tmp
2021-12-03 15:46 - 2021-10-28 20:04 - 000000000 ____D C:\Users\wowts\Downloads\bin64
2021-12-03 15:46 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-12-03 15:46 - 2021-04-19 08:41 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Nextcloud
2021-12-03 15:45 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-03 15:44 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\registration
2021-12-03 15:44 - 2020-12-02 02:00 - 000000000 ____D C:\ProgramData\Lenovo
2021-12-03 15:33 - 2021-03-01 12:30 - 000000000 ____D C:\Users\wowts\AppData\Local\CrashDumps
2021-12-03 15:30 - 2020-12-21 13:40 - 000000000 ____D C:\Users\wowts\AppData\Local\D3DSCache
2021-12-03 14:35 - 2021-01-18 13:34 - 000000000 ____D C:\Users\wowts\Documents\Outlook-Dateien
2021-12-03 13:15 - 2020-12-21 13:40 - 000000000 ____D C:\Users\wowts\AppData\Local\Lenovo
2021-12-03 13:03 - 2020-12-02 01:59 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-03 12:59 - 2021-06-05 13:01 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-12-03 11:23 - 2020-12-02 02:07 - 000000000 ____D C:\WINDOWS\TempInst
2021-12-03 11:08 - 2021-01-26 18:32 - 000000000 ____D C:\Program Files\AMD
2021-12-03 11:08 - 2020-12-21 13:40 - 000000000 ____D C:\Users\wowts\AppData\Local\AMD
2021-12-03 11:02 - 2020-12-02 02:01 - 000000512 _____ C:\Users\Public\amdsfhdcd.bin
2021-12-03 10:47 - 2020-12-21 13:40 - 000000000 ____D C:\Users\wowts\AppData\Local\Packages
2021-12-03 10:44 - 2021-10-14 13:00 - 000673072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-03 10:43 - 2021-10-20 08:23 - 000000000 ____D C:\inetpub
2021-12-03 10:43 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2021-12-03 10:43 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\system32\lxss
2021-12-03 10:43 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2021-12-03 10:43 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-12-03 10:13 - 2021-06-05 13:10 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-12-03 10:07 - 2021-01-23 02:34 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-12-03 10:07 - 2020-12-21 16:38 - 000000000 ____D C:\Users\wowts\AppData\Local\SquirrelTemp
2021-12-03 10:06 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-03 09:52 - 2021-02-25 17:45 - 000000000 ____D C:\Users\wowts\AppData\Local\CCleaner Browser
2021-12-03 09:50 - 2021-02-14 23:12 - 000000000 ____D C:\Users\wowts\Documents\Citavi 6
2021-12-02 22:19 - 2020-12-21 13:30 - 000000000 ____D C:\ProgramData\Packages
2021-12-02 19:12 - 2020-12-21 14:36 - 000000000 ____D C:\Users\wowts\Desktop\Datein
2021-12-02 18:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2021-12-02 15:57 - 2021-10-14 13:00 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2021-12-02 15:35 - 2020-12-02 01:59 - 000000000 ____D C:\ProgramData\Package Cache
2021-12-02 15:26 - 2020-12-02 01:59 - 000000000 ___HD C:\AMD
2021-12-02 15:23 - 2021-02-01 20:37 - 000000000 ____D C:\Users\wowts\AppData\Local\AMD_Common
2021-12-02 14:52 - 2020-05-06 19:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-12-02 14:32 - 2020-12-23 15:51 - 000007617 _____ C:\Users\wowts\AppData\Local\Resmon.ResmonCfg
2021-12-02 14:26 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-12-02 11:36 - 2020-12-24 15:39 - 000000000 ___RD C:\Users\wowts\Desktop\Programe
2021-12-02 11:11 - 2021-10-20 08:21 - 000000000 ____D C:\Program Files\Npcap
2021-12-02 11:10 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-12-02 11:10 - 2021-04-14 13:05 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2021-12-02 11:07 - 2021-01-04 16:24 - 000007750 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-12-02 11:06 - 2021-10-14 13:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2021-12-02 11:06 - 2021-02-18 19:54 - 000002054 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2021-12-02 11:06 - 2020-12-02 02:01 - 000000000 ____D C:\Program Files\Lenovo
2021-12-02 11:04 - 2021-02-14 22:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2021-12-02 11:04 - 2021-02-14 22:40 - 000000000 ____D C:\Program Files\Java
