Zurück   Trojaner-Board > Malware entfernen > Diskussionsforum

Diskussionsforum: Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt

Windows 7 Hier sind ausschließlich fachspezifische Diskussionen erwünscht. Bitte keine Log-Files, Hilferufe oder ähnliches posten. Themen zum "Trojaner entfernen" oder "Malware Probleme" dürfen hier nur diskutiert werden. Bereinigungen von nicht ausgebildeten Usern sind hier untersagt. Wenn du dir einen Virus doer Trojaner eingefangen hast, eröffne ein Thema in den Bereinigungsforen oben.

Antwort
Alt 27.06.2021, 21:30   #1
tsmomc
 
Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt - Standard

Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt



Hallo,

bei mir wir nach dem Login unter AppData\Local\Temp immer ein exe ausgeführt, der Name ändert sich, Bsp:
a8ee9d2a-7120-4192-aaa3-0558ee0ba707.tmp.exe (82.944 Bytes)

Das Programm öffnet ein Fenster und gibt Zahlen und Buchstaben aus, Bsp. für Anfang:

Zitat:
3082035f30820247a003020102020b04.....
Ich habe die Ausgabe in eine Datei umgeleitet, diese ist 159.196 Bytes groß. Da ich nicht weiß was dort evtl. drinsteht, poste ich sie mal lieber nicht.

Avast meldet, dass die Datei sicher ist. VirusTotal meldetfolgende Troyaner:
  • Jiangmin Trojan.Inject.aqnl
  • MaxSecure Trojan.Malware.300983.susgen

Details siehe
https://www.virustotal.com/gui/file/f6436dc45c8356d26174a2a8c67523217ef6024197e61af10edfa137a90a1c65/detection

Ich habe Malwarebytes laufen lassen, meldet aber keine Probleme.
Hinweis:
C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mount_Veracrypt.cmd
ist unkritisch, ist ein Mount Skript, was ich selber geschrieben habe.

Wäre toll, wenn ihr mir helfen könntet.

LG

tsmomc

Anbei die gewünschten Ausgaben von FRST.

FRST:

FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 26-06-2021
durchgeführt von thoma (Administrator) auf DESKTOP-HCA6LJN (27-06-2021 20:50:28)
Gestartet von D:\download\+++ troyaner +++
Geladene Profile: thoma
Platform: Windows 10 Pro Version 21H1 19043.1081 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

() [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\S5WOW_App\ATHEROS\S5wow.exe
() [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\S5WOW_App\x64\S5wow_2005.exe
(1 und 1 Internet AG -> 1&1 Internet AG) C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
(ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\ASUSRelayWS.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\LightingService\1.00.29\AsRogAuraGpuDllServer.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.30\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.09.08\AsusFanControlService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\2.00.06\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\1.00.29\LightingService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <5>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
(Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskService.exe
(Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskServiceTray.exe
(DeepL GmbH) [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\DeepL.exe
(Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(EIZO Corporation -> EIZO Corporation) C:\Program Files (x86)\EIZO\Screen InStyle\ScreenInStyle.exe
(FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
(FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe
(FabulaTech, LLP -> VMware) C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
(geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2>
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(GN AUDIO A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct4\jabra-direct.exe <4>
(GN AUDIO A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct4\SoftphoneIntegrations.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe <2>
(IDRIX SARL -> IDRIX) C:\Program Files\VeraCrypt\VeraCrypt.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) INTELND1617S2 -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\GfxDownloadWrapper.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_778512ee63a728ec\RstMwService.exe
(Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(LULU Software -> LULU Software) C:\Program Files\Soda PDF Desktop\creator\common\creator-ws.exe
(LULU Software -> LULU Software) C:\Program Files\Soda PDF Desktop\updater-ws.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\kited.exe
(Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\KiteService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\AgentService.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe
(MSIP Code Signing -> www.microsip.org) [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\MicroSIP\microsip.exe
(Nenad Hrg -> Nenad Hrg SoftwareOK) C:\Program Files\DesktopOK\DesktopOK_x64.exe
(Open Source Developer, Dominik Reichl -> Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\thoma\AppData\Local\slack\app-4.17.1\slack.exe <5>
(SplitmediaLabs Limited -> SplitmediaLabs Limited) C:\Program Files\XSplit\VCam\service\XSpltVidSvc.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(The CefSharp Authors) [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\CefSharp.BrowserSubprocess.exe <3>
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Xerox Corporation -> Xerox Corporation) C:\Program Files\Xerox\XeroxPrintExperience\CommonFiles\XeroxPrintJobEventManagerService.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-10-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [122592 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [7580488 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1068624 2020-10-11] (Heidi Computers Ltd -> The Eraser Project)
HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3160256 2021-05-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [564928 2021-03-25] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288672 2021-05-21] (IDSA Production signing key 2021 -> Intel)
HKLM-x32\...\Run: [Jabra Direct] => C:\Program Files (x86)\Jabra\Direct4\jabra-direct.exe [106801552 2021-06-09] (GN AUDIO A/S -> GN Audio A/S)
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31046640 2020-09-21] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [VeraCrypt] => C:\Program Files\VeraCrypt\VeraCrypt.exe [5928728 2020-10-11] (IDRIX SARL -> IDRIX)
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [1&1_1&1 Upload-Manager] => C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE [989264 2011-11-21] (1 und 1 Internet AG -> 1&1 Internet AG)
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [DeepL] => C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\DeepL.exe [133632 2021-05-30] (DeepL GmbH) [Datei ist nicht signiert]
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [Kite] => C:\Program Files\Kite\kited.exe [562179520 2021-06-10] (Manhattan Engineering Incorporated -> Kite)
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [DesktopOK] => C:\Program Files\DesktopOK\DesktopOK_x64.exe [921480 2021-03-16] (Nenad Hrg -> Nenad Hrg SoftwareOK)
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\GlassWire.exe [9242536 2021-05-14] (GlassWire -> SecureMix LLC)
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\thoma\AppData\Local\slack\slack.exe [308368 2021-06-06] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\MountPoints2: {1768b476-52b6-11eb-868b-107b4415ae9e} - "O:\AutoRun.exe" 
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\MountPoints2: {6b500ea1-4a0e-11eb-867b-107b4415ae9e} - "O:\AutoRun.exe" 
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\MountPoints2: {6b500f5d-4a0e-11eb-867b-107b4415ae9e} - "O:\setup.exe" AUTORUN=1
HKU\S-1-5-21-4198695647-2910091461-4277131257-1003\...\Run: [2FFD542F547A6A94419661128FD7298878C7A371._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
HKU\S-1-5-21-4198695647-2910091461-4277131257-1003\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe  --auto-launch-onlogon --start-maximized --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session -- (Der Dateneintrag hat 70 mehr Zeichen).
HKU\S-1-5-21-4198695647-2910091461-4277131257-1005\...\RunOnce: [Application Restart #0] => C:\Program Files\Macrium\Common\ReflectMonitor.exe [26150760 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKU\S-1-5-21-4198695647-2910091461-4277131257-1005\...\RunOnce: [Application Restart #1] => C:\Program Files\Macrium\Common\ReflectUI.exe [7580488 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKU\S-1-5-21-4198695647-2910091461-4277131257-1010\...\RunOnce: [Application Restart #0] => C:\Program Files\Macrium\Common\ReflectUI.exe [7580488 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKU\S-1-5-21-4198695647-2910091461-4277131257-1010\...\RunOnce: [Application Restart #1] => C:\Program Files\Macrium\Common\ReflectMonitor.exe [26150760 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKLM\...\Windows x64\Print Processors\TeamViewer_PrintProcessor: C:\Windows\System32\spool\prtprocs\x64\TeamViewer_PrintProcessor.dll [20208 2017-08-29] (TeamViewer GmbH -> )
HKLM\...\Print\Monitors\Adobe PDF Port: C:\Windows\SysWOW64\AdobePDF.dll [28248 2006-09-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX920 series XPS: C:\Windows\System32\CNMXLMBL.DLL [393728 2012-09-20] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\FRITZ!fax Color Port Monitor: C:\Windows\System32\FritzColorPort64.dll [20480 2006-02-23] () [Datei ist nicht signiert]
HKLM\...\Print\Monitors\FRITZ!fax Port Monitor: C:\Windows\System32\FritzPort64.dll [20480 2006-02-22] () [Datei ist nicht signiert]
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\WINDOWS\system32\pxcpmL.dll [2057488 2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
HKLM\...\Print\Monitors\PDFill Writer Monitor: C:\Program Files (x86)\PlotSoft\PDFill\PDFWriter\Driver\PDFillWriterMon.dll [38824 2020-08-23] (PlotSoft LLC -> Windows (R) Codename Longhorn DDK provider)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-06-26] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\91.0.10364.115\Installer\chrmstp.exe [2021-06-23] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\91.1.26.67\Installer\chrmstp.exe [2021-06-22] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Screen InStyle.lnk [2018-09-09]
ShortcutTarget: Screen InStyle.lnk -> C:\Program Files (x86)\EIZO\Screen InStyle\ScreenInStyle.exe (EIZO Corporation -> EIZO Corporation)
Startup: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MicroSIP.lnk [2021-06-16]
ShortcutTarget: MicroSIP.lnk -> C:\Users\thoma\AppData\Local\MicroSIP\microsip.exe (MSIP Code Signing -> www.microsip.org) [Datei ist nicht signiert]
Startup: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mount_Veracrypt.cmd [2020-10-26] () [Datei ist nicht signiert]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {005D84C2-EDA3-438D-AE0F-0FB0FAFE59C7} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - Periodic Refresh => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [393928 2020-10-30] (Xerox Corporation -> Xerox Corporation)
Task: {0A809507-98FB-45EA-9AFA-6EC7C4E41661} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-04-22] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {0EB7F3EB-E9BF-448D-816F-A6004038B706} - System32\Tasks\SU_AutoUpdate => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4513224 2021-01-19] (IObit Information Technology -> IObit)
Task: {105E52A6-D36D-48FD-B0E9-81D2EDAEC76A} - System32\Tasks\SS3svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe [1233920 2017-10-18] (ASUSTeK COMPUTER INC.) [Datei ist nicht signiert]
Task: {12C0E9C8-FBB6-41FF-BA4B-654CDF6393C8} - System32\Tasks\Software Updater SkipUAC(thoma) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4513224 2021-01-19] (IObit Information Technology -> IObit) <==== ACHTUNG
Task: {1AC165B8-E271-4985-A76D-0F53F4683552} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1112576 2017-05-19] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {21390E5A-ECD2-4B2C-8638-E41738294AEA} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-04-22] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {26C8469C-15C8-4782-B07D-4A9E084BEFB6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {34186EBC-CDEE-48E4-95C0-8EE410061B22} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {36873C61-2D8A-46EB-8B00-6F08E23D19A4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118104 2021-06-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {37817CB2-6796-4FE5-BB89-60A132841A63} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2277640 2021-06-18] (Avast Software s.r.o. -> AVAST Software)
Task: {37AFCB71-04A4-4CFD-B0D9-0FF999AB1494} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754104 2021-01-07] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {3858C6E9-501D-4496-89F7-79F2CB232AD4} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-4198695647-2910091461-4277131257-1001 => C:\Users\thoma\AppData\Local\MEGAsync\MEGAupdater.exe [615672 2020-09-20] (Mega Limited -> Mega Limited)
Task: {3E40CD95-3652-47D8-8FCD-2385ACAEFF3C} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2277640 2021-06-18] (Avast Software s.r.o. -> AVAST Software)
Task: {400FEC93-A76B-465F-9FF5-2409C8845D34} - System32\Tasks\G2MUploadTask-S-1-5-21-4198695647-2910091461-4277131257-1001 => C:\Users\thoma\AppData\Local\GoToMeeting\19228\g2mupload.exe [31320 2020-12-18] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {40820894-D3D8-453F-9638-D584DD1DF9B8} - System32\Tasks\Opera scheduled Autoupdate 1573333256 => C:\Users\thoma\AppData\Local\Programs\Opera\launcher.exe
Task: {41EC6830-B92E-448B-9809-DAEF9B702842} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-19] (Google Inc -> Google Inc.)
Task: {4768BAE1-518E-4A29-9969-55CFE764FCFC} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [1461200 2016-10-07] (ASUSTeK Computer Inc. -> )
Task: {4C058142-2FFD-4045-93C5-ADA908B4B609} - System32\Tasks\ASUS\AsRogAuraGpuDllServer => C:\Program Files (x86)\LightingService\1.00.29\AsRogAuraGpuDllServer.exe [247256 2017-09-22] (ASUSTeK Computer Inc. -> )
Task: {4CD90931-266C-4C0B-9E98-9E004A647A73} - System32\Tasks\G2MUpdateTask-S-1-5-21-4198695647-2910091461-4277131257-1001 => C:\Users\thoma\AppData\Local\GoToMeeting\19228\g2mupdate.exe [31320 2020-12-18] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {4F3153B8-BF1E-4C4C-BDC1-A960DC48B5F5} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {5135714E-030B-47A6-AE5E-866A1A560FC9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {52F61971-8A47-41A3-A297-12F0F1B20380} - System32\Tasks\Software Updater SkipUAC(sandr) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4513224 2021-01-19] (IObit Information Technology -> IObit) <==== ACHTUNG
Task: {5648571B-7BD1-4A03-82C7-FAC6869F1D3C} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1290200 2017-02-09] (ASUSTeK Computer Inc. -> )
Task: {5A520292-B468-42E9-A05D-4A0ED5DCDFEA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5B328278-0F03-458B-A576-D29414E41BA6} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4417496 2017-02-09] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {5D401512-7328-48D0-AF35-4D64BCF4D2E9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124896 2021-06-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {629711A6-2BB3-4E6A-8641-B58D732CCC38} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {654FCFAA-1722-4954-A235-E0C20FB80BE7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-19] (Google Inc -> Google Inc.)
Task: {668E4F81-18AF-4517-A7AF-8A03FE4AA593} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {6FA86AE2-51B5-4E3C-B7AF-CFFD2CE4542F} - System32\Tasks\Xerox\Xerox PowerENGAGE => C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe [117984 2016-09-13] (Aviata Inc -> Aviata Inc)
Task: {710AAD34-E848-41D2-9CB2-C2309C09843D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118104 2021-06-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {7F79EC1F-9496-4D3D-A9B6-8B149818496A} - System32\Tasks\ASUS\ASUS File Transfer Server Launcher => C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server Launcher.exe [1898480 2016-09-21] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {8277A3E4-ECA0-4132-9223-4FA0C2D4A733} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-06-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {8AF3B45E-EEE7-4BE9-BB6E-A773008DF0EF} - System32\Tasks\Xerox\Xerox PowerENGAGE Update => C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe [117984 2016-09-13] (Aviata Inc -> Aviata Inc)
Task: {997A2699-5CB4-40B3-BEE1-CEB12890E80C} - System32\Tasks\SS3svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3svc64.exe [811520 2017-10-18] (ASUSTeK COMPUTER INC.) [Datei ist nicht signiert]
Task: {9AB4CE3F-981C-49F3-8808-287615E74099} - System32\Tasks\Software Updater Scheduler => C:\Program Files (x86)\IObit\Software Updater\SUInit.exe [1789200 2020-06-30] (IObit Information Technology -> IObit Software updater) <==== ACHTUNG
Task: {AB0B23DB-4923-4FF3-AE82-8ECF5E00D829} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-09-21] (Garmin International, Inc. -> )
Task: {B46E811C-C114-4DEE-A6CF-3EE27C5D8083} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [1995736 2017-02-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {B52182A2-B47B-4EBA-B666-7EFCAE0627D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B6E72D07-8306-4149-B123-147034168A5A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124896 2021-06-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {BFD7E10A-CE58-46C0-8E09-4E213B5A51B0} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
Task: {C45FC55E-D980-4C28-A408-EF9E520429C3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C494B1F9-E781-4E2A-9025-6927DFF35D29} - System32\Tasks\Amazon Music Helper => C:\Users\thoma\AppData\Local\Amazon Music\Amazon Music Helper.exe [2091960 2020-01-10] (Amazon Services LLC -> Amazon.com Services LLC)
Task: {CA2022A4-B81D-4010-9355-193A1B8F32E8} - System32\Tasks\Start CorsairLink4 => C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe [27067088 2017-09-08] (Corsair Components, Inc. -> Corsair Components, Inc.)
Task: {D41EBB5B-37DF-49E1-85D6-D951987DCC05} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4808928 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
Task: {DDE652BF-3898-4A66-8CD4-D92C0089C2B8} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3074176 2021-04-15] (Intel(R) System Usage Report -> Intel Corporation)
Task: {E06909C6-0A80-41E5-87AE-1F95D1B6C26E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3074176 2021-04-15] (Intel(R) System Usage Report -> Intel Corporation)
Task: {E345DE8F-18F9-4C60-BC6B-C18B88BB50ED} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - New or Changed => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [393928 2020-10-30] (Xerox Corporation -> Xerox Corporation)
Task: {E573A806-D442-4C3A-9A81-5DC052FC282C} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {E77DD0DB-B08E-43DD-96C5-9AA2A084D1CA} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {FDE19336-B182-4BA9-8557-48C100F6C152} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - User Logon => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [393928 2020-10-30] (Xerox Corporation -> Xerox Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4198695647-2910091461-4277131257-1001.job => C:\Users\thoma\AppData\Local\GoToMeeting\19228\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4198695647-2910091461-4277131257-1001.job => C:\Users\thoma\AppData\Local\GoToMeeting\19228\g2mupload.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4767166f-faa3-49bd-bcaa-773a41ea516f}: [DhcpNameServer] 192.168.178.1

Edge: 
=======
DownloadDir: D:\download
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\thoma\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-27]
Edge DownloadDir: Default -> D:\download

FireFox:
========
FF DefaultProfile: Mozilla Firefox
FF ProfilePath: M:\Mozilla Firefox [2020-10-26]
FF Homepage: M:\Mozilla Firefox -> hxxps://www.google.de/
FF Extension: (Firefox Lightbeam) - M:\Mozilla Firefox\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2018-02-17]
FF Extension: (Dark YouTube Theme) - M:\Mozilla Firefox\Extensions\jid1-hDf2iQXGiUjzGQ@jetpack.xpi [2017-09-06]
FF Extension: (MetaMask) - M:\Mozilla Firefox\Extensions\webextension@metamask.io.xpi [2018-03-07]
FF Extension: (1-Click YouTube Video Downloader) - M:\Mozilla Firefox\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2018-04-13]
FF Extension: (EPUBReader) - M:\Mozilla Firefox\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}.xpi [2020-06-23]
FF Extension: (Flash- und Video-Download) - M:\Mozilla Firefox\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2018-08-31]
FF Extension: (OkayFreedom) - M:\Mozilla Firefox\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2016-06-17] [UpdateUrl:hxxps://www.steganos.com/updates/okayfreedom/update_okayfreedom_ff.rdf]
FF Extension: (Video DownloadHelper) - M:\Mozilla Firefox\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-12-17]
FF Extension: (JSONView) - M:\Mozilla Firefox\Extensions\jsonview@brh.numbera.com.xpi [2021-01-06]
FF Extension: (DownThemAll!) - M:\Mozilla Firefox\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2021-01-23]
FF Extension: (Windscribe - Free Proxy and Ad Blocker) - M:\Mozilla Firefox\Extensions\@windscribeff.xpi [2021-02-08]
FF Extension: (Ghostery – Datenschutzorientierter Werbeblocker) - M:\Mozilla Firefox\Extensions\firefox@ghostery.com.xpi [2021-03-03]
FF Extension: (I don't care about cookies) - M:\Mozilla Firefox\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2021-04-19]
FF Extension: (Kee - Password Manager) - M:\Mozilla Firefox\Extensions\keefox@chris.tomlinson.xpi [2021-05-06]
FF Extension: (Web of Trust) - M:\Mozilla Firefox\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2021-05-10]
FF Extension: (Python Notebook Viewer) - M:\Mozilla Firefox\Extensions\rushikesh988-5@gmail.com.xpi [2021-05-16]
FF Extension: (Adblock Plus - kostenloser Adblocker) - M:\Mozilla Firefox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-05-19]
FF Extension: (NoScript) - M:\Mozilla Firefox\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-06-26]
FF SearchPlugin: M:\Mozilla Firefox\searchplugins\duckduckgo.xml [2013-08-15]
FF SearchPlugin: M:\Mozilla Firefox\searchplugins\englische-ergebnisse.xml [2012-09-26]
FF SearchPlugin: M:\Mozilla Firefox\searchplugins\gmx-suche.xml [2012-09-26]
FF SearchPlugin: M:\Mozilla Firefox\searchplugins\lastminute.xml [2012-09-26]
FF SearchPlugin: M:\Mozilla Firefox\searchplugins\webde-suche.xml [2012-09-26]
FF ProfilePath: C:\Users\thoma\AppData\Roaming\Mozilla\Firefox\Profiles\f62kpuh7.default [2021-06-27]
FF Extension: (OkayFreedom) - C:\Users\thoma\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2019-03-27] [UpdateUrl:hxxps://www.steganos.com/updates/okayfreedom/update_okayfreedom_ff.rdf]
FF Extension: (KeeFox) - C:\Users\thoma\AppData\Roaming\Mozilla\Firefox\Profiles\f62kpuh7.default\Extensions\keefox@chris.tomlinson [2017-10-19] []
FF Extension: (Avast SafePrice | Vergleich, Angebote, Gutscheine) - C:\Users\thoma\AppData\Roaming\Mozilla\Firefox\Profiles\f62kpuh7.default\Extensions\sp@avast.com.xpi [2019-11-15]
FF Extension: (Avast Online Security) - C:\Users\thoma\AppData\Roaming\Mozilla\Firefox\Profiles\f62kpuh7.default\Extensions\wrc@avast.com.xpi [2019-11-15]
FF HKLM\...\Firefox\Extensions: [soda_pdf_desktop_conv@sodapdf.com] - C:\Program Files\Soda PDF Desktop\creator\plugins\FirefoxAddin\soda_pdf_desktop_conv@sodapdf.com.xpi
FF Extension: (Soda PDF Desktop Creator) - C:\Program Files\Soda PDF Desktop\creator\plugins\FirefoxAddin\soda_pdf_desktop_conv@sodapdf.com.xpi [2018-06-04] []
FF HKLM\...\Firefox\Extensions: [soda_pdf_desktop_conv_v.2@sodapdf.com] - C:\Program Files\Soda PDF Desktop\creator\plugins\FirefoxAddin\soda_pdf_desktop_conv_v.2@sodapdf.com.xpi
FF Extension: (Soda PDF Desktop Creator) - C:\Program Files\Soda PDF Desktop\creator\plugins\FirefoxAddin\soda_pdf_desktop_conv_v.2@sodapdf.com.xpi [2018-06-04]
FF HKLM-x32\...\Firefox\Extensions: [soda_pdf_desktop_conv_v.2@sodapdf.com] - C:\Program Files\Soda PDF Desktop\creator\plugins\FirefoxAddin\soda_pdf_desktop_conv_v.2@sodapdf.com.xpi
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: Soda PDF Desktop -> C:\Program Files\Soda PDF Desktop\np-previewer.dll [2018-06-04] (LULU Software -> LULU Software)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-04-22] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-04-22] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-01-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-01-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4198695647-2910091461-4277131257-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4198695647-2910091461-4277131257-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4198695647-2910091461-4277131257-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4198695647-2910091461-4277131257-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\thoma\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-4198695647-2910091461-4277131257-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\thoma\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default [2021-06-27]
CHR DownloadDir: D:\download
CHR Notifications: Default -> hxxps://web.whatsapp.com; hxxps://www.gympass.com; hxxps://www.pcwelt.de
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Extension: (Google Übersetzer) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-19]
CHR Extension: (Präsentationen) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-19]
CHR Extension: (Talend API Tester - Free Edition) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aejoelaoggembcahagimdiliamlcdmfm [2021-06-26]
CHR Extension: (Terra Station) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiifbnbfobpmeekipheeijimdpnlpgpp [2021-06-26]
CHR Extension: (Docs) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20]
CHR Extension: (Google Drive) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-20]
CHR Extension: (KeeForm) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmhcphbkicakelgpchlhccaeljahoima [2021-06-26]
CHR Extension: (Avira Password Manager) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-06-26]
CHR Extension: (Avira Safe Shopping) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2021-06-26]
CHR Extension: (KeePassHttp-Connector) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\dafgdjggglmmknipkhngniifhplpcldb [2020-05-01]
CHR Extension: (Tabellen) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-19]
CHR Extension: (Binance Chain Wallet) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbohimaelbohpjbbldcngcnapndodjp [2021-06-26]
CHR Extension: (I don't care about cookies) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2021-04-22]
CHR Extension: (Google Docs Offline) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-27]
CHR Extension: (Plus for Trello (time track, reports)) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjjpophepkbhejnglcmkdnncmaanojkf [2021-05-22]
CHR Extension: (Video DownloadHelper) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2021-03-05]
CHR Extension: (Export for Trello) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhdelomnagopgaealggpgojkhcafhnin [2018-04-02]
CHR Extension: (MetaMask) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2021-06-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-07]
CHR Extension: (Google Mail) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-01]
CHR Profile: C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-03-12]
CHR Profile: C:\Users\thoma\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-12]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

Brave: 
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-06-12]
BRA Notifications: Default -> hxxps://app.slack.com
BRA Extension: (Avira Password Manager) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-06-12]
BRA Extension: (Avira Safe Shopping) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2021-02-24]
BRA Extension: (Avast SafePrice | Vergleich, Angebote, Gutscheine) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-01-07]
BRA Extension: (OkayFreedom) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hfnbbbkabnehoejfhcbbhdicagcoobji [2019-10-25]
BRA Extension: (Kee - Password Manager) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mmhlniccooihdimnnjhamobppdhaolme [2021-02-24]
BRA Extension: (PAYBACK Internet Assistent) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pbfjbhoglggakhkngkbfehgghkaadeba [2021-02-24]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-05-04]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-06-12]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-04-04]
BRA Extension: (Brave Ad Block Updater (EasyList Germany)) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\faknfgalcghekhfggcdikddilkpjbonh [2021-06-12]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-06-12]
BRA Extension: (Brave Ad Block Updater (DEU: EasyList Germany)) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\jmomcjcilfpbaaklkifaijjcnancamde [2020-05-24]
BRA Extension: (Brave NTP sponsored images) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2021-06-12]
BRA Extension: (PDF Viewer) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2019-04-22]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\thoma\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-06-12]
StartMenuInternet: Brave - C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 Adiscon EvntSLog; C:\Program Files (x86)\EventReporter\evntslog.exe [4614792 2018-04-27] (Adiscon GmbH -> Adiscon GmbH, Germany (info@adiscon.com, hxxp://www.adiscon.com))
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\2.00.06\atkexComSvc.exe [411456 2017-09-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.30\aaHMSvc.exe [975832 2017-01-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2016-04-20] (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.09.08\AsusFanControlService.exe [610776 2017-02-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8151120 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [622816 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [370400 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\91.0.10364.115\elevation_service.exe [1421288 2021-06-18] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-04-22] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-04-22] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-06-21] (Microsoft Corporation -> Microsoft Corporation)
R2 client_service; C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe [444632 2021-02-05] (VMware, Inc. -> VMware, Inc.)
S3 CLink4Service; C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe [32976 2017-09-08] (Corsair Components, Inc. -> Corsair Components, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [441664 2019-04-16] (Digital Wave Ltd -> Digital Wave Ltd.)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1113864 2020-05-15] (Bayerisches Landesamt fuer Steuern -> )
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-07-24] (Mixbyte Inc -> Freemake)
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [283760 2020-09-11] (FabulaTech, LLP -> )
R2 ftscanmgrhv; C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe [301680 2020-09-11] (FabulaTech, LLP -> )
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [7174568 2021-05-14] (GlassWire -> SecureMix LLC)
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [594216 2018-12-20] (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert] [Datei wird verwendet]
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-03-11] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 KiteService; C:\Program Files\Kite\KiteService.exe [140864 2021-06-10] (Manhattan Engineering Incorporated -> Kite)
R2 LightingService; C:\Program Files (x86)\LightingService\1.00.29\LightingService.exe [1144792 2017-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [8929608 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-31] (Malwarebytes Inc -> Malwarebytes)
R2 MTAgentService; C:\Program Files\MiniTool ShadowMaker\AgentService.exe [783344 2021-01-28] (MiniTool Software Limited -> )
R2 MTSchedulerService; C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe [226800 2021-01-28] (MiniTool Software Limited -> )
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [564928 2021-03-25] (geek software GmbH -> geek software GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5395360 2021-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Soda PDF Desktop; C:\Program Files\Soda PDF Desktop\ws.exe [2780400 2018-06-04] (LULU Software -> LULU Software)
R2 Soda PDF Desktop Creator; C:\Program Files\Soda PDF Desktop\creator\common\creator-ws.exe [756464 2018-06-04] (LULU Software -> LULU Software)
R2 Soda PDF Desktop Update Service; C:\Program Files\Soda PDF Desktop\updater-ws.exe [751344 2018-06-04] (LULU Software -> LULU Software)
R2 spacedeskService; C:\WINDOWS\system32\spacedeskService.exe [1091488 2020-09-08] (Datronicsoft, Inc. -> )
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [183816 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12871464 2021-04-29] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 vmwsprrdpwks; C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [480368 2020-09-22] (FabulaTech, LLP -> VMware)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XeroxPrintJobEventManagerService; C:\Program Files\Xerox\XeroxPrintExperience\CommonFiles\XeroxPrintJobEventManagerService.exe [513920 2020-10-30] (Xerox Corporation -> Xerox Corporation)
S3 XeroxProdRegManager; C:\Program Files (x86)\Xerox PowerENGAGE\EngageService.exe [293608 2016-09-13] (Aviata Inc -> Aviata, Inc.)
S3 XSplit_VCam_Updater; C:\Program Files\XSplit\VCam\XSplit_VCam_Updater.exe [3194032 2021-06-14] (SplitmediaLabs Limited -> XSplit)
R2 XSpltVidSvc; C:\Program Files\XSplit\VCam\service\XSpltVidSvc.exe [259248 2021-06-14] (SplitmediaLabs Limited -> SplitmediaLabs Limited)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 anvsnddrv; C:\WINDOWS\system32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Co., Ltd. -> AnvSoft Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-09-21] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] (ASUSTeK Computer Inc. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35664 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [216360 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365536 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250336 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99296 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17328 2021-05-30] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41296 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [180944 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522864 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107792 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82856 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851144 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [471352 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215336 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 BlueStacksDrv; C:\Program Files (x86)\BlueStacks\BstkDrv_bgp.sys [315976 2020-04-07] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 Ch64USB; C:\WINDOWS\System32\drivers\Ch64USB.sys [150656 2014-10-10] (Microsoft Windows Hardware Compatibility Publisher -> ZF Friedrichshafen AG, Electronic Systems)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [161288 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [140280 2020-06-01] (ADAPP SASU -> Dokan Project)
S3 GLCKIO; C:\Program Files (x86)\ASUS\AURA\690b33e1-0462-4e84-9bea-c7552b45432a.sys [14976 2017-10-22] (ASUSTeK Computer Inc. -> )
R1 gwdrv; C:\WINDOWS\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (GlassWire -> SecureMix LLC)
R3 HCW85BDA; C:\WINDOWS\system32\drivers\HCW85BDA.sys [2259456 2021-01-18] (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works)
R3 hcw85cir; C:\WINDOWS\system32\drivers\hcw85cir4.sys [61264 2019-03-08] (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc.)
S3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [85504 2021-01-09] (Huawei Technologies Co., Ltd.) [Datei ist nicht signiert]
S3 hwdatacard; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [121600 2021-01-09] (Huawei Technologies Co., Ltd.) [Datei ist nicht signiert]
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [35352 2017-01-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-27] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-31] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-26] (Malwarebytes Inc -> Malwarebytes)
S3 MbswMailbox; C:\Program Files (x86)\ASUS\AI Suite III\690b33e1-0462-4e84-9bea-c7552b45432a.sys [17208 2017-10-22] (ASUSTeK Computer Inc. -> )
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [79504 2017-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 PSMounterEx; C:\Windows\system32\drivers\psmounterex.sys [179416 2019-02-15] (Paramount Software UK Ltd -> Windows (R) Win 7 DDK provider)
S3 psvolacc; C:\WINDOWS\system32\drivers\psvolacc.sys [34520 2018-12-06] (Paramount Software UK Ltd -> Windows (R) Win 7 DDK provider)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R3 scaudio; C:\WINDOWS\System32\drivers\scaudio.sys [54792 2020-06-05] (Brandmeister LLC -> )
S3 SCL01164; C:\WINDOWS\system32\DRIVERS\SCL01164.sys [72320 2010-05-07] (Microsoft Windows Hardware Compatibility Publisher -> SCM Microsystems Inc.)
R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [133944 2020-01-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
R3 spacedeskKtmInputMouse; C:\WINDOWS\System32\drivers\spacedeskKtmInputMouse.sys [35240 2020-08-27] (Datronicsoft, Inc. -> )
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 splitcam_hd_driver; C:\WINDOWS\System32\drivers\splitcam_hd_driver.sys [38000 2020-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [168968 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [45064 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-12-10] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 ui11rdr; C:\WINDOWS\System32\DRIVERS\ui11rdr.sys [199752 2011-11-21] (1&1 Internet AG -> 1&1 Internet AG)
R1 UimBus; C:\WINDOWS\System32\drivers\uimbus.sys [109504 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH)
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uimdevim.sys [46016 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH)
R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [831616 2020-10-11] (IDRIX SARL -> IDRIX)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [60344 2020-11-17] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [67072 2021-04-30] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [105912 2020-08-11] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-27] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-06-27] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-27] (Microsoft Windows -> Microsoft Corporation)
R3 XSpltVid; C:\WINDOWS\system32\DRIVERS\XSpltVid.sys [118800 2020-09-16] (Microsoft Windows Hardware Compatibility Publisher -> SplitmediaLabs Limited)
S3 ewusbnet; \SystemRoot\System32\drivers\ewusbnet.sys [X]
S3 GPU-Z; \??\C:\Users\thoma\AppData\Local\Temp\GPU-Z.sys [X] <==== ACHTUNG

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-06-27 19:13 - 2021-06-27 20:50 - 000000000 ____D C:\FRST
2021-06-27 19:09 - 2021-06-27 19:09 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-06-27 17:55 - 2021-06-27 17:56 - 000000606 _____ C:\Users\thoma\AppData\Local\cbfsconnect2017-{B0031874-3D4F-4F60-8171-49DE03D3E003}.zip
2021-06-27 17:50 - 2021-06-27 17:50 - 122854203 _____ C:\Users\thoma\AppData\Local\Temp.zip
2021-06-27 02:27 - 2021-06-27 02:28 - 000000159 _____ C:\Users\thoma\Desktop\FeWo1.url
2021-06-26 22:11 - 2021-06-26 22:11 - 000000049 _____ C:\Users\thoma\OneDrive\Documents\.RData
2021-06-26 20:18 - 2021-06-26 20:18 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-26 20:10 - 2021-06-26 20:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-06-26 18:47 - 2021-06-27 10:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-06-24 11:33 - 2021-06-24 11:33 - 000001259 _____ C:\Users\Public\Desktop\XSplit VCam.lnk
2021-06-24 11:33 - 2021-06-24 11:33 - 000001259 _____ C:\ProgramData\Desktop\XSplit VCam.lnk
2021-06-24 11:33 - 2021-06-24 11:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2021-06-24 11:33 - 2021-06-24 11:33 - 000000000 ____D C:\Program Files\XSplit
2021-06-24 09:04 - 2021-06-24 09:04 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-06-24 09:04 - 2021-06-24 09:04 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-24 09:04 - 2021-06-24 09:04 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-24 09:04 - 2021-06-24 09:04 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-24 09:04 - 2021-06-24 09:04 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-24 09:04 - 2021-06-24 09:04 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-24 09:04 - 2021-06-24 09:04 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-06-24 09:04 - 2021-06-24 09:04 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-06-24 09:04 - 2021-06-24 09:04 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-06-24 09:04 - 2021-06-24 09:04 - 000011333 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-24 09:03 - 2021-06-24 09:03 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-06-24 09:03 - 2021-06-24 09:03 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-21 07:45 - 2021-06-21 07:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jabra
2021-06-20 16:42 - 2021-06-20 16:48 - 000000000 ____D C:\Users\thoma\AppData\Roaming\MPP-Engineering
2021-06-20 16:41 - 2021-06-20 16:49 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CarPort
2021-06-20 16:41 - 2021-06-20 16:41 - 000000000 ____D C:\Users\thoma\OneDrive\Documents\CarPort
2021-06-20 16:41 - 2021-06-20 16:41 - 000000000 ____D C:\Users\thoma\AppData\Local\MPP-Engineering
2021-06-20 16:40 - 2021-06-20 16:49 - 000000000 ____D C:\Program Files (x86)\CarPort
2021-06-20 16:40 - 2021-06-20 16:40 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Obsidium
2021-06-16 09:53 - 2021-06-24 23:22 - 000011820 _____ C:\Users\thoma\Desktop\Geburt_Patrick_2.xlsx
2021-06-13 23:48 - 2021-06-13 23:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\obs-websocket
2021-06-12 23:41 - 2021-06-26 21:01 - 000000000 ____D C:\Ubuntu_21_04
2021-06-12 22:25 - 2021-06-12 22:26 - 006632332 _____ C:\WINDOWS\Minidump\061221-16718-01.dmp
2021-06-12 22:25 - 2021-06-12 22:26 - 000000000 ____D C:\WINDOWS\Minidump
2021-06-12 22:25 - 2021-06-12 22:25 - 2283833209 _____ C:\WINDOWS\MEMORY.DMP
2021-06-10 08:27 - 2021-06-10 08:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-10 08:27 - 2021-06-10 08:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-10 08:27 - 2021-06-10 08:27 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-10 08:27 - 2021-06-10 08:27 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-10 08:27 - 2021-06-10 08:27 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-10 08:27 - 2021-06-10 08:27 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-10 08:27 - 2021-06-10 08:27 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-10 08:27 - 2021-06-10 08:27 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-10 08:27 - 2021-06-10 08:27 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-10 08:27 - 2021-06-10 08:27 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-10 08:27 - 2021-06-10 08:27 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-04 01:40 - 2021-06-04 22:10 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2021-06-03 18:50 - 2021-06-03 18:50 - 000000000 ____D C:\Users\maxim\AppData\Local\Avast Software
2021-06-03 11:14 - 2021-06-03 11:14 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-06-03 11:14 - 2021-06-03 11:14 - 000215336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-06-02 08:11 - 2021-06-02 08:11 - 000000000 ____D C:\WINDOWS\Panther
2021-05-31 08:04 - 2021-05-31 08:05 - 000000000 ____D C:\AdwCleaner
2021-05-31 07:38 - 2021-05-31 07:38 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-05-31 07:38 - 2021-05-31 07:38 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-05-31 07:38 - 2021-05-31 07:38 - 000002036 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-05-31 07:38 - 2021-05-31 07:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-05-31 07:38 - 2021-05-31 07:38 - 000000000 ____D C:\Program Files\Malwarebytes
2021-05-30 21:56 - 2021-05-30 21:56 - 000000218 _____ C:\Users\thoma\AppData\Local\recently-used.xbel
2021-05-30 20:25 - 2021-05-30 20:25 - 000001473 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2021-05-30 20:24 - 2021-05-30 20:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2021-05-30 20:24 - 2021-05-30 20:24 - 000000000 ____D C:\Program Files\PDF24
2021-05-30 20:22 - 2021-05-30 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-05-30 20:16 - 2021-05-12 20:07 - 000041816 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2021-05-30 20:15 - 2021-05-30 20:15 - 000017328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-06-27 20:50 - 2020-03-14 19:43 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Jabra Direct
2021-06-27 20:50 - 2019-09-08 21:06 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Slack
2021-06-27 20:50 - 2017-10-19 01:39 - 000000000 ____D C:\Users\thoma\AppData\LocalLow\Mozilla
2021-06-27 20:49 - 2018-09-09 15:48 - 000002139 _____ C:\Users\thoma\Desktop\Monitor Power OFF.lnk
2021-06-27 20:48 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-27 20:48 - 2017-10-19 01:38 - 000000000 ____D C:\Users\thoma\AppData\Roaming\KeePass
2021-06-27 20:48 - 2017-10-19 01:25 - 000000000 __SHD C:\Users\thoma\IntelGraphicsProfiles
2021-06-27 20:29 - 2017-10-19 07:42 - 000000000 ____D C:\Program Files (x86)\Canon
2021-06-27 20:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-27 20:28 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-27 20:28 - 2017-10-22 16:12 - 000000000 ____D C:\Users\thoma\AppData\Local\Packages
2021-06-27 20:28 - 2017-10-20 21:36 - 000000000 ____D C:\Users\sandr\AppData\Roaming\Canon
2021-06-27 20:28 - 2017-10-19 07:52 - 000000000 ___HD C:\ProgramData\CanonIJScan
2021-06-27 20:25 - 2021-03-21 12:14 - 000004172 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{5B4F6576-251A-43E1-A98E-A8FEBC528C28}
2021-06-27 20:25 - 2021-02-10 23:05 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Kite
2021-06-27 20:21 - 2020-09-06 15:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-27 20:15 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-27 19:59 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-27 19:48 - 2020-09-06 15:20 - 000003450 _____ C:\WINDOWS\system32\Tasks\SU_AutoUpdate
2021-06-27 19:48 - 2019-12-04 01:06 - 000000000 ____D C:\Users\thoma\AppData\Roaming\IObit
2021-06-27 19:30 - 2018-04-30 21:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-27 19:20 - 2019-04-12 21:10 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-06-27 19:19 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-06-27 19:17 - 2020-04-27 22:07 - 000000000 ____D C:\Users\thoma\AppData\Local\AVAST Software
2021-06-27 19:16 - 2019-12-07 16:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-06-27 19:14 - 2017-10-19 08:26 - 000000000 ____D C:\Users\thoma\AppData\Roaming\VMware
2021-06-27 19:07 - 2020-09-06 11:11 - 000000000 ____D C:\Users\thoma\AppData\Local\KeeForm
2021-06-27 18:47 - 2020-03-14 19:43 - 000000000 ____D C:\Users\thoma\AppData\Roaming\JabraSDK
2021-06-27 18:13 - 2020-09-06 15:23 - 001732926 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-27 18:13 - 2019-12-07 16:51 - 000746436 _____ C:\WINDOWS\system32\perfh007.dat
2021-06-27 18:13 - 2019-12-07 16:51 - 000151384 _____ C:\WINDOWS\system32\perfc007.dat
2021-06-27 18:06 - 2020-09-06 15:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-27 18:06 - 2020-09-06 15:11 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-27 18:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-27 18:06 - 2019-11-15 08:09 - 000000000 ____D C:\ProgramData\AVAST Software
2021-06-27 18:06 - 2017-10-19 08:21 - 000000000 ____D C:\ProgramData\VMware
2021-06-27 18:06 - 2017-10-19 08:16 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-06-27 18:06 - 2017-10-19 01:48 - 000000000 ____D C:\ProgramData\Hauppauge
2021-06-27 18:06 - 2017-10-19 01:25 - 000000000 ____D C:\Intel
2021-06-27 18:05 - 2019-12-07 11:03 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2021-06-27 10:01 - 2017-10-19 01:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-06-27 01:20 - 2021-04-11 17:18 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2021-06-27 01:20 - 2021-04-10 23:53 - 000002970 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2021-06-27 01:20 - 2021-04-10 23:53 - 000002604 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2021-06-27 01:20 - 2021-02-20 17:45 - 000003598 _____ C:\WINDOWS\system32\Tasks\Xerox XeroxPrintExperience Printer Configuration - User Logon
2021-06-27 01:20 - 2020-09-06 15:20 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-06-27 01:20 - 2020-09-06 15:20 - 000003558 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-06-27 01:20 - 2020-09-06 15:20 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-06-27 01:20 - 2020-09-06 15:20 - 000003468 _____ C:\WINDOWS\system32\Tasks\Xerox XeroxPrintExperience Printer Configuration - New or Changed
2021-06-27 01:20 - 2020-09-06 15:20 - 000003404 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-06-27 01:20 - 2020-09-06 15:20 - 000003334 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-06-27 01:20 - 2020-09-06 15:20 - 000003270 _____ C:\WINDOWS\system32\Tasks\Xerox XeroxPrintExperience Printer Configuration - Periodic Refresh
2021-06-27 01:20 - 2020-09-06 15:20 - 000002564 _____ C:\WINDOWS\system32\Tasks\Software Updater Scheduler
2021-06-27 01:20 - 2020-09-06 15:20 - 000002392 _____ C:\WINDOWS\system32\Tasks\Software Updater SkipUAC(thoma)
2021-06-27 01:20 - 2020-09-06 15:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-06-26 23:25 - 2017-10-20 06:15 - 000000000 ____D C:\Users\thoma\AppData\Local\CrashDumps
2021-06-26 23:16 - 2021-03-27 20:21 - 000003276 _____ C:\WINDOWS\system32\Tasks\MiniToolPartitionWizard
2021-06-26 23:12 - 2020-02-16 16:09 - 000000000 ____D C:\Users\thoma\Desktop\ADS
2021-06-26 22:26 - 2021-04-24 01:55 - 000000000 ____D C:\Users\thoma\AppData\Local\RStudio
2021-06-26 22:26 - 2020-02-22 00:21 - 000000000 ____D C:\Users\thoma\AppData\Roaming\RStudio
2021-06-26 22:22 - 2020-02-22 00:21 - 000019443 _____ C:\Users\thoma\OneDrive\Documents\.Rhistory
2021-06-26 21:01 - 2017-10-19 08:26 - 000000000 ____D C:\Users\thoma\AppData\Local\VMware
2021-06-26 20:10 - 2017-10-19 01:39 - 000001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-06-26 18:50 - 2020-06-23 07:43 - 000002399 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-26 18:50 - 2017-10-19 01:41 - 000002256 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-24 11:34 - 2018-05-05 14:07 - 000000000 ____D C:\Users\thoma\AppData\Local\D3DSCache
2021-06-24 11:33 - 2021-05-16 20:45 - 000000000 ____D C:\ProgramData\XSplit
2021-06-24 11:33 - 2021-01-09 23:18 - 000000000 ____D C:\ProgramData\SplitmediaLabs
2021-06-24 11:30 - 2020-09-06 15:11 - 000805200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-24 11:29 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-24 08:55 - 2019-12-04 01:06 - 000000000 ____D C:\ProgramData\ProductData
2021-06-23 18:23 - 2020-04-27 22:06 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-06-22 18:50 - 2019-04-22 23:09 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2021-06-21 07:48 - 2017-10-19 23:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-06-21 07:45 - 2020-03-14 19:43 - 000000000 ____D C:\Program Files (x86)\Jabra
2021-06-21 07:45 - 2017-10-19 01:34 - 000000000 ____D C:\ProgramData\Package Cache
2021-06-20 16:41 - 2017-10-20 22:42 - 000000000 ____D C:\Program Files\DIFX
2021-06-17 23:36 - 2019-02-05 12:34 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Sqrl
2021-06-16 08:07 - 2021-02-10 23:04 - 000000000 ____D C:\Program Files\Kite
2021-06-16 08:07 - 2020-12-20 16:43 - 000001132 _____ C:\Users\thoma\Desktop\MicroSIP.lnk
2021-06-16 08:07 - 2020-12-20 16:43 - 000000000 ____D C:\Users\thoma\AppData\Local\MicroSIP
2021-06-14 15:12 - 2017-10-19 08:15 - 000000000 ____D C:\Users\thoma\AppData\Roaming\vlc
2021-06-14 15:04 - 2020-09-14 00:02 - 000000000 ____D C:\Users\thoma\AppData\Roaming\obs-studio
2021-06-14 00:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-06-13 23:48 - 2020-09-14 00:02 - 000000000 ____D C:\Program Files\obs-studio
2021-06-12 23:47 - 2021-01-02 23:56 - 000000000 ____D C:\Ubuntu_20_10
2021-06-12 22:26 - 2020-09-06 13:52 - 000000000 ____D C:\Users\thoma
2021-06-11 13:01 - 2021-02-17 21:21 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-06-10 08:20 - 2017-10-19 22:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-10 08:12 - 2017-10-19 22:06 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-09 16:10 - 2017-10-19 01:37 - 000002099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-06-06 16:38 - 2019-10-04 00:31 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-06-06 15:44 - 2021-02-18 23:17 - 000002206 _____ C:\Users\thoma\Desktop\Slack.lnk
2021-06-06 15:44 - 2021-02-18 23:17 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2021-06-06 15:44 - 2021-02-18 23:17 - 000000000 ____D C:\Users\thoma\AppData\Local\slack
2021-06-06 15:44 - 2017-10-19 08:12 - 000000000 ____D C:\Users\thoma\AppData\Local\SquirrelTemp
2021-06-04 22:11 - 2017-10-19 01:40 - 000001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-06-03 18:50 - 2020-04-30 07:10 - 000000000 ____D C:\Users\sandr\AppData\Local\AVAST Software
2021-06-03 11:16 - 2019-02-01 00:09 - 000000000 ____D C:\ProgramData\Mozilla
2021-06-03 11:14 - 2020-10-26 21:56 - 000180944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-06-03 11:14 - 2020-09-06 15:20 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-06-03 11:14 - 2020-04-20 20:52 - 000522864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-06-03 11:14 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-03 11:14 - 2019-11-15 08:10 - 000851144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-06-03 11:14 - 2019-11-15 08:10 - 000471352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-06-03 11:14 - 2019-11-15 08:10 - 000365536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-06-03 11:14 - 2019-11-15 08:10 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-06-03 11:14 - 2019-11-15 08:10 - 000250336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-06-03 11:14 - 2019-11-15 08:10 - 000216360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-06-03 11:14 - 2019-11-15 08:10 - 000107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-06-03 11:14 - 2019-11-15 08:10 - 000099296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-06-03 11:14 - 2019-11-15 08:10 - 000082856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-06-03 11:14 - 2019-11-15 08:10 - 000041296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-06-03 11:14 - 2019-11-15 08:10 - 000035664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-06-03 11:14 - 2017-12-25 23:33 - 000351544 _____ C:\WINDOWS\Macrium Reflect Patch Log.txt
2021-05-31 08:07 - 2017-12-09 15:31 - 000000000 ____D C:\Program Files (x86)\Innovative Solutions
2021-05-31 08:03 - 2021-01-04 00:27 - 000000000 ____D C:\Users\thoma\Desktop\Programme
2021-05-31 08:03 - 2017-12-09 15:31 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Innovative Solutions
2021-05-31 08:03 - 2017-12-09 15:31 - 000000000 ____D C:\Users\thoma\AppData\Local\Innovative Solutions
2021-05-31 07:32 - 2019-11-09 23:01 - 000000000 ____D C:\Users\thoma\AppData\Local\Opera Software
2021-05-30 21:56 - 2019-03-02 00:25 - 000000000 ____D C:\Users\thoma\.dbus-keyrings
2021-05-30 20:25 - 2017-10-19 01:25 - 000000000 ____D C:\Program Files (x86)\Intel
2021-05-30 20:22 - 2018-09-04 21:15 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2021-05-30 20:16 - 2019-09-15 01:23 - 000002166 _____ C:\Users\thoma\Desktop\DeepL.lnk
2021-05-30 20:16 - 2019-09-15 01:23 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeepL GmbH
2021-05-30 20:16 - 2019-09-15 01:23 - 000000000 ____D C:\Users\thoma\AppData\Local\DeepL

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2020-10-04 17:19 - 2020-10-04 17:19 - 000000000 _____ () C:\Users\thoma\.mongorc.js
2020-11-27 09:35 - 2020-11-18 15:04 - 114459920 _____ (Microsoft Corporation) C:\Program Files\Teams_windows_x64.exe
2018-10-21 00:46 - 2017-10-25 03:31 - 007438336 _____ () C:\Program Files (x86)\WinAuth.exe
2018-02-10 21:14 - 2018-02-10 21:14 - 000000171 _____ () C:\Users\thoma\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
2018-02-10 21:14 - 2018-10-14 18:06 - 000000904 _____ () C:\Users\thoma\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
2019-12-04 08:33 - 2019-12-04 08:33 - 000000171 _____ () C:\Users\thoma\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2018-02-10 21:14 - 2018-02-10 21:14 - 000000175 _____ () C:\Users\thoma\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
2017-10-19 08:13 - 2017-12-10 16:12 - 000000883 _____ () C:\Users\thoma\AppData\Roaming\gnuplot_history
2021-01-09 22:59 - 2021-01-13 19:59 - 000000016 _____ () C:\Users\thoma\AppData\Roaming\obs-virtualcam.txt
2018-07-22 15:03 - 2021-02-06 17:56 - 000000128 _____ () C:\Users\thoma\AppData\Roaming\winscp.rnd
2021-06-27 17:55 - 2021-06-27 17:56 - 000000606 _____ () C:\Users\thoma\AppData\Local\cbfsconnect2017-{B0031874-3D4F-4F60-8171-49DE03D3E003}.zip
2019-05-16 06:28 - 2020-09-26 09:37 - 000009728 _____ () C:\Users\thoma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-07-01 16:15 - 2018-07-01 16:15 - 000000600 _____ () C:\Users\thoma\AppData\Local\PUTTY.RND
2021-05-30 21:56 - 2021-05-30 21:56 - 000000218 _____ () C:\Users\thoma\AppData\Local\recently-used.xbel
2021-04-09 19:33 - 2021-04-09 19:33 - 000007609 _____ () C:\Users\thoma\AppData\Local\Resmon.ResmonCfg
2019-11-09 22:48 - 2019-11-09 22:48 - 000000000 _____ () C:\Users\thoma\AppData\Local\TaskMan.cmd.done
2019-11-09 22:48 - 2019-11-09 22:48 - 000000105 _____ () C:\Users\thoma\AppData\Local\TaskMan.cmd.errors
2021-06-27 17:50 - 2021-06-27 17:50 - 122854203 _____ () C:\Users\thoma\AppData\Local\Temp.zip

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         
--- --- ---

Alt 27.06.2021, 21:31   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt - Standard

Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt



edit: alles gut
__________________

__________________

Alt 27.06.2021, 21:33   #3
tsmomc
 
Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt - Standard

Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt



Und was ist das Programm dann?
__________________

Alt 27.06.2021, 21:36   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt - Standard

Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt



Bitte das ander Log von FRST noch posten.
__________________
Logs bitte immer in CODE-Tags posten

Alt 27.06.2021, 21:39   #5
tsmomc
 
Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt - Standard

Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt



Shortcut Teil 1

Code:
ATTFilter
Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 26-06-2021
durchgeführt von thoma (27-06-2021 20:54:31)
Gestartet von D:\download\+++ troyaner +++
Start-Modus: Normal

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies\EasyBCD\Online Documentation.lnk -> hxxp://neosmart.net/wiki/easybcd
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 11\BesuchtDVDFabWebsite.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab11&v=11.0.8.
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber\Support-Forum.lnk -> hxxp://forum.audiograbber.de
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 11\BesuchtDVDFabWebsite.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab11&v=11.0.8.