2021-12-02 11:02 - 2021-01-23 22:48 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-02 11:01 - 2021-02-14 23:09 - 000000000 ____D C:\Users\wowts\AppData\Local\Docker
2021-12-02 11:00 - 2021-04-14 13:05 - 000001524 _____ C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Delphi Toasts App.lnk
2021-12-02 10:58 - 2020-12-24 13:12 - 000000000 ____D C:\ProgramData\Avira
2021-12-01 19:31 - 2021-10-14 13:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-12-01 17:53 - 2021-02-01 20:18 - 000000000 ____D C:\Users\wowts\AppData\Local\ElevatedDiagnostics
2021-12-01 14:02 - 2021-10-16 11:28 - 000001972 _____ C:\Users\wowts\Desktop\EET2.lnk
2021-12-01 13:58 - 2021-06-05 13:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-12-01 09:40 - 2020-12-21 20:53 - 000000000 ___RD C:\Users\wowts\Desktop\Spiele
2021-11-30 17:10 - 2021-10-14 12:12 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-11-30 17:10 - 2019-12-07 10:14 - 000455026 _____ C:\WINDOWS\system32\Drivers\etc\.hosts
2021-11-29 21:38 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\id-ID
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-11-29 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-29 15:47 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\servicing
2021-11-29 15:04 - 2021-10-14 13:01 - 003086336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-11-29 14:43 - 2021-01-24 17:12 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-11-29 10:23 - 2021-06-05 13:01 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-11-29 10:18 - 2020-12-24 13:10 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-11-29 09:38 - 2021-08-26 20:19 - 000000000 ____D C:\Users\wowts\AppData\LocalLow\IObit
2021-11-29 09:38 - 2021-05-06 12:14 - 000000000 ____D C:\ProgramData\IObit
2021-11-29 09:38 - 2021-05-06 12:13 - 000000000 ____D C:\Users\wowts\AppData\Roaming\IObit
2021-11-28 18:10 - 2021-02-12 17:50 - 000000128 _____ C:\Users\wowts\AppData\Local\PUTTY.RND
2021-11-26 11:30 - 2021-08-26 20:18 - 000000000 ____D C:\ProgramData\WinZip
2021-11-26 10:53 - 2020-12-21 14:29 - 000000000 ____D C:\Program Files\Maple 2020
2021-11-25 22:42 - 2020-12-21 15:39 - 000000000 ____D C:\Users\wowts\Downloads\Uni
2021-11-25 12:49 - 2021-10-14 13:12 - 000004196 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1608812151
2021-11-23 12:04 - 2020-12-21 14:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-23 11:55 - 2020-12-21 14:45 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-22 18:49 - 2021-10-20 08:15 - 000005202 _____ C:\WINDOWS\storelibdebug.txt
2021-11-22 14:59 - 2021-10-14 13:12 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-778103176-1376588227-3002950867-1001
2021-11-22 14:59 - 2020-12-21 13:34 - 000002406 _____ C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-19 16:13 - 2020-12-21 16:38 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Zoom
2021-11-18 03:31 - 2021-10-14 13:12 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-16 20:59 - 2021-10-16 11:28 - 000002380 _____ C:\Users\wowts\Desktop\WK2.lnk
2021-11-14 14:27 - 2020-12-02 02:01 - 000000000 ____D C:\Program Files\Microsoft Office
2021-11-12 17:01 - 2021-01-02 10:46 - 000000000 ____D C:\Users\wowts\.maplesoft
2021-11-11 19:08 - 2021-01-02 19:08 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Maple
2021-11-10 12:55 - 2021-04-14 14:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-11-10 09:53 - 2021-10-16 11:28 - 000002037 _____ C:\Users\wowts\Desktop\Physik 2.lnk
2021-11-10 09:52 - 2021-10-09 10:34 - 000001860 _____ C:\Users\wowts\Desktop\Semester 4 WS21.lnk
2021-11-10 09:52 - 2020-12-21 14:33 - 000001542 _____ C:\Users\wowts\Desktop\OneDrive.lnk