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk -> C:\ProgramData\BlueStacks\Client\BlueStacks.exe (BlueStack Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqdirec.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Luminar 3.lnk -> C:\Program Files\Skylum\Luminar 3\Luminar 3.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\PDFill PDF Editor.lnk -> C:\Program Files (x86)\PlotSoft\PDFill\PDFill.exe (PlotSoft L.L.C.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1&1 Verschlüsselung.lnk -> C:\Program Files\1&1 Verschlüsselung\1&1 Verschluesselung.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 8.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Distiller.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 8 Professional.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 4.5.lnk -> C:\Program Files (x86)\Adobe\Adobe Digital Editions 4.5\DigitalEditions.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle Designer 8.0.lnk -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Designer 8.0\FormDesigner.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyMusic.lnk -> C:\Program Files\AnyMusic\AnyMusic.exe (AmoyShare Technology Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (Audacity Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 2021.lnk -> C:\Program Files (x86)\Audials\Audials 2021\AudialsStarter.exe (Audials AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials Music Tube.lnk -> C:\Program Files (x86)\Audials\MusicTube 2020\AudialsStarter.exe (Audials AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AusweisApp2.lnk -> C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk -> C:\Program Files (x86)\BlueStacks\HD-MultiInstanceManager.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks.lnk -> C:\ProgramData\BlueStacks\Client\Bluestacks.exe (BlueStack Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 9 (64-bit).lnk -> C:\Program Files\CyberLink\PhotoDirector9\PhotoDirector9.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eraser.lnk -> C:\Program Files\Eraser\Eraser.exe (The Eraser Project)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.24.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.10.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GPA.lnk -> C:\Program Files (x86)\Gpg4win\bin\gpa.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HBCI-Modul für Money 99 Version 2000.lnk -> C:\Program Files (x86)\MSMoney99\System\hbci\hbcifm99.exe (Dr. Ulrich Amann)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk -> C:\Program Files (x86)\HP\Digital Imaging\DocProc\regipe.exe (I.R.I.S. SA)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk -> C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePassXC.lnk -> C:\Windows\Installer\{ECCC6E1C-C5D1-4B71-94B0-B2F713AF9036}\ProductIcon.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kleopatra.lnk -> C:\Program Files (x86)\Gpg4win\bin\kleopatra.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium viBoot.lnk -> C:\Program Files\Macrium\Reflect\viBoot.exe (Windows (R) Win 7 DDK provider)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Money.lnk -> C:\Program Files (x86)\MSMoney99\MSMONEY.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Money-Browser.lnk -> C:\Program Files (x86)\MSMoney99\System\Money-Browser\MNYBrowser.exe (Dr. Ulrich Amann)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neo4j Desktop.lnk -> C:\Program Files\Neo4j Desktop\Neo4j Desktop.exe (Neo4j Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk -> C:\Program Files\paint.net\PaintDotNet.exe (dotPDN LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung DeX.lnk -> C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics Co., Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\spacedesk SERVER.lnk -> C:\Windows\System32\spacedeskServiceTray.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs OBS.lnk -> C:\Program Files\Streamlabs OBS\Streamlabs OBS.exe (General Workings, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware Horizon Client.lnk -> C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe (VMware, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk -> C:\Program Files (x86)\WinSCP\WinSCP.exe (Martin Prikryl)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind.lnk -> C:\Program Files\XMind ZEN\XMind.exe (XMind Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube-DLG\Youtube-DLG entfernen.lnk -> C:\Program Files (x86)\Youtube-DLG\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube-DLG\Youtube-DLG.lnk -> C:\Program Files (x86)\Youtube-DLG\youtube-dl-gui.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit\XSplit VCam.lnk -> C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind\XMind 8 Update 8.lnk -> C:\Program Files (x86)\XMind\XMind.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind\Support\Readme.lnk -> C:\Program Files (x86)\XMind\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind\Support\Uninstall XMind.lnk -> C:\Program Files (x86)\XMind\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode 64bit\Uninstall XMedia Recode 64bit.lnk -> C:\Program Files\XMedia Recode 64bit\unins000.exe (XMedia Recode 64bit                                         )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode 64bit\XMedia Recode 64bit.lnk -> C:\Program Files\XMedia Recode 64bit\XMedia Recode.exe (XMedia Recode)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xerox\Xerox Notifications.lnk -> C:\Program Files\Xerox\XeroxPrintExperience\XeroxPrintExperience\XeroxToastNotifier.Exe (Xerox Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xerox\Xerox Scanner Management Utility.lnk -> C:\Program Files\Xerox\Xerox Scanner Management Utility\XrxScannerManagementUtility.exe (Xerox Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMerge\Benutzerhandbuch.lnk -> C:\Program Files (x86)\WinMerge\Docs\WinMerge.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMerge\WinMerge.lnk -> C:\Program Files (x86)\WinMerge\WinMergeU.exe (hxxps://winmerge.org)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack\Documentation.lnk -> C:\Program Files\WinHTTrack\httrack-doc.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack\WinHTTrack Website Copier.lnk -> C:\Program Files\WinHTTrack\WinHTTrack.exe (HTTrack)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Weka 3.8.4\Documentation.lnk -> C:\Program Files\Weka-3-8-4\documentation.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Weka 3.8.4\Uninstall Weka 3.8.4.lnk -> C:\Program Files\Weka-3-8-4\uninstall.exe (Machine Learning Group, University of Waikato, Hamilton, NZ)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware\VMware Workstation 16 Player.lnk -> C:\Program Files (x86)\VMware\VMware Player\vmplayer.exe (VMware, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual BCD\DualBootRepair.lnk -> C:\Program Files (x86)\Visual BCD\DualBootRepair.exe (BoYans)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual BCD\Visual BCD Editor.lnk -> C:\Program Files (x86)\Visual BCD\VisualBcd.exe (mail: 'boyans.gm@gmail.com')
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoProc\Deinstallieren VideoProc.lnk -> C:\Program Files (x86)\Digiarty\VideoProc\uninstaller.exe (Digiarty, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoProc\VideoProc.lnk -> C:\Program Files (x86)\Digiarty\VideoProc\VideoProc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeraCrypt\VeraCrypt.lnk -> C:\Program Files\VeraCrypt\VeraCrypt.exe (IDRIX)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeraCrypt\VeraCryptExpander.lnk -> C:\Program Files\VeraCrypt\VeraCryptExpander.exe (IDRIX)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS\VEGAS Pro 15.0\VEGAS Pro 15.0 Liesmich.lnk -> C:\Program Files\VEGAS\VEGAS Pro 15.0\readme\Vegas_readme_deu.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS\VEGAS Pro 15.0\VEGAS Pro 15.0.lnk -> C:\Program Files\VEGAS\VEGAS Pro 15.0\vegas150.exe (MAGIX Computer Products Intl. Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Manager\Uninstall Manager entfernen.lnk -> C:\Program Files (x86)\Martin Fuchs\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Manager\Uninstall Manager im Internet.lnk -> C:\Program Files (x86)\Martin Fuchs\uninstmgr.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Manager\Uninstall Manager.lnk -> C:\Program Files (x86)\Martin Fuchs\uninstmgr.exe (Martin Fuchs)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraEdit\UltraEdit-Hilfe.lnk -> C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\uedit32.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraEdit\UltraEdit-LIESMICH.lnk -> C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraEdit\UltraEdit-Texteditor.lnk -> C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\Uedit32.exe (IDM Computer Solutions, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software\PDF-XChange Editor (Compatibility mode).lnk -> C:\Program Files\Tracker Software\PDF Editor\PDFXEdit_low.exe (Tracker Software Products (Canada) Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software\PDF-XChange Editor.lnk -> C:\Program Files\Tracker Software\PDF Editor\PDFXEdit.exe (Tracker Software Products (Canada) Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software\Tracker Updater.lnk -> C:\Program Files\Tracker Software\Update\TrackerUpdate.exe (Tracker Software Products (Canada) Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software\PDF-XChange Lite\PDF-XChange Lite License Agreement.lnk -> C:\Program Files\Tracker Software\PDF-XChange Lite\Help\PDFXLicense.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software\PDF-XChange Lite\PDF-XChange Lite User Manual.lnk -> C:\Program Files\Tracker Software\PDF-XChange Lite\Help\PDFX8ManLiteSm.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software\PDF-XChange Editor\PDF-XChange Editor Help.lnk -> C:\Program Files\Tracker Software\PDF Editor\Help\PDFXVE8Sm.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software\PDF-XChange Editor\PDF-XChange Editor License Agreement.lnk -> C:\Program Files\Tracker Software\PDF Editor\PDF_VE.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander 64 bit Entfernen oder Reparieren.lnk -> C:\Program Files\totalcmd\TCUNIN64.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander 64 bit.lnk -> C:\Program Files\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander Hilfe.lnk -> C:\Program Files\totalcmd\TOTALCMD.CHM ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechyGeeksHome\Ultimate Settings Panel.lnk -> C:\Windows\Installer\{2F0E2793-E444-4851-A4FC-61EC635326CF}\_D8C59A019EF6A81D071155.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Studio 3T\Studio 3T.lnk -> C:\Program Files\3T Software Labs\Studio 3T\Studio 3T.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Screen InStyle.lnk -> C:\Program Files (x86)\EIZO\Screen InStyle\ScreenInStyle.exe (EIZO Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolarCoin\SolarCoin.lnk -> C:\Program Files (x86)\SolarCoin\solarcoin-qt.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolarCoin\Uninstall.lnk -> C:\Program Files (x86)\SolarCoin\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soda PDF Desktop\Soda PDF Desktop.lnk -> C:\Program Files\Soda PDF Desktop\soda.exe (LULU Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SILKYPIX Developer Studio 7 Deutsch\SILKYPIX Developer Studio 7 Deutsch.lnk -> C:\Program Files\ISL\SILKYPIX Developer Studio 7 Deutsch\SILKYPIX_DS7.exe (Ichikawa Soft Laboratory)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SILKYPIX Developer Studio 7 Deutsch\Software Manual.lnk -> C:\Program Files\ISL\SILKYPIX Developer Studio 7 Deutsch\Manual\man0001.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\SeaTools for Windows\Uninstall.lnk -> C:\Program Files (x86)\Seagate\SeaTools for Windows\uninst.exe (Seagate Technology LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician\Samsung Magician entfernen.lnk -> C:\Program Files (x86)\Samsung\Samsung Magician\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician\Samsung Magician.lnk -> C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe (Samsung Electronics Co. Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rtools 4.0\Rtools Bash.lnk -> C:\Program Files\rtools40\msys2.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rtools 4.0\Rtools MinGW 32-bit.lnk -> C:\Program Files\rtools40\mingw32.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rtools 4.0\Rtools MinGW 64-bit.lnk -> C:\Program Files\rtools40\mingw64.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rtools 4.0\Uninstall Rtools.lnk -> C:\Program Files\rtools40\unins000.exe (The R Foundation                                            )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio\RStudio.lnk -> C:\Program Files\RStudio\bin\rstudio.exe (RStudio, PBC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio\Uninstall.lnk -> C:\Program Files\RStudio\Uninstall.exe (RStudio, PBC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recordify\Recordify.lnk -> C:\Program Files (x86)\Recordify\AbLauncher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.9\Python 3.9 (64-bit).lnk -> C:\Python39\python.exe (Python Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\Pageant.lnk -> C:\Program Files\PuTTY\pageant.exe (Simon Tatham)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PSFTP.lnk -> C:\Program Files\PuTTY\psftp.exe (Simon Tatham)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTY Manual.lnk -> C:\Program Files\PuTTY\putty.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTY Web Site.lnk -> C:\Program Files\PuTTY\website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTY.lnk -> C:\Program Files\PuTTY\putty.exe (Simon Tatham)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)\PuTTYgen.lnk -> C:\Program Files\PuTTY\puttygen.exe (Simon Tatham)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFtk - The PDF Toolkit\PDFtk - The PDF Toolkit.lnk -> C:\Program Files (x86)\PDFtk\bin\PdftkXp.exe (PDF Labs)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFtk - The PDF Toolkit\Uninstall PDFtk.lnk -> C:\Program Files (x86)\PDFtk\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill\Help for PDFill PDF Editor.lnk -> C:\Program Files (x86)\PlotSoft\PDFill\PDFill.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill\Help for PDFill PDF Tools.lnk -> C:\Program Files (x86)\PlotSoft\PDFill\PDFill_PDF_Tools.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill\Help for PDFill PDF&Image Writer.lnk -> C:\Program Files (x86)\PlotSoft\PDFill\WriterSave.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill\PDFill PDF Editor.lnk -> C:\Program Files (x86)\PlotSoft\PDFill\PDFill.exe (PlotSoft L.L.C.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill\PDFill PDF Tools (FREE).lnk -> C:\Program Files (x86)\PlotSoft\PDFill\PDFill_PDF_Tools.exe (PlotSoft L.L.C.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill\PDFill PDF&Image Writer (Free).lnk -> C:\Program Files (x86)\PlotSoft\PDFill\WriterSave.exe (PlotSoft LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24\PDF24.lnk -> C:\Program Files\PDF24\pdf24-Toolbox.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Passbild-Generator\Passbild-Generator entfernen.lnk -> C:\Program Files (x86)\Passbild-Generator\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Passbild-Generator\Passbild-Generator.lnk -> C:\Program Files (x86)\Passbild-Generator\Passbild-Generator.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Base.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sbase.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Calc.lnk -> C:\Program Files (x86)\OpenOffice 4\program\scalc.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Draw.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Impress.lnk -> C:\Program Files (x86)\OpenOffice 4\program\simpress.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Math.lnk -> C:\Program Files (x86)\OpenOffice 4\program\smath.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Writer.lnk -> C:\Program Files (x86)\OpenOffice 4\program\swriter.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\obs-websocket\Uninstall obs-websocket.lnk -> C:\Program Files\obs-studio\unins000.exe (Stephane Lepin                                              )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (64bit).lnk -> C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\Uninstall.lnk -> C:\Program Files\obs-studio\uninstall.exe (obsproject.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\NVIDIA Tools Extension (64 bit)\Browse NVIDIA Tools Extension.lnk -> C:\Program Files\NVIDIA Corporation\NvToolsExt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\Nsight Visual Studio Edition 2020.3\Nsight Monitor.lnk -> C:\Program Files (x86)\NVIDIA Corporation\Nsight Visual Studio Edition 2020.3\Monitor\Common\Nsight.Monitor.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\Nsight Visual Studio Edition 2020.3\Nsight Redistributable.lnk -> C:\ProgramData\NVIDIA Corporation\Nsight\NVIDIA_Nsight_Visual_Studio_Edition_Win64_2020.3.1.21012_29495073.msi ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\Nsight Systems 2020.4.3\Nsight Systems 2020.4.3.lnk -> C:\Program Files\NVIDIA Corporation\Nsight Systems 2020.4.3\host-windows-x64\nsys-ui.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\Nsight Compute 2020.3.1\Nsight Compute.lnk -> C:\Program Files\NVIDIA Corporation\Nsight Compute 2020.3.1\host\windows-desktop-win7-x64\ncu-ui.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js.lnk -> C:\Program Files\nodejs\node.exe (Node.js)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies\EasyBCD\EasyBCD 2.4.lnk -> C:\Program Files (x86)\NeoSmart Technologies\EasyBCD\EasyBCD.exe (NeoSmart Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies\EasyBCD\Uninstall EasyBCD.lnk -> C:\Program Files (x86)\NeoSmart Technologies\EasyBCD\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAPS2\NAPS2.lnk -> C:\Program Files (x86)\NAPS2\NAPS2.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MovieJack free\MovieJack free.lnk -> C:\Program Files (x86)\Engelmann Software\MovieJack free\MovieJack.exe (Engelmann Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool ShadowMaker\ MiniTool ShadowMaker entfernen.lnk -> C:\Program Files\MiniTool ShadowMaker\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool ShadowMaker\MiniTool ShadowMaker.lnk -> C:\Program Files\MiniTool ShadowMaker\system_backup_gui.exe (MiniTool)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12\MiniTool Partition Wizard entfernen.lnk -> C:\Program Files\MiniTool Partition Wizard 12\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12\MiniTool Partition Wizard.lnk -> C:\Program Files\MiniTool Partition Wizard 12\partitionwizard.exe (MiniTool Software Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool MovieMaker\MiniTool MovieMaker.lnk -> C:\Program Files (x86)\MiniTool MovieMaker\bin\Launcher.exe (MiniTool)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool MovieMaker\Uninstall MiniTool MovieMaker.lnk -> C:\Program Files (x86)\MiniTool MovieMaker\Uninstaller\unins000.exe (MiniTool                                                    )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Aufzeichnungs-Manager von Skype for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OcPubMgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office-Spracheinstellungen.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Access 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Excel 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft OneNote 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft PowerPoint 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Publisher 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pubs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Word 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-Tools\Digitales Zertifikat für VBA-Projekte.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-Tools\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-Tools\Microsoft Office 2010 Upload Center.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\msouc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-Tools\Microsoft Office 2010-Spracheinstellungen.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-Tools\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-Tools\Office Anytime Upgrade.lnk -> C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\promo.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaHuman\YouTube to MP3 Converter\MediaHuman YouTube to MP3 Converter.lnk -> C:\Program Files (x86)\MediaHuman\YouTube to MP3 Converter\YouTubeToMP3.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\Music Maker\Music Maker.lnk -> C:\Program Files (x86)\MAGIX\Music Maker\25\MusicMaker.exe (MAGIX Software GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Video deluxe COMPUTER BILD-Edition\MAGIX Video deluxe COMPUTER BILD-Edition.lnk -> C:\Program Files\MAGIX\Video deluxe COMPUTER BILD-Edition\2019\Videodeluxe.exe (MAGIX Software GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Photostory Deluxe COMPUTER BILD-Edition\MAGIX Photostory Deluxe COMPUTER BILD-Edition.lnk -> C:\Program Files\MAGIX\Photostory Deluxe COMPUTER BILD-Edition\2019\Fotos_dlx.exe (MAGIX Software GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium\Reflect\Macrium Reflect.lnk -> C:\Program Files\Macrium\Reflect\reflect.exe (Paramount Software UK Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Luminar 2018\Luminar 2018.lnk -> C:\Windows\Installer\{935AB8A6-0E0A-41E4-BAC3-5EBDCDC7F766}\LogoIcon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LizardSystems\Wi-Fi Scanner\Uninstall Wi-Fi Scanner.lnk -> C:\Program Files (x86)\LizardSystems\Wi-Fi Scanner\unins000.exe (LizardSystems                                               )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LizardSystems\Wi-Fi Scanner\Wi-Fi Scanner.lnk -> C:\Program Files (x86)\LizardSystems\Wi-Fi Scanner\wifiscanner.exe (LizardSystems)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks\lightworks x64 (14.0.0.0).lnk -> C:\Program Files\Lightworks\lightworks.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks\Uninstall Lightworks.lnk -> C:\Program Files\Lightworks\uninstall.exe (EditShare)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KNIME\KNIME Analytics Platform.lnk -> C:\Program Files\KNIME\knime.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KNIME\Uninstall KNIME Analytics Platform.lnk -> C:\Program Files\KNIME\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kite\Kite.lnk -> C:\Program Files\Kite\kited.exe (Kite)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains\PyCharm Community Edition 2019.3.3.lnk -> C:\Program Files\JetBrains\PyCharm Community Edition 2019.3.3\bin\pycharm64.exe (JetBrains s.r.o.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Java konfigurieren.lnk -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jabra\Jabra Direct.lnk -> C:\Program Files (x86)\Jabra\Direct4\jabra-direct.exe (GN Audio A/S)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\About IrfanView.lnk -> C:\Program Files\IrfanView\i_about.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\Available Languages.lnk -> C:\Program Files\IrfanView\i_languages.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\Available PlugIns.lnk -> C:\Program Files\IrfanView\i_plugins.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\Command line Options.lnk -> C:\Program Files\IrfanView\i_options.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView 64 4.50.lnk -> C:\Program Files\IrfanView\i_view64.exe (Irfan Skiljan)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView 64 4.51.lnk -> C:\Program Files\IrfanView\i_view64.exe (Irfan Skiljan)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView Help.lnk -> C:\Program Files\IrfanView\i_view32.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView Hilfe.lnk -> C:\Program Files\IrfanView\Help\i_view32_deutsch.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\Kommandozeilen-Optionen.lnk -> C:\Program Files\IrfanView\i_options.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\Verfügbare PlugIns.lnk -> C:\Program Files\IrfanView\i_plugins.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\Verfügbare Sprachen.lnk -> C:\Program Files\IrfanView\i_languages.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\Was ist neu.lnk -> C:\Program Files\IrfanView\i_changes.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\What's New.lnk -> C:\Program Files\IrfanView\i_changes.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\Über IrfanView.lnk -> C:\Program Files\IrfanView\i_about.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Software Updater\IObit Software Updater entfernen.lnk -> C:\Program Files (x86)\IObit\Software Updater\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Software Updater\IObit Software Updater.lnk -> C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe (IObit)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk -> C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape\Inkscape.lnk -> C:\Program Files\Inkscape\bin\inkscape.exe (Inkscape project)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape\Inkview.lnk -> C:\Program Files\Inkscape\bin\inkview.exe (Inkscape project)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape\Uninstall.lnk -> C:\Program Files\Inkscape\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart Essential.lnk -> C:\Program Files (x86)\HP\Photosmart Essential\HP_IZE.exe (Hewlett-Packard, Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Produktassistent.lnk -> C:\Program Files (x86)\HP\Digital Imaging\Product Assistant\bin\hprbui.exe (Hewlett-Packard Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Solution Center.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqdirec.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Scanjet\8200\Benutzerhandbuch.lnk -> C:\Program Files (x86)\HP\Digital Imaging\sj8270\SJumDI.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Scanjet\8200\Info.lnk -> C:\Program Files (x86)\HP\Digital Imaging\sj8270\readme.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Scanjet\8200\Produktregistrierung.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe (Hewlett-Packard Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Scanjet\8200\Produktsupport-Website.lnk -> C:\Program Files (x86)\HP\Digital Imaging\sj8270\Support.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart Essential\HP Photosmart Essential.lnk -> C:\Program Files (x86)\HP\Photosmart Essential\HP_IZE.exe (Hewlett-Packard, Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HBCI-Modul für Money 99 Version 2000\FAQ zum HBCI-Modul für Money 99 Version 2000.lnk -> C:\Program Files (x86)\MSMoney99\System\hbci\FAQ.CHM ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HBCI-Modul für Money 99 Version 2000\HBCI-Modul für Money 99 Version 2000.lnk -> C:\Program Files (x86)\MSMoney99\System\hbci\hbcifm99.exe (Dr. Ulrich Amann)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HBCI-Modul für Money 99 Version 2000\Hilfe zum HBCI-Modul für Money 99 Version 2000.lnk -> C:\Program Files (x86)\MSMoney99\System\hbci\HBCIFM99.CHM ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV\WinTV 8.5.lnk -> C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe (Hauppauge Computer Works, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV\WinTV v8.5 Help.lnk -> C:\Users\Public\WinTV\Help\German\WinTV7.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Manager 25 Anniversary LE\Logs Collector Tool.lnk -> C:\Program Files\Paragon Software\Hard Disk Manager 25 Anniversary LE\program\logsaver.exe (Paragon Software GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Manager 25 Anniversary LE\Paragon Festplatten Manager™ 25 Jahre Limitierte Jubiläumsedition.lnk -> C:\Program Files\Paragon Software\Hard Disk Manager 25 Anniversary LE\program\hdm17.exe (Paragon Software GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HackCheck\HackCheck.lnk -> C:\Program Files (x86)\HackCheck\AbLauncher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gsview\gsview 6.0.LNK -> C:\Program Files\Artifex Software\gsview6.0\bin\gsview.exe (Artifex Software Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gsview\Uninstall gsview 6.0.LNK -> C:\Program Files\Artifex Software\gsview6.0\uninstgsview.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuCash\Deinstallieren von GnuCash.lnk -> C:\Program Files (x86)\gnucash\uninstall\gnucash\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuCash\Erweiterung um Wechselkurse mit GnuCash online abzurufen.lnk -> C:\Program Files (x86)\gnucash\bin\install-fq-mods.cmd ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuCash\GnuCash README anzeigen.lnk -> C:\Program Files (x86)\gnucash\doc\gnucash\README-de.win32-bin.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuCash\GnuCash.lnk -> C:\Program Files (x86)\gnucash\bin\gnucash.exe (GnuCash Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GlassWire\GlassWire.lnk -> C:\Program Files (x86)\GlassWire\GlassWire.exe (SecureMix LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GlassWire\Uninstall.lnk -> C:\Program Files (x86)\GlassWire\uninstall.exe (SecureMix LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git\Git GUI.lnk -> C:\Program Files\Git\cmd\git-gui.exe (The Git Development Community)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git\Git Release Notes.lnk -> C:\Program Files\Git\ReleaseNotes.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gigaset QuickSync\Gigaset QuickSync.lnk -> C:\Program Files (x86)\Gigaset QuickSync\Gqs.UI.exe (Gigaset Communications GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript\Ghostscript Readme 9.53.3.LNK -> C:\Program Files\gs\gs9.53.3\doc\Readme.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript\Uninstall Ghostscript 9.53.3.LNK -> C:\Program Files\gs\gs9.53.3\uninstgs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\Garmin Express.lnk -> C:\Program Files (x86)\Garmin\Express\express.exe (Garmin Ltd. or its subsidiaries)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeMind\FreeMind.lnk -> C:\Program Files (x86)\FreeMind\FreeMind.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeMind\Uninstall FreeMind.lnk -> C:\Program Files (x86)\FreeMind\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis\HDR projects 4\HDR projects 4 (64-Bit).lnk -> C:\Program Files\Franzis\HDR projects 4\HDR projects 4.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EventReporter\EventReporter Configuration.lnk -> C:\Program Files (x86)\EventReporter\CFGEvntSLog.exe (Adiscon GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EventReporter\EventReporter Legacy Client.lnk -> C:\Program Files (x86)\EventReporter\oldCFGEvntSLog.exe (Adiscon GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EventReporter\EventReporter Manual.lnk -> C:\Program Files (x86)\EventReporter\manual\EventReporter.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eudora\Eudora Help.lnk -> C:\Program Files (x86)\Qualcomm\Eudora\EUDORA.hlp ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eudora\Eudora Quick Start Guide.lnk -> C:\Program Files (x86)\Qualcomm\Eudora\Qckstart.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eudora\Eudora.lnk -> C:\Program Files (x86)\Qualcomm\Eudora\Eudora.exe (QUALCOMM Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eudora\Visit Website.lnk -> C:\Program Files (x86)\Qualcomm\Eudora\eudora.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\ElsterFormular.lnk -> C:\Program Files (x86)\ElsterFormular\bin\pica.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Infodatei - Support.lnk -> C:\Program Files (x86)\ElsterFormular\bin\hotlinetool.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Lizenzvertrag.lnk -> C:\Program Files (x86)\ElsterFormular\lizenzvertrag.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\DVDVideoSoft Free Studio.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\FreeStudioManager.exe (Digital Wave Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free YouTube To MP3 Converter.lnk -> C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe (Digital Wave Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Log Report.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVSSysReport.exe (DVDVideoSoft Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Premium Membership.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\PremiumMembershipOffer.exe (DVDVideoSoft Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Uninstall.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 11\DeinstalliertDVDFab.lnk -> C:\Program Files (x86)\DVDFab 11\uninstall.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 11\DVDFab 11 Mini.lnk -> C:\Program Files (x86)\DVDFab 11\DVDFab.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 11\DVDFab 11.lnk -> C:\Program Files (x86)\DVDFab 11\DVDFab.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia\Dia Manual (CHM).lnk -> C:\Program Files (x86)\Dia\help\C\dia-manual.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia\Dia Manual (PDF).lnk -> C:\Program Files (x86)\Dia\help\C\dia-manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia\FAQ.lnk -> C:\Program Files (x86)\Dia\help\C\faq.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia\Uninstall.lnk -> C:\Program Files (x86)\Dia\dia-0.97.2-uninstall.exe (The Dia Developers)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia\Polish\Dia Manual (CHM).lnk -> C:\Program Files (x86)\Dia\help\pl\dia-manual.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia\Polish\Dia Manual (PDF).lnk -> C:\Program Files (x86)\Dia\help\pl\dia-manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia\French\Dia Manual (CHM).lnk -> C:\Program Files (x86)\Dia\help\fr\dia-manual.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia\French\Dia Manual (PDF).lnk -> C:\Program Files (x86)\Dia\help\fr\dia-manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia\Basque\Dia Manual (CHM).lnk -> C:\Program Files (x86)\Dia\help\eu\dia-manual.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia\Basque\Dia Manual (PDF).lnk -> C:\Program Files (x86)\Dia\help\eu\dia-manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DB Browser for SQLite\DB Browser for SQLite.lnk -> C:\Program Files\DB Browser for SQLite\DB Browser for SQLite.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DB Browser for SQLite\Uninstall.lnk -> C:\Program Files\DB Browser for SQLite\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\darktable\darktable.lnk -> C:\Program Files\darktable\bin\darktable.exe (The darktable team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\darktable\Uninstall.lnk -> C:\Program Files\darktable\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cut Out pro 4\Cut Out pro 4.lnk -> C:\Program Files\Franzis\Cut Out pro 4\CutOut.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cut Out pro 4\Photoshop plugins.lnk -> C:\Program Files\Franzis\Cut Out pro 4\Photoshop Plugins ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cut Out pro 4\Uninstall Cut Out pro 4.lnk -> C:\Program Files\Franzis\Cut Out pro 4\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\cryptomator.org\Cryptomator.lnk -> C:\Program Files\Cryptomator\Cryptomator.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cryptomator\Cryptomator.lnk -> C:\Program Files\Cryptomator\Cryptomator.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Edit CPU-Z Config File.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.ini ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Uninstall CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corsair LINK 4\Corsair LINK 4.lnk -> C:\Windows\Installer\{C636E92F-74DD-42A1-B614-64BC42D2DA3A}\Icon.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management\calibre 64bit - E-book management.lnk -> C:\Program Files\Calibre2\calibre.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management\E-book viewer 64bit.lnk -> C:\Program Files\Calibre2\ebook-viewer.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management\Edit E-book 64bit.lnk -> C:\Program Files\Calibre2\ebook-edit.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management\LRF viewer 64bit.lnk -> C:\Program Files\Calibre2\lrfviewer.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design\DaVinci Resolve\DaVinci Resolve Panels.lnk -> C:\Program Files (x86)\Blackmagic Design\DaVinci Resolve Panels\DaVinci Resolve Panels Setup.exe (Blackmagic Design)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeCyPDFMetaEdit\BeCyPDFMetaEdit.lnk -> C:\Program Files (x86)\BeCyPDFMetaEdit\BeCyPDFMetaEdit.exe (Benjamin Bentmann)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeCyPDFMetaEdit\UnInstaller.lnk -> C:\Program Files (x86)\BeCyPDFMetaEdit\UnInstall.exe (Benjamin Bentmann)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aurora\Aurora.lnk -> C:\Windows\Installer\{BB7ADD89-7C4D-430B-9D3C-8597736DFB4E}\LogoIcon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber\Audiograbber.lnk -> C:\Program Files (x86)\Audiograbber\audiograbber.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber\Deinstallieren.lnk -> C:\Program Files (x86)\Audiograbber\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber\Erste Schritte.lnk -> C:\Program Files (x86)\Audiograbber\Erste_Schritte.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber\Hilfe.lnk -> C:\Program Files (x86)\Audiograbber\German.hlp ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber\Line In Aufnahme.lnk -> C:\Program Files (x86)\Audiograbber\Line-In.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AURA.lnk -> C:\Program Files (x86)\ASUS\AURA\Aura.exe (ASUSTek Computer Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\GameFirst IV.lnk -> C:\Program Files (x86)\ASUS\GameFirst IV\GameFirst IV.exe (Apextitan)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AI Suite 3\AI Suite 3.lnk -> C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe (ASUSTeK Computer Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Home Design 5\Ashampoo Home Design 5  .lnk -> C:\Program Files\Ashampoo\Ashampoo Home Design 5\Program\CAD.exe (VICABO GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Home Design 5\Hilfe\Ashampoo Home Design 5.lnk -> C:\Program Files\Ashampoo\Ashampoo Home Design 5\Program\de-DE\Ashampoo.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Home Design 5\Handbücher\Handbuch Ashampoo Home Design 5.lnk -> C:\Program Files\Ashampoo\Ashampoo Home Design 5\Manuals\de-De\Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Home Design 5\Handbücher\Handbuch Tastaturbelegung.lnk -> C:\Program Files\Ashampoo\Ashampoo Home Design 5\Manuals\de-De\ShortCuts.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio 2017\Ashampoo Burning Studio 2017  .lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2017\burningstudio2017.exe (Ashampoo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft\ApowerMirror\ApowerMirror entfernen.lnk -> C:\Program Files (x86)\Apowersoft\ApowerMirror\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft\ApowerMirror\ApowerMirror.lnk -> C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe (Apowersoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Any Video Recorder\Any Video Recorder entfernen.lnk -> C:\Program Files (x86)\Any Video Recorder\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Any Video Recorder\Any Video Recorder.lnk -> C:\Program Files (x86)\Any Video Recorder\Any Video Recorder.exe (any-video-recorder.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Digital Editions 4.5\Adobe Digital Editions 4.5.lnk -> C:\Program Files (x86)\Adobe\Adobe Digital Editions 4.5\DigitalEditions.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Digital Editions 4.5\Help.lnk -> C:\Program Files (x86)\Adobe\Adobe Digital Editions 4.5\DigitalEditions.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Digital Editions 4.5\Home Page.lnk -> C:\Program Files (x86)\Adobe\Adobe Digital Editions 4.5\DigitalEditions.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Digital Editions 4.5\Uninstall.lnk -> C:\Program Files (x86)\Adobe\Adobe Digital Editions 4.5\uninstall.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files\7-Zip\7zFM.exe (Igor Pavlov)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files\7-Zip\7-zip.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1&1\1&1 Upload-Manager\1&1 Upload-Manager.lnk -> C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE (1&1 Internet AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default)\UFRaw.lnk -> C:\Program Files (x86)\UFRaw\bin\ufraw.exe ()
Shortcut: C:\ProgramData\Magix\Music Maker\25\MxSynth\Concert Grand LE.lnk -> C:\Program Files (x86)\Common Files\MAGIX Services\MxSynth\Concert Grand LE ()
Shortcut: C:\Users\Default\Desktop\Cloudevo.lnk -> C:\Program Files\Evorim\Cloudevo\Cloudevo.exe ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\thoma\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evorim\Cloudevo\Cloudevo.lnk -> C:\Program Files\Evorim\Cloudevo\Cloudevo.exe ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\josef\Links\Desktop.lnk -> C:\Users\josef\Desktop ()
Shortcut: C:\Users\josef\Links\Downloads.lnk -> D:\download ()
Shortcut: C:\Users\josef\Desktop\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.)
Shortcut: C:\Users\josef\Desktop\Cloudevo.lnk -> C:\Program Files\Evorim\Cloudevo\Cloudevo.exe ()
Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\josef\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evorim\Cloudevo\Cloudevo.lnk -> C:\Program Files\Evorim\Cloudevo\Cloudevo.exe ()
Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.)
Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\josef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Shortcut: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\maxim\Links\Desktop.lnk -> C:\Users\maxim\Desktop ()
Shortcut: C:\Users\maxim\Links\Downloads.lnk -> D:\download ()
Shortcut: C:\Users\maxim\Desktop\Binomialverteilung.lnk -> D:\Maximilian\Binomialverteilung.xlsx ()
Shortcut: C:\Users\maxim\Desktop\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.)
Shortcut: C:\Users\maxim\Desktop\Cloudevo.lnk -> C:\Program Files\Evorim\Cloudevo\Cloudevo.exe ()
Shortcut: C:\Users\maxim\Desktop\Microsoft Excel 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\Users\maxim\Desktop\Microsoft PowerPoint 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\Users\maxim\Desktop\Microsoft Word 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\Users\maxim\Desktop\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Word\Textbeschreibung%20%20zu%20Schule306921733876313431\Textbeschreibung%20%20zu%20Schule.docx.lnk -> O:\Textbeschreibung  zu Schule.docx (Keine Datei)
Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\maxim\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evorim\Cloudevo\Cloudevo.lnk -> C:\Program Files\Evorim\Cloudevo\Cloudevo.exe ()
Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.)
Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\maxim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Total Commander 64 bit.lnk -> C:\Program Files\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH)
Shortcut: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Documents\MAGIX\Photostory Deluxe COMPUTER BILD-Edition\Dokumentation\MAGIX Photostory Deluxe COMPUTER BILD-Edition Handbuch.lnk -> C:\Program Files\MAGIX\Photostory Deluxe COMPUTER BILD-Edition\2019\Fotos_dlx_DE.pdf ()
Shortcut: C:\Users\Public\Desktop\1&1 Upload-Manager.lnk -> C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE (1&1 Internet AG)
Shortcut: C:\Users\Public\Desktop\BlueStacks.lnk -> C:\ProgramData\BlueStacks\Client\Bluestacks.exe (BlueStack Systems, Inc.)
Shortcut: C:\Users\Public\Desktop\OBS Studio.lnk -> C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS)
Shortcut: C:\Users\Public\Desktop\PDF-XChange Editor.lnk -> C:\Program Files\Tracker Software\PDF Editor\PDFXEdit.exe (Tracker Software Products (Canada) Ltd.)
Shortcut: C:\Users\Public\Desktop\Streamlabs OBS.lnk -> C:\Program Files\Streamlabs OBS\Streamlabs OBS.exe (General Workings, Inc.)
Shortcut: C:\Users\Public\Desktop\VMware Horizon Client.lnk -> C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe (VMware, Inc.)
Shortcut: C:\Users\Public\Desktop\XSplit VCam.lnk -> C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs)
Shortcut: C:\Users\sandr\Links\Desktop.lnk -> C:\Users\sandr\Desktop ()
Shortcut: C:\Users\sandr\Links\Downloads.lnk -> D:\download ()
Shortcut: C:\Users\sandr\Desktop\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.)
Shortcut: C:\Users\sandr\Desktop\Cloudevo.lnk -> C:\Program Files\Evorim\Cloudevo\Cloudevo.exe ()
Shortcut: C:\Users\sandr\Desktop\fritz.box.lnk -> \\fritz.box\FritzBox7490\CBMV88-CBMV88-01\Benutzer
Shortcut: C:\Users\sandr\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\sandr\Desktop\OneDrive.lnk -> C:\Users\sandr\OneDrive (Keine Datei)
Shortcut: C:\Users\sandr\Desktop\Scanner.lnk -> D:\Sandra\Scanner ()
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Word\Impfkomplikation%20Ha,%20A307901781495616539\Impfkomplikation%20Ha,%20A.docx.lnk -> M:\Impfkomplikation Ha, A.docx (Keine Datei)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\sandr\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre7.lnk -> C:\Program Files (x86)\PhotoFiltre 7\PhotoFiltre7.exe (PhotoFiltre)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evorim\Cloudevo\Cloudevo.lnk -> C:\Program Files\Evorim\Cloudevo\Cloudevo.exe ()
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\IJ Scan Utility.lnk -> C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe (Keine Datei)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Excel 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft PowerPoint 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Word 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Total Commander 64 bit.lnk -> C:\Program Files\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH)
Shortcut: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\WinTV 8.5.lnk -> C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe (Hauppauge Computer Works, Inc.)
Shortcut: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\Videos\Musik - Verknüpfung.lnk -> C:\Users\thoma\Music ()
Shortcut: C:\Users\thoma\Links\Desktop.lnk -> C:\Users\thoma\Desktop ()
Shortcut: C:\Users\thoma\Links\Downloads.lnk -> D:\download ()
Shortcut: C:\Users\thoma\Desktop\1&1 Verschlüsselung.lnk -> C:\Program Files\1&1 Verschlüsselung\1&1 Verschluesselung.exe ()
Shortcut: C:\Users\thoma\Desktop\AIOZ Node.lnk -> C:\Users\thoma\AppData\Local\Programs\aioz_worker_node\AIOZ Node.exe (AIOZ Company)
Shortcut: C:\Users\thoma\Desktop\Autostart.lnk -> C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup ()
Shortcut: C:\Users\thoma\Desktop\DeepL.lnk -> C:\Users\thoma\AppData\Local\DeepL\DeepL.exe (DeepL GmbH)
Shortcut: C:\Users\thoma\Desktop\DesktopOK.lnk -> C:\Program Files\DesktopOK\DesktopOK_x64.exe (Nenad Hrg SoftwareOK)
Shortcut: C:\Users\thoma\Desktop\MicroSIP.lnk -> C:\Users\thoma\AppData\Local\MicroSIP\microsip.exe (www.microsip.org)
Shortcut: C:\Users\thoma\Desktop\RStudio.lnk -> C:\Program Files\RStudio\bin\rstudio.exe (RStudio, PBC)
Shortcut: C:\Users\thoma\Desktop\Signal.lnk -> C:\Users\thoma\AppData\Local\Programs\signal-desktop\Signal.exe (Open Whisper Systems)
Shortcut: C:\Users\thoma\Desktop\Skype for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\Desktop\Slack.lnk -> C:\Users\thoma\AppData\Local\slack\slack.exe (Slack Technologies Inc.)
Shortcut: C:\Users\thoma\Desktop\Telegram.lnk -> C:\Users\thoma\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC)
Shortcut: C:\Users\thoma\Desktop\W & W.lnk -> M:\W & W ()
Shortcut: C:\Users\thoma\Desktop\System\Avast Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
Shortcut: C:\Users\thoma\Desktop\System\Dual-boot Repair.lnk -> C:\Program Files (x86)\Visual BCD\DualBootRepair.exe (BoYans)
Shortcut: C:\Users\thoma\Desktop\System\EasyBCD 2.4.lnk -> C:\Program Files (x86)\NeoSmart Technologies\EasyBCD\EasyBCD.exe (NeoSmart Technologies)
Shortcut: C:\Users\thoma\Desktop\System\Eraser.lnk -> C:\Program Files\Eraser\Eraser.exe (The Eraser Project)
Shortcut: C:\Users\thoma\Desktop\System\IObit Software Updater.lnk -> C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe (IObit)
Shortcut: C:\Users\thoma\Desktop\System\MEGAsync.lnk -> C:\Users\thoma\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Shortcut: C:\Users\thoma\Desktop\System\MiniTool Partition Wizard.lnk -> C:\Program Files\MiniTool Partition Wizard 12\partitionwizard.exe (MiniTool Software Limited)
Shortcut: C:\Users\thoma\Desktop\System\MiniTool ShadowMaker.lnk -> C:\Program Files\MiniTool ShadowMaker\system_backup_gui.exe (MiniTool)
Shortcut: C:\Users\thoma\Desktop\System\OkayFreedom.lnk -> C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe (Keine Datei)
Shortcut: C:\Users\thoma\Desktop\System\UFRaw.lnk -> C:\Program Files (x86)\UFRaw\bin\ufraw.exe ()
Shortcut: C:\Users\thoma\Desktop\System\Ultimate Settings Panel.lnk -> C:\Windows\Installer\{2F0E2793-E444-4851-A4FC-61EC635326CF}\_806681F0577CE5C659DED3.exe ()
Shortcut: C:\Users\thoma\Desktop\System\Visual BCD Editor.lnk -> C:\Program Files (x86)\Visual BCD\VisualBcd.exe (mail: 'boyans.gm@gmail.com')
Shortcut: C:\Users\thoma\Desktop\System\Wi-Fi Scanner.lnk -> C:\Program Files (x86)\LizardSystems\Wi-Fi Scanner\wifiscanner.exe (LizardSystems)
Shortcut: C:\Users\thoma\Desktop\Programme\AusweisApp2.lnk -> C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG)
Shortcut: C:\Users\thoma\Desktop\Programme\BlueStacks Multi-Instance Manager.lnk -> C:\Program Files (x86)\BlueStacks\HD-MultiInstanceManager.exe ()
Shortcut: C:\Users\thoma\Desktop\Programme\Cloudevo.lnk -> C:\Program Files\Evorim\Cloudevo\Cloudevo.exe ()
Shortcut: C:\Users\thoma\Desktop\Programme\Gigaset QuickSync.lnk -> C:\Program Files (x86)\Gigaset QuickSync\Gqs.UI.exe (Gigaset Communications GmbH)
Shortcut: C:\Users\thoma\Desktop\Programme\MediaHuman YouTube to MP3 Converter.lnk -> C:\Program Files (x86)\MediaHuman\YouTube to MP3 Converter\YouTubeToMP3.exe ()
Shortcut: C:\Users\thoma\Desktop\Programme\PDF24.lnk -> C:\Program Files (x86)\PDF24\pdf24-Launcher.exe (Keine Datei)
Shortcut: C:\Users\thoma\Desktop\Programme\Samsung DeX.lnk -> C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics Co., Ltd.)
Shortcut: C:\Users\thoma\Desktop\Programme\VideoProc.lnk -> C:\Program Files (x86)\Digiarty\VideoProc\VideoProc.exe ()
Shortcut: C:\Users\thoma\Desktop\Multimedia\AnyMusic.lnk -> C:\Program Files\AnyMusic\AnyMusic.exe (AmoyShare Technology Company)
Shortcut: C:\Users\thoma\Desktop\Multimedia\Olive.lnk -> C:\Program Files\Olive\olive-editor.exe (Olive Team)
Shortcut: C:\Users\thoma\Desktop\Multimedia\onlineTV 15.lnk -> C:\Program Files (x86)\concept design\onlineTV 15\onlineTV.exe (concept/design GmbH)
Shortcut: C:\Users\thoma\Desktop\Multimedia\Recordify.lnk -> C:\Program Files (x86)\Recordify\AbLauncher.exe ()
Shortcut: C:\Users\thoma\Desktop\Games\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.)
Shortcut: C:\Users\thoma\Desktop\Games\TeamSpeak 3 Client.lnk -> C:\Users\thoma\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\thoma\Desktop\Games\Twitch.lnk -> C:\Users\thoma\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
Shortcut: C:\Users\thoma\Desktop\ADS\ADS.lnk -> M:\aktuar\ADS (Keine Datei)
Shortcut: C:\Users\thoma\Desktop\ADS\KNIME Analytics Platform.lnk -> C:\Program Files\KNIME\knime.exe ()
Shortcut: C:\Users\thoma\Desktop\ADS\MongoDBCompass.lnk -> C:\Users\thoma\AppData\Local\MongoDBCompass\MongoDBCompass.exe (MongoDB Inc)
Shortcut: C:\Users\thoma\Desktop\ADS\Neo4j Desktop.lnk -> C:\Program Files\Neo4j Desktop\Neo4j Desktop.exe (Neo4j Inc.)
Shortcut: C:\Users\thoma\Desktop\ADS\PyCharm Community Edition 2019.3.3.lnk -> C:\Program Files\JetBrains\PyCharm Community Edition 2019.3.3\bin\pycharm64.exe (JetBrains s.r.o.)
Shortcut: C:\Users\thoma\Desktop\ADS\redis-cli.lnk -> C:\Program Files\Redis\redis-cli.exe ()
Shortcut: C:\Users\thoma\Desktop\ADS\redis-server.lnk -> C:\Program Files\Redis\redis-server.exe ()
Shortcut: C:\Users\thoma\Desktop\ADS\RStudio.lnk -> C:\Program Files\RStudio\bin\rstudio.exe (RStudio, PBC)
Shortcut: C:\Users\thoma\Desktop\ADS\Studio 3T.lnk -> C:\Program Files\3T Software Labs\Studio 3T\Studio 3T.exe ()
Shortcut: C:\Users\thoma\AppData\Roaming\SplitmediaLabs\XSplit VCam 2.1.2101.0603\install\808E021\x64\XSplitVCam.lnk -> D:\Program Files (x86)\SplitmediaLabs\XSplit VCam\x64\XSplitVCam.exe (Keine Datei)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\FreeMind.lnk -> C:\Program Files (x86)\FreeMind\FreeMind.exe ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe Connect.lnk -> C:\Users\thoma\AppData\Roaming\Adobe\Connect\connect.exe (Adobe Systems, Inc.)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AIOZ Node.lnk -> C:\Users\thoma\AppData\Local\Programs\aioz_worker_node\AIOZ Node.exe (AIOZ Company)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music.lnk -> C:\Users\thoma\AppData\Local\Amazon Music\Amazon Music.exe (Amazon.com Services LLC)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk -> D:\download\ESETOnlineScanner_DEU.exe (Keine Datei)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IOTA Wallet.lnk -> C:\Users\thoma\AppData\Local\Programs\iota\IOTA Wallet.exe (IOTA Foundation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Neo4j Desktop.lnk -> C:\Program Files\Neo4j Desktop\Neo4j Desktop.exe (Neo4j Inc.)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\thoma\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roger Router.lnk -> C:\Program Files (x86)\Roger Router\roger.exe (Keine Datei)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Signal.lnk -> C:\Users\thoma\AppData\Local\Programs\signal-desktop\Signal.exe (Open Whisper Systems)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\simpleos.lnk -> C:\Users\thoma\AppData\Local\Programs\simpleos\simpleos.exe (EOSRio)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SplitCam.lnk -> C:\Users\thoma\AppData\Roaming\Microsoft\Installer\{C04D8FAF-1AA0-4B3E-B549-E31BE1E6BC7B}\_47A728F2C26004D7DE03E9.exe ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqrl.lnk -> C:\Users\thoma\AppData\Local\Programs\Sqrl\Sqrl.exe (Telos Foundation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk -> C:\Users\thoma\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trinity.lnk -> C:\Users\thoma\AppData\Local\Programs\trinity-desktop\Trinity.exe (IOTA Foundation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk -> C:\Users\thoma\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Zoom.lnk -> C:\Users\thoma\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xournal++\Uninstall.lnk -> C:\Program Files\Xournal++\Uninstall.exe ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xournal++\Xournal++.lnk -> C:\Program Files\Xournal++\bin\xournalpp.exe ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code\Visual Studio Code.lnk -> C:\Users\thoma\AppData\Local\Programs\Microsoft VS Code\Code.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Telegram entfernen.lnk -> C:\Users\thoma\AppData\Roaming\Telegram Desktop\unins000.exe (Telegram FZ-LLC                                             )
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Telegram.lnk -> C:\Users\thoma\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z\TechPowerUp GPU-Z.lnk -> C:\Program Files (x86)\GPU-Z\GPU-Z.exe (techPowerUp (www.techpowerup.com))
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z\Uninstall.lnk -> C:\Program Files (x86)\GPU-Z\uninstall.exe ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\Help and HOW-TO.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.chm ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\Release info.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.txt ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\Uninstall SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\uninstall.exe ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc\Slack.lnk -> C:\Users\thoma\AppData\Local\slack\slack.exe (Slack Technologies Inc.)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.5.0-2-x64\Uninstall Ruby 2.5.0-2-x64.lnk -> C:\Program Files\Ruby25-x64\unins000.exe ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.5.0-2-x64\Documentation\Ruby 2.5.0 API Reference.lnk -> C:\Program Files\Ruby25-x64\share\doc\ruby\html\index.html ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rossmann Fotowelt Software\Rossmann Fotowelt Software.lnk -> C:\Program Files (x86)\Rossmann Fotowelt Software\Rossmann Fotowelt Software.exe (ORWO Net GmbH, Bitterfeld-Wolfen, Germany, hxxp://www.orwonet.de)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rossmann Fotowelt Software\Setup.lnk -> C:\Program Files (x86)\Rossmann Fotowelt Software\maintenancetool.exe ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.8\Python 3.8 (32-bit).lnk -> C:\Users\thoma\AppData\Local\Programs\Python\Python38-32\python.exe (Python Software Foundation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ProRealTime\ProRealTime.lnk -> C:\Users\thoma\AppData\Local\IT-Finance\ProRealTime\ProRealTime.exe ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7\PhotoFiltre 7 information.lnk -> C:\Program Files (x86)\PhotoFiltre 7\PhotoFiltre7.htm ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7\PhotoFiltre 7.lnk -> C:\Program Files (x86)\PhotoFiltre 7\PhotoFiltre7.exe (PhotoFiltre)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7\PhotoMasque information.lnk -> C:\Program Files (x86)\PhotoFiltre 7\PhotoMasque.htm ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7\Uninstall PhotoFiltre 7.lnk -> C:\Program Files (x86)\PhotoFiltre 7\Uninst.exe ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Olive\Olive.lnk -> C:\Program Files\Olive\olive-editor.exe (Olive Team)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Olive\Uninstall Olive.lnk -> C:\Program Files\Olive\uninstall.exe ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MongoDB Inc\MongoDBCompass.lnk -> C:\Users\thoma\AppData\Local\MongoDBCompass\MongoDBCompass.exe (MongoDB Inc)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiKTeX\MiKTeX Console.lnk -> C:\Users\thoma\AppData\Local\Programs\MiKTeX\miktex\bin\x64\miktex-console.exe (MiKTeX.org)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiKTeX\TeXworks.lnk -> C:\Users\thoma\AppData\Local\Programs\MiKTeX\miktex\bin\x64\miktex-texworks.exe (TeX Users Group)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroSIP\License.lnk -> C:\Users\thoma\AppData\Local\MicroSIP\License.txt ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroSIP\MicroSIP Website.lnk -> C:\Users\thoma\AppData\Local\MicroSIP\MicroSIP Website.url ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroSIP\MicroSIP.lnk -> C:\Users\thoma\AppData\Local\MicroSIP\microsip.exe (www.microsip.org)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroSIP\Uninstall.lnk -> C:\Users\thoma\AppData\Local\MicroSIP\Uninstall.exe (www.microsip.org)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync\MEGA Website.lnk -> C:\Users\thoma\AppData\Local\MEGAsync\MEGA Website.url ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync\MEGAsync.lnk -> C:\Users\thoma\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync\Uninstall.lnk -> C:\Users\thoma\AppData\Local\MEGAsync\uninst.exe (MEGA Limited)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeeForm\Uninstall KeeForm for KeePass 2.0.lnk -> C:\Users\thoma\AppData\Local\KeeForm\KeeForm Uninstaller\unins000.exe ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\About IrfanView.lnk -> C:\Program Files\IrfanView\i_about.txt ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Available Languages.lnk -> C:\Program Files\IrfanView\i_languages.txt ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Available PlugIns.lnk -> C:\Program Files\IrfanView\i_plugins.txt ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Command line Options.lnk -> C:\Program Files\IrfanView\i_options.txt ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView 64 4.57.lnk -> C:\Program Files\IrfanView\i_view64.exe (Irfan Skiljan)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView Help.lnk -> C:\Program Files\IrfanView\i_view32.chm ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\What's New.lnk -> C:\Program Files\IrfanView\i_changes.txt ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMAPSize\IMAPSize on the Web.lnk -> C:\Program Files (x86)\IMAPSize\imapsize.url ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMAPSize\IMAPSize.lnk -> C:\Program Files (x86)\IMAPSize\imapsize.exe (Broobles)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMAPSize\Uninstall IMAPSize.lnk -> C:\Program Files (x86)\IMAPSize\unins000.exe (Jordan Russell)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evorim\Cloudevo\Cloudevo.lnk -> C:\Program Files\Evorim\Cloudevo\Cloudevo.exe ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum ABC\Electrum ABC.lnk -> C:\Program Files (x86)\Electrum ABC\ElectrumABC.exe ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum ABC\Uninstall.lnk -> C:\Program Files (x86)\Electrum ABC\Uninstall.exe (Electrum ABC)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electron Cash\Electron Cash.lnk -> C:\Program Files (x86)\Electron Cash\Electron-Cash.exe ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electron Cash\Uninstall.lnk -> C:\Program Files (x86)\Electron Cash\Uninstall.exe (Electron Cash)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\easyHDR 2\easyHDR 2.lnk -> C:\Program Files (x86)\easyHDR 2\easyHDR_2.exe (BRTKSOFT Bartlomiej Okonek)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\easyHDR 2\Uninstall.lnk -> C:\Program Files (x86)\easyHDR 2\uninstall.exe (BRTKSOFT Bartlomiej Okonek)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 11\DeinstalliertDVDFab.lnk -> C:\Program Files (x86)\DVDFab 11\uninstall.exe (Keine Datei)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 11\DVDFab 11 Mini.lnk -> C:\Program Files (x86)\DVDFab 11\DVDFab.exe (Keine Datei)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 11\DVDFab 11.lnk -> C:\Program Files (x86)\DVDFab 11\DVDFab.exe (Keine Datei)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeepL GmbH\DeepL.lnk -> C:\Users\thoma\AppData\Local\DeepL\DeepL.exe (DeepL GmbH)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\concept design\onlineTV 15\onlineTV 15.lnk -> C:\Program Files (x86)\concept design\onlineTV 15\onlineTV.exe (concept/design GmbH)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\concept design\onlineTV 15\onlineTV @ Android.lnk -> C:\Program Files (x86)\concept design\onlineTV 15\onlineTVAndroid.url ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\concept design\onlineTV 15\Ressource\Weitere Sender.lnk -> C:\Program Files (x86)\concept design\onlineTV 15\onlineTVRes.url ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design\DaVinci Resolve\Resolve.lnk -> C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty. Ltd.)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AusweisApp2\AusweisApp2.lnk -> C:\Program Files (x86)\AusweisApp2 1.14.0\AusweisApp2.exe (Governikus GmbH & Co. KG)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music\Amazon Music.lnk -> C:\Users\thoma\AppData\Local\Amazon Music\Amazon Music.exe (Amazon.com Services LLC)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music\Uninstall Amazon Music.lnk -> C:\Users\thoma\AppData\Local\Amazon Music\Uninstall.exe (Amazon)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Network Shortcuts\1&1 Thomas\target.lnk -> \\sd2dav.1und1.de@SSL\DavWWWRoot
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\1&1 Upload-Manager.lnk -> C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE (1&1 Internet AG)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions 4.5.lnk -> C:\Program Files (x86)\Adobe\Adobe Digital Editions 4.5\DigitalEditions.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ApowerMirror.lnk -> C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe (Apowersoft)
         


Alt 27.06.2021, 21:41   #6
tsmomc
 
Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt - Standard

Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt



Shortcut Teil 2

Code:
ATTFilter
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BeCyPDFMetaEdit.lnk -> C:\Program Files (x86)\BeCyPDFMetaEdit\BeCyPDFMetaEdit.exe (Benjamin Bentmann)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GlassWire 2.3.lnk -> C:\Program Files (x86)\GlassWire\GlassWire.exe (SecureMix LLC)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Passbild-Generator.lnk -> C:\Program Files (x86)\Passbild-Generator\Passbild-Generator.exe ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Soda PDF Desktop.lnk -> C:\Program Files\Soda PDF Desktop\soda.exe (LULU Software)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\UFRaw.lnk -> C:\Program Files (x86)\UFRaw\bin\ufraw.exe ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\UltraEdit.lnk -> C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\Uedit32.exe (IDM Computer Solutions, Inc.)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Uninstall Manager.lnk -> C:\Program Files (x86)\Martin Fuchs\uninstmgr.exe (Martin Fuchs)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VideoProc.lnk -> C:\Program Files (x86)\Digiarty\VideoProc\VideoProc.exe ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\XMind 8 Update 8.lnk -> C:\Program Files (x86)\XMind\XMind.exe ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\EXCEL - Verknüpfung.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP Solution Center.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqdirec.exe (Hewlett-Packard Company)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\IJ Scan Utility.lnk -> C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe (Keine Datei)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\IObit Software Updater.lnk -> C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe (IObit)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\KeePass 2.lnk -> C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft PowerPoint 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Word.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Thunderbird (2).lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Total Commander 64 bit.lnk -> C:\Program Files\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\UltraEdit.lnk -> C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\Uedit32.exe (IDM Computer Solutions, Inc.)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\VeraCrypt.lnk -> C:\Program Files\VeraCrypt\VeraCrypt.exe (IDRIX)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\VMware Workstation 16 Player.lnk -> C:\Program Files (x86)\VMware\VMware Player\vmplayer.exe (VMware, Inc.)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\WinTV 8.5.lnk -> C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe (Hauppauge Computer Works, Inc.)
Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\XMind.lnk -> C:\Program Files\XMind ZEN\XMind.exe (XMind Ltd.)
Shortcut: C:\Users\thoma\AppData\Local\SageMath 8.8\runtime\opt\sagemath-8.8\local\share\giac\doc\el\casinter\casinter.lnk -> [LF../en/casinterc:\xcas\doc\en\en\casinter] (Keine Datei)
Shortcut: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\thoma\AppData\Local\Amazon Music\Uninstall Amazon Music.lnk -> C:\Users\thoma\AppData\Local\Amazon Music\Uninstall.exe (Amazon)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Install Additional Tools for Node.js.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /d /c "C:\Program Files\nodejs\install_tools.bat"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js command prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files\nodejs\nodevars.bat"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (Anaconda3).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\ProgramData\Anaconda3\Scripts\activate.bat C:\ProgramData\Anaconda3
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (r_env).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\ProgramData\Anaconda3\Scripts\activate.bat C:\Users\thoma\.conda\envs\r_env
ShortcutWithArgument: C:\Users\thoma\Desktop\ADS\Anaconda Prompt (Anaconda3).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\ProgramData\Anaconda3\Scripts\activate.bat C:\ProgramData\Anaconda3


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk -> C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software) -> --check-run=src=tile
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAServiceHelper.exe (Intel) -> installstartup
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonic Radar 3.lnk -> C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe (ASUSTeK COMPUTER INC.) -> /start SonicRadarSystray /command SonicRadarSystray OpenUI
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xerox PowerENGAGE\Xerox PowerENGAGE.lnk -> C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe (Aviata Inc) -> /LSRC=StartMenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Weka 3.8.4\Weka 3.8.4 (with console).lnk -> C:\Program Files\Weka-3-8-4\jre\zulu11.35.15-ca-fx-jre11.0.5-win_x64\bin\java.exe (Azul Systems Inc.) -> -classpath "C:\Program Files\Weka-3-8-4" RunWeka -i "C:\Program Files\Weka-3-8-4\RunWeka.ini" -w "C:\Program Files\Weka-3-8-4\weka.jar" -c console -jre-path "C:\Program Files\Weka-3-8-4\jre\zulu11.35.15-ca-fx-jre11.0.5-win_x64"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Weka 3.8.4\Weka 3.8.4.lnk -> C:\Program Files\Weka-3-8-4\jre\zulu11.35.15-ca-fx-jre11.0.5-win_x64\bin\javaw.exe (Azul Systems Inc.) -> -classpath "C:\Program Files\Weka-3-8-4" RunWeka -i "C:\Program Files\Weka-3-8-4\RunWeka.ini" -w "C:\Program Files\Weka-3-8-4\weka.jar" -jre-path "C:\Program Files\Weka-3-8-4\jre\zulu11.35.15-ca-fx-jre11.0.5-win_x64"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware\Command Prompt for vctl.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k set PATH=C:\Program Files (x86)\VMware\VMware Player\;%PATH% && vctl.exe -h
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual BCD\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {436D50FF-8FA1-4FDD-A9C9-48B52A990F57}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software\PDF-XChange Lite\PDF-XChange Lite pdfSaver.lnk -> C:\Program Files\Tracker Software\PDF-XChange Lite\pdfSaverL.exe (Tracker Software Products (Canada) Ltd.) -> /Show
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soda PDF Desktop\Uninstall or Modify Soda PDF Desktop.lnk -> C:\ProgramData\Soda PDF Desktop\Installation\Soda_PDF_Desktop_Installer.exe (LULU Software) -> /uninstall
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soda PDF Desktop\Uninstall Soda PDF Desktop.lnk -> C:\ProgramData\Soda PDF Desktop\Installation\Soda_PDF_Desktop_Installer.exe (LULU Software) -> /uninstall
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\SeaTools for Windows\SeaTools for Windows.lnk -> C:\Program Files (x86)\Seagate\SeaTools for Windows\SeaToolsforWindows.exe (Seagate Technology) -> C:\Program Files (x86)\Seagate\SeaTools for Windows\Seagate_Logo.ico
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R\R i386 3.6.2.lnk -> C:\Program Files\R\R-3.6.2\bin\i386\Rgui.exe () -> --cd-to-userdocs
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R\R i386 4.0.3.lnk -> C:\Program Files\R\R-4.0.3\bin\i386\Rgui.exe () -> --cd-to-userdocs
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R\R x64 3.6.2.lnk -> C:\Program Files\R\R-3.6.2\bin\x64\Rgui.exe () -> --cd-to-userdocs
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R\R x64 4.0.3.lnk -> C:\Program Files\R\R-4.0.3\bin\x64\Rgui.exe () -> --cd-to-userdocs
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.9\IDLE (Python 3.9 64-bit).lnk -> C:\Python39\pythonw.exe (Python Software Foundation) -> "C:\Python39\Lib\idlelib\idle.pyw"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.9\Python 3.9 Manuals (64-bit).lnk -> C:\Windows\hh.exe (Microsoft Corporation) -> C:\Python39\Doc\python394.chm
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.9\Python 3.9 Module Docs (64-bit).lnk -> C:\Python39\python.exe (Python Software Foundation) -> -m pydoc -b
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill\Uninstall PDFill Package.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {26037138-C111-4BC5-88E8-DD2B2F2460C7}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\Nsight Systems 2020.4.3\Uninstall NVIDIA Nsight Systems 2020.4.3.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {8A00392B-A561-4D04-990C-4D1741A5CDDE}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\Nsight Compute 2020.3.1\Uninstall NVIDIA Nsight Compute 2020.3.1.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {1259B3DA-CFC4-4BEE-8DBD-B497981D2047}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Uninstall Node.js.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {140389EF-5573-4B66-9218-B739F767AFBD}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Connect\MAGIX Connect.lnk -> C:\Program Files\Common Files\MAGIX Services\QMxNetworkSync\QMxNetworkSync.exe (MAGIX) -> -show
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Auf Updates prüfen.lnk -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Info zu Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView - Thumbnails.lnk -> C:\Program Files\IrfanView\i_view64.exe (Irfan Skiljan) -> /thumbs
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart Essential\Deinstallieren.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {EB21A812-671B-4D08-B974-2A347F0D8F70}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV\Erweiterte Optionen.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> C:\Program Files (x86)\WinTV\WinTV8\Erweiterte Optionen\
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git\Git Bash.lnk -> C:\Program Files\Git\git-bash.exe (The Git Development Community) -> --cd-to-home
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git\Git CMD.lnk -> C:\Program Files\Git\git-cmd.exe (The Git Development Community) -> --cd-to-home
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript\Ghostscript 9.53.3.LNK -> C:\Program Files\gs\gs9.53.3\bin\gswin64.exe () -> "-IC:\Program Files\gs\gs9.53.3\lib;C:\Program Files\gs\gs9.53.3\..\fonts"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EventReporter\Uninstall EventReporter.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {E03F80A2-8024-4C2D-BC36-9EACD6E660BF}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Hilfe.lnk -> C:\Program Files (x86)\ElsterFormular\bin\hilfepica.exe (Digia Plc and/or its subsidiary(-ies)) -> -collectionFile "C:\Program Files (x86)\ElsterFormular\/hilfe/elfo.bedienung.qhc" -showUrl "qthelp://elfo.bedienung/hilfe/bed_kap01/910000.html"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Installationsverwaltung.lnk -> C:\Program Files (x86)\ElsterFormular\bin\installationsverwaltung.exe () -> --zeigeDlg
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Integritätsprüfer.lnk -> C:\Program Files (x86)\ElsterFormular\bin\integritaetspruefer.exe () -> -path "C:\Program Files (x86)\ElsterFormular\
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Screenreadermodus.lnk -> C:\Program Files (x86)\ElsterFormular\bin\pica.exe () -> --sehbehindertenmodus
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EIZO\Screen InStyle\Screen InStyle.lnk -> C:\Program Files (x86)\EIZO\Screen InStyle\ScreenInStyle.exe (EIZO Corporation) -> /m
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia\Dia.lnk -> C:\Program Files (x86)\Dia\bin\diaw.exe () -> --integrated
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AI Suite 3\Uninstall AI Suite 3.lnk -> C:\ProgramData\ASUS\AI Suite III\Setup.exe () -> -u
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Navigator (Anaconda3).lnk -> C:\ProgramData\Anaconda3\pythonw.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\ProgramData\Anaconda3 C:\ProgramData\Anaconda3\pythonw.exe C:\ProgramData\Anaconda3\Scripts\anaconda-navigator-script.py
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Navigator.lnk -> C:\ProgramData\Anaconda3\pythonw.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\ProgramData\Anaconda3 C:\ProgramData\Anaconda3\pythonw.exe C:\ProgramData\Anaconda3\Scripts\anaconda-navigator-script.py
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Powershell Prompt (Anaconda3).lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -ExecutionPolicy ByPass -NoExit -Command "& 'C:\ProgramData\Anaconda3\shell\condabin\conda-hook.ps1' ; conda activate 'C:\ProgramData\Anaconda3' "
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Jupyter Notebook (Anaconda3).lnk -> C:\ProgramData\Anaconda3\python.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\ProgramData\Anaconda3 C:\ProgramData\Anaconda3\python.exe C:\ProgramData\Anaconda3\Scripts\jupyter-notebook-script.py "%USERPROFILE%/"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Jupyter Notebook (r_env).lnk -> C:\ProgramData\Anaconda3\python.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\Users\thoma\.conda\envs\r_env C:\Users\thoma\.conda\envs\r_env\python.exe C:\Users\thoma\.conda\envs\r_env\Scripts\jupyter-notebook-script.py "%USERPROFILE%/"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Reset Spyder Settings (Anaconda3).lnk -> C:\ProgramData\Anaconda3\python.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\ProgramData\Anaconda3 C:\ProgramData\Anaconda3\python.exe C:\ProgramData\Anaconda3\Scripts\spyder-script.py --reset
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Spyder (Anaconda3).lnk -> C:\ProgramData\Anaconda3\pythonw.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\ProgramData\Anaconda3 C:\ProgramData\Anaconda3\pythonw.exe C:\ProgramData\Anaconda3\Scripts\spyder-script.py
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\josef\Desktop\Monitor Power OFF.lnk -> C:\Program Files (x86)\EIZO\Screen InStyle\ScreenInStyle.exe (EIZO Corporation) -> /off
ShortcutWithArgument: C:\Users\josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\josef\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\josef\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\josef\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto
ShortcutWithArgument: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\josef\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\maxim\Desktop\Monitor Power OFF.lnk -> C:\Program Files (x86)\EIZO\Screen InStyle\ScreenInStyle.exe (EIZO Corporation) -> /off
ShortcutWithArgument: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\maxim\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto
ShortcutWithArgument: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\maxim\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Public\Videos\WinTV v8 Aufnahmen.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> C:\Users\Public\Videos\
ShortcutWithArgument: C:\Users\sandr\Desktop\Monitor Power OFF.lnk -> C:\Program Files (x86)\EIZO\Screen InStyle\ScreenInStyle.exe (EIZO Corporation) -> /off
ShortcutWithArgument: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Google Notizen – Notizen & Listen.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Notes in Google™ Keep.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=bnekgeakipbeljnpdnoggpakknfifdjf
ShortcutWithArgument: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\sandr\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto
ShortcutWithArgument: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Avast Secure Browser.lnk -> C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software) -> --check-run=src=quicklaunch
ShortcutWithArgument: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Avast Secure Browser.lnk -> C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software) -> --check-run=src=taskbar
ShortcutWithArgument: C:\Users\sandr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\sandr\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\sandr\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\thoma\Desktop\Amazon Backup.lnk -> C:\Users\thoma\AppData\Local\Amazon Drive\AmazonPhotos.exe (Amazon.com Inc.) -> --source-desktop --show-status-window
ShortcutWithArgument: C:\Users\thoma\Desktop\Discord.lnk -> C:\Users\thoma\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\thoma\Desktop\Microsoft Teams.lnk -> C:\Users\thoma\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe"
ShortcutWithArgument: C:\Users\thoma\Desktop\Monitor Power OFF.lnk -> C:\Program Files (x86)\EIZO\Screen InStyle\ScreenInStyle.exe (EIZO Corporation) -> /off
ShortcutWithArgument: C:\Users\thoma\Desktop\Out of Milk.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> -json "{""app_icon_url"": """", ""app_name"": ""Out of Milk"", ""app_url"": """", ""app_pkg"": ""com.capigami.outofmilk""}"
ShortcutWithArgument: C:\Users\thoma\Desktop\Screen InStyle.lnk -> C:\Program Files (x86)\EIZO\Screen InStyle\ScreenInStyle.exe (EIZO Corporation) -> /m
ShortcutWithArgument: C:\Users\thoma\Desktop\Programme\Amazon Alexa.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> -json "{""app_icon_url"": """", ""app_name"": ""Amazon Alexa"", ""app_url"": """", ""app_pkg"": ""com.amazon.dee.app""}"
ShortcutWithArgument: C:\Users\thoma\Desktop\Programme\Kasa.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> -json "{""app_icon_url"": """", ""app_name"": ""Kasa"", ""app_url"": """", ""app_pkg"": ""com.tplink.kasa_android""}"
ShortcutWithArgument: C:\Users\thoma\Desktop\Programme\XDA.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> -json "{""app_icon_url"": """", ""app_name"": ""XDA"", ""app_url"": """", ""app_pkg"": ""com.xda.labs.play""}"
ShortcutWithArgument: C:\Users\thoma\Desktop\Mathe\SageMath 8.8 Notebook.lnk -> C:\Users\thoma\AppData\Local\SageMath 8.8\runtime\bin\mintty.exe (Andy Koppe / Thomas Wolff) -> -t 'SageMath 8.8 Notebook Server' -i sagemath.ico /bin/bash --login -c '/opt/sagemath-8.8/sage --notebook jupyter'
ShortcutWithArgument: C:\Users\thoma\Desktop\Mathe\SageMath 8.8 Shell.lnk -> C:\Users\thoma\AppData\Local\SageMath 8.8\runtime\bin\mintty.exe (Andy Koppe / Thomas Wolff) -> -t 'SageMath 8.8 Shell' -i sagemath.ico /bin/bash --login -c '/opt/sagemath-8.8/sage -sh'
ShortcutWithArgument: C:\Users\thoma\Desktop\ADS\Anaconda Navigator (Anaconda3).lnk -> C:\ProgramData\Anaconda3\pythonw.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\ProgramData\Anaconda3 C:\ProgramData\Anaconda3\pythonw.exe C:\ProgramData\Anaconda3\Scripts\anaconda-navigator-script.py
ShortcutWithArgument: C:\Users\thoma\Desktop\ADS\Anaconda Powershell Prompt (Anaconda3).lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -ExecutionPolicy ByPass -NoExit -Command "& 'C:\ProgramData\Anaconda3\shell\condabin\conda-hook.ps1' ; conda activate 'C:\ProgramData\Anaconda3' "
ShortcutWithArgument: C:\Users\thoma\Desktop\ADS\Jupyter Notebook (Anaconda3).lnk -> C:\ProgramData\Anaconda3\python.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\ProgramData\Anaconda3 C:\ProgramData\Anaconda3\python.exe C:\ProgramData\Anaconda3\Scripts\jupyter-notebook-script.py "%USERPROFILE%/"
ShortcutWithArgument: C:\Users\thoma\Desktop\ADS\R x64 3.6.2.lnk -> C:\Program Files\R\R-3.6.2\bin\x64\Rgui.exe () -> --cd-to-userdocs
ShortcutWithArgument: C:\Users\thoma\Desktop\ADS\Reset Spyder Settings (Anaconda3).lnk -> C:\ProgramData\Anaconda3\python.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\ProgramData\Anaconda3 C:\ProgramData\Anaconda3\python.exe C:\ProgramData\Anaconda3\Scripts\spyder-script.py --reset
ShortcutWithArgument: C:\Users\thoma\Desktop\ADS\Spyder (Anaconda3).lnk -> C:\ProgramData\Anaconda3\pythonw.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\ProgramData\Anaconda3 C:\ProgramData\Anaconda3\pythonw.exe C:\ProgramData\Anaconda3\Scripts\spyder-script.py
ShortcutWithArgument: C:\Users\thoma\Desktop\ADS\Weka 3.8.4 (with console).lnk -> C:\Program Files\Weka-3-8-4\jre\zulu11.35.15-ca-fx-jre11.0.5-win_x64\bin\java.exe (Azul Systems Inc.) -> -classpath "C:\Program Files\Weka-3-8-4" RunWeka -i "C:\Program Files\Weka-3-8-4\RunWeka.ini" -w "C:\Program Files\Weka-3-8-4\weka.jar" -c console -jre-path "C:\Program Files\Weka-3-8-4\jre\zulu11.35.15-ca-fx-jre11.0.5-win_x64"
ShortcutWithArgument: C:\Users\thoma\Desktop\ADS\Weka 3.8.4.lnk -> C:\Program Files\Weka-3-8-4\jre\zulu11.35.15-ca-fx-jre11.0.5-win_x64\bin\javaw.exe (Azul Systems Inc.) -> -classpath "C:\Program Files\Weka-3-8-4" RunWeka -i "C:\Program Files\Weka-3-8-4\RunWeka.ini" -w "C:\Program Files\Weka-3-8-4\weka.jar" -jre-path "C:\Program Files\Weka-3-8-4\jre\zulu11.35.15-ca-fx-jre11.0.5-win_x64"
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Photos.lnk -> C:\Users\thoma\AppData\Local\Amazon Drive\AmazonPhotos.exe (Amazon.com Inc.) -> --source-startmenu
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk -> C:\Users\thoma\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe"
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) -> /tsr
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\thoma\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Video Communications, Inc.) -> /uninstall
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MicroSIP.lnk -> C:\Users\thoma\AppData\Local\MicroSIP\microsip.exe (www.microsip.org) -> /minimized
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SageMath 8.8\SageMath 8.8 Notebook.lnk -> C:\Users\thoma\AppData\Local\SageMath 8.8\runtime\bin\mintty.exe (Andy Koppe / Thomas Wolff) -> -t 'SageMath 8.8 Notebook Server' -i sagemath.ico /bin/bash --login -c '/opt/sagemath-8.8/sage --notebook jupyter'
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SageMath 8.8\SageMath 8.8 Shell.lnk -> C:\Users\thoma\AppData\Local\SageMath 8.8\runtime\bin\mintty.exe (Andy Koppe / Thomas Wolff) -> -t 'SageMath 8.8 Shell' -i sagemath.ico /bin/bash --login -c '/opt/sagemath-8.8/sage -sh'
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SageMath 8.8\SageMath 8.8.lnk -> C:\Users\thoma\AppData\Local\SageMath 8.8\runtime\bin\mintty.exe (Andy Koppe / Thomas Wolff) -> -t 'SageMath 8.8 Console' -i sagemath.ico /bin/bash --login -c '/opt/sagemath-8.8/sage'
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.5.0-2-x64\Interactive Ruby.lnk -> C:\Program Files\Ruby25-x64\bin\irb.cmd () -> -rirb/completion
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.5.0-2-x64\RubyGems Documentation Server.lnk -> C:\Program Files\Ruby25-x64\bin\gem.cmd () -> server --launch
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.5.0-2-x64\Start Command Prompt with Ruby.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /E:ON /K C:\Program Files\Ruby25-x64\bin\setrbvars.cmd
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.8\IDLE (Python 3.8 32-bit).lnk -> C:\Users\thoma\AppData\Local\Programs\Python\Python38-32\pythonw.exe (Python Software Foundation) -> "C:\Users\thoma\AppData\Local\Programs\Python\Python38-32\Lib\idlelib\idle.pyw"
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.8\Python 3.8 Module Docs (32-bit).lnk -> C:\Users\thoma\AppData\Local\Programs\Python\Python38-32\python.exe (Python Software Foundation) -> -m pydoc -b
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSYS2 64bit\MSYS2 MinGW 32-bit.lnk -> C:\Program Files\msys2\msys2_shell.cmd () -> -mingw32
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSYS2 64bit\MSYS2 MinGW 64-bit.lnk -> C:\Program Files\msys2\msys2_shell.cmd () -> -mingw64
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSYS2 64bit\MSYS2 MSYS.lnk -> C:\Program Files\msys2\msys2_shell.cmd () -> -msys
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView - Thumbnails.lnk -> C:\Program Files\IrfanView\i_view64.exe (Irfan Skiljan) -> /thumbs
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum ABC\Electrum ABC (Software OpenGL).lnk -> C:\Program Files (x86)\Electrum ABC\ElectrumABC.exe () -> --qt_opengl software
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum ABC\Electrum ABC Testnet.lnk -> C:\Program Files (x86)\Electrum ABC\ElectrumABC.exe () -> --testnet
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electron Cash\Electron Cash (Software OpenGL).lnk -> C:\Program Files (x86)\Electron Cash\Electron-Cash.exe () -> --qt_opengl software
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electron Cash\Electron Cash Scalenet.lnk -> C:\Program Files (x86)\Electron Cash\Electron-Cash.exe () -> --scalenet
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electron Cash\Electron Cash Testnet.lnk -> C:\Program Files (x86)\Electron Cash\Electron-Cash.exe () -> --testnet
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electron Cash\Electron Cash Testnet4.lnk -> C:\Program Files (x86)\Electron Cash\Electron-Cash.exe () -> --testnet4
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord.lnk -> C:\Users\thoma\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AusweisApp2\Uninstall AusweisApp2.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {27284E9D-0BCF-441A-82B9-5B96F5C09701}
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Reset Spyder Settings (r_env).lnk -> C:\ProgramData\Anaconda3\python.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\Users\thoma\.conda\envs\r_env C:\Users\thoma\.conda\envs\r_env\python.exe C:\Users\thoma\.conda\envs\r_env\Scripts\spyder-script.py --reset
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Spyder (r_env).lnk -> C:\ProgramData\Anaconda3\pythonw.exe (Python Software Foundation) -> C:\ProgramData\Anaconda3\cwp.py C:\Users\thoma\.conda\envs\r_env C:\Users\thoma\.conda\envs\r_env\pythonw.exe C:\Users\thoma\.conda\envs\r_env\Scripts\spyder-script.py
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\SendTo\WinSCP (zum Hochladen).lnk -> C:\Program Files (x86)\WinSCP\WinSCP.exe (Martin Prikryl) -> /upload
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Avast Secure Browser.lnk -> C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software) -> --check-run=src=quicklaunch
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE (Microsoft Corporation) -> /recycle
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Avast Secure Browser.lnk -> C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software) -> --check-run=src=taskbar
ShortcutWithArgument: C:\Users\thoma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\thoma\AppData\Local\SageMath 8.8\SageMath 8.8 Notebook.lnk -> C:\Users\thoma\AppData\Local\SageMath 8.8\runtime\bin\mintty.exe (Andy Koppe / Thomas Wolff) -> -t 'SageMath 8.8 Notebook Server' -i sagemath.ico /bin/bash --login -c '/opt/sagemath-8.8/sage --notebook jupyter'
ShortcutWithArgument: C:\Users\thoma\AppData\Local\SageMath 8.8\SageMath 8.8 Shell.lnk -> C:\Users\thoma\AppData\Local\SageMath 8.8\runtime\bin\mintty.exe (Andy Koppe / Thomas Wolff) -> -t 'SageMath 8.8 Shell' -i sagemath.ico /bin/bash --login -c '/opt/sagemath-8.8/sage -sh'
ShortcutWithArgument: C:\Users\thoma\AppData\Local\SageMath 8.8\SageMath 8.8.lnk -> C:\Users\thoma\AppData\Local\SageMath 8.8\runtime\bin\mintty.exe (Andy Koppe / Thomas Wolff) -> -t 'SageMath 8.8 Console' -i sagemath.ico /bin/bash --login -c '/opt/sagemath-8.8/sage'
ShortcutWithArgument: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\thoma\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\thoma\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode 64bit\XMedia Recode 64bit im Internet.url -> URL: hxxp://www.xmedia-recode.de/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual BCD\Visit Visual BCD site.url -> URL: hxxp://boyans.my3gb.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeraCrypt\VeraCrypt Website.url -> URL: hxxps://www.veracrypt.fr
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill\Visit PDFill Home Page.url -> URL: hxxp://www.PDFill.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\obs-websocket\obs-websocket on the Web.url -> URL: hxxp://github.com/Palakis/obs-websocket
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js documentation.url -> URL: hxxps://nodejs.org/download/release/v14.17.0/docs/api/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js website.url -> URL: hxxps://nodejs.org/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool ShadowMaker\MiniTool Web site.url -> URL: hxxps://www.minitool.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12\MiniTool Partition Wizard im Internet.url -> URL: hxxp://www.partitionwizard.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LizardSystems\Wi-Fi Scanner\Wi-Fi Scanner on the Web.url -> URL: hxxps://lizardsystems.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KNIME\Additional resources\How to update KNIME Analytics Platform.url -> URL: hxxps://www.knime.com/downloads/update
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KNIME\Additional resources\KNIME Analytics Platform on the Web.url -> URL: hxxps://www.knime.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KNIME\Additional resources\KNIME Forum.url -> URL: hxxps://www.knime.com/forum
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KNIME\Additional resources\Learning hub.url -> URL: hxxps://www.knime.com/learning-hub
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Besuchen Sie Java.com.url -> URL: hxxps://java.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Hilfe aufrufen.url -> URL: hxxps://java.com/help
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape\Inkscape Homepage.url -> URL: hxxps://inkscape.org
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HBCI-Modul für Money 99 Version 2000\Online-FAQ von Gerald Vogt.url -> URL: hxxps://money.gvogt.de/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuCash\Fehlerbericht einsenden für GnuCash (online, engl.).url -> URL: hxxps://bugs.gnucash.org/enter_bug.cgi?product=GnuCash
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuCash\GnuCash Häufige Fragen (online, engl.).url -> URL: hxxp://wiki.gnucash.org/wiki/FAQ
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git\Git FAQs (Frequently Asked Questions).url -> URL: hxxps://github.com/git-for-windows/git/wiki/FAQ
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis\HDR projects 4\Webseite - HDR projects 4.url -> URL: hxxp://www.hdr-projects.de
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management\Get Involved.url -> URL: hxxps://calibre-ebook.com/get-involved
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management\User Manual.url -> URL: hxxps://manual.calibre-ebook.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft\ApowerMirror\ApowerMirror im Internet.url -> URL: hxxps://www.apowersoft.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Any Video Recorder\Any Video Recorder im Internet.url -> URL: hxxp://www.anvsoft.com/
InternetURL: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch Games\Darksiders II Deathinitive Edition.url -> URL: twitch://fuel-launch/790f3b07-fc9c-4efe-bb66-32bd348a9d23
InternetURL: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch Games\Double Cross.url -> URL: twitch://fuel-launch/e3bc3283-5464-4946-80b8-8ac1401f7b16
InternetURL: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch Games\Planet Alpha.url -> URL: twitch://fuel-launch/fe19ef5f-a1e0-4caf-96b4-590b2c022b15
InternetURL: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch Games\Sword Legacy Omen.url -> URL: twitch://fuel-launch/25071895-d6cb-49ce-98fe-4a2c3c92b9fc
InternetURL: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch Games\Turmoil.url -> URL: twitch://fuel-launch/9f710b74-9960-4411-bdfc-3cd846ca812c
InternetURL: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Source SDK Base 2007.url -> URL: steam://rungameid/218
InternetURL: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeeForm\KeeForm help.url -> URL: hxxps://keeform.org/keepass/keeform-faq
InternetURL: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box\FRITZ!Box USB-Fernanschluss Onlineunterstützung.url -> BASEURL: hxxps://avm.de/ URL: hxxps://avm.de/
InternetURL: C:\Users\thoma\AppData\Local\MicroSIP\MicroSIP Website.url -> URL: hxxp://www.microsip.org/
InternetURL: C:\Users\thoma\AppData\Local\MEGAsync\MEGA Website.url -> URL: hxxp://www.mega.nz
InternetURL: C:\Users\thoma\.conda\pkgs\m2w64-gettext-0.19.7-2\Library\mingw-w64\share\gettext\projects\TP\teams.url -> 
InternetURL: C:\Users\thoma\.conda\pkgs\m2w64-gettext-0.19.7-2\Library\mingw-w64\share\gettext\projects\KDE\teams.url -> 
InternetURL: C:\Users\thoma\.conda\pkgs\m2w64-gettext-0.19.7-2\Library\mingw-w64\share\gettext\projects\GNOME\teams.url -> 
InternetURL: C:\Users\thoma\.conda\envs\r_env\Library\mingw-w64\share\gettext\projects\TP\teams.url -> 
InternetURL: C:\Users\thoma\.conda\envs\r_env\Library\mingw-w64\share\gettext\projects\KDE\teams.url -> 
InternetURL: C:\Users\thoma\.conda\envs\r_env\Library\mingw-w64\share\gettext\projects\GNOME\teams.url -> 