2021-11-10 05:00 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-11-10 05:00 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-10 03:07 - 2020-12-24 12:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-10 03:01 - 2020-12-24 12:31 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-07 22:36 - 2021-08-17 23:01 - 000429952 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2021-11-07 22:36 - 2021-08-17 23:01 - 000063728 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-11-07 22:36 - 2020-12-02 02:00 - 000109296 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2021-11-07 02:40 - 2021-08-21 13:11 - 000001040 _____ C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2021-11-06 22:00 - 2021-10-31 15:13 - 000000000 ____D C:\WINDOWS\SysWOW64\ncp
2021-11-06 00:55 - 2021-04-28 07:32 - 000000000 ____D C:\Users\wowts\AppData\Roaming\vlc
2021-11-04 23:57 - 2021-02-21 23:50 - 000002286 ____H C:\Users\wowts\Documents\Default.rdp
2021-11-04 23:25 - 2021-10-13 16:47 - 000000000 ____D C:\Program Files\Nextcloud
2021-11-04 22:54 - 2021-01-24 15:53 - 000000439 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-11-04 22:30 - 2021-05-14 22:12 - 000000000 ____D C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-12-26 15:12 - 2021-07-23 10:16 - 000000128 _____ () C:\Users\wowts\AppData\Roaming\winscp.rnd
2021-02-06 10:12 - 2021-02-10 12:20 - 000018267 _____ () C:\Users\wowts\AppData\Local\PlariumPlay.log
2021-02-12 17:50 - 2021-11-28 18:10 - 000000128 _____ () C:\Users\wowts\AppData\Local\PUTTY.RND
2021-05-15 09:26 - 2021-05-15 09:26 - 000015975 _____ () C:\Users\wowts\AppData\Local\recently-used.xbel
2020-12-23 15:51 - 2021-12-02 14:32 - 000007617 _____ () C:\Users\wowts\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Additions: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-12-2021
durchgeführt von wowts (03-12-2021 15:58:46)
Gestartet von C:\Users\wowts\Downloads
Microsoft Windows 11 Home Version 21H2 22000.348 (X64) (2021-10-14 12:12:39)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-778103176-1376588227-3002950867-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-778103176-1376588227-3002950867-503 - Limited - Disabled)
Gast (S-1-5-21-778103176-1376588227-3002950867-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-778103176-1376588227-3002950867-504 - Limited - Disabled)
wowts (S-1-5-21-778103176-1376588227-3002950867-1001 - Administrator - Enabled) => C:\Users\wowts
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Spybot - Search and Destroy (Disabled - Out of date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Amazon Music (HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Amazon Amazon Music) (Version: 8.7.1.2286 - Amazon.com Services LLC)
Apache NetBeans IDE 12.2 (HKLM\...\nbi-nb-all-12.2.0.0.201121) (Version: 12.2 - Apache NetBeans)
AusweisApp2 (HKLM-x32\...\{F3E22721-7F7E-472F-BBBA-6B5572E15A58}) (Version: 1.22.0 - Governikus GmbH & Co. KG)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1189.1 - AVAST Software) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BrLauncher (HKLM-x32\...\{C661197A-6B93-4E37-9E3F-2A1DFCD64234}) (Version: 1.1.15.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{B556F816-FF4D-4BB6-9339-ED28639E2EF3}) (Version: 1.0.2.1 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{0648F446-BAE9-402F-9BEC-8B333959D8FB}) (Version: 1.2.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{A242EB06-0518-48A3-AF7A-5973BE9CAF7B}) (Version: 1.0.7.3 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{F8F9EB58-33BA-4FF8-80E7-66D87D2E0C3C}) (Version: 1.0.9.0 - Brother Industries Ltd.) Hidden
Citavi 6 (HKLM-x32\...\{6A331045-8FF4-4BC9-9C56-E593ACAE28C2}) (Version: 6.10.0.0 - Swiss Academic Software)
CodeMeter Runtime Kit v7.00 (HKLM\...\{9054FBAC-C4FD-4FC2-B3F2-E4E41E49A20B}) (Version: 7.00.3918.500 - WIBU-SYSTEMS AG)
ControlCenter4 (HKLM-x32\...\{9ADB625A-7F6D-4C48-9058-4767A55D5424}) (Version: 4.2.438.1 - Brother Insutries Ltd.) Hidden
Dark Orbit (HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\{80d70823-f874-42a3-82af-2b7a4425bede}) (Version: 1.0.0 - Bigpoint GmbH)
DeviceDetect (HKLM-x32\...\{F805D16D-AB79-4DC7-A60F-436621995275}) (Version: 1.2.1.0 - Brother Industries Ltd.) Hidden
Discord (HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Docker Desktop (HKLM\...\Docker Desktop) (Version: 3.1.0 - Docker Inc.)