==================== Ende vom Shortcut.txt =============================
         
Addition Teil 1

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 26-06-2021
durchgeführt von thoma (27-06-2021 20:51:53)
Gestartet von D:\download\+++ troyaner +++
Windows 10 Pro Version 21H1 19043.1081 (X64) (2020-09-06 13:20:58)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4198695647-2910091461-4277131257-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4198695647-2910091461-4277131257-503 - Limited - Disabled)
Gast (S-1-5-21-4198695647-2910091461-4277131257-501 - Limited - Disabled)
josef (S-1-5-21-4198695647-2910091461-4277131257-1010 - Limited - Enabled) => C:\Users\josef
maxim (S-1-5-21-4198695647-2910091461-4277131257-1005 - Limited - Enabled) => C:\Users\maxim
sandr (S-1-5-21-4198695647-2910091461-4277131257-1003 - Limited - Enabled) => C:\Users\sandr
thoma (S-1-5-21-4198695647-2910091461-4277131257-1001 - Administrator - Enabled) => C:\Users\thoma
WDAGUtilityAccount (S-1-5-21-4198695647-2910091461-4277131257-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1&1 Upload-Manager (HKLM-x32\...\1&1 Upload-Manager) (Version: 2.0.676 - 1&1 Internet AG)
1&1 Verschlüsselung 1.0.4 (HKLM\...\{1und1Tresor}}_is1) (Version: 1.0.4 - 1&1 Telecom GmbH)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat 8 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 8 Professional - English, Français, Deutsch) (Version: 8.0.0 - Adobe Systems)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
Adobe Connect (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Adobe Connect App) (Version: 2018.7.10.32 - Adobe Systems Inc.)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.01.74 - ASUSTeK Computer Inc.)
AIOZ Node 0.6.0 (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\{1f0f3aff-318d-51e5-9646-f552872d8302}) (Version: 0.6.0 - AIOZ Company)
Amazon Music (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Amazon Amazon Music) (Version: 7.9.2.2161 - Amazon Services LLC)
Amazon Photos (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Amazon Photos) (Version: 6.3.4 - Amazon.com, Inc.)
Anaconda3 2019.10 (Python 3.7.4 64-bit) (HKLM\...\Anaconda3 2019.10 (Python 3.7.4 64-bit)) (Version: 2019.10 - Anaconda, Inc.)
ANT Drivers Installer x64 (HKLM\...\{16BA964D-698D-4663-8FA7-B9613DA7958B}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Any Video Recorder Version 1.0.4 (HKLM-x32\...\{17D86E62-4849-49BC-83D2-FA369CEEA9D9}_is1) (Version: 1.0.4 - anvsoft, Inc.)
AnyMusic 7.0.1 (HKLM\...\4e5f07cb-57d0-511b-8d72-f92e9ac978dd) (Version: 7.0.1 - AmoyShare Technology Company)
ApowerMirror V1.2.6 (HKLM-x32\...\{a9482532-9c34-478c-80c3-85bdccbb981f}_is1) (Version: 1.2.6 - APOWERSOFT LIMITED)
Ashampoo Burning Studio 2017 (HKLM-x32\...\{91B33C97-C878-6579-69BA-23E5405C7AAB}_is1) (Version: 18.0.6 - Ashampoo GmbH & Co. KG)
Ashampoo Home Design 5 (HKLM\...\{6FE137BD-F8A3-4995-B812-04928FFD3D73}_is1) (Version: 5.0.0 - Ashampoo GmbH & Co. KG)
Assassin's Creed II (HKLM-x32\...\Uplay Install 4) (Version:  - Ubisoft)
Asus ProductDaemonSetup (HKLM\...\{36606417-B1C4-42C2-B5C1-67972DA63DAB}) (Version: 3.6.2001 - ASUSTeK COMPUTER INC) Hidden
Asus Sonic Radar 3 (HKLM-x32\...\{03578a87-5019-45bd-995a-0f27d579a180}) (Version: 3.6.20.45572 - ASUSTeK COMPUTER INC)
Asus SonicRadar3Setup (HKLM\...\{E71A86BF-6EA5-42D2-A735-F41C603FB180}) (Version: 3.6.20.45572 - ASUSTeK COMPUTER INC) Hidden
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Audacity 3.0.0 (HKLM-x32\...\Audacity_is1) (Version: 3.0.0 - Audacity Team)
Audials 2021 (HKLM-x32\...\{AB220426-B935-4321-BEEE-C463F0EB7A94}) (Version: 21.0.135.0 - Audials AG)
Audials Music Tube 2020 (HKLM-x32\...\{C713B2DF-BAF9-4A3C-96FF-1390589EF4C3}) (Version: 20.2.5.0 - Audials AG)
Audiograbber 1.83 SE  (HKLM-x32\...\Audiograbber) (Version: 1.83 SE  - Audiograbber)
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.05.25 - ASUSTeK Computer Inc.)
Aurora HDR 2018 (HKLM\...\{BB7ADD89-7C4D-430B-9D3C-8597736DFB4E}) (Version: 1.2.0.2114 - Skylum) Hidden
Aurora HDR 2018 (HKLM-x32\...\{66060156-f85d-49d2-a414-29e2b65b7e27}) (Version: 1.2.0.2114 - Skylum)
AusweisApp2 (HKLM-x32\...\{27284E9D-0BCF-441A-82B9-5B96F5C09701}) (Version: 1.14.0 - Governikus GmbH & Co. KG)
AusweisApp2 (HKLM-x32\...\{F08F1F50-C989-4E8B-A74C-A2FFABF590FB}) (Version: 1.20.1 - Governikus GmbH & Co. KG)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.4.2464 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 91.0.10364.115 - Die Avast Secure Browser-Autoren)
BeCyPDFMetaEdit (HKLM-x32\...\BeCyPDFMetaEdit) (Version: 2.37.0 - Benjamin Bentmann)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.200.0.5201 - BlueStack Systems, Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 91.1.26.67 - Die Brave-Autoren)
calibre 64bit (HKLM\...\{839721E4-35F6-4563-A3A0-931603356771}) (Version: 5.17.0 - Kovid Goyal)
Cloudevo 3.5.4 (HKLM\...\Cloudevo) (Version: 3.5.4 - Evorim)
concept/design onlineTV 15 (HKLM-x32\...\{C9F7D843-78C5-4A81-A350-D39F00E80178}_is1) (Version: 15.19.9.21 - concept/design GmbH)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
Corsair LINK 4 (HKLM-x32\...\{7fcaaab1-7a64-4d52-b622-00a41e3a5641}) (Version: 4.9.0.57 - Corsair Components, Inc.)
Corsair LINK 4 (HKLM-x32\...\{C636E92F-74DD-42A1-B614-64BC42D2DA3A}) (Version: 4.9.0.57 - Corsair Components, Inc.) Hidden
CPUID CPU-Z 1.81 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.81 - ) <==== ACHTUNG
Cryptomator (HKLM\...\{Cryptomator}}_is1) (Version: 1.4.0 - cryptomator.org)
Cryptomator (HKLM\...\Cryptomator_is1) (Version: 1.5.11 - cryptomator.org)
Cut Out pro 4.0 (HKLM\...\Cut Out pro 4_is1) (Version:  - Franzis.de)
CyberLink PhotoDirector 9 (HKLM-x32\...\{90BB14DB-2494-40fe-AE58-4930B3CFB4BD}) (Version: 9.0.3913.0 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Darksiders II Deathinitive Edition (HKLM-x32\...\{790F3B07-FC9C-4EFE-BB66-32BD348A9D23}) (Version:  - DVG Nordic Games)
darktable (HKLM\...\darktable) (Version: 2.6.0 - the darktable project)
DaVinci Resolve (HKLM\...\{DA0D6D0F-D6C0-4718-81F7-4C49B1A2517B}) (Version: 14.0.1008 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{6A8DCCDF-BC76-4964-B429-D74E5FC11E98}) (Version: 1.1.1.0 - Blackmagic Design)
DB Browser for SQLite (HKLM-x32\...\DB Browser for SQLite) (Version: 3.10.1 - DB Browser for SQLite Team)
DDBAC (HKLM-x32\...\{3D339F02-6D1F-41D8-B315-F104815AF293}) (Version: 5.8.3.0 - B+S Banksysteme Aktiengesellschaft)
DDBAC (HKLM-x32\...\{6289552C-70E8-4537-A808-31A94324F81F}) (Version: 5.7.85.0 - B+S Banksysteme Aktiengesellschaft)
DDBAC (HKLM-x32\...\{9C3AE26C-7641-420B-B2AC-E737324D6567}) (Version: 5.8.4.0 - B+S Banksysteme Aktiengesellschaft)
DeepL (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\DeepL) (Version: 2.5.1 - DeepL GmbH)
DFUDriverSetupX64Setup (HKLM-x32\...\{D662C345-04FD-4F6C-AB68-B9BC6D6A5D2F}) (Version: 7.0.32822.0 - GN Netcom A/S) Hidden
Dia (nur entfernen) (HKLM-x32\...\Dia) (Version:  - )
Discord (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dokan Library 1.4.0.1000 (x64) (HKLM\...\{65A3A964-3DC3-0104-0000-200601191219}) (Version: 1.4.0.1000 - Dokany Project)
Double Cross (HKLM-x32\...\{E3BC3283-5464-4946-80B8-8AC1401F7B16}) (Version:  - Graffiti Games)
EasyBCD 2.4 (HKLM-x32\...\EasyBCD) (Version: 2.4 - NeoSmart Technologies)
easyHDR 2 (HKLM-x32\...\easyHDR_2) (Version: 2.30.6 - BRTKSOFT Bartlomiej Okonek)
Electron Cash (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Electron Cash) (Version: 4.2.3 - Electron Cash LLC)
Electrum ABC (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Electrum ABC) (Version: 4.3.2 - Bitcoin ABC)
Elevated Installer (HKLM-x32\...\{877496C2-70B0-42F1-835A-FAFE2CF0199C}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular (HKLM-x32\...\{E87F334F-CD4E-47F3-AFCD-19EBFCFFA6A3}) (Version: 21.2 - Thüringer Landesamt für Finanzen)
Epic Games Launcher (HKLM-x32\...\{F25ACB37-FF26-467D-B5DA-15E81F4A1771}) (Version: 1.1.257.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Eraser 6.2.0.2991 (HKLM\...\{D13C63B1-1968-466D-A3C4-AE78BDDF35D2}) (Version: 6.2.2991 - The Eraser Project)
Eudora (HKLM-x32\...\{4D6F8246-E01D-4877-ACA7-949E5CC7D04A}) (Version: 7.0 - )
EventReporter 16.0 - Build 421 (HKLM-x32\...\{CC20E766-AFD3-4150-9410-8C24B9D1E728}) (Version: 16.0.0.421 - Adiscon GmbH)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.94.416 - Digital Wave Ltd)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\195fa74437467f40) (Version: 2.3.4.0 - AVM Berlin)
GameFirst IV (HKLM-x32\...\{3A6CC7B3-FD9C-48C1-A1EC-46A5B677E739}) (Version: 1.6.6.0 - ASUSTeK COMPUTER INC.) Hidden
GameFirst IV (HKLM-x32\...\GameFirst IV 1.6.6.0) (Version: 1.6.6.0 - ASUSTeK COMPUTER INC.)
Garmin Express (HKLM-x32\...\{235f2ee5-7383-44df-a298-01221caa5532}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E944FA32-8BCF-474F-BFB2-D1EF24555873}) (Version: 7.1.4.0 - Garmin Ltd or its subsidiaries) Hidden
GeoGebra Graphing (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\GeoGebra_Graphing) (Version: 6.0.387 - International GeoGebra Institute)
Gigaset QuickSync (HKLM\...\{8029c171-7eda-4dec-8d67-e7f1b33c8861}) (Version: 8.6.0876.3 - Gigaset Communications GmbH)
GIMP 2.10.24 (HKLM\...\GIMP-2_is1) (Version: 2.10.24 - The GIMP Team)
Git version 2.31.1 (HKLM\...\Git_is1) (Version: 2.31.1 - The Git Development Community)
GlassWire 2.3 (remove only) (HKLM-x32\...\GlassWire 2.3) (Version: 2.3.318 - SecureMix LLC)
GNU Privacy Guard (HKLM-x32\...\GnuPG) (Version: 2.2.27 - The GnuPG Project)
GnuCash 4.4 (HKLM-x32\...\GnuCash_is1) (Version:  - GnuCash Development Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.124 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{2C183CF0-3077-43D0-B001-F93AC5E68942}) (Version: 1.0.487 - LogMeIn, Inc.)
GoToMeeting 10.15.0.19228 (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\GoToMeeting) (Version: 10.15.0.19228 - LogMeIn, Inc.)
Gpg4win (3.1.15) (HKLM-x32\...\Gpg4win) (Version: 3.1.15 - The Gpg4win Project)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.53.3) (Version: 9.53.3 - Artifex Software Inc.)
gsview (HKLM\...\gsview 6.0) (Version: 6.0 - Artifex Software Inc.)
HackCheck 2018 (HKLM-x32\...\f9a6b7ed-0223-427f-8e72-61c38d4aa8f1_is1) (Version: 1.08 - Abelssoft)
Hauppauge WinTV 8.5 (HKLM-x32\...\Hauppauge WinTV 8.5) (Version: v8.5.36354 (Premium) - Hauppauge Computer Works)
HBCIFM99 - Service-Update 1.1.1.20 (HKLM-x32\...\HBCIFM99 - Service-Update_is1) (Version: 1.1.1.20 - Dr. Ulrich Amann)
HBCI-Modul für Money 99 Version 2000 (HKLM-x32\...\{8A13EBF6-6249-4C0D-92BE-F8497C922311}_is1) (Version: 5.1.0.17 - Dr. Ulrich Amann)
HDR projects 4 (64-Bit) (HKLM\...\HDR_PROJECTS_4_2_3BF7CE82_is1) (Version: 4.41 - Franzis Verlag GmbH)
HP Imaging Device Functions 9.0 (HKLM\...\HP Imaging Device Functions) (Version: 9.0 - HP)
HP OCR Software 9.0 (HKLM\...\HPOCR) (Version: 9.0 - HP)
HP Photosmart Essential (HKLM-x32\...\{EB21A812-671B-4D08-B974-2A347F0D8F70}) (Version: 1.12.0.46 - HP)
HP Scanjet 8270 9.0 (HKLM\...\{FF149BEA-287F-4cf6-A1EC-9AB6E9CF1399}) (Version: 9.0 - HP)
HP Solution Center 9.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 9.0 - HP)
IMAPSize 0.3.7 (HKLM-x32\...\IMAPSize_is1) (Version:  - Broobles)
Inkscape (HKLM-x32\...\Inkscape) (Version: 1.0.0-rc1 - Inkscape)
Intel Driver && Support Assistant (HKLM-x32\...\{C38DE4F8-DF58-4B5D-9D4C-1F68773A2AE2}) (Version: 21.3.21.5 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{50883721-017E-40C5-9B65-F11F20DE8B45}) (Version: 2.4.07630 - Intel Corporation)
Intel(R) Network Connections 22.4.16.0 (HKLM\...\PROSetDX) (Version: 22.4.16.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{9360c8cc-b617-469a-bb35-829c13e21d97}) (Version: 21.3.21.5 - Intel)
IObit Software Updater (HKLM-x32\...\IObit Software Updater_is1) (Version: 3.6.0.2072 - IObit)
IOTA Wallet 2.5.6 (only current user) (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\85125e2a-0211-5c49-9018-9358da1074b1) (Version: 2.5.6 - IOTA Foundation)
IrfanView 4.57 (64-bit) (HKLM\...\IrfanView64) (Version: 4.57 - Irfan Skiljan)
Jabra Direct (HKLM-x32\...\{999d698d-2e2a-4018-ac07-3e90c78e5327}) (Version: 5.5.37716 - GN Audio A/S)
Jabra Direct (HKLM-x32\...\{CB9B5476-F6A2-49BD-A87C-7B9B16729B69}) (Version: 5.5.37716 - GN Audio A/S) Hidden
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
KeeForm 4.1.0 thoma (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\KeeForm3KP2 thoma_is1) (Version: 4.1.0 - keeform.org)
KeePass Password Safe 2.48.1 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.48.1 - Dominik Reichl)
KeePassXC (HKLM\...\{ECCC6E1C-C5D1-4B71-94B0-B2F713AF9036}) (Version: 2.4.1 - KeePassXC Team)
Kite (HKLM\...\Kite) (Version:  - Manhattan Engineering Inc)
KNIME Analytics Platform (HKLM\...\{61835C86-6D51-497F-A6BD-F0B4A8F0014A}_is1) (Version: 4.1.1 - KNIME AG)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 14.0.0.0 - EditShare)
Luminar 2018 (HKLM\...\{935AB8A6-0E0A-41E4-BAC3-5EBDCDC7F766}) (Version: 1.3.2.2677 - Skylum) Hidden
Luminar 2018 (HKLM-x32\...\{cef6a17e-c579-49aa-beec-ea478a12248e}) (Version: 1.3.2.2677 - Skylum)
Luminar 3 (HKLM\...\Luminar 3) (Version: 3.2.0.5246 - Skylum)
Macrium Reflect Free Edition (HKLM\...\{E10EA502-8814-4DA4-8989-A8B1B38600A5}) (Version: 7.3.5321 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 7.3 - Paramount Software (UK) Ltd.)
MAGIX Cloud Import (HKLM\...\{E2EC0850-84BF-4A86-842E-4A100473FB22}) (Version: 0.1.0.5 - MAGIX Software GmbH) Hidden
MAGIX Cloud Import (HKLM\...\MX.{E2EC0850-84BF-4A86-842E-4A100473FB22}) (Version: 0.1.0.5 - MAGIX Software GmbH)
MAGIX Connect (HKLM\...\{B0C73D27-EB3E-4D0E-B40D-0141DAF708CC}) (Version: 3.0.0.1 - MAGIX Software GmbH) Hidden
MAGIX Connect (HKLM\...\MX.{B0C73D27-EB3E-4D0E-B40D-0141DAF708CC}) (Version: 3.0.0.1 - MAGIX Software GmbH)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Photostory Deluxe COMPUTER BILD-Edition (HKLM\...\{C612F6E2-77DD-4C3D-A13E-ACBEF750C451}) (Version: 18.1.1.53 - MAGIX Software GmbH) Hidden
MAGIX Photostory Deluxe COMPUTER BILD-Edition (HKLM\...\MX.{C612F6E2-77DD-4C3D-A13E-ACBEF750C451}) (Version: 18.1.1.53 - MAGIX Software GmbH)
MAGIX Soundpool Music Maker - Feel good (HKLM\...\{DFEE4333-B802-4E27-9521-2D9E970B7813}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (HKLM\...\{370FD2B5-6A2F-4BB9-8B5F-F5CE6F0C01E5}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (HKLM-x32\...\MX.{370FD2B5-6A2F-4BB9-8B5F-F5CE6F0C01E5}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Video deluxe COMPUTER BILD-Edition (HKLM\...\{BA25FF95-1BE8-4F11-9598-32F3755CDE31}) (Version: 18.0.1.209 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe COMPUTER BILD-Edition (HKLM\...\MX.{BA25FF95-1BE8-4F11-9598-32F3755CDE31}) (Version: 18.0.1.209 - MAGIX Software GmbH)
Malwarebytes version 4.4.0.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 - Malwarebytes)
MediaHuman YouTube to MP3 Converter 3.9.9.36 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.9.36 - MediaHuman)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
MicroSIP (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\MicroSIP) (Version: 3.20.6 - www.microsip.org)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.59 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 91.0.864.59 - Microsoft Corporation)
Microsoft Money 99 (HKLM-x32\...\MSMONEYV70) (Version:  - )
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4198695647-2910091461-4277131257-1003\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4198695647-2910091461-4277131257-1005\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4198695647-2910091461-4277131257-1010\...\OneDriveSetup.exe) (Version: 19.152.0801.0007 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{82f2609e-68ba-408d-963f-530ad8809435}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.60724 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.53.2 - Microsoft Corporation)
MiKTeX (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\MiKTeX) (Version: 21.2 - MiKTeX.org)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MiniTool MovieMaker (HKLM-x32\...\{MT-39B9213B-B182-41FB-B149-CD1016372F9C}_is1) (Version: 2.5 - MiniTool)
MiniTool Partition Wizard Free 12 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Software Limited)
MiniTool ShadowMaker PW Edition (HKLM-x32\...\MT-75D7C412-925B-4AD0-90DC-5E4FEE22EAE1_is1) (Version: 3.6 - MiniTool Software Limited)
Money-Browser für Money 99 Version 2000 3.1.1.1 (HKLM-x32\...\{E9E9FCFC-9F1A-4EDC-8400-2EAB5A9DEB4F}_is1) (Version: 3.1.1.1 - Dr. Ulrich Amann)
MongoDB 4.4.1 2008R2Plus SSL (64 bit) (HKLM\...\{B14F9AE3-91C5-4D56-A2E4-0DE06F6DFD36}) (Version: 4.4.1 - MongoDB Inc.)
MongoDB Compass (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\MongoDBCompass) (Version: 1.22.1 - MongoDB Inc)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MovieJack free (HKLM-x32\...\{13a69dfb-9889-4340-8dd7-5855426ffcc7}) (Version: 4.0.7026.23051 - Engelmann Software)
MovieJack free (HKLM-x32\...\{3A66BE6E-7F93-4949-9FCF-431309676FC0}) (Version: 4.0.7026.22792 - Engelmann Software) Hidden
Mozilla Firefox 89.0.2 (x64 de) (HKLM\...\Mozilla Firefox 89.0.2 (x64 de)) (Version: 89.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.0 - Mozilla)
Mozilla Thunderbird 68.12.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 68.12.1 (x86 de)) (Version: 68.12.1 - Mozilla)
Mozilla Thunderbird 78.11.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 78.11.0 (x86 de)) (Version: 78.11.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSYS2 64bit (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\{fe30c1e5-3249-4a26-b3ff-ab923261cff0}) (Version: 20161025 - The MSYS2 Developers)
Music Maker (HKLM\...\{D5FF45D3-3AE3-4490-85DE-04D059606382}) (Version: 25.0.2.44 - MAGIX Software GmbH) Hidden
Music Maker (HKLM-x32\...\MX.{D5FF45D3-3AE3-4490-85DE-04D059606382}) (Version: 25.0.2.44 - MAGIX Software GmbH)
NAPS2 5.3.1 (HKLM-x32\...\NAPS2 (Not Another PDF Scanner 2)_is1) (Version:  - Ben Olden-Cooligan)
Neo4j Desktop 1.3.8 (HKLM\...\14c7e06f-6a3b-5e4e-9e0c-ebe055b1b752) (Version: 1.3.8 - Neo4j Inc.)
Node.js (HKLM\...\{140389EF-5573-4B66-9218-B739F767AFBD}) (Version: 14.17.0 - Node.js Foundation)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA Nsight Compute 2020.3.1 (HKLM\...\{1259B3DA-CFC4-4BEE-8DBD-B497981D2047}) (Version: 20.3.1.0 - NVIDIA Corporation)
NVIDIA Nsight Systems 2020.4.3 (HKLM\...\{8A00392B-A561-4D04-990C-4D1741A5CDDE}) (Version: 20.4.3.7 - NVIDIA Corporation)
NVIDIA Nsight Visual Studio Edition 2020.3.1.21012 (HKLM\...\{52E1BC67-764B-4A86-B794-3BDBA8E4E885}) (Version: 20.3.1.21012 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA Tools Extension SDK (NVTX) - 64 bit (HKLM\...\{B56D2F88-8865-40FD-B7AC-F074EE4D201D}) (Version: 1.00.00.00 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project)
obs-websocket version 4.9.1 (HKLM-x32\...\{117EE44F-48E1-49E5-A381-CC8D9195CF35}_is1) (Version: 4.9.1 - Stephane Lepin)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14026.20308 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20308 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.7 (HKLM-x32\...\{81D7585D-3E44-4984-B99B-911492419D3E}) (Version: 4.17.9800 - Apache Software Foundation)
paint.net (HKLM\...\{39136CF7-E6F5-4DE0-9AB6-EFB45F464590}) (Version: 4.2.4 - dotPDN LLC)
Paragon Festplatten Manager™ 25 Jahre Limitierte Jubiläumsedition (HKLM-x32\...\{f541ba6a-92bf-466b-b956-5efa58ffe017}) (Version: 17.10.2.5049 - Paragon Software GmbH)
Paragon Hard Disk Manager™ 25 Anniversary LE (HKLM\...\{14EEF044-2FC6-40AA-9285-F430B3D90EF6}) (Version: 17.10.2.5049 - Paragon Software) Hidden
Paragon UIM (HKLM\...\{06B4D67B-9ECB-41E5-B4C1-92F529BB703D}) (Version: 24.65.0.487 - Paragon Software) Hidden
Passbild-Generator v4.0b (HKLM-x32\...\Passbild-Generator_is1) (Version:  - Passbild-Generator)
PDF24 Creator 10.0.12 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.0.12 - PDF24.org)
PDFill FREE PDF Editor Basic (HKLM\...\{26037138-C111-4BC5-88E8-DD2B2F2460C7}) (Version: 15.0 - PlotSoft LLC)
PDFtk - The PDF Toolkit version 2.02 (HKLM-x32\...\{C65EA7B8-FC21-4896-AD44-9CE952BB1255}_is1) (Version: 2.02 - PDF Labs)
PDF-XChange Editor (HKLM\...\{D9768EA7-98DE-4260-A55E-28DD9C4AFD04}) (Version: 9.0.354.0 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{ce6c8945-b029-4ebe-b3d4-96f6f0081e71}) (Version: 9.0.354.0 - Tracker Software Products (Canada) Ltd.)
PhotoFiltre 7 (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\PhotoFiltre 7) (Version:  - )
Planet Alpha (HKLM-x32\...\{FE19EF5F-A1E0-4CAF-96B4-590B2C022B15}) (Version:  - Team17 Digital Ltd)
ProRealTime (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\ProRealTime_is1) (Version: 1.16 - IT-Finance)
PuTTY release 0.73 (64-bit) (HKLM\...\{44F7642C-AB7E-4468-B028-E8D08A0CBB0E}) (Version: 0.73.0.0 - Simon Tatham)
PyCharm Community Edition 2019.3.3 (HKLM-x32\...\PyCharm Community Edition 2019.3.3) (Version: 193.6494.30 - JetBrains s.r.o.)
Python 3.8.1 (32-bit) (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\{4e3c79d9-fd08-4d23-ba50-d6f19553b0ee}) (Version: 3.8.1150.0 - Python Software Foundation)
Python 3.8.1 Core Interpreter (32-bit) (HKLM-x32\...\{03976998-4294-4FA5-9BE9-3E01B1DBEDC3}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Development Libraries (32-bit) (HKLM-x32\...\{0211E4D2-E2F6-422D-AEC9-46AD4CC583DD}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Documentation (32-bit) (HKLM-x32\...\{4408F4FC-AFC1-483E-A744-D61491A8AB85}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Executables (32-bit) (HKLM-x32\...\{F4F906AC-DFDB-4DA2-86C4-D116EAB497FA}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 pip Bootstrap (32-bit) (HKLM-x32\...\{34B7C438-99B2-4876-8F3A-5295A7DA2AE0}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Standard Library (32-bit) (HKLM-x32\...\{81CC98E6-C3E9-41EE-9ECC-30A6952AF726}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Tcl/Tk Support (32-bit) (HKLM-x32\...\{F97C2D8A-7ED6-4BA9-BAA7-036878A8AC5B}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Test Suite (32-bit) (HKLM-x32\...\{656BF6D9-2710-466C-8F82-88135B8EAF00}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Utility Scripts (32-bit) (HKLM-x32\...\{EE756009-EBAF-4C88-A99B-2E30FD1FA5DC}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.9.4 (64-bit) (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\{e300c142-10a9-46f4-a195-bd40cb90a84f}) (Version: 3.9.4150.0 - Python Software Foundation)
Python 3.9.4 Add to Path (64-bit) (HKLM\...\{D5076D33-101B-4402-AAC0-001C6D74D9AB}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Core Interpreter (64-bit) (HKLM\...\{DE09AD3C-F617-4EAF-B4F5-943473CB00DA}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Development Libraries (64-bit) (HKLM\...\{CCD8CD39-7BDE-46B9-9222-336226D0C346}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Documentation (64-bit) (HKLM\...\{C625291F-C4B5-45A7-B946-FFAB8535A64A}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Executables (64-bit) (HKLM\...\{A8C63C1D-BCF8-4446-AFAA-AE21DDA1DBEF}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 pip Bootstrap (64-bit) (HKLM\...\{2E65BC05-C532-4BD6-ACDD-3CFDE86F5E36}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Standard Library (64-bit) (HKLM\...\{D8D430E7-0DCE-418C-A937-735F329C1AD8}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Tcl/Tk Support (64-bit) (HKLM\...\{E4228F0E-C40C-403A-9533-29BA5A9F9E99}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Test Suite (64-bit) (HKLM\...\{86FD19A0-F018-465C-B8C9-02EA01D35A4B}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python 3.9.4 Utility Scripts (64-bit) (HKLM\...\{0C0FBC09-C0AA-4B66-92BF-E321BC8C9FA5}) (Version: 3.9.4150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{12B4CAFF-F2FA-422B-B30C-2265217D8CF8}) (Version: 3.9.7398.0 - Python Software Foundation)
R for Windows 3.6.2 (HKLM\...\R for Windows 3.6.2_is1) (Version: 3.6.2 - R Core Team)
R for Windows 4.0.3 (HKLM\...\R for Windows 4.0.3_is1) (Version: 4.0.3 - R Core Team)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8273 - Realtek Semiconductor Corp.)
Recordify 2018 (HKLM-x32\...\{E25B0FAA-66E5-4D2E-9B48-3B85B31543BF}_is1) (Version: 3.11 - Abelssoft)
Rossmann Fotowelt Software (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\{a50de2e8-8e5a-4b46-9681-e170843e51c4}) (Version: 5.8.4-4070 - ORWO Net GmbH Bitterfeld-Wolfen)
RStudio (HKLM-x32\...\RStudio) (Version: 1.4.1103 - RStudio)
Rtools 4.0 (4.0.0.28) (64-bit) (HKLM\...\Rtools_is1) (Version: 4.0 - The R Foundation)
Rtools Version 3.5 (HKLM-x32\...\Rtools_is1) (Version: 3.5 - The R Foundation)
Ruby 2.5.0-2-x64 (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\RubyInstaller-2.5-x64-mingw32_is1) (Version: 2.5.0-2 - RubyInstaller Team)
SageMath version 8.8 (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\SageMath-8.8_is1) (Version: 8.8 - SageMath)
Samsung DeX (HKLM-x32\...\{743e3ecf-e674-4aae-973b-0e784ca38803}) (Version: 2.0.0.15 - Samsung Electronics Co., Ltd.)
Samsung DeX (HKLM-x32\...\{E35C3F1D-91A9-4FED-A915-0F913BFD780D}) (Version: 2.0.0.15 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.43.0 - Samsung Electronics Co., Ltd.)
Screen InStyle (HKLM-x32\...\{B249FBDB-FAFA-4EED-8833-3073A0FC829F}_is1) (Version: 1.1.1.3 - EIZO Corporation)
SeaTools for Windows 1.4.0.7 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.7 - Seagate Technology)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service-Update für HBCIFM99 Version 1.0 (HKLM-x32\...\Service-Update für HBCIFM99_is1) (Version: 1.0 - Dr. Ulrich Amann)
Setup-Loader für das HBCI-Modul für Money 99 Version 2000 3.4 (HKLM-x32\...\Setup-Loader für das HBCI-Modul für Money 99 Version 2000_is1) (Version: 3.4 - Dr. Ulrich Amann)
Signal 5.1.0 (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 5.1.0 - Open Whisper Systems)
SILKYPIX Developer Studio 7 Deutsch (HKLM-x32\...\{2A20420A-B8CE-4423-BBFC-D93AB4CC23EA}) (Version: 7 - Ichikawa Soft Laboratory)
simpleos 0.7.2 (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\0f54e2df-ead3-54dc-968d-cd341ec34754) (Version: 0.7.2 - EOSRio)
Skype for Business Basic 2016 - de-de (HKLM\...\SkypeforBusinessEntryRetail - de-de) (Version: 16.0.14026.20308 - Microsoft Corporation)
Skype Meetings App (HKLM-x32\...\{BC1D9E47-8927-4AA1-A891-7763BC2475B7}) (Version: 16.2.0.511 - Microsoft Corporation)
Slack (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\slack) (Version: 4.17.1 - Slack Technologies Inc.)
Soda PDF Desktop (HKLM-x32\...\SodaDesktop) (Version: 9.0.30.31037 - LULU Software)
Soda PDF Desktop Asian Fonts Pack (HKLM\...\{4C6D3090-D5D6-43E0-A0A5-3D4128D6E34B}) (Version: 9.3.17.38441 - LULU Software) Hidden
Soda PDF Desktop Convert Module (HKLM\...\{F262EB22-4771-4E16-B29A-F5DD108D8804}) (Version: 9.3.17.38441 - LULU Software) Hidden
Soda PDF Desktop Create Module (HKLM\...\{CE45B91C-E614-4020-B4C9-77EB5C650786}) (Version: 9.3.17.38441 - LULU Software) Hidden
Soda PDF Desktop Edit Module (HKLM\...\{F8F6C1A0-1E0B-444E-9277-70C7CD6547FA}) (Version: 9.3.17.38441 - LULU Software) Hidden
Soda PDF Desktop Forms Module (HKLM\...\{EED0CCB5-116F-40BA-A4A8-1E3F5891C496}) (Version: 9.3.17.38441 - LULU Software) Hidden
Soda PDF Desktop Insert Module (HKLM\...\{C1A308CA-BFD2-4120-A84D-1182222A1EFB}) (Version: 9.3.17.38441 - LULU Software) Hidden
Soda PDF Desktop OCR Module (HKLM\...\{0E3F8189-FACD-4269-B971-2A602CAB1FCC}) (Version: 9.3.17.38441 - LULU Software) Hidden
Soda PDF Desktop Review Module (HKLM\...\{4C05CD7D-AEAD-413B-A056-059C57774B26}) (Version: 9.3.17.38441 - LULU Software) Hidden
Soda PDF Desktop Secure Module (HKLM\...\{EC2F5976-634E-4A3B-AF8D-9D0E0F7EBE46}) (Version: 9.3.17.38441 - LULU Software) Hidden
Soda PDF Desktop View Module (HKLM\...\{EAC5A155-2A9A-47AF-907F-67FCBB2CD659}) (Version: 9.3.17.38441 - LULU Software) Hidden
SolarCoin version 2.1.8 (HKLM-x32\...\SolarCoin_is1) (Version: 2.1.8 - )
spacedesk Windows DRIVER (HKLM\...\{89592275-79DA-423A-91E1-8706EC312DF4}) (Version: 0.9.1046.0 - datronicsoft Inc.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SplitCam (HKLM\...\{C04D8FAF-1AA0-4B3E-B549-E31BE1E6BC7B}) (Version: 10.5.12 - SplitCam Co.)
Sqrl 1.2.5 (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\f0769fd5-6da4-5ce4-9cbc-5dc6ab7c2a1b) (Version: 1.2.5 - Telos Foundation)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.27.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.27.1 - General Workings, Inc.)
Studio 3T (HKLM\...\8357-7994-5030-9105) (Version: 2020.8.0 - 3T Software Labs)
Sword Legacy Omen (HKLM-x32\...\{25071895-D6CB-49CE-98FE-4A2C3C92B9FC}) (Version:  - Team17 Digital Ltd)
TeamSpeak 3 Client (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\TeamSpeak 3 Client) (Version: 3.5.3 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.17.7 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Telegram Desktop version 2.7.4 (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.7.4 - Telegram FZ-LLC)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Trinity 1.6.1 (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\e2e246ce-857c-53ed-b9ad-26e0668b9510) (Version: 1.6.1 - IOTA Foundation)
Turmoil (HKLM-x32\...\{9F710B74-9960-4411-BDFC-3CD846CA812C}) (Version:  - Gamious)
Twitch (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
TWS API (HKLM-x32\...\{804183E3-553C-483F-A57F-9FE9AEB592F1}) (Version: 9.76.01 - IBG LLC)
UFRaw 0.19.2 (HKLM-x32\...\UFRaw_is1) (Version:  - Udi Fuchs)
Ultimate Settings Panel (HKLM\...\{2F0E2793-E444-4851-A4FC-61EC635326CF}) (Version: 6.3.0 - TechyGeeksHome)
UltraEdit 15.20 SE (HKLM-x32\...\{A8606865-6D52-44C1-82BD-A3C9A80222D4}) (Version: 15.20.1 - IDM Computer Solutions, Inc.)
Uninstall Manager 5.3 (HKLM\...\{45BFB5F0-19B7-4564-B787-A3BAAA0E5AA1}_is1) (Version: 5.3 - Martin Fuchs)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 43.1 - Ubisoft)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version:  - DownloadHelper)
VEGAS Pro 15.0 (HKLM\...\{994FA9EE-A214-11E7-A574-AE6259437B87}) (Version: 15.0.216 - VEGAS)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.24-Update7 - IDRIX)
VideoProc (HKLM-x32\...\VideoProc) (Version: 4.0 - Digiarty, Inc.)
Visual BCD (HKLM-x32\...\{436D50FF-8FA1-4FDD-A9C9-48B52A990F57}) (Version: 0.9.3.1 - BoYans)
Vita Concert Grand LE (HKLM\...\{BFA88ABE-D175-42C7-B374-92A2D9333CAB}) (Version: 2.4.0.95 - MAGIX Software GmbH) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
VMware Horizon Client (HKLM\...\{C6D1F545-F2F2-4379-9652-07696D8BED26}) (Version: 5.5.1.17068 - VMware, Inc.) Hidden
VMware Horizon Client (HKLM-x32\...\{8ec9a3ad-734f-4995-84d7-8b2b7fd14d75}) (Version: 5.5.1.17068 - VMware, Inc.)
VMware Horizon HTML5 Multimedia Redirection Client (HKLM\...\{2B1D0F22-6025-409A-A248-7C10783FD5F2}) (Version: 7.13.0 - VMware, Inc.) Hidden
VMware Horizon Media Engine 11.0.0.614 (64-bit) (HKLM\...\{44E854B5-0ED7-4688-9246-628C86D3709C}) (Version: 11.0.0.614 - VMware, Inc.) Hidden
VMware Horizon Media Redirection for Microsoft Teams (HKLM\...\{ADEA6187-E6C1-42E1-82A0-783EF1D4D4D5}) (Version: 7.13.0 - VMware, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
Weka 3.8.4 (HKLM\...\Weka 3.8.4) (Version: 3.8.4 - Machine Learning Group, University of Waikato, Hamilton, NZ)
Wi-Fi Scanner version 21.01 (HKLM-x32\...\Wi-Fi Scanner_is1) (Version: 21.01 - LizardSystems)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22514 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Corsair Components, Inc. (SIUSBXP) USB  (07/14/2010 3.3) (HKLM\...\9D216BBD7DABB6A9E6F4F1D85E06CDFF9EA816FE) (Version: 07/14/2010 3.3 - Corsair Components, Inc.)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - FTDI CDM Driver Package - Bus/D2XX Driver (08/16/2017 2.12.28) (HKLM\...\321E9C3B7C8E360B434912ED44CC222F08280048) (Version: 08/16/2017 2.12.28 - FTDI)
Windows-Treiberpaket - FTDI CDM Driver Package - VCP Driver (08/16/2017 2.12.28) (HKLM\...\018B67599606F0589EA4CA42AD4CC6B5C24388A0) (Version: 08/16/2017 2.12.28 - FTDI)
Windows-Treiberpaket - MPP FTDI MPP FTDI D2XX (08/16/2017 2.12.28) (HKLM\...\75398BFF73C29C011146C84A6BDA6CA67A8B25E5) (Version: 08/16/2017 2.12.28 - MPP FTDI)
Windows-Treiberpaket - MPP FTDI MPP FTDI VCP (08/16/2017 2.12.28) (HKLM\...\EBBD9947553A9582FD9EBC71BD40BAB80F35B2B1) (Version: 08/16/2017 2.12.28 - MPP FTDI)
Windows-Treiberpaket - MPP USB CDC Virtual COM Port (05/23/2013 2.0.0) (HKLM\...\66DD18691EC6886B537A726978F65EF1E8D2D83C) (Version: 05/23/2013 2.0.0 - MPP)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinMerge 2.16.12.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.16.12.0 - Thingamahoochie Software)
WinSCP 5.17.10 (HKLM-x32\...\winscp3_is1) (Version: 5.17.10 - Martin Prikryl)
Wondershare Data Recovery(Build 6.5.1.5) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 6.5.1.5 - Wondershare Software Co.,Ltd.)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Xerox Desktop Print Experience 5.0 (HKLM\...\{F69C2056-BC8D-EC77-49FB-E9F863F8C9AA}) (Version: 7.192.8.0 - Xerox Corporation)
Xerox PowerENGAGE (HKLM-x32\...\{171BF116-713F-43AA-B236-D6188522E609}) (Version: 2.52.0016 - Xerox Inc.)
Xerox Scanner Management Utility (HKLM\...\{247000A3-7D6D-44D6-B438-A21A87BF4210}) (Version: 7.0.52.0 - Xerox Corporation)
XMedia Recode 64bit Version 3.5.2.7 (HKLM\...\{D31E6E69-4C6A-42CC-926F-CC7B186864EB}_is1) (Version: 3.5.2.7 - XMedia Recode 64bit)
XMind 10.1.3 (HKLM\...\{fbd30ee5-8150-549e-9aed-fd9d444364fb}) (Version: 10.1.3 - XMind Ltd.)
XMind 10.3.1 (HKLM\...\fbd30ee5-8150-549e-9aed-fd9d444364fb) (Version: 10.3.1 - XMind Ltd.)
XMind 8 Update 8 (v3.7.8) (HKLM-x32\...\XMind_is1) (Version: 3.7.8.201807240049 - XMind Ltd.)
XSplit VCam (HKLM\...\{24850C07-D3D6-4050-A0AE-25403AC88D67}) (Version: 2.3.2106.1406 - XSplit) Hidden
XSplit VCam (HKLM\...\XSplit VCam 2.3.2106.1406) (Version: 2.3.2106.1406 - XSplit)
Youtube-DLG Version 0.4 (HKLM-x32\...\{3C455028-FC99-4846-8E04-4FCD87D85613}_is1) (Version: 0.4 - Sotiris Papadopoulos)
Zoom (HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\ZoomUMX) (Version: 5.5.1 (12488.0202) - Zoom Video Communications, Inc.)