Druckerdeinstallation für EPSON XP-342 343 345 Series (HKLM\...\EPSON XP-342 343 345 Series) (Version: - Seiko Epson Corporation)
Epic Games Launcher (HKLM-x32\...\{07D9F8F3-EC99-4133-919D-DA341C62937C}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version: - Ubisoft)
FileZilla Client 3.56.2 (HKLM-x32\...\FileZilla Client) (Version: 3.56.2 - Tim Kosse)
GIMP 2.10.24 (HKLM\...\GIMP-2_is1) (Version: 2.10.24 - The GIMP Team)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
GRAPHISOFT BIMx Desktop Viewer (HKLM\...\BIMx Viewer 23.0 GEN FULL R1 1) (Version: 2019.2.2328.0 - GRAPHISOFT SE)
GRAPHISOFT License Manager Tool (HKLM\...\License Manager Tool 20.0 GER FULL R1 1) (Version: 20.0.0.4800 - GRAPHISOFT SE)
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation)
Java(TM) SE Development Kit 15.0.2 (64-bit) (HKLM\...\{2041CF7D-1F63-5C58-9F35-C445251E39C9}) (Version: 15.0.2.0 - Oracle Corporation)
LatencyMon 7.00 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 7.2.3.2 (HKLM\...\{81490660-3C36-47B4-AE9F-73B6C5BD4F98}) (Version: 7.2.3.2 - The Document Foundation)
Malwarebytes version 4.4.11.149 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.11.149 - Malwarebytes)
Maple 2021 (HKLM\...\Maple 2021) (Version: 2021 - Maplesoft)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.14527.20276 - Microsoft Corporation)
Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.14527.20276 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.43 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.41 - Microsoft Corporation)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft OneNote - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 16.0.14527.20276 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Teams) (Version: 1.4.00.31569 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 94.0.2 (x64 de)) (Version: 94.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.10.1 - Mozilla)
Mozilla Thunderbird 78.10.1 (x64 de) (HKLM\...\Mozilla Thunderbird 78.10.1 (x64 de)) (Version: 78.10.1 - Mozilla)
NetworkRepairTool (HKLM-x32\...\{4694AD3E-D4A2-4D98-9848-662A0475E872}) (Version: 1.2.11.0 - Brother Insutries Ltd.) Hidden
Nextcloud (HKLM\...\{3A99002F-BABA-4378-BB20-44C94A159696}) (Version: 3.3.6.20211028 - Nextcloud GmbH)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.104.48966 - Electronic Arts, Inc.)
PDFsam Basic (HKLM\...\{5F69C3E1-65F3-4B53-99A1-AABF8E9FFBA6}) (Version: 4.2.1.0 - Sober Lemur S.a.s. di Vacondio Andrea)
PS Remote Play (HKLM-x32\...\{77FAB2DD-F7FB-41E5-AE39-F9C878736A58}) (Version: 4.5.0.08250 - Sony Interactive Entertainment Inc.)
PuTTY release 0.74 (64-bit) (HKLM\...\{127B996B-5308-4012-865B-9446451EA326}) (Version: 0.74.0.0 - Simon Tatham)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.3.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.5 - VS Revo Group, Ltd.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
StatusMonitor (HKLM-x32\...\{86D16055-3C14-44C6-BCD7-5514B83BAD34}) (Version: 1.12.4.0 - Brother Insutries Ltd.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Telegram Desktop Version 2.8.11 (HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.8.11 - Telegram FZ-LLC)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 85.0 - Ubisoft)
UsbRepairTool (HKLM-x32\...\{523276A4-5779-4105-9163-CA1CF94EC533}) (Version: 1.4.0.0 - Brother Insutries Ltd.) Hidden
VALORANT (HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WATCH_DOGS2 (HKLM-x32\...\Uplay Install 2688) (Version: - Ubisoft)
Windows*11-Installationsassistent (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.1285 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{63EFBDB5-01B0-4614-BE9F-7F1908E42275}) (Version: 3.1.2109.29003 - Microsoft Corporation)
WinISD v0.7 (HKLM-x32\...\WinISD) (Version: v0.7 - Linearteam)
WinRAR 6.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH)
WinSCP 5.17.10 (HKLM-x32\...\winscp3_is1) (Version: 5.17.10 - Martin Prikryl)
Zoom (HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\ZoomUMX) (Version: 5.8.4 (1736) - Zoom Video Communications, Inc.)
Packages:
=========
Amazon Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.82.0_x64__pwbj9vvecjh7j [2021-12-03] (Amazon Development Centre (London) Ltd)
AnyConnect -> C:\Program Files\WindowsApps\CiscoSystems.AnyConnect_4.10.72.0_x64__edjcgkw48dhxt [2021-12-03] (Cisco Systems)
Bamboo Paper -> C:\Program Files\WindowsApps\D91E29CF.BambooPaper_1.7.15.0_x64__38kynpdw5g1aw [2021-12-03] (Wacom Europe GmbH)
Drawboard PDF -> C:\Program Files\WindowsApps\DRAWBOARD.DRAWBOARDPDF_6.7.3.0_x64__gqbn7fs4pywxm [2021-12-03] (Drawboard)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4 [2021-12-03] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2110.17.0_x64__k1h2ywk1493x8 [2021-12-03] (LENOVO INC.)
LiquidText -> C:\Program Files\WindowsApps\LiquidText.LiquidText_2.1.26.0_x64__rx5mtpcf576t0 [2021-12-03] (LiquidText)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-12-03] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-12-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-12-03] (Microsoft Corporation) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.57.43142.0_x64__8wekyb3d8bbwe [2021-12-03] (Microsoft Corporation) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_51.10913.5796.0_x64__8wekyb3d8bbwe [2021-12-03] (Microsoft Corporation)
MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-12-03] (Microsoft Corporation)
Offlineerweiterung für plastischen Reader -> C:\Program Files\WindowsApps\Microsoft.ImmersiveReader_1.4.0.0_x64__8wekyb3d8bbwe [2021-12-03] (Microsoft Corporation)
Penbook -> C:\Program Files\WindowsApps\36376UserCamp.Penbook_2.1.30.0_x64__t7afzrbtd67z0 [2021-12-03] (User Camp)
PenNotes -> C:\Program Files\WindowsApps\59553DiegoTonetti.PenNotes_3.0.2.0_x64__zztq7ygp8fse6 [2021-12-03] (Diego Tonetti)
PowerPoint Mobile -> C:\Program Files\WindowsApps\Microsoft.Office.PowerPoint_16001.14326.20588.0_x64__8wekyb3d8bbwe [2021-12-03] (Microsoft Corporation)
Samsung Notes -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungNotes_4.2.66.0_x64__wyx1vj98g3asy [2021-12-03] (Samsung Electronics Co, Ltd.)
Smart Appearance -> C:\Program Files\WindowsApps\E0469640.SmartAppearance_1.1.10.0_neutral__5grkq8ppsgwt4 [2021-12-03] (LENOVO INC) [Startup Task]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0 [2021-12-03] (Spotify AB) [Startup Task]
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2021-12-03] (VideoLAN)
Wacom Notes -> C:\Program Files\WindowsApps\D91E29CF.WacomNotes_1.6.13.0_x64__38kynpdw5g1aw [2021-12-03] (Wacom Europe GmbH)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2144.11.0_x64__cv1g1gvanyjgm [2021-12-03] (WhatsApp Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-778103176-1376588227-3002950867-1001_Classes\CLSID\{04271989-C4D2-7AB6-8593-307A4B278444} -> [OneDrive - smail.th-koeln.de] => C:\Users\wowts\Desktop\Datein\OneDrive - th-koeln.de\OneDrive - smail.th-koeln.de [2020-12-21 14:41]
CustomCLSID: HKU\S-1-5-21-778103176-1376588227-3002950867-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\wowts\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-778103176-1376588227-3002950867-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\wowts\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-778103176-1376588227-3002950867-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\wowts\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21229.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-778103176-1376588227-3002950867-1001_Classes\CLSID\{88ce18a3-8d45-462e-98ee-5719a3dbf8cc} -> [Nextcloud] => C:\Homecloud [2021-04-19 10:31]
ShellIconOverlayIdentifiers: [ NextcloudError] -> {E0342B74-7593-4C70-9D61-22F294AAFE05} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudOK] -> {E1094E94-BE93-4EA2-9639-8475C68F3886} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudOKShared] -> {E243AD85-F71B-496B-B17E-B8091CBE93D2} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudSync] -> {E3D6DB20-1D83-4829-B5C9-941B31C0C35A} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudWarning] -> {E4977F33-F93A-4A0A-9D3C-83DEA0EE8483} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-12-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [NextcloudContextMenuHandler] -> {BC6988AB-ACE2-4B81-84DC-DC34F9B24401} => C:\Program Files\Nextcloud\shellext\NCContextMenu.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-12-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2021-10-28 13:29 - 2021-10-28 13:29 - 000099328 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\nextcloudsync_vfs_cfapi.dll
2021-10-28 13:30 - 2021-10-28 13:30 - 000030208 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\nextcloudsync_vfs_suffix.dll
2020-12-21 16:36 - 2005-04-22 13:36 - 000143360 _____ () [Datei ist nicht signiert] C:\WINDOWS\system32\BrSNMP64.dll