Packages:
=========
Arduino IDE -> C:\Program Files\WindowsApps\ArduinoLLC.ArduinoIDE_1.8.49.0_x86__mdqgnx93n4wtt [2021-05-16] (Arduino LLC)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Best of Bing 2018 Exclusive -> C:\Program Files\WindowsApps\Microsoft.BestofBing2018Exclusive_1.0.0.0_neutral__8wekyb3d8bbwe [2019-01-01] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.8.1108.0_x64__rz1tebttyb220 [2021-05-30] (Dolby Laboratories)
Drawboard PDF -> C:\Program Files\WindowsApps\Drawboard.DrawboardPDF_5.39.2.0_x64__gqbn7fs4pywxm [2021-06-18] (Drawboard)
File Opener - Open Image,Document,Video,Audio -> C:\Program Files\WindowsApps\4846UtilitiesTools.FileOpener-OpenImageDocumentVid_1.1.10.0_x64__b17t1j31etq18 [2018-11-11] (Utilities Tools)
Flight Unlimited 2K16 -> C:\Program Files\WindowsApps\FlightSystemsLLC.FlightUnlimited2K16_2.1.16.0_x64__gr0hpt7qkpqd0 [2020-08-02] (Flight Systems LLC)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation)
Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2019-08-01] (Keeper Security Inc)
Lenovo Display Control Center -> C:\Program Files\WindowsApps\E046963F.LenovoDisplayControlCenter_1.0.29191.0_x86__k1h2ywk1493x8 [2021-05-30] (LENOVO INC.)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-09] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-20] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_21.10503.5664.0_x64__8wekyb3d8bbwe [2021-06-09] (Microsoft Corporation)
Mind Maps Pro -> C:\Program Files\WindowsApps\BallardAppCraftery.MindMapsPro2Beta_1.1.27.0_x64__epyrqhfctk40t [2019-02-09] (User Camp)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.17.201.0_x64__8wekyb3d8bbwe [2021-06-26] (Microsoft Studios)
MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation)
myTube! -> C:\Program Files\WindowsApps\59750RYKENAPPS.435307C335C44_4.0.2.0_x64__zd92nzxdcatqw [2020-12-23] (Ryken Studio)
OY - Youtube Floating Player -> C:\Program Files\WindowsApps\28583AppsUniversal.FloatingplayerforYoutube_1.1.3.0_x64__5mpx2adydqnqy [2018-01-07] (AppsUniversal) [MS Ad]
Penbook -> C:\Program Files\WindowsApps\36376UserCamp.Penbook_2.1.30.0_x64__t7afzrbtd67z0 [2019-10-24] (User Camp)
ProApp for GMail, Search, Hangouts, News -> C:\Program Files\WindowsApps\28583AppsUniversal.ProAppforGMailSearchHangoutsNew_1.1.5.0_x64__5mpx2adydqnqy [2018-01-15] (AppsUniversal) [MS Ad]
Sketch 360 -> C:\Program Files\WindowsApps\Microsoft.Sketch360_3.0.96.0_x64__8wekyb3d8bbwe [2021-06-26] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0 [2021-06-11] (Spotify AB) [Startup Task]
Trello -> C:\Program Files\WindowsApps\45273LiamForsyth.PawsforTrello_2.12.1.0_x64__7pb5ddty8z1pa [2021-05-30] (Trello, Inc.)
Vodafone Mobile Broadband -> C:\Program Files\WindowsApps\VodafoneGroupServices.VodafoneMobileBroadband_2.10.46.0_x64__cx08jceyq9bcp [2021-01-09] (Vodafone Group Services)
Wunderlist: To-Do Liste -> C:\Program Files\WindowsApps\6Wunderkinder.Wunderlist_3.6.43.0_x64__b4cwydgxqx59r [2020-05-01] (6 Wunderkinder GmbH)
Xerox Print and Scan Experience -> C:\Program Files\WindowsApps\XeroxCorp.PrintExperience_7.192.8.0_x64__f7egpvdyrs2a8 [2020-11-19] (Xerox Corp)
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2021-06-02] (New Work SE)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4198695647-2910091461-4277131257-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\thoma\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4198695647-2910091461-4277131257-1001_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\thoma\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4198695647-2910091461-4277131257-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\thoma\AppData\Local\GoToMeeting\19228\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-4198695647-2910091461-4277131257-1001_Classes\CLSID\{b5eedee0-c06e-11cf-8c56-444553540000}\InprocServer32 -> C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ue64ctmn.dll () [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-4198695647-2910091461-4277131257-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\thoma\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ Cloudevo (IconOverlayError)] -> {3037DE6C-D55E-4065-A3BE-02051FF42E33} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ Cloudevo (IconOverlayPending)] -> {6E741565-B4E6-4E91-B7FB-35FD792E6032} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ Cloudevo (IconOverlayPrivate)] -> {8F88E6F7-4314-4C3A-BF50-F7884C199A92} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ Cloudevo (IconOverlaySynced)] -> {179E8FE1-82DD-436D-A608-22751924C614} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ Cloudevo (IconOverlaySyncing)] -> {BA62F31B-D25E-41C0-A027-8B34280271AB} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ Cloudevo (IconOverlayUnsynced)] -> {C82DF51A-03B7-485B-96D8-2494669F0BDB} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-20] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-20] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-20] (Mega Limited -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-06-03] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ Cloudevo (IconOverlayError)] -> {3037DE6C-D55E-4065-A3BE-02051FF42E33} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert]
ShellIconOverlayIdentifiers-x32: [ Cloudevo (IconOverlayPending)] -> {6E741565-B4E6-4E91-B7FB-35FD792E6032} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert]
ShellIconOverlayIdentifiers-x32: [ Cloudevo (IconOverlayPrivate)] -> {8F88E6F7-4314-4C3A-BF50-F7884C199A92} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert]
ShellIconOverlayIdentifiers-x32: [ Cloudevo (IconOverlaySynced)] -> {179E8FE1-82DD-436D-A608-22751924C614} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert]
ShellIconOverlayIdentifiers-x32: [ Cloudevo (IconOverlaySyncing)] -> {BA62F31B-D25E-41C0-A027-8B34280271AB} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert]
ShellIconOverlayIdentifiers-x32: [ Cloudevo (IconOverlayUnsynced)] -> {C82DF51A-03B7-485B-96D8-2494669F0BDB} => C:\Program Files\Evorim\Cloudevo\CloudShell.dll [2020-10-21] () [Datei ist nicht signiert]
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-20] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-20] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-20] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-06-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1-x32: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Keine Datei
         

Alt 27.06.2021, 21:41   #7
tsmomc
 
Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt - Standard

Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt



Addition Teil 2

Code:
ATTFilter
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-06-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Keine Datei
ContextMenuHandlers1: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2020-10-11] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-20] (Mega Limited -> )
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-09-20] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers1: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2021-04-03] (hxxp://winmerge.org) [Datei ist nicht signiert]
ContextMenuHandlers2: [1&1 SmartDrive] -> {62DF97A2-3635-4412-AE30-80B164BC88AD} => C:\Program Files (x86)\1&1\1&1 Upload-Manager\SHNDLERS64.DLL [2011-11-21] (1&1 Internet AG) [Datei ist nicht signiert]
ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2020-10-11] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-20] (Mega Limited -> )
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-09-20] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Player\vmdkShellExt.dll [2021-04-30] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Player\x64\vmdkShellExt64.dll [2021-04-30] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2021-04-03] (hxxp://winmerge.org) [Datei ist nicht signiert]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-06-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [1&1 SmartDrive] -> {62DF97A2-3635-4412-AE30-80B164BC88AD} => C:\Program Files (x86)\1&1\1&1 Upload-Manager\SHNDLERS64.DLL [2011-11-21] (1&1 Internet AG) [Datei ist nicht signiert]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-31] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-20] (Mega Limited -> )
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Keine Datei
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2020-10-11] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\thoma\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-20] (Mega Limited -> )
ContextMenuHandlers4: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2021-04-03] (hxxp://winmerge.org) [Datei ist nicht signiert]
ContextMenuHandlers5: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2020-10-11] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\igfxDTCM.dll [2020-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2021-04-03] (hxxp://winmerge.org) [Datei ist nicht signiert]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6-x32: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-06-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Keine Datei
ContextMenuHandlers6: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2020-10-11] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-31] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers1_S-1-5-21-4198695647-2910091461-4277131257-1001: [UltraEdit] -> {b5eedee0-c06e-11cf-8c56-444553540000} => C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ue64ctmn.dll [2010-11-26] () [Datei ist nicht signiert]

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [vidc.i420] => C:\Windows\System32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.LWLR] => C:\Windows\SysWOW64\RGBACodec.dll [37488 2017-04-03] (EditShare EMEA (X-Edit Limited) -> )

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 11\BesuchtDVDFabWebsite.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab11&v=11.0.8.
ShortcutWithArgument: C:\Users\thoma\Desktop\ADS\Anaconda Prompt (Anaconda3).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\ProgramData\Anaconda3\Scripts\activate.bat C:\ProgramData\Anaconda3

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2021-05-30 20:16 - 2021-05-30 20:16 - 001278976 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\CefSharp.BrowserSubprocess.Core.dll
2021-05-30 20:16 - 2021-05-30 20:16 - 001957888 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\CefSharp.Core.dll
2021-06-09 11:59 - 2021-06-09 11:59 - 001918976 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\Jabra\Direct4\resources\app.asar.unpacked\node_modules\@gnaudio\jabra-node-sdk\build\Release\sdkintegration.node
2021-06-09 11:59 - 2021-06-09 11:59 - 001701376 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\Jabra\Direct4\resources\app.asar.unpacked\node_modules\panacastapi\build\Release\panacastapi.node
2017-10-20 22:36 - 2016-12-14 22:48 - 000961536 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccToolHelper.dll
2017-10-20 22:37 - 2016-09-20 14:08 - 000241664 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2017-10-20 22:37 - 2016-07-14 16:09 - 000208896 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2017-10-20 22:37 - 2016-07-14 16:10 - 000621056 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\UIImprovmentHelper.dll
2017-10-20 22:37 - 2016-06-30 16:50 - 000684032 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\PhoneCtrlAPI.dll
2017-10-20 22:37 - 2016-06-30 16:50 - 000459776 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\WiFiGO_HookKey.dll
2017-10-20 22:37 - 2016-06-30 16:50 - 000753664 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\WiMoveHelp.dll
2018-09-09 15:48 - 2016-03-11 19:16 - 000211968 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\EIZO\Screen InStyle\libcolour.dll
2017-10-20 22:37 - 2016-06-30 16:50 - 000195584 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\InstallShield Installation Information\{924FB30F-AA59-453D-A921-39810BDD29C1}\CloudAPI\CloudAPI.dll
2021-04-22 08:31 - 2021-04-22 08:31 - 005745664 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module.dll
2021-06-09 11:58 - 2021-06-09 11:58 - 002608128 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Jabra\Direct4\ffmpeg.dll
2021-06-09 11:58 - 2021-06-09 11:58 - 000356352 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Jabra\Direct4\libegl.dll
2021-06-09 11:58 - 2021-06-09 11:58 - 008347648 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Jabra\Direct4\libglesv2.dll
2017-10-20 22:33 - 2017-09-22 11:36 - 000073728 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\LightingService\1.00.29\ClaymoreProtocol.dll
2017-10-20 22:33 - 2017-09-22 11:36 - 000053248 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\LightingService\1.00.29\cpuutil.dll
2017-10-20 22:33 - 2017-09-22 11:36 - 000519680 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\LightingService\1.00.29\RogNewmouseProtocol.dll
2017-10-20 22:33 - 2017-09-22 11:36 - 001746432 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\LightingService\1.00.29\Vender.dll
2017-10-19 01:48 - 2017-08-23 23:40 - 000025600 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServerps.dll
2017-10-19 01:48 - 2011-08-23 13:04 - 000057344 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\TVServer\libhdhomerun.dll
2020-10-21 17:45 - 2020-10-21 17:45 - 000685056 _____ () [Datei ist nicht signiert] C:\Program Files\Evorim\Cloudevo\CloudShell.dll
2021-03-27 20:21 - 2021-01-28 06:27 - 000097792 _____ () [Datei ist nicht signiert] C:\Program Files\MiniTool ShadowMaker\coresync.dll
2021-03-27 20:21 - 2019-08-15 06:52 - 000076800 _____ () [Datei ist nicht signiert] C:\Program Files\MiniTool ShadowMaker\SMTPEmail.dll
2021-05-30 20:16 - 2021-05-30 20:16 - 137093632 _____ () [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\libcef.dll
2021-05-30 20:16 - 2021-05-30 20:16 - 000396800 _____ () [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\libegl.dll
2021-05-30 20:16 - 2021-05-30 20:16 - 006338560 _____ () [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\libglesv2.dll
2019-10-01 22:23 - 2019-10-01 22:23 - 000865280 _____ () [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\MicroSIP\SDL2.dll
2017-10-22 22:30 - 2006-02-23 11:35 - 000020480 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\FritzColorPort64.dll
2017-10-22 22:30 - 2006-02-22 10:39 - 000020480 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\FritzPort64.dll
2011-11-21 12:50 - 2011-11-21 12:50 - 000524288 _____ (1&1 Internet AG) [Datei ist nicht signiert] C:\Program Files (x86)\1&1\1&1 Upload-Manager\BaseCom.dll
2011-11-21 12:53 - 2011-11-21 12:53 - 000049152 _____ (1&1 Internet AG) [Datei ist nicht signiert] C:\Program Files (x86)\1&1\1&1 Upload-Manager\ExplorerHook.dll
2011-11-21 12:49 - 2011-11-21 12:49 - 000180224 _____ (1&1 Internet AG) [Datei ist nicht signiert] C:\Program Files (x86)\1&1\1&1 Upload-Manager\RootCom.dll
2011-11-21 12:51 - 2011-11-21 12:51 - 000307200 _____ (1&1 Internet AG) [Datei ist nicht signiert] C:\Program Files (x86)\1&1\1&1 Upload-Manager\SettingsUI.dll
2011-11-21 12:54 - 2011-11-21 12:54 - 000297984 _____ (1&1 Internet AG) [Datei ist nicht signiert] C:\Program Files (x86)\1&1\1&1 Upload-Manager\SHNDLERS64.DLL
2011-11-21 12:51 - 2011-11-21 12:51 - 000323584 _____ (1&1 Internet AG) [Datei ist nicht signiert] C:\Program Files (x86)\1&1\1&1 Upload-Manager\Update.dll
2020-10-30 19:52 - 2011-11-21 12:52 - 000011776 _____ (1&1 Internet AG) [Datei ist nicht signiert] C:\WINDOWS\System32\ui11np.dll
2006-10-23 00:19 - 2006-10-23 00:19 - 000019968 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroTray.DEU
2006-10-23 00:10 - 2006-10-23 00:10 - 000019968 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroTray.FRA
2006-08-02 07:52 - 2006-08-02 07:52 - 000126976 ____R (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\asneu.dll
2006-09-14 23:20 - 2006-09-14 23:20 - 000212992 ____R (Adobe Systems Incorporated) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\adobe_epic.dll
2006-09-14 23:46 - 2006-09-14 23:46 - 000208896 ____R (Adobe Systems Incorporated) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\adobe_pcd.dll
2006-09-14 23:20 - 2006-09-14 23:20 - 000346112 ____R (Adobe Systems Incorporated) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\adobe_personalization.dll
2017-10-20 22:36 - 2015-06-05 13:00 - 000108544 _____ (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AAHM\1.00.30\ASACPI.DLL
2017-10-20 22:36 - 2016-04-20 15:17 - 000108544 _____ (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpi.dll
2017-10-20 22:33 - 2021-06-27 18:06 - 000046888 _____ (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AXSP\2.00.06\PEbiosinterface32.dll
2017-10-20 22:36 - 2016-04-20 15:17 - 000676864 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpiex.dll
2017-10-20 22:37 - 2016-06-30 16:50 - 003147776 _____ (ASUSTek COMPUTER INC.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\asusnatnl.dll
2017-10-20 22:36 - 2016-04-20 09:17 - 000676864 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsusFanControlService\1.09.08\asacpiex.dll
2017-10-20 22:33 - 2017-09-22 11:36 - 000080384 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\LightingService\1.00.29\AudioLEDCtrl.dll
2017-10-20 22:37 - 2016-06-30 16:50 - 000327680 _____ (AWIND Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\MirrorOpServiceSender.dll
2017-10-19 07:43 - 2012-09-20 05:00 - 000393728 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMXLMBL.DLL
2021-03-27 20:21 - 2021-01-28 06:27 - 000061952 _____ (Chengdu Speed Digital Technology Co..Ltd.) [Datei ist nicht signiert] C:\Program Files\MiniTool ShadowMaker\ChannelNetFileInfo.dll
2021-03-27 20:21 - 2021-01-28 06:27 - 000175104 _____ (Chengdu Speed Digital Technology Co..Ltd.) [Datei ist nicht signiert] C:\Program Files\MiniTool ShadowMaker\FileInfoCommon.dll
2018-09-09 15:48 - 2018-07-31 17:30 - 000928256 _____ (EIZO Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\EIZO\Screen InStyle\libemc.dll
2018-09-09 15:48 - 2018-07-31 17:30 - 000103936 _____ (EIZO Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\EIZO\Screen InStyle\libHIDmctrl.dll
2018-09-09 15:48 - 2017-08-25 10:07 - 000162816 _____ (EIZO Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\EIZO\Screen InStyle\libmctrl.dll
2018-09-09 15:48 - 2017-08-25 10:07 - 000091648 _____ (EIZO Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\EIZO\Screen InStyle\libmptag.dll
2018-09-09 15:48 - 2016-03-11 19:16 - 000080384 _____ (EIZO NANANO CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EIZO\Screen InStyle\libminfo.dll
2018-09-09 15:48 - 2016-03-11 19:16 - 000131072 _____ (EIZO NANAO CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EIZO\Screen InStyle\libDDCCImctrl.dll
2019-10-01 22:23 - 2019-10-01 22:23 - 004981774 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\MicroSIP\avcodec-57.dll
2019-10-01 22:23 - 2019-10-01 22:23 - 000353806 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\MicroSIP\avformat-57.dll
2019-10-01 22:23 - 2019-10-01 22:23 - 000668686 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\MicroSIP\avutil-55.dll
2019-10-01 22:23 - 2019-10-01 22:23 - 000506894 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\MicroSIP\swscale-4.dll
2021-06-09 11:59 - 2021-06-09 11:59 - 002257408 _____ (GN Audio A/S) [Datei ist nicht signiert] \\?\C:\Program Files (x86)\Jabra\Direct4\resources\app.asar.unpacked\node_modules\@gnaudio\jabra-node-sdk\build\Release\libjabra.dll
2016-09-02 13:19 - 2016-09-02 13:19 - 000097792 _____ (GN Netcom A/S) [Datei ist nicht signiert] [Datei wird verwendet] C:\PROGRAM FILES (X86)\JABRA\DIRECT4\AVAYAONEXV3INTEGRATION\GNDeviceInterface.dll
2017-10-19 01:48 - 2015-11-24 20:58 - 000130048 _____ (Hauppauge Computer Works) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\WinTV8\hcwTSAnalogTxt.ax
2017-10-19 01:48 - 2015-11-24 20:59 - 000134656 _____ (Hauppauge Computer Works) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\WinTV8\hcwtsfilter.ax
2017-10-19 01:48 - 2018-06-12 16:20 - 000113152 _____ (Hauppauge Computer Works) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\WinTV8\HCWTSWriter.ax
2017-10-19 01:48 - 2018-12-19 14:52 - 000332800 _____ (Hauppauge Computer Works, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\WinTV8\PsiParser.ax
2017-04-24 14:30 - 2017-04-24 14:30 - 000349696 _____ (Intel(R) Corporation) [Datei ist nicht signiert] C:\Windows\system32\NCS2Setp.dll
2006-09-15 13:58 - 2006-09-15 13:58 - 000934400 ____R (Macrovision Europe Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\FNP_Act_Installer.dll
2017-10-19 01:48 - 2008-11-12 18:50 - 000253952 _____ (MainConcept GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\WinTV8\SoftPVR\hcw_mcl2ae.ax
2017-10-19 01:48 - 2008-11-12 18:51 - 000372736 _____ (MainConcept GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\WinTV8\SoftPVR\hcw_mcm2ve.ax
2017-10-19 01:48 - 2008-11-12 18:54 - 000528384 _____ (MainConcept GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\WinTV8\SoftPVR\hcw_mcmpeg2mux.ax
2017-10-19 01:48 - 2008-11-12 18:37 - 000241664 _____ (MainConcept GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\WinTV8\SoftPVR\hcw_mcmpgaout.dll
2017-10-19 01:48 - 2008-11-12 18:39 - 002137600 _____ (MainConcept GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\WinTV8\SoftPVR\hcw_mcmpgvout.004
2017-10-19 01:48 - 2008-11-12 18:44 - 000017920 _____ (MainConcept GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\WinTV8\SoftPVR\hcw_mcmpgvout.dll
2011-06-03 15:15 - 2011-06-03 15:15 - 001047552 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\1&1\1&1 Upload-Manager\MFC71U.DLL
2011-06-03 15:15 - 2011-06-03 15:15 - 000499712 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\1&1\1&1 Upload-Manager\MSVCP71.dll
2011-06-03 15:15 - 2011-06-03 15:15 - 000348160 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\1&1\1&1 Upload-Manager\MSVCR71.dll
2020-09-06 15:13 - 2020-09-06 15:13 - 001654784 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2020-09-06 15:13 - 2020-09-06 15:13 - 000054272 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\MFC80DEU.DLL
2018-09-09 15:48 - 2016-03-15 19:00 - 001103360 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files (x86)\EIZO\Screen InStyle\x86\SQLite.Interop.dll
2021-05-21 08:12 - 2021-05-21 08:12 - 000130048 _____ (Sam Grogan) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Intel\Driver and Support Assistant\NotifyIconWin32.dll
2021-05-30 20:16 - 2021-05-30 20:16 - 001010176 _____ (The Chromium Authors) [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\chrome_elf.dll
2021-03-27 20:21 - 2017-09-14 15:40 - 000884736 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files\MiniTool ShadowMaker\sqldrivers\qsqlite.dll
2017-10-20 22:33 - 2017-09-22 11:36 - 001623552 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\LightingService\1.00.29\LED_DLL_forMB.dll
2017-10-20 22:33 - 2017-09-22 11:36 - 001624576 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\LightingService\1.00.29\VGA_Extra.dll
2021-03-27 20:21 - 2021-01-28 06:27 - 001485312 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files\MiniTool ShadowMaker\core7z.dll
2017-10-22 22:30 - 2006-02-23 12:16 - 000047616 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\WINDOWS\System32\AvmColorFax.dll
2017-10-22 22:30 - 2006-02-22 10:53 - 000043520 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\WINDOWS\System32\AvmFax.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-4198695647-2910091461-4277131257-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: Kein Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Keine Datei
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-05-03] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Soda PDF Desktop Helper -> {A2792EEC-6618-4C4C-8ECF-B51ECB5DC2A1} -> C:\Program Files (x86)\Soda PDF Desktop\creator\plugins\IEAddin\creator-ie-helper.dll [2018-06-04] (LULU Software -> LULU Software)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-05-03] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\127.0.0.1 -> hxxp://127.0.0.1

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2018-04-12 01:38 - 2020-12-28 21:40 - 000000923 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 view-localhost # view localhost server
127.0.0.1 tresor
127.0.0.1 cryptomator-vault

2017-10-19 22:57 - 2018-07-01 16:31 - 000000528 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.19.43.209 DESKTOP-HCA6LJN.mshome.net # 2023 6 5 30 14 31 5 973
10 830
192.168.137.1 DESKTOP-HCA6LJN.mshome.net # 2022 10 4 20 14 33 46 531

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\VMware\VMware Player\bin\;C:\Python39\Scripts\;C:\Python39\;C:\Program Files (x86)\Rtools\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Ruby25-x64\bin;C:\ProgramData\Oracle\Java\javapath;C:\Windows\System32;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Calibre2\;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Windows\System32;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\PuTTY\;C:\Program Files\Inkscape\bin;C:\Program Files (x86)\Boxcryptor\bin\;C:\Program Files (x86)\Gpg4win\..\GnuPG\bin;C:\Program Files (x86)\PDFtk\bin\;C:\Program Files\NVIDIA Corporation\Nsight Compute 2020.3.1\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\chocolatey\bin;C:\Program Files\Git\cmd;C:\Program Files\nodejs\
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\thoma\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\hintergrundbild der windows-fotoanzeige.jpg
HKU\S-1-5-21-4198695647-2910091461-4277131257-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\sandr\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img1.jpg
HKU\S-1-5-21-4198695647-2910091461-4277131257-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\maxim\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\p1050937.jpg
HKU\S-1-5-21-4198695647-2910091461-4277131257-1010\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
 ist aktiviert.

Network Binding:
=============
WLAN: VMware Bridge Protocol -> vmware_bridge (enabled) 
VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled) 
Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled) 
VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled) 
Ethernet 2: VMware Bridge Protocol -> vmware_bridge (enabled) 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\StartupFolder: => "Adobe Acrobat Speed Launcher.lnk"
HKLM\...\StartupApproved\StartupFolder: => "AutoStart IR.lnk"
HKLM\...\StartupApproved\Run: => "Eraser"
HKLM\...\StartupApproved\Run: => "MTPW"
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\StartupApproved\Run: => "Amazon Photos"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{37F4C6B7-CB96-44C7-8C4D-27C65EA72E5B}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{C6D8DF60-6E6D-48A4-8E01-0784E187F69A}] => (Allow) LPort=24727
FirewallRules: [{9BA25F6D-37AE-4544-B4C9-C43A89FA44AB}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [UDP Query User{79FD60F0-193B-4618-BC5E-D5EDF16B264D}C:\users\thoma\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\thoma\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2EB4D38F-558D-4B01-878F-721AFEDBB595}C:\users\thoma\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\thoma\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6B89930B-80EB-4316-B79A-2DCA66107C16}] => (Allow) C:\Users\thoma\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{17433C06-C9F4-4DE3-B8DC-D077599AF87B}] => (Allow) C:\Users\thoma\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{7165D1AB-630F-4006-B774-1479AF383DFA}C:\program files\rstudio\bin\rsession.exe] => (Allow) C:\program files\rstudio\bin\rsession.exe (RStudio, PBC) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{E9D9BF03-BE2B-4038-884B-43FDADB7550F}C:\program files\rstudio\bin\rsession.exe] => (Allow) C:\program files\rstudio\bin\rsession.exe (RStudio, PBC) [Datei ist nicht signiert]
FirewallRules: [{E897B64E-91BB-43DA-BE48-6C00EB74C646}] => (Allow) LPort=31931
FirewallRules: [{46A6EADE-C1BC-43A4-AD0E-49580E6110CE}] => (Allow) LPort=14714
FirewallRules: [{6EDF3FA6-E7B5-4221-B0D5-44286354A5D2}] => (Allow) LPort=12972
FirewallRules: [{5D062739-9639-46A1-991E-67585D6C9BD1}] => (Allow) C:\Program Files (x86)\Audials\MusicTube 2020\Audials.exe (Audials AG -> Audials AG)
FirewallRules: [{7D42551C-A9FF-4E9E-9547-477556B1C677}] => (Allow) C:\Program Files (x86)\concept design\onlineTV 15\onlineTV.exe (concept/design GmbH -> concept/design GmbH)
FirewallRules: [UDP Query User{BF9F99CA-DC1B-477B-883D-CBE9EF71923C}C:\program files (x86)\dvdfab 11\dvdfab.exe] => (Allow) C:\program files (x86)\dvdfab 11\dvdfab.exe => Keine Datei
FirewallRules: [TCP Query User{5BCD0B25-DFEA-421E-97BF-1FE93604AC33}C:\program files (x86)\dvdfab 11\dvdfab.exe] => (Allow) C:\program files (x86)\dvdfab 11\dvdfab.exe => Keine Datei
FirewallRules: [{3092A62F-87AC-4636-AAAC-228EC8389317}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei
FirewallRules: [{B7C1E2CE-FACE-4CF4-9331-AAFC0E81A238}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei
FirewallRules: [{53B6F849-F3D0-41D1-954E-2C688E5B0E4A}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei
FirewallRules: [UDP Query User{A3ECD6CC-7278-479F-914C-9EF6875F04A9}C:\users\thoma\appdata\local\temp\temp3_sdi_r1909.zip\sdi_r1909.exe] => (Allow) C:\users\thoma\appdata\local\temp\temp3_sdi_r1909.zip\sdi_r1909.exe => Keine Datei
FirewallRules: [TCP Query User{44DF1E9F-FDB8-484B-8C22-74819C478E71}C:\users\thoma\appdata\local\temp\temp3_sdi_r1909.zip\sdi_r1909.exe] => (Allow) C:\users\thoma\appdata\local\temp\temp3_sdi_r1909.zip\sdi_r1909.exe => Keine Datei
FirewallRules: [UDP Query User{4EA34F38-4276-4653-8F9E-F4FF95AC428A}C:\users\thoma\appdata\local\temp\temp2_sdi_r1909.zip\sdi_r1909.exe] => (Allow) C:\users\thoma\appdata\local\temp\temp2_sdi_r1909.zip\sdi_r1909.exe => Keine Datei
FirewallRules: [TCP Query User{DBCFC9EB-5AA9-466E-993D-B44D88E28B1C}C:\users\thoma\appdata\local\temp\temp2_sdi_r1909.zip\sdi_r1909.exe] => (Allow) C:\users\thoma\appdata\local\temp\temp2_sdi_r1909.zip\sdi_r1909.exe => Keine Datei
FirewallRules: [UDP Query User{DF902C04-CE20-4BB0-9248-0DB35678BBEC}C:\users\thoma\desktop\sdi_r1909\sdi_x64_r1909.exe] => (Allow) C:\users\thoma\desktop\sdi_r1909\sdi_x64_r1909.exe => Keine Datei
FirewallRules: [TCP Query User{6D16DA2C-0933-4B9B-9449-4B122F758893}C:\users\thoma\desktop\sdi_r1909\sdi_x64_r1909.exe] => (Allow) C:\users\thoma\desktop\sdi_r1909\sdi_x64_r1909.exe => Keine Datei
FirewallRules: [UDP Query User{D9B3B97F-1140-4E15-BCB4-3A1886735A18}C:\users\thoma\desktop\sdi_r1909\sdi_r1909.exe] => (Allow) C:\users\thoma\desktop\sdi_r1909\sdi_r1909.exe => Keine Datei
FirewallRules: [TCP Query User{0D7DFBD8-D1FD-46C4-812D-1822637D97B1}C:\users\thoma\desktop\sdi_r1909\sdi_r1909.exe] => (Allow) C:\users\thoma\desktop\sdi_r1909\sdi_r1909.exe => Keine Datei
FirewallRules: [UDP Query User{B1C805DC-CC0C-47EF-BE8D-D54C60557B82}D:\download\aa\avm_capi_test.exe] => (Allow) D:\download\aa\avm_capi_test.exe => Keine Datei
FirewallRules: [TCP Query User{191A0FC0-E7DF-45F5-940C-2D5CBFA82A1A}D:\download\aa\avm_capi_test.exe] => (Allow) D:\download\aa\avm_capi_test.exe => Keine Datei
FirewallRules: [UDP Query User{B60EC78A-68A4-4721-8274-C73E0818A5DC}C:\users\thoma\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\thoma\appdata\local\temp\_istmp1.dir\_ins5576._mp => Keine Datei
FirewallRules: [TCP Query User{E3CC2B46-DA47-421C-94E7-B5F8C2A9C5A8}C:\users\thoma\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\thoma\appdata\local\temp\_istmp1.dir\_ins5576._mp => Keine Datei
FirewallRules: [{4783FAA5-ABA4-401B-A46E-1A88600F9C37}] => (Allow) C:\Program Files\MAGIX\Photostory Deluxe COMPUTER BILD-Edition\2019\Fotos_dlx.exe (MAGIX Software GmbH -> MAGIX Software GmbH)
FirewallRules: [{EA4D69BF-593F-4CEA-883C-DDDC1B00025D}] => (Allow) C:\Program Files\MAGIX\Video deluxe COMPUTER BILD-Edition\2019\Videodeluxe.exe (MAGIX Software GmbH -> MAGIX Software GmbH)
FirewallRules: [{220FC1F1-AA5D-49A4-90F7-BEB72EC3F91E}] => (Allow) C:\Program Files\Common Files\MAGIX Services\MxCloudSync\MxCloudSync.exe (MAGIX Software GmbH -> MAGIX)
FirewallRules: [{0246CAB7-898D-4613-8066-A87B0FFFEC2A}] => (Allow) C:\Program Files\Common Files\MAGIX Services\QMxNetworkSync\QMxNetworkSync.exe (MAGIX Software GmbH -> MAGIX)
FirewallRules: [{BC27A3A0-B844-4572-BB7C-DCA91257375A}] => (Allow) LPort=445
FirewallRules: [{F552658D-5996-4735-80B8-A1FD9E9A7332}] => (Allow) C:\Program Files\Docker\Docker\Resources\com.docker.proxy.exe => Keine Datei
FirewallRules: [{3037AEF6-90C2-4D08-95CF-01F2322A9689}] => (Allow) LPort=1900
FirewallRules: [{9D31EB7E-9C31-4E29-92E6-76D2D41D3BF4}] => (Allow) LPort=2869
FirewallRules: [{21325355-53BA-439E-BA90-E69A2EBCCFDB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{F64F56DC-0E98-49E3-ACE3-F0BFB3759F8A}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{10F56322-A674-4BAA-A1EC-0185FD520052}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{85468114-A645-4268-A88D-E786DDE8A712}] => (Block) C:\program files\cryptomator\cryptomator.exe (Skymatic GmbH -> )
FirewallRules: [{368B7975-E3BB-4CFF-A458-28E6687F0E1C}] => (Block) C:\program files\cryptomator\cryptomator.exe (Skymatic GmbH -> )
FirewallRules: [UDP Query User{5EDFB555-659A-4CA5-9B69-A9FA64D3CA4C}C:\program files\cryptomator\cryptomator.exe] => (Allow) C:\program files\cryptomator\cryptomator.exe (Skymatic GmbH -> )
FirewallRules: [TCP Query User{57C2247D-A9FD-4115-9AFA-DD367B9C7DCD}C:\program files\cryptomator\cryptomator.exe] => (Allow) C:\program files\cryptomator\cryptomator.exe (Skymatic GmbH -> )
FirewallRules: [UDP Query User{D3D201C4-83CF-4DE2-A268-5B5789DEF7CB}C:\program files (x86)\wintv\wintv8\wintv8.exe] => (Allow) C:\program files (x86)\wintv\wintv8\wintv8.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{948D373A-D610-4BE6-BF50-3F42016CB4EC}C:\program files (x86)\wintv\wintv8\wintv8.exe] => (Allow) C:\program files (x86)\wintv\wintv8\wintv8.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc.) [Datei ist nicht signiert]
FirewallRules: [{17213AF6-BFF8-4CCA-B0F6-3EB5BDA0F4A4}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC)
FirewallRules: [{7C221779-0AC9-41AC-9476-DEA3EF5203B4}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC)
FirewallRules: [{F2EB169D-AE61-481A-AFDB-C70BC27F4ECF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7936B122-539C-474F-A831-055ED945C976}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{2F67176C-AB4C-4397-A22A-569DAC9C0D5F}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe => Keine Datei
FirewallRules: [UDP Query User{807480DA-3336-49B4-87B6-C35D9CE01BB5}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe => Keine Datei
FirewallRules: [TCP Query User{79C8B4D9-ED48-4377-88F8-75B141BF49E5}D:\download\avm_capi_test.exe] => (Allow) D:\download\avm_capi_test.exe => Keine Datei
FirewallRules: [UDP Query User{586BBF26-F509-4B4C-ACC2-0F010459F090}D:\download\avm_capi_test.exe] => (Allow) D:\download\avm_capi_test.exe => Keine Datei
FirewallRules: [{D64F71E3-0950-4590-82F0-29EBF001F077}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{048EF796-4D7A-4269-B2EB-553D474CEEA2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6802EED4-09E6-45D1-BB46-5BBCADD205FA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{BA4497C0-1EFF-4771-A63E-7A283F0CAC58}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{CFB5D524-DD79-4B6C-94F8-01934ED9579F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe () [Datei ist nicht signiert]
FirewallRules: [{5EAFD8E5-2992-482F-892B-9FFB2157C46E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe () [Datei ist nicht signiert]
FirewallRules: [{0F1C08F3-80B1-41BD-9D89-021F3BEB6180}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{86D6FCE6-94AF-4D2E-A95A-9343BCC9EE67}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{3887A528-642B-49F7-AE9C-7666BBF3359D}] => (Allow) C:\Program Files\Lightworks\lightworks.exe (EditShare EMEA (X-Edit Limited) -> )
FirewallRules: [{039A0524-9176-4F83-99FF-C5DB71BA72AA}] => (Allow) C:\Program Files\Lightworks\lightworks.exe (EditShare EMEA (X-Edit Limited) -> )
FirewallRules: [{2B083EC3-E9D1-4F3D-B495-3A8A8D7A6979}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe (EditShare EMEA (X-Edit Limited) -> Editshare EMEA)
FirewallRules: [{1BDC89BC-90C2-4666-9348-9151C4ACC094}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe (EditShare EMEA (X-Edit Limited) -> Editshare EMEA)
FirewallRules: [{6C2ED52F-16D3-4D1B-9D13-2D222FA901AB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{009A93EE-1A85-4E87-8CA8-CBE64EDBBC47}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe () [Datei ist nicht signiert]
FirewallRules: [{05C8229E-ED0E-464E-9C92-21F60374A0A2}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe () [Datei ist nicht signiert]
FirewallRules: [{1F97BE78-FCA4-44C1-B381-ECD682A9B8BC}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe () [Datei ist nicht signiert]
FirewallRules: [{4E0A7E95-913D-481A-B48E-370694AD4978}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe () [Datei ist nicht signiert]
FirewallRules: [{30CCAACD-89C4-42BC-8E3B-46D444B1E55D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe () [Datei ist nicht signiert]
FirewallRules: [{697DFF73-C8DC-453E-AEEA-CEC054697EA3}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe () [Datei ist nicht signiert]
FirewallRules: [{B7DA265F-2310-41A7-B633-F9BF2A010F97}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe () [Datei ist nicht signiert]
FirewallRules: [{A9CD180B-141C-4786-B4F9-E99326355120}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{6F0F8AA8-2927-4986-AA37-AB5452783183}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => Keine Datei
FirewallRules: [TCP Query User{D7FE86A1-6E85-4BD1-B598-1CC53C981C7C}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{7B77F5EC-200F-4F98-8487-F7EC357CC0E2}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{A7391BF6-BAC2-41FD-9D07-0D23310AFFFC}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{2DB15225-C550-4153-BCD2-E2A9A699B5F4}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{0964492B-5067-4F93-A81B-857A48247715}] => (Allow) C:\Program Files (x86)\MAGIX\Music Maker\25\MusicMaker.exe (MAGIX Software GmbH -> MAGIX Software GmbH)
FirewallRules: [TCP Query User{9145BEA2-76BB-4161-BDDD-9EDCBABFAD80}C:\program files\windowsapps\arduinollc.arduinoide_1.8.10.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe] => (Allow) C:\program files\windowsapps\arduinollc.arduinoide_1.8.10.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{68C5D7AB-A3BC-4ACC-8FFA-A46F1C244357}C:\program files\windowsapps\arduinollc.arduinoide_1.8.10.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe] => (Allow) C:\program files\windowsapps\arduinollc.arduinoide_1.8.10.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe => Keine Datei
FirewallRules: [{01292D08-00B6-4325-BB67-BA472EE389A4}] => (Block) C:\program files\windowsapps\arduinollc.arduinoide_1.8.10.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe => Keine Datei
FirewallRules: [{07A0FE13-598E-43A9-9866-8B254ABB2D96}] => (Block) C:\program files\windowsapps\arduinollc.arduinoide_1.8.10.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe => Keine Datei
FirewallRules: [{2AF9D575-462D-4D6D-9C0D-C5CE7C4DE08E}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{0960CB8E-7675-46CB-9CD7-01BE81430405}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [TCP Query User{A604003E-10EB-4DE2-BEA1-29965A9C0187}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (OpenJS Foundation -> Node.js)
FirewallRules: [UDP Query User{FF79249E-1188-44EB-9176-D73B923969C1}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (OpenJS Foundation -> Node.js)
FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [AusweisApp2-Firewall-Rule-In] => (Allow) C:\Program Files (x86)\AusweisApp2 1.14.0\AusweisApp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [TCP Query User{8C016E5E-CEDB-488B-AAFC-94DEFB61FCD5}C:\program files\dvdfab 10\dvdfab64.exe] => (Allow) C:\program files\dvdfab 10\dvdfab64.exe => Keine Datei
FirewallRules: [UDP Query User{17DF202F-F55D-4776-A053-220516D8146A}C:\program files\dvdfab 10\dvdfab64.exe] => (Allow) C:\program files\dvdfab 10\dvdfab64.exe => Keine Datei
FirewallRules: [TCP Query User{CE293691-93E6-43F0-ABAA-731BF3732C99}C:\program files\ruby25-x64\bin\ruby.exe] => (Allow) C:\program files\ruby25-x64\bin\ruby.exe (hxxp://www.ruby-lang.org/) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{02061A6B-4877-4941-853F-0633343F033A}C:\program files\ruby25-x64\bin\ruby.exe] => (Allow) C:\program files\ruby25-x64\bin\ruby.exe (hxxp://www.ruby-lang.org/) [Datei ist nicht signiert]
FirewallRules: [{EFC3F528-AFF2-4D4E-84EF-6F5E32BF5582}] => (Allow) C:\Users\thoma\AppData\Local\Apps\2.0\ER1KADGX.OEK\3Q153P43.PO1\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [{6BCC9560-D05D-4CB0-8ED9-D805E83CFED9}] => (Allow) C:\Users\thoma\AppData\Local\Apps\2.0\ER1KADGX.OEK\3Q153P43.PO1\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [{BF3B0539-DC6B-43D9-ACEB-286A9D1ABF27}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc.) [Datei ist nicht signiert]
FirewallRules: [{56EB2A11-24FB-44E1-84A2-A0B9C8C26EB0}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc.) [Datei ist nicht signiert]
FirewallRules: [{CA765333-82C0-4FB7-ABB3-E5402D8C9FC4}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc.) [Datei ist nicht signiert]
FirewallRules: [{A8AABDF1-84EC-46E4-99B7-B7B7A5745C29}] => (Allow) C:\Program Files (x86)\WinTV\WinTV8\WinTV8.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc.) [Datei ist nicht signiert]
FirewallRules: [{AFDC9808-8DAF-4EA0-B2C7-D9DB24EB93D7}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert]
FirewallRules: [{6C5B4FA9-6170-456C-A36C-2A68AA4171AF}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert]
FirewallRules: [{998D9583-8831-40AA-8349-C68A60BBD44D}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert]
FirewallRules: [{82B0401F-F6B5-479F-8BA0-18CBE0FDEE98}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert]
FirewallRules: [{25735172-7456-4756-9E22-2DA729524247}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert] [Datei wird verwendet]
FirewallRules: [{0AED960D-DF39-4A82-8B11-80C58438C9EB}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert] [Datei wird verwendet]
FirewallRules: [{02D0107B-499C-44D8-8F05-6F131CFC02A3}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert] [Datei wird verwendet]
FirewallRules: [{E679284A-4FA4-40E3-B6C1-29105C524218}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert] [Datei wird verwendet]
FirewallRules: [TCP Query User{D1EDC7BE-02F9-4938-8C98-C616C965897F}C:\program files (x86)\solarcoin\solarcoin-qt.exe] => (Block) C:\program files (x86)\solarcoin\solarcoin-qt.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{812F630C-5525-4893-83A8-00B9A5B7291D}C:\program files (x86)\solarcoin\solarcoin-qt.exe] => (Block) C:\program files (x86)\solarcoin\solarcoin-qt.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{EF052D73-E887-4C42-B38D-1421421E3959}C:\users\thoma\appdata\local\programs\simpleos\simpleos.exe] => (Allow) C:\users\thoma\appdata\local\programs\simpleos\simpleos.exe (EOSRio) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{8C4E498A-00B1-4384-A26C-F1C559136344}C:\users\thoma\appdata\local\programs\simpleos\simpleos.exe] => (Allow) C:\users\thoma\appdata\local\programs\simpleos\simpleos.exe (EOSRio) [Datei ist nicht signiert]
FirewallRules: [{3B189224-19A7-4774-BE6F-8FD98236DED2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0105F134-7A85-40AF-BD3A-0DC3097BAA87}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{1BCC3FE5-CA03-42D6-B2F4-845A9D43E35F}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3BFE3789-3F94-4A54-BC6B-18943AD6785D}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{26B3E283-C0EB-414C-9A56-523E11AC75AE}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{9894C12B-B0E8-4A8C-9B95-AAA450AA44A2}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{5C1804C5-2180-4B4C-AC5F-855F99355A3E}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{5010A225-A6EF-43EF-B5F5-ED32299B7EBE}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{73825360-27DD-45EE-B1B1-9252FDF7961E}] => (Allow) C:\WINDOWS\system32\spacedeskService.exe (Datronicsoft, Inc. -> )
FirewallRules: [TCP Query User{605FE964-E259-4AF0-8FB3-532681E446AC}C:\program files\redis\redis-server.exe] => (Allow) C:\program files\redis\redis-server.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{09A4ED22-6D51-442C-8B27-0C08CC289076}C:\program files\redis\redis-server.exe] => (Allow) C:\program files\redis\redis-server.exe () [Datei ist nicht signiert]
FirewallRules: [{97A1540D-39ED-4A4E-BCCE-8784F64FE752}] => (Block) C:\program files\redis\redis-server.exe () [Datei ist nicht signiert]
FirewallRules: [{00CE171C-3864-40BB-AB12-C86813E74C51}] => (Block) C:\program files\redis\redis-server.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{8CC18E3C-E199-4735-B4D0-AB06EAEB9F02}C:\program files\neo4j desktop\neo4j desktop.exe] => (Allow) C:\program files\neo4j desktop\neo4j desktop.exe (Neo4j, Inc. -> Neo4j Inc.)
FirewallRules: [UDP Query User{D8359F38-2A83-4943-9437-EC7584E55EEC}C:\program files\neo4j desktop\neo4j desktop.exe] => (Allow) C:\program files\neo4j desktop\neo4j desktop.exe (Neo4j, Inc. -> Neo4j Inc.)
FirewallRules: [{D706A190-041B-4735-B50A-EA75B88DC69C}] => (Block) C:\program files\neo4j desktop\neo4j desktop.exe (Neo4j, Inc. -> Neo4j Inc.)
FirewallRules: [{81970878-436E-40E8-AE62-CCCF70B9A467}] => (Block) C:\program files\neo4j desktop\neo4j desktop.exe (Neo4j, Inc. -> Neo4j Inc.)
FirewallRules: [{71FA467A-0769-40CB-9E7E-A0AEAEC5DD10}] => (Allow) D:\download\cloudevo-x32-setup.exe => Keine Datei
FirewallRules: [TCP Query User{9D1096A4-A9B7-49BB-ABFF-D20F81B7B752}C:\program files\1&1 verschlüsselung\1&1 verschluesselung.exe] => (Allow) C:\program files\1&1 verschlüsselung\1&1 verschluesselung.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{AD88A7FE-BF84-4B9C-92B3-55E4AF0A3A81}C:\program files\1&1 verschlüsselung\1&1 verschluesselung.exe] => (Allow) C:\program files\1&1 verschlüsselung\1&1 verschluesselung.exe () [Datei ist nicht signiert]
FirewallRules: [{100822C4-4DD1-4C08-A17F-577709A5BAFE}] => (Block) C:\program files\1&1 verschlüsselung\1&1 verschluesselung.exe () [Datei ist nicht signiert]
FirewallRules: [{54617F60-4B69-4A0C-92FD-5BDCF437E73D}] => (Block) C:\program files\1&1 verschlüsselung\1&1 verschluesselung.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{F8C4E6E3-DC5A-4ED8-BC03-39FEABB7018D}C:\program files (x86)\roger router\roger.exe] => (Allow) C:\program files (x86)\roger router\roger.exe => Keine Datei
FirewallRules: [UDP Query User{92E18DC9-4AD9-4949-8E0F-1E464028AFA4}C:\program files (x86)\roger router\roger.exe] => (Allow) C:\program files (x86)\roger router\roger.exe => Keine Datei
FirewallRules: [TCP Query User{ADBAFC3E-16A4-4833-BCCF-90F503D7A904}C:\users\thoma\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\thoma\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{5A83EF16-2A38-4A13-A445-2784F88DD8A8}C:\users\thoma\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\thoma\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{327986EC-C24A-43AF-AAC5-1F55475A4CBA}C:\users\thoma\appdata\local\microsip\microsip.exe] => (Allow) C:\users\thoma\appdata\local\microsip\microsip.exe (MSIP Code Signing -> www.microsip.org) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{F3949733-E3B1-42F5-A249-598F4DE40E74}C:\users\thoma\appdata\local\microsip\microsip.exe] => (Allow) C:\users\thoma\appdata\local\microsip\microsip.exe (MSIP Code Signing -> www.microsip.org) [Datei ist nicht signiert]
FirewallRules: [{15369BE4-CC89-4748-BC5B-E7D9DC2722BA}] => (Allow) C:\Users\thoma\AppData\Local\Programs\Opera\73.0.3856.329\opera.exe => Keine Datei
FirewallRules: [{3AC6E6F1-138E-4795-B7A7-E1ACCC587B15}] => (Allow) C:\Users\thoma\AppData\Local\Programs\Opera\73.0.3856.344\opera.exe => Keine Datei
FirewallRules: [{CC6AD911-E5C3-49F7-984E-4514010DE2B1}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{31DEA2C3-1337-41EC-8B91-83AED48B256D}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{AA2DEDA8-0A48-4021-8DC0-32BC66D1B0FB}] => (Allow) C:\Program Files (x86)\Audials\Audials 2021\Audials.exe (Audials AG -> Audials AG)
FirewallRules: [{B6F19AF5-0BC8-434A-A463-8921346C547A}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{12548816-4D16-47DE-859C-AF10C52E9BB5}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{E4EF5DCD-81F7-4B95-BEE5-9F6918F9B28A}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{D29F4A6A-230C-43DA-AE0E-5827266BFF8B}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{9B12F4A0-200B-4F5A-9616-0AA6A1C7DD93}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{77AF9B99-906F-49CC-97EA-46F581AA9B63}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [TCP Query User{F40F040F-5E72-4C4A-AC3D-6A02FB376724}C:\users\thoma\appdata\local\programs\aioz_worker_node\aioz node.exe] => (Allow) C:\users\thoma\appdata\local\programs\aioz_worker_node\aioz node.exe (AIOZ Pte. Ltd. -> AIOZ Company)
FirewallRules: [UDP Query User{5E08B2E8-EBC1-4855-828B-3A7E297FAFAB}C:\users\thoma\appdata\local\programs\aioz_worker_node\aioz node.exe] => (Allow) C:\users\thoma\appdata\local\programs\aioz_worker_node\aioz node.exe (AIOZ Pte. Ltd. -> AIOZ Company)
FirewallRules: [{7B9C4482-4D7C-4CD4-BD76-E44FE03FFF36}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{831CEDAF-FF2E-4A1D-B7CA-DC74DA139647}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4983C192-A4C6-41F2-897E-DDC87A9B54AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{040CC7D9-A611-4340-B9FA-07965C51C0FA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C7B6FC63-2911-449F-87FA-7E21804CB1CF}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC)
FirewallRules: [{10C7C440-FF29-4965-8059-9808876436F8}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC)
FirewallRules: [{9CA0EC33-A631-4B27-BA4A-C1DED43D778D}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{748ED390-DD7F-474C-8668-F717D941B226}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{B221106D-4425-4374-A18E-419BD6027B4A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CDF46F33-BEEB-4768-85E1-1D8841A897E8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FBC05E20-28F6-44AD-88F1-D69FB2FF74E4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BE73FAAB-662B-4192-B1A2-0ADC03F2629D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{21238254-9B30-4847-9B6B-74B564F9084D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F06D9240-80BD-4E39-A7A5-75E7C438C40A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A3EB4C60-C85F-4085-B405-BD43702386A0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{67CD1ED7-7596-4CFB-930E-29B07CA99D5A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A2C10EAE-56A1-4985-A5A6-616A27C6FEC2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2D4CFB98-15C5-4213-B7EB-536152AEDFAF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{52CB7ACC-B77B-4F95-A6F7-ED980B786EEE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DB2E1FE5-3880-4ADC-825C-C33EE79D849B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{02E6A333-4B11-4D3A-9ECA-92674C71D13F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{744B6FDD-9CA3-4A26-865F-4BDF50AE415C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{59DD4529-F901-44EC-A9AB-6A53E99E85BE}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{3A3F5297-D75E-401C-8530-08907C9CB6F9}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{130392B2-C94C-489D-A79E-9CA161E40AB3}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{4DB7EF25-E247-46DA-8934-63096927D5E6}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{E4EFEC18-8074-4EB9-BC5D-33FE70FA50A7}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{82987193-8FA3-4BE9-B229-6B2C34EBE815}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{DD9887F8-49F9-456C-B6E9-24894EDFDF08}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{2FDB15BC-AD28-463E-BA4E-E50F22D6F7D6}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{081033D6-6D30-4D08-88E4-0FA0A956E660}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\91.0.864.59\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{514D8199-5D1D-4659-8434-9907DF8512B9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C3A6E00C-9867-4E59-87A1-8433116E512E}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> )
FirewallRules: [{510B2EAC-EC04-44B3-A9D8-71C2B1F059DF}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> )
FirewallRules: [{5D0D88A4-91C2-42CC-9DE3-72129BBEF6F7}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{8C5311A4-DEF2-4DAB-8FC7-2B721E0A0A8D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{C113D1E4-D83E-4095-8011-70B9B70A14E9}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\ASUSDMS.exe => Keine Datei
FirewallRules: [{A64E2D51-9871-4D68-AF17-77DB825AF8C9}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\ASUSDMS.exe => Keine Datei

==================== Wiederherstellungspunkte =========================

24-06-2021 08:56:45 Windows Modules Installer
24-06-2021 09:00:00 Windows Modules Installer
24-06-2021 09:00:23 Windows Modules Installer
27-06-2021 20:00:26 Windows Modules Installer

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (06/27/2021 08:52:38 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/27/2021 08:48:58 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/27/2021 07:09:59 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/27/2021 07:09:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamtray.exe, Version: 4.0.0.1023, Zeitstempel: 0x60be8592
Name des fehlerhaften Moduls: Qt5Core.dll, Version: 5.14.1.0, Zeitstempel: 0x603971ce
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000219dc5
ID des fehlerhaften Prozesses: 0x2150
Startzeit der fehlerhaften Anwendung: 0x01d76b77268a4d3c
Pfad der fehlerhaften Anwendung: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Berichtskennung: 861b3239-1604-434b-8a1f-a26e4a32ca7d
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/27/2021 06:58:25 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/27/2021 06:46:35 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/27/2021 06:41:50 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/27/2021 06:38:09 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.


Systemfehler:
=============
Error: (06/27/2021 06:25:36 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "Z:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.

Error: (06/27/2021 06:06:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Freemake Improver" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (06/27/2021 06:06:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Freemake Improver erreicht.

Error: (06/27/2021 06:06:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) TPM Provisioning Service erreicht.

Error: (06/27/2021 06:06:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Adiscon EvntSLog" wurde mit folgendem Fehler beendet: 
Das System konnte die eingegebene Umgebungsoption nicht finden.

Error: (06/27/2021 06:05:45 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Für den Miniport "Qualcomm Atheros QCA61x4A Wireless Network Adapter, {b2fdbaf9-7801-4d7f-b29c-71fd5d746b40}" ist das Ereignis "71" aufgetreten.

Error: (06/27/2021 06:05:45 PM) (Source: Qcamain10x64) (EventID: 5002) (User: )
Description: Qualcomm Atheros QCA61x4A Wireless Network Adapter : Fehlfunktion des Netzwerkadapters wurde ermittelt.

Error: (06/27/2021 05:39:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Freemake Improver" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.


Windows Defender:
================
Date: 2021-06-27 20:21:05
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {52E96D86-BBFB-4D6F-9352-3E736766F206}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-06-27 20:00:28
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {D1F0FCDC-4921-4B15-AF42-C8BB394D8F08}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

CodeIntegrity:
===============
Date: 2021-06-27 20:49:03
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume8\Program Files (x86)\1&1\1&1 Upload-Manager\SHNDLERS64.DLL that did not meet the Microsoft signing level requirements.

Date: 2021-06-27 20:12:54
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume8\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume8\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. 1301 03/14/2018
Hauptplatine: ASUSTeK COMPUTER INC. MAXIMUS IX FORMULA
Prozessor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 32628.76 MB
Verfügbarer physikalischer RAM: 19451.36 MB
Summe virtueller Speicher: 37492.76 MB
Verfügbarer virtueller Speicher: 24364.71 MB

==================== Laufwerke ================================

Drive c: (SSD) (Fixed) (Total:428.24 GB) (Free:38.32 GB) NTFS
Drive d: (DATEN) (Fixed) (Total:1862.97 GB) (Free:737 GB) NTFS
Drive e: (BACKUP) (Fixed) (Total:1862.97 GB) (Free:18.62 GB) NTFS
Drive f: (SOFTWARE) (Fixed) (Total:1862.97 GB) (Free:1200.67 GB) NTFS
Drive g: (BACKUP) (Fixed) (Total:2794.39 GB) (Free:222.81 GB) NTFS
Drive m: (DatenThomas) (Fixed) (Total:50 GB) (Free:15.8 GB) exFAT
Drive s: (Daten Scan) (Fixed) (Total:20 GB) (Free:8.9 GB) exFAT
Drive v: (AKTUAR) (Fixed) (Total:40 GB) (Free:10.21 GB) exFAT
Drive z: (Mail) (Fixed) (Total:25 GB) (Free:8 GB) NTFS

\\?\Volume{d1702751-8f2d-11eb-a3a9-107b4415ae9e}\ () (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS
\\?\Volume{d170274f-8f2d-11eb-a3a9-107b4415ae9e}\ () (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32

==================== MBR & Partitionstabelle ====================

==================== Ende von Addition.txt =======================
         

Alt 27.06.2021, 21:53   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt - Standard

Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt



Störende, veraltete oder unnötige Programme deinstallieren

Bitte über Programme und Features (appwiz.cpl) deinstallieren:


1&1 Upload-Manager
1&1 Verschlüsselung 1.0.4
7-Zip 19.00 (x64)
Adobe Acrobat 8 Professional
Adobe Acrobat Reader DC
Asus ProductDaemonSetup
Asus Sonic Radar 3
Asus SonicRadar3Setup
Audacity 2.1.3
Audacity 3.0.0
Avast Free Antivirus
Avast Secure Browser
Brave
IObit Software Updater
OpenOffice 4.1.7
__________________
Logs bitte immer in CODE-Tags posten

Alt 27.06.2021, 22:18   #9
tsmomc
 
Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt - Standard

Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt



Die Programme

Zitat:
Audacity 2.1.3
Brave
IObit Software Updater
Asus Sonic Radar 3
Adobe Acrobat 8 Professional
Avast Secure Browser
habe ich deinstalliert. Für

Zitat:
Asus ProductDaemonSetup
Asus SonicRadar3Setup
gibt es keine Einträge zum deinstallieren.

Die folgenden Programme nutze ich aktiv:
- 1&1 Upload-Manager -> Daten in 1&1 Cloud laden
- 1&1 Verschlüsselung 1.0.4 -> Verschlüsselung in 1&1 Cloud
- 7-Zip 19.00 (x64) -> lt. Seite die aktuelle Version, es gibt nur eine neue alpha
- Adobe Acrobat Reader DC -> wie soll ich sonst PDF Dateien anschauen?
- Audacity 3.0.0 -> was kann ich für den Audioschnitt sonst nutzen
- Avast Free Antivirus -> den PC wirklich ganz ohne Virenscanner betreiben? Der defender hat bisher noch nie gewarnt
- OpenOffice 4.1.7 -> brauche ich zwingend, kann ich aber auf 4.1.10 updaten. OK?

Alt 27.06.2021, 22:26   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt - Standard

Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt



adwCleaner

Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags.

adwcleaner zwecks Kontrolle bitte wiederholen, falls es Funde gab.
__________________
Logs bitte immer in CODE-Tags posten

Alt 27.06.2021, 22:46   #11
tsmomc
 
Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt - Standard

Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt



Adwcleaner habe ich laufen lassen, hat noch Reste von Iobit gefunden, in Quarantäne verschoben.