2020-12-21 16:36 - 2013-03-08 15:44 - 000087040 _____ (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\WINDOWS\system32\BrNetSti.dll
2020-12-02 02:01 - 2020-12-02 02:01 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-12-02 02:01 - 2020-12-02 02:01 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2021-11-06 14:34 - 2021-11-06 14:35 - 000137184 _____ (Microsoft Windows -> Microsoft Corporation) [Datei ist nicht signiert] C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20045.455.0_x64__cw5n1h2txyewy\Dashboard\WebView2Loader.dll
2021-10-28 13:34 - 2021-10-28 13:34 - 005972464 _____ (The Qt Company Oy -> The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5Core.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\64347b00.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\64347b00.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKLM -> DefaultScope {88056C61-C84B-4838-9355-0DE7B3C95802} URL = hxxp://www.bing.com/search?q={SearchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {88056C61-C84B-4838-9355-0DE7B3C95802} URL = hxxp://www.bing.com/search?q={SearchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
SearchScopes: HKLM-x32 -> DefaultScope {88056C61-C84B-4838-9355-0DE7B3C95802} URL = hxxp://www.bing.com/search?q={SearchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {88056C61-C84B-4838-9355-0DE7B3C95802} URL = hxxp://www.bing.com/search?q={SearchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
SearchScopes: HKU\S-1-5-21-778103176-1376588227-3002950867-1001 -> DefaultScope {88056C61-C84B-4838-9355-0DE7B3C95802} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: Kein Name -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> Keine Datei
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Kein Name -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> Keine Datei
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7940 mehr Seiten.
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2021-11-30 18:17 - 2021-12-02 11:00 - 000001334 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 analytics.ff.avast.com
0.0.0.0 analytics.ns1.ff.avast.com
0.0.0.0 v7event.stats.avcdn.net
0.0.0.0 v7.stats.avcdn.net
0.0.0.0 flow.lavasoft.com
0.0.0.0 telemetry.malwarebytes.com
0.0.0.0 ws.mcafee.com
0.0.0.0 analytics.ccs.mcafee.com
0.0.0.0 analyticsdcs.ccs.mcafee.com
0.0.0.0 carcharodon.trendmicro.com
2021-01-24 15:53 - 2021-11-04 22:54 - 000000439 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.20.64.1 Wowtschik.mshome.net # 2026 11 2 3 21 54 43 36
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64_win\compiler;C:\Program Files\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\Docker\Docker\resources\bin;C:\ProgramData\DockerDesktop\version-bin
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\wowts\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
MSCONFIG\Services: ccleaner => 3
MSCONFIG\Services: CCleanerBrowserElevationService => 3
MSCONFIG\Services: ccleanerm => 3
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: Origin Web Helper Service => 3
MSCONFIG\Services: vgc => 3
HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk"
HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Netzwerk Server.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run: => ""
HKLM\...\StartupApproved\Run: => "WinZip FAH"
HKLM\...\StartupApproved\Run: => "WinZip UN"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "CORSAIR iCUE Software"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "FileZilla Server Interface"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\StartupFolder: => "xxx.exe.lnk"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "Adobe Reader Synchronizer"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "SurfEasy"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "Amazon Music Helper"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "icq.desktop"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "Windscribe"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-778103176-1376588227-3002950867-1001\...\StartupApproved\Run: => "Discord"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{CE58D672-AFC3-4045-8360-33F36F09CA3C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9DB10886-038A-44BB-B8E2-E6D242A0FE9F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{BE460EA9-4AF2-4D6C-8AE0-895673425CBD}C:\users\wowts\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\wowts\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{22C5778E-0A06-46BD-82AE-7FE5F43234F1}C:\users\wowts\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\wowts\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1CE93924-7FD7-4289-99F1-4640AB57B7D3}] => (Allow) C:\Users\wowts\AppData\Local\Programs\Opera\81.0.4196.60\opera.exe => Keine Datei
FirewallRules: [TCP Query User{143B664D-0D9B-443F-BCDE-70B080EDDF3A}C:\users\wowts\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\wowts\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{642298ED-0976-49C6-BF00-5985E5E43099}C:\users\wowts\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\wowts\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{521B5AD0-5B17-4CD9-B323-F64763145A9E}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei
FirewallRules: [{C10541A5-A92A-41C5-B982-E454105BAF47}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei
FirewallRules: [{0DF84D2A-F814-4150-AA13-957A9AC71B72}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei
FirewallRules: [{B7AADBB0-A522-4582-83E7-3FECAB63A979}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5EA72659-E4BD-4D9F-91B8-54498BFD724D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8D3F8363-247B-4802-8468-D8A4F4BCE485}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0DE86AA-E599-4667-9785-308B0DD02D0B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B4E9A786-B3ED-440B-8331-C546FFF87305}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1BBBA406-68F8-4F9D-9DFF-F503D9FF81B0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BB691E53-3A21-4D70-A8B1-27DD8DD6527B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{419C117E-B90F-4519-A612-CFEF1ECC9E24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{7700DFC2-B95F-4344-9AE0-995A9B950945}C:\users\wowts\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\wowts\appdata\local\programs\opera\opera.exe => Keine Datei
FirewallRules: [UDP Query User{528B6EE3-AC8F-4DFD-80A3-C2AED0A08E19}C:\users\wowts\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\wowts\appdata\local\programs\opera\opera.exe => Keine Datei
FirewallRules: [TCP Query User{F2311190-A8EF-48D4-A3DF-D8FE6239D2D2}C:\users\wowts\appdata\local\programs\opera\opera.exe] => (Block) C:\users\wowts\appdata\local\programs\opera\opera.exe => Keine Datei
FirewallRules: [UDP Query User{5898252B-19DF-4F7A-A458-7968B1352B71}C:\users\wowts\appdata\local\programs\opera\opera.exe] => (Block) C:\users\wowts\appdata\local\programs\opera\opera.exe => Keine Datei
FirewallRules: [{24C24BF1-3C38-4744-8ED6-1B1283244B49}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.41\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3485F820-24FB-4B27-9BA6-2E0A7B5AC4AC}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21302.202.1065.6968_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3DEFB48C-386F-494D-8F69-6E0D78A73155}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21302.202.1065.6968_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
==================== Wiederherstellungspunkte =========================
03-12-2021 12:58:54 AdwCleaner_BeforeCleaning_03/12/2021_12:58:53
03-12-2021 13:08:42 AdwCleaner_BeforeCleaning_03/12/2021_13:08:42
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (12/03/2021 03:53:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MBAMService.exe, Version: 3.2.0.1009, Zeitstempel: 0x61854cd8
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.22000.348, Zeitstempel: 0x22eb3761
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000000000010be99
ID des fehlerhaften Prozesses: 0x1110
Startzeit der fehlerhaften Anwendung: 0x01d7e854a4e576db
Pfad der fehlerhaften Anwendung: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 739dfb0c-1b2c-4d5c-8ed5-51d7ded0690f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/03/2021 03:47:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -1216.
Error: (12/03/2021 03:47:51 PM) (Source: ESENT) (EventID: 454) (User: )
Description: Catalog Database (4440,U,98) Catalog Database: Unerwarteter Fehler "-1216" bei der Datenbankwiederherstellung.
Error: (12/03/2021 03:47:51 PM) (Source: ESENT) (EventID: 494) (User: )
Description: Catalog Database (4440,U,98) Catalog Database: Fehler -1216 bei der Datenbankwiederherstellung, da Verweise auf die Datenbank "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb" festgestellt wurden, die nicht mehr vorhanden ist. Die Datenbank wurde nicht sauber heruntergefahren, bevor sie entfernt (oder möglicherweise verschoben oder umbenannt) wurde. Das Datenbankmodul lässt den Abschluss der Wiederherstellung für diese Instanz erst dann zu, wenn die fehlende Datenbank wieder verfügbar gemacht wird. Wenn die Datenbank tatsächlich nicht mehr verfügbar oder nicht mehr erforderlich ist, finden Sie Informationen zum Beheben dieses Fehlers in der Microsoft Knowledge Base oder unter dem Link "Weitere Informationen" am Ende dieser Meldung.
Error: (12/03/2021 03:47:17 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\WOWTSCHIK$ über https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 03 Dec 2021 14:47:18 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 2879c25e-8933-47c6-8d62-b12f9777d7d0
Methode: GET(344ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (12/03/2021 03:47:15 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für Lokales System über https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
Methode: GET(188ms)
Phase: GetCACaps
Der Servername oder die Serveradresse konnte nicht verarbeitet werden. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (12/03/2021 03:47:07 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4456,R,98) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\WINDOWS\system32\SRU\SRU043DD.log.
Error: (12/03/2021 03:33:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SystemSettings.exe, Version: 10.0.22000.348, Zeitstempel: 0x27a6d211
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.22000.348, Zeitstempel: 0x003360cd
Ausnahmecode: 0xc000027b
Fehleroffset: 0x0000000000834af0
ID des fehlerhaften Prozesses: 0x3d30
Startzeit der fehlerhaften Anwendung: 0x01d7e852aa21d7d9
Pfad der fehlerhaften Anwendung: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll
Berichtskennung: 95f2b427-4f5a-4fa5-ab31-4b804dda04d6
Vollständiger Name des fehlerhaften Pakets: windows.immersivecontrolpanel_10.0.6.1000_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: microsoft.windows.immersivecontrolpanel
Systemfehler:
=============
Error: (12/03/2021 03:53:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Malwarebytes Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/03/2021 03:47:06 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 03.12.2021 um 13:07:53 unerwartet heruntergefahren.
Error: (12/03/2021 03:25:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Malwarebytes Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/03/2021 01:26:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LenovoVantageService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/03/2021 01:15:10 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "LenovoVantageService" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (12/03/2021 01:08:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "System Interface Foundation Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/03/2021 01:08:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/03/2021 01:08:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Universal Device Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Windows Defender:
================
Date: 2021-12-03 10:42:49
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Backdoor:Win32/Bladabindi.YPS!MTB&threatid=2147793448&enterprise=0
Name: Backdoor:Win32/Bladabindi.YPS!MTB
Schweregrad: Schwerwiegend
Kategorie: Hintertür
Pfad: file:_C:\Users\wowts\Downloads\VSCodeUserSetup_x86_x64_CB-DL-Manager.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: WOWTSCHIK\wowts
Prozessname: C:\Windows\explorer.exe
Sicherheitsversion: AV: 1.353.1971.0, AS: 1.353.1971.0, NIS: 1.353.1971.0
Modulversion: AM: 1.1.18700.4, NIS: 1.1.18700.4
Date: 2021-12-03 10:42:32
Description:
N/A
Date: 2021-12-03 10:42:30
Description:
N/A
Date: 2021-12-03 10:42:17
Description:
N/A
Date: 2021-12-03 10:42:17
Description:
N/A
Event[0]
Date: 2021-11-26 10:04:29
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.335.493.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.18000.5
Fehlercode: 0x80090305
Fehlerbeschreibung: Das angeforderte Sicherheitspaket ist nicht vorhanden.
Date: 2021-11-26 10:04:29
Description:
N/A
Date: 2021-11-26 10:04:28
Description:
N/A
Date: 2021-11-26 10:04:28
Description:
N/A
Date: 2021-11-26 10:04:28
Description:
N/A
CodeIntegrity:
===============
Date: 2021-12-03 15:53:34
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
BIOS: LENOVO EECN36WW 05/17/2021
Hauptplatine: LENOVO LNVNB161216
Prozessor: AMD Ryzen 7 4700U with Radeon Graphics
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 15742.16 MB
Verfügbarer physikalischer RAM: 10882.62 MB
Summe virtueller Speicher: 23422.16 MB
Verfügbarer virtueller Speicher: 18101.99 MB
==================== Laufwerke ================================
Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:86.5 GB) NTFS
\\?\Volume{0e1952d6-4fe8-49ec-916e-3565231aebc6}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.37 GB) NTFS
\\?\Volume{27481c08-52bc-47ba-a4e4-a08dc146e489}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 15F42639)
Partition: GPT.
==================== Ende von Addition.txt =======================
...unter "Internet Explorer" sind "komische" Domain einträge in der Registry. Woher kommen die? VG |
|
| Themen zu Vram 85-99%+ ausgelastet. Mining Bot? |
| amd, andere, anderen, auslastung, avira, bot, browser, eset, folge, guten, interne, internet, internet probleme, laufen, leute, lüfter, morgen, probleme, programme, runter, software, starte, startet, system, taskmanager, windows 11 |
Linear-Darstellung