AdwCleaner[S03].txt

Code:
ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build:    03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    06-27-2021
# Duration: 00:00:11
# OS:       Windows 10 Pro
# Scanned:  31980
# Detected: 1


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.AdvancedSystemCare C:\Users\thoma\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1729 octets] - [31/05/2021 08:04:27]
AdwCleaner[C00].txt - [1737 octets] - [31/05/2021 08:05:26]
AdwCleaner[S01].txt - [1647 octets] - [31/05/2021 08:05:54]
AdwCleaner[C01].txt - [1848 octets] - [31/05/2021 08:06:23]
AdwCleaner[S02].txt - [1649 octets] - [27/06/2021 19:08:06]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########
         
AdwCleaner[C03].txt

Code:
ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build:    03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    06-27-2021
# Duration: 00:00:00
# OS:       Windows 10 Pro
# Cleaned:  1
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Users\thoma\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1729 octets] - [31/05/2021 08:04:27]
AdwCleaner[C00].txt - [1737 octets] - [31/05/2021 08:05:26]
AdwCleaner[S01].txt - [1647 octets] - [31/05/2021 08:05:54]
AdwCleaner[C01].txt - [1848 octets] - [31/05/2021 08:06:23]
AdwCleaner[S02].txt - [1649 octets] - [27/06/2021 19:08:06]
AdwCleaner[S03].txt - [1771 octets] - [27/06/2021 22:35:25]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########
         

Nach Neustart läuft Adwcleaner ohne Fehler durch. Das Problem ist aber leider noch nicht behoben.

Alt 27.06.2021, 23:00   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt - Standard

Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt



Kontrollscans mit MBAM und RK

Jetzt ist es an der Zeit für Kontrollscans mit
Poste nach Abschluss der beiden Scans die Logs in CODE-Tags.
__________________
Logs bitte immer in CODE-Tags posten

Alt 27.06.2021, 23:35   #13
tsmomc
 
Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt - Standard

Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt



Malwarebytes lieferte keine Fehler:

Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 27.06.21
Scan-Zeit: 23:06
Protokolldatei: 8996c484-d78b-11eb-9016-107b4415ae9e.json

-Softwaredaten-
Version: 4.4.0.117
Komponentenversion: 1.0.1344
Version des Aktualisierungspakets: 1.0.42341
Lizenz: Kostenlos

-Systemdaten-
Betriebssystem: Windows 10 (Build 19043.1081)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-HCA6LJN\thoma

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 495386
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 6 Min., 14 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)
         
RogueKiller hat Sachen gefunden, habe ich behoben. Nach dem Neustart gab es das Problem aber weiterhin.

Code:
ATTFilter
RogueKiller Anti-Malware V15.0.3.0 (x64) [Jun 15 2021] (Free) von Adlice Software
Mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Betriebssystem : Windows 10 (10.0.19043) 64 bits
Gestartet in : Normaler Modus
Benutzer : thoma [Administrator]
Gestartet von : D:\download\+++ troyaner +++\RogueKiller_portable64.exe
Signaturen : 20210625_090122, Treiber : Geladen
Modus : Standard-Scan, Löschen -- Datum : 2021/06/27 23:26:01 (Dauer : 00:09:43)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Löschen ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.InnovativeSolutions (Potenziell bösartig)] HKEY_LOCAL_MACHINE\Software\Innovative Solutions --  -> Gelöscht
[PUP.InnovativeSolutions (Potenziell bösartig)] HKEY_USERS\S-1-5-21-4198695647-2910091461-4277131257-1001\Software\Innovative Solutions --  -> Gelöscht
[PUP.Gen1 (Potenziell bösartig)] HKEY_USERS\S-1-5-21-4198695647-2910091461-4277131257-1001\Software\simplitec --  -> Gelöscht
[Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{A3ECD6CC-7278-479F-914C-9EF6875F04A9}C:\users\thoma\appdata\local\temp\temp3_sdi_r1909.zip\sdi_r1909.exe -- [%localappdata%\temp\temp3_sdi_r1909.zip\sdi_r1909.exe] -> Gelöscht
[Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{44DF1E9F-FDB8-484B-8C22-74819C478E71}C:\users\thoma\appdata\local\temp\temp3_sdi_r1909.zip\sdi_r1909.exe -- [%localappdata%\temp\temp3_sdi_r1909.zip\sdi_r1909.exe] -> Gelöscht
[Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{4EA34F38-4276-4653-8F9E-F4FF95AC428A}C:\users\thoma\appdata\local\temp\temp2_sdi_r1909.zip\sdi_r1909.exe -- [%localappdata%\temp\temp2_sdi_r1909.zip\sdi_r1909.exe] -> Gelöscht
[Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{DBCFC9EB-5AA9-466E-993D-B44D88E28B1C}C:\users\thoma\appdata\local\temp\temp2_sdi_r1909.zip\sdi_r1909.exe -- [%localappdata%\temp\temp2_sdi_r1909.zip\sdi_r1909.exe] -> Gelöscht
[Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{E3CC2B46-DA47-421C-94E7-B5F8C2A9C5A8}C:\users\thoma\appdata\local\temp\_istmp1.dir\_ins5576._mp -- [%localappdata%\temp\_istmp1.dir\_ins5576._mp] -> Gelöscht
[Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{B60EC78A-68A4-4721-8274-C73E0818A5DC}C:\users\thoma\appdata\local\temp\_istmp1.dir\_ins5576._mp -- [%localappdata%\temp\_istmp1.dir\_ins5576._mp] -> Gelöscht
[Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{8C4E498A-00B1-4384-A26C-F1C559136344}C:\users\thoma\appdata\local\programs\simpleos\simpleos.exe -- [%localappdata%\Programs\simpleos\simpleos.exe] -> Gelöscht
[Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{EF052D73-E887-4C42-B38D-1421421E3959}C:\users\thoma\appdata\local\programs\simpleos\simpleos.exe -- [%localappdata%\Programs\simpleos\simpleos.exe] -> Gelöscht
[PUP.InnovativeSolutions (Potenziell bösartig)] Innovative Solutions -- %_thoma_appdata%\Innovative Solutions -> Gelöscht
[PUP.InnovativeSolutions (Potenziell bösartig)] Innovative Solutions -- %localappdata%\Innovative Solutions -> Gelöscht
[PUP.InnovativeSolutions (Potenziell bösartig)] Innovative Solutions -- %programfiles(x86)%\Innovative Solutions -> Gelöscht
[Adw.TopTools (Bösartig)] Tools -- %programfiles(x86)%\Tools -> Entfernt beim Neustart [91]
         
Das bösartige Tool unter %programfiles(x86)%\Tools war übrigends Monitorian, geladen von CHIP: https://www.chip.de/downloads/Monitorian_147510267.html
Wahrscheinlich eine Fehlerkennung.

Alt 27.06.2021, 23:38   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt - Standard

Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt



Dann bitte neue FRST-Logs.
__________________
Logs bitte immer in CODE-Tags posten

Alt 27.06.2021, 23:46   #15
tsmomc
 
Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt - Standard

Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt



FRST.txt


FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 26-06-2021
durchgeführt von thoma (Administrator) auf DESKTOP-HCA6LJN (27-06-2021 23:41:01)
Gestartet von D:\download\+++ troyaner +++
Geladene Profile: thoma
Platform: Windows 10 Pro Version 21H1 19043.1081 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

() [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\S5WOW_App\ATHEROS\S5wow.exe
() [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\S5WOW_App\x64\S5wow_2005.exe
(1 und 1 Internet AG -> 1&1 Internet AG) C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\ASUSRelayWS.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\LightingService\1.00.29\AsRogAuraGpuDllServer.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.30\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.09.08\AsusFanControlService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\2.00.06\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\1.00.29\LightingService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <5>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskService.exe
(Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskServiceTray.exe
(DeepL GmbH) [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\DeepL.exe
(Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(EIZO Corporation -> EIZO Corporation) C:\Program Files (x86)\EIZO\Screen InStyle\ScreenInStyle.exe
(FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
(FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe
(FabulaTech, LLP -> VMware) C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
(geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2>
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(GN AUDIO A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct4\jabra-direct.exe <4>
(GN AUDIO A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct4\SoftphoneIntegrations.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe <2>
(HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert] C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(IDRIX SARL -> IDRIX) C:\Program Files\VeraCrypt\VeraCrypt.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) INTELND1617S2 -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_778512ee63a728ec\RstMwService.exe
(Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(LULU Software -> LULU Software) C:\Program Files\Soda PDF Desktop\creator\common\creator-ws.exe
(LULU Software -> LULU Software) C:\Program Files\Soda PDF Desktop\updater-ws.exe
(Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\kited.exe
(Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\KiteService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\AgentService.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(MSIP Code Signing -> www.microsip.org) [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\MicroSIP\microsip.exe
(Nenad Hrg -> Nenad Hrg SoftwareOK) C:\Program Files\DesktopOK\DesktopOK_x64.exe
(Open Source Developer, Dominik Reichl -> Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\thoma\AppData\Local\slack\app-4.17.1\slack.exe <5>
(SplitmediaLabs Limited -> SplitmediaLabs Limited) C:\Program Files\XSplit\VCam\service\XSpltVidSvc.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(The CefSharp Authors) [Datei ist nicht signiert] C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\CefSharp.BrowserSubprocess.exe <3>
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Xerox Corporation -> Xerox Corporation) C:\Program Files\Xerox\XeroxPrintExperience\CommonFiles\XeroxPrintJobEventManagerService.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-10-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [122592 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [7580488 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1068624 2020-10-11] (Heidi Computers Ltd -> The Eraser Project)
HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3160256 2021-05-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [564928 2021-03-25] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288672 2021-05-21] (IDSA Production signing key 2021 -> Intel)
HKLM-x32\...\Run: [Jabra Direct] => C:\Program Files (x86)\Jabra\Direct4\jabra-direct.exe [106801552 2021-06-09] (GN AUDIO A/S -> GN Audio A/S)
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31046640 2020-09-21] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [VeraCrypt] => C:\Program Files\VeraCrypt\VeraCrypt.exe [5928728 2020-10-11] (IDRIX SARL -> IDRIX)
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [1&1_1&1 Upload-Manager] => C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE [989264 2011-11-21] (1 und 1 Internet AG -> 1&1 Internet AG)
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [DeepL] => C:\Users\thoma\AppData\Local\DeepL\app-2.5.1\DeepL.exe [133632 2021-05-30] (DeepL GmbH) [Datei ist nicht signiert]
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [Kite] => C:\Program Files\Kite\kited.exe [562179520 2021-06-10] (Manhattan Engineering Incorporated -> Kite)
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [DesktopOK] => C:\Program Files\DesktopOK\DesktopOK_x64.exe [921480 2021-03-16] (Nenad Hrg -> Nenad Hrg SoftwareOK)
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\GlassWire.exe [9242536 2021-05-14] (GlassWire -> SecureMix LLC)
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\thoma\AppData\Local\slack\slack.exe [308368 2021-06-06] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\MountPoints2: {1768b476-52b6-11eb-868b-107b4415ae9e} - "O:\AutoRun.exe" 
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\MountPoints2: {6b500ea1-4a0e-11eb-867b-107b4415ae9e} - "O:\AutoRun.exe" 
HKU\S-1-5-21-4198695647-2910091461-4277131257-1001\...\MountPoints2: {6b500f5d-4a0e-11eb-867b-107b4415ae9e} - "O:\setup.exe" AUTORUN=1
HKU\S-1-5-21-4198695647-2910091461-4277131257-1003\...\Run: [2FFD542F547A6A94419661128FD7298878C7A371._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
HKU\S-1-5-21-4198695647-2910091461-4277131257-1003\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe  --auto-launch-onlogon --start-maximized --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session -- (Der Dateneintrag hat 70 mehr Zeichen).
HKU\S-1-5-21-4198695647-2910091461-4277131257-1005\...\RunOnce: [Application Restart #0] => C:\Program Files\Macrium\Common\ReflectMonitor.exe [26150760 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKU\S-1-5-21-4198695647-2910091461-4277131257-1005\...\RunOnce: [Application Restart #1] => C:\Program Files\Macrium\Common\ReflectUI.exe [7580488 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKU\S-1-5-21-4198695647-2910091461-4277131257-1010\...\RunOnce: [Application Restart #0] => C:\Program Files\Macrium\Common\ReflectUI.exe [7580488 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKU\S-1-5-21-4198695647-2910091461-4277131257-1010\...\RunOnce: [Application Restart #1] => C:\Program Files\Macrium\Common\ReflectMonitor.exe [26150760 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKLM\...\Windows x64\Print Processors\TeamViewer_PrintProcessor: C:\Windows\System32\spool\prtprocs\x64\TeamViewer_PrintProcessor.dll [20208 2017-08-29] (TeamViewer GmbH -> )
HKLM\...\Print\Monitors\Adobe PDF Port: C:\Windows\SysWOW64\AdobePDF.dll [28248 2006-09-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX920 series XPS: C:\Windows\System32\CNMXLMBL.DLL [393728 2012-09-20] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\FRITZ!fax Color Port Monitor: C:\Windows\System32\FritzColorPort64.dll [20480 2006-02-23] () [Datei ist nicht signiert]
HKLM\...\Print\Monitors\FRITZ!fax Port Monitor: C:\Windows\System32\FritzPort64.dll [20480 2006-02-22] () [Datei ist nicht signiert]
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\WINDOWS\system32\pxcpmL.dll [2057488 2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
HKLM\...\Print\Monitors\PDFill Writer Monitor: C:\Program Files (x86)\PlotSoft\PDFill\PDFWriter\Driver\PDFillWriterMon.dll [38824 2020-08-23] (PlotSoft LLC -> Windows (R) Codename Longhorn DDK provider)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-06-26] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Screen InStyle.lnk [2018-09-09]
ShortcutTarget: Screen InStyle.lnk -> C:\Program Files (x86)\EIZO\Screen InStyle\ScreenInStyle.exe (EIZO Corporation -> EIZO Corporation)
Startup: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MicroSIP.lnk [2021-06-16]
ShortcutTarget: MicroSIP.lnk -> C:\Users\thoma\AppData\Local\MicroSIP\microsip.exe (MSIP Code Signing -> www.microsip.org) [Datei ist nicht signiert]
Startup: C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mount_Veracrypt.cmd [2020-10-26] () [Datei ist nicht signiert]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {005D84C2-EDA3-438D-AE0F-0FB0FAFE59C7} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - Periodic Refresh => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [393928 2020-10-30] (Xerox Corporation -> Xerox Corporation)
Task: {105E52A6-D36D-48FD-B0E9-81D2EDAEC76A} - System32\Tasks\SS3svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe
Task: {1AC165B8-E271-4985-A76D-0F53F4683552} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1112576 2017-05-19] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {26C8469C-15C8-4782-B07D-4A9E084BEFB6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {36873C61-2D8A-46EB-8B00-6F08E23D19A4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118104 2021-06-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {37AFCB71-04A4-4CFD-B0D9-0FF999AB1494} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754104 2021-01-07] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {3858C6E9-501D-4496-89F7-79F2CB232AD4} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-4198695647-2910091461-4277131257-1001 => C:\Users\thoma\AppData\Local\MEGAsync\MEGAupdater.exe [615672 2020-09-20] (Mega Limited -> Mega Limited)
Task: {400FEC93-A76B-465F-9FF5-2409C8845D34} - System32\Tasks\G2MUploadTask-S-1-5-21-4198695647-2910091461-4277131257-1001 => C:\Users\thoma\AppData\Local\GoToMeeting\19228\g2mupload.exe [31320 2020-12-18] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {40820894-D3D8-453F-9638-D584DD1DF9B8} - System32\Tasks\Opera scheduled Autoupdate 1573333256 => C:\Users\thoma\AppData\Local\Programs\Opera\launcher.exe
Task: {41EC6830-B92E-448B-9809-DAEF9B702842} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-19] (Google Inc -> Google Inc.)
Task: {4768BAE1-518E-4A29-9969-55CFE764FCFC} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [1461200 2016-10-07] (ASUSTeK Computer Inc. -> )
Task: {4C058142-2FFD-4045-93C5-ADA908B4B609} - System32\Tasks\ASUS\AsRogAuraGpuDllServer => C:\Program Files (x86)\LightingService\1.00.29\AsRogAuraGpuDllServer.exe [247256 2017-09-22] (ASUSTeK Computer Inc. -> )
Task: {4CD90931-266C-4C0B-9E98-9E004A647A73} - System32\Tasks\G2MUpdateTask-S-1-5-21-4198695647-2910091461-4277131257-1001 => C:\Users\thoma\AppData\Local\GoToMeeting\19228\g2mupdate.exe [31320 2020-12-18] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {5135714E-030B-47A6-AE5E-866A1A560FC9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {52F61971-8A47-41A3-A297-12F0F1B20380} - System32\Tasks\Software Updater SkipUAC(sandr) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe <==== ACHTUNG
Task: {5648571B-7BD1-4A03-82C7-FAC6869F1D3C} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1290200 2017-02-09] (ASUSTeK Computer Inc. -> )
Task: {5A520292-B468-42E9-A05D-4A0ED5DCDFEA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5B328278-0F03-458B-A576-D29414E41BA6} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4417496 2017-02-09] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {5D401512-7328-48D0-AF35-4D64BCF4D2E9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124896 2021-06-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {629711A6-2BB3-4E6A-8641-B58D732CCC38} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {654FCFAA-1722-4954-A235-E0C20FB80BE7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-19] (Google Inc -> Google Inc.)
Task: {668E4F81-18AF-4517-A7AF-8A03FE4AA593} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {6FA86AE2-51B5-4E3C-B7AF-CFFD2CE4542F} - System32\Tasks\Xerox\Xerox PowerENGAGE => C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe [117984 2016-09-13] (Aviata Inc -> Aviata Inc)
Task: {710AAD34-E848-41D2-9CB2-C2309C09843D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118104 2021-06-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {7F79EC1F-9496-4D3D-A9B6-8B149818496A} - System32\Tasks\ASUS\ASUS File Transfer Server Launcher => C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server Launcher.exe [1898480 2016-09-21] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {8277A3E4-ECA0-4132-9223-4FA0C2D4A733} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-06-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {8AF3B45E-EEE7-4BE9-BB6E-A773008DF0EF} - System32\Tasks\Xerox\Xerox PowerENGAGE Update => C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe [117984 2016-09-13] (Aviata Inc -> Aviata Inc)
Task: {997A2699-5CB4-40B3-BEE1-CEB12890E80C} - System32\Tasks\SS3svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3svc64.exe
Task: {AB0B23DB-4923-4FF3-AE82-8ECF5E00D829} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-09-21] (Garmin International, Inc. -> )
Task: {B46E811C-C114-4DEE-A6CF-3EE27C5D8083} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [1995736 2017-02-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {B52182A2-B47B-4EBA-B666-7EFCAE0627D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B6E72D07-8306-4149-B123-147034168A5A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124896 2021-06-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {BFD7E10A-CE58-46C0-8E09-4E213B5A51B0} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
Task: {C45FC55E-D980-4C28-A408-EF9E520429C3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C494B1F9-E781-4E2A-9025-6927DFF35D29} - System32\Tasks\Amazon Music Helper => C:\Users\thoma\AppData\Local\Amazon Music\Amazon Music Helper.exe [2091960 2020-01-10] (Amazon Services LLC -> Amazon.com Services LLC)
Task: {CA2022A4-B81D-4010-9355-193A1B8F32E8} - System32\Tasks\Start CorsairLink4 => C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe [27067088 2017-09-08] (Corsair Components, Inc. -> Corsair Components, Inc.)
Task: {D41EBB5B-37DF-49E1-85D6-D951987DCC05} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4808928 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
Task: {DDE652BF-3898-4A66-8CD4-D92C0089C2B8} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3074176 2021-04-15] (Intel(R) System Usage Report -> Intel Corporation)
Task: {E06909C6-0A80-41E5-87AE-1F95D1B6C26E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3074176 2021-04-15] (Intel(R) System Usage Report -> Intel Corporation)
Task: {E345DE8F-18F9-4C60-BC6B-C18B88BB50ED} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - New or Changed => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [393928 2020-10-30] (Xerox Corporation -> Xerox Corporation)
Task: {E573A806-D442-4C3A-9A81-5DC052FC282C} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {E77DD0DB-B08E-43DD-96C5-9AA2A084D1CA} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {FDE19336-B182-4BA9-8557-48C100F6C152} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - User Logon => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [393928 2020-10-30] (Xerox Corporation -> Xerox Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4198695647-2910091461-4277131257-1001.job => C:\Users\thoma\AppData\Local\GoToMeeting\19228\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-4198695647-2910091461-4277131257-1001.job => C:\Users\thoma\AppData\Local\GoToMeeting\19228\g2mupload.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4767166f-faa3-49bd-bcaa-773a41ea516f}: [DhcpNameServer] 192.168.178.1

Edge: 
=======
DownloadDir: D:\download
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\thoma\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-27]
Edge DownloadDir: Default -> D:\download

FireFox:
========
FF DefaultProfile: Mozilla Firefox
FF ProfilePath: M:\Mozilla Firefox [2020-10-26]
FF Homepage: M:\Mozilla Firefox -> hxxps://www.google.de/
FF Extension: (Firefox Lightbeam) - M:\Mozilla Firefox\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2018-02-17]
FF Extension: (Dark YouTube Theme) - M:\Mozilla Firefox\Extensions\jid1-hDf2iQXGiUjzGQ@jetpack.xpi [2017-09-06]
FF Extension: (MetaMask) - M:\Mozilla Firefox\Extensions\webextension@metamask.io.xpi [2018-03-07]
FF Extension: (1-Click YouTube Video Downloader) - M:\Mozilla Firefox\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2018-04-13]
FF Extension: (EPUBReader) - M:\Mozilla Firefox\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}.xpi [2020-06-23]
FF Extension: (Flash- und Video-Download) - M:\Mozilla Firefox\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2018-08-31]
FF Extension: (OkayFreedom) - M:\Mozilla Firefox\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2016-06-17] [UpdateUrl:hxxps://www.steganos.com/updates/okayfreedom/update_okayfreedom_ff.rdf]
FF Extension: (Video DownloadHelper) - M:\Mozilla Firefox\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-12-17]
FF Extension: (JSONView) - M:\Mozilla Firefox\Extensions\jsonview@brh.numbera.com.xpi [2021-01-06]
FF Extension: (DownThemAll!) - M:\Mozilla Firefox\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2021-01-23]
FF Extension: (Windscribe - Free Proxy and Ad Blocker) - M:\Mozilla Firefox\Extensions\@windscribeff.xpi [2021-02-08]
FF Extension: (Ghostery – Datenschutzorientierter Werbeblocker) - M:\Mozilla Firefox\Extensions\firefox@ghostery.com.xpi [2021-03-03]
FF Extension: (I don't care about cookies) - M:\Mozilla Firefox\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2021-04-19]
FF Extension: (Kee - Password Manager) - M:\Mozilla Firefox\Extensions\keefox@chris.tomlinson.xpi [2021-05-06]
FF Extension: (Web of Trust) - M:\Mozilla Firefox\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2021-05-10]
FF Extension: (Python Notebook Viewer) - M:\Mozilla Firefox\Extensions\rushikesh988-5@gmail.com.xpi [2021-05-16]
FF Extension: (Adblock Plus - kostenloser Adblocker) - M:\Mozilla Firefox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-05-19]
FF Extension: (NoScript) - M:\Mozilla Firefox\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-06-26]
FF SearchPlugin: M:\Mozilla Firefox\searchplugins\duckduckgo.xml [2013-08-15]
FF SearchPlugin: M:\Mozilla Firefox\searchplugins\englische-ergebnisse.xml [2012-09-26]
FF SearchPlugin: M:\Mozilla Firefox\searchplugins\gmx-suche.xml [2012-09-26]
FF SearchPlugin: M:\Mozilla Firefox\searchplugins\lastminute.xml [2012-09-26]
FF SearchPlugin: M:\Mozilla Firefox\searchplugins\webde-suche.xml [2012-09-26]
FF ProfilePath: C:\Users\thoma\AppData\Roaming\Mozilla\Firefox\Profiles\f62kpuh7.default [2021-06-27]
FF Extension: (OkayFreedom) - C:\Users\thoma\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2019-03-27] [UpdateUrl:hxxps://www.steganos.com/updates/okayfreedom/update_okayfreedom_ff.rdf]
FF Extension: (KeeFox) - C:\Users\thoma\AppData\Roaming\Mozilla\Firefox\Profiles\f62kpuh7.default\Extensions\keefox@chris.tomlinson [2017-10-19] []
FF Extension: (Avast SafePrice | Vergleich, Angebote, Gutscheine) - C:\Users\thoma\AppData\Roaming\Mozilla\Firefox\Profiles\f62kpuh7.default\Extensions\sp@avast.com.xpi [2019-11-15]
FF Extension: (Avast Online Security) - C:\Users\thoma\AppData\Roaming\Mozilla\Firefox\Profiles\f62kpuh7.default\Extensions\wrc@avast.com.xpi [2019-11-15]
FF HKLM\...\Firefox\Extensions: [soda_pdf_desktop_conv@sodapdf.com] - C:\Program Files\Soda PDF Desktop\creator\plugins\FirefoxAddin\soda_pdf_desktop_conv@sodapdf.com.xpi
FF Extension: (Soda PDF Desktop Creator) - C:\Program Files\Soda PDF Desktop\creator\plugins\FirefoxAddin\soda_pdf_desktop_conv@sodapdf.com.xpi [2018-06-04] []
FF HKLM\...\Firefox\Extensions: [soda_pdf_desktop_conv_v.2@sodapdf.com] - C:\Program Files\Soda PDF Desktop\creator\plugins\FirefoxAddin\soda_pdf_desktop_conv_v.2@sodapdf.com.xpi
FF Extension: (Soda PDF Desktop Creator) - C:\Program Files\Soda PDF Desktop\creator\plugins\FirefoxAddin\soda_pdf_desktop_conv_v.2@sodapdf.com.xpi [2018-06-04]
FF HKLM-x32\...\Firefox\Extensions: [soda_pdf_desktop_conv_v.2@sodapdf.com] - C:\Program Files\Soda PDF Desktop\creator\plugins\FirefoxAddin\soda_pdf_desktop_conv_v.2@sodapdf.com.xpi
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: Soda PDF Desktop -> C:\Program Files\Soda PDF Desktop\np-previewer.dll [2018-06-04] (LULU Software -> LULU Software)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4198695647-2910091461-4277131257-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4198695647-2910091461-4277131257-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4198695647-2910091461-4277131257-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-04-22] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4198695647-2910091461-4277131257-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\thoma\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-4198695647-2910091461-4277131257-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\thoma\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default [2021-06-27]
CHR DownloadDir: D:\download
CHR Notifications: Default -> hxxps://web.whatsapp.com; hxxps://www.gympass.com; hxxps://www.pcwelt.de
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Extension: (Google Übersetzer) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-19]
CHR Extension: (Präsentationen) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-19]
CHR Extension: (Talend API Tester - Free Edition) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aejoelaoggembcahagimdiliamlcdmfm [2021-06-26]
CHR Extension: (Terra Station) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiifbnbfobpmeekipheeijimdpnlpgpp [2021-06-26]
CHR Extension: (Docs) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20]
CHR Extension: (Google Drive) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-20]
CHR Extension: (KeeForm) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmhcphbkicakelgpchlhccaeljahoima [2021-06-26]
CHR Extension: (Avira Password Manager) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-06-26]
CHR Extension: (Avira Safe Shopping) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2021-06-26]
CHR Extension: (KeePassHttp-Connector) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\dafgdjggglmmknipkhngniifhplpcldb [2020-05-01]
CHR Extension: (Tabellen) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-19]
CHR Extension: (Binance Chain Wallet) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbohimaelbohpjbbldcngcnapndodjp [2021-06-26]
CHR Extension: (I don't care about cookies) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2021-04-22]
CHR Extension: (Google Docs Offline) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-27]
CHR Extension: (Plus for Trello (time track, reports)) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjjpophepkbhejnglcmkdnncmaanojkf [2021-05-22]
CHR Extension: (Video DownloadHelper) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2021-03-05]
CHR Extension: (Export for Trello) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhdelomnagopgaealggpgojkhcafhnin [2018-04-02]
CHR Extension: (MetaMask) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2021-06-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-07]
CHR Extension: (Google Mail) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-01]
CHR Profile: C:\Users\thoma\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-03-12]
CHR Profile: C:\Users\thoma\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-12]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 Adiscon EvntSLog; C:\Program Files (x86)\EventReporter\evntslog.exe [4614792 2018-04-27] (Adiscon GmbH -> Adiscon GmbH, Germany (info@adiscon.com, hxxp://www.adiscon.com))
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\2.00.06\atkexComSvc.exe [411456 2017-09-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.30\aaHMSvc.exe [975832 2017-01-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2016-04-20] (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.09.08\AsusFanControlService.exe [610776 2017-02-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8151120 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [622816 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [370400 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-06-21] (Microsoft Corporation -> Microsoft Corporation)
R2 client_service; C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe [444632 2021-02-05] (VMware, Inc. -> VMware, Inc.)
S3 CLink4Service; C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe [32976 2017-09-08] (Corsair Components, Inc. -> Corsair Components, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [441664 2019-04-16] (Digital Wave Ltd -> Digital Wave Ltd.)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1113864 2020-05-15] (Bayerisches Landesamt fuer Steuern -> )
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-07-24] (Mixbyte Inc -> Freemake)
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [283760 2020-09-11] (FabulaTech, LLP -> )
R2 ftscanmgrhv; C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe [301680 2020-09-11] (FabulaTech, LLP -> )
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [7174568 2021-05-14] (GlassWire -> SecureMix LLC)
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [594216 2018-12-20] (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc) [Datei ist nicht signiert]
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-03-11] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 KiteService; C:\Program Files\Kite\KiteService.exe [140864 2021-06-10] (Manhattan Engineering Incorporated -> Kite)
R2 LightingService; C:\Program Files (x86)\LightingService\1.00.29\LightingService.exe [1144792 2017-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [8929608 2021-05-24] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-31] (Malwarebytes Inc -> Malwarebytes)
R2 MTAgentService; C:\Program Files\MiniTool ShadowMaker\AgentService.exe [783344 2021-01-28] (MiniTool Software Limited -> )
R2 MTSchedulerService; C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe [226800 2021-01-28] (MiniTool Software Limited -> )
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [564928 2021-03-25] (geek software GmbH -> geek software GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5395360 2021-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Soda PDF Desktop; C:\Program Files\Soda PDF Desktop\ws.exe [2780400 2018-06-04] (LULU Software -> LULU Software)
R2 Soda PDF Desktop Creator; C:\Program Files\Soda PDF Desktop\creator\common\creator-ws.exe [756464 2018-06-04] (LULU Software -> LULU Software)
R2 Soda PDF Desktop Update Service; C:\Program Files\Soda PDF Desktop\updater-ws.exe [751344 2018-06-04] (LULU Software -> LULU Software)
R2 spacedeskService; C:\WINDOWS\system32\spacedeskService.exe [1091488 2020-09-08] (Datronicsoft, Inc. -> )
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [183816 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12871464 2021-04-29] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 vmwsprrdpwks; C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [480368 2020-09-22] (FabulaTech, LLP -> VMware)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XeroxPrintJobEventManagerService; C:\Program Files\Xerox\XeroxPrintExperience\CommonFiles\XeroxPrintJobEventManagerService.exe [513920 2020-10-30] (Xerox Corporation -> Xerox Corporation)
S3 XeroxProdRegManager; C:\Program Files (x86)\Xerox PowerENGAGE\EngageService.exe [293608 2016-09-13] (Aviata Inc -> Aviata, Inc.)
S3 XSplit_VCam_Updater; C:\Program Files\XSplit\VCam\XSplit_VCam_Updater.exe [3194032 2021-06-14] (SplitmediaLabs Limited -> XSplit)
R2 XSpltVidSvc; C:\Program Files\XSplit\VCam\service\XSpltVidSvc.exe [259248 2021-06-14] (SplitmediaLabs Limited -> SplitmediaLabs Limited)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 anvsnddrv; C:\WINDOWS\system32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Co., Ltd. -> AnvSoft Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-09-21] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] (ASUSTeK Computer Inc. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35664 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [216360 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365536 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250336 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99296 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17328 2021-05-30] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41296 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [180944 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522864 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107792 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82856 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851144 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [471352 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215336 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 BlueStacksDrv; C:\Program Files (x86)\BlueStacks\BstkDrv_bgp.sys [315976 2020-04-07] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 Ch64USB; C:\WINDOWS\System32\drivers\Ch64USB.sys [150656 2014-10-10] (Microsoft Windows Hardware Compatibility Publisher -> ZF Friedrichshafen AG, Electronic Systems)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [161288 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [140280 2020-06-01] (ADAPP SASU -> Dokan Project)
S3 GLCKIO; C:\Program Files (x86)\ASUS\AURA\690b33e1-0462-4e84-9bea-c7552b45432a.sys [14976 2017-10-22] (ASUSTeK Computer Inc. -> )
R1 gwdrv; C:\WINDOWS\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (GlassWire -> SecureMix LLC)
R3 HCW85BDA; C:\WINDOWS\system32\drivers\HCW85BDA.sys [2259456 2021-01-18] (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works)
R3 hcw85cir; C:\WINDOWS\system32\drivers\hcw85cir4.sys [61264 2019-03-08] (HAUPPAUGE COMPUTER WORKS, INC. -> Hauppauge Computer Works, Inc.)
S3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [85504 2021-01-09] (Huawei Technologies Co., Ltd.) [Datei ist nicht signiert]
S3 hwdatacard; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [121600 2021-01-09] (Huawei Technologies Co., Ltd.) [Datei ist nicht signiert]
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [35352 2017-01-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-31] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-26] (Malwarebytes Inc -> Malwarebytes)
S3 MbswMailbox; C:\Program Files (x86)\ASUS\AI Suite III\690b33e1-0462-4e84-9bea-c7552b45432a.sys [17208 2017-10-22] (ASUSTeK Computer Inc. -> )
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [79504 2017-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 PSMounterEx; C:\Windows\system32\drivers\psmounterex.sys [179416 2019-02-15] (Paramount Software UK Ltd -> Windows (R) Win 7 DDK provider)
S3 psvolacc; C:\WINDOWS\system32\drivers\psvolacc.sys [34520 2018-12-06] (Paramount Software UK Ltd -> Windows (R) Win 7 DDK provider)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R3 scaudio; C:\WINDOWS\System32\drivers\scaudio.sys [54792 2020-06-05] (Brandmeister LLC -> )
S3 SCL01164; C:\WINDOWS\system32\DRIVERS\SCL01164.sys [72320 2010-05-07] (Microsoft Windows Hardware Compatibility Publisher -> SCM Microsystems Inc.)
R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [133944 2020-01-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
R3 spacedeskKtmInputMouse; C:\WINDOWS\System32\drivers\spacedeskKtmInputMouse.sys [35240 2020-08-27] (Datronicsoft, Inc. -> )
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 splitcam_hd_driver; C:\WINDOWS\System32\drivers\splitcam_hd_driver.sys [38000 2020-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [168968 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [45064 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-12-10] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 ui11rdr; C:\WINDOWS\System32\DRIVERS\ui11rdr.sys [199752 2011-11-21] (1&1 Internet AG -> 1&1 Internet AG)
R1 UimBus; C:\WINDOWS\System32\drivers\uimbus.sys [109504 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH)
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uimdevim.sys [46016 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH)
R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [831616 2020-10-11] (IDRIX SARL -> IDRIX)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [60344 2020-11-17] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [67072 2021-04-30] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [105912 2020-08-11] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-27] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-06-27] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-27] (Microsoft Windows -> Microsoft Corporation)
R3 XSpltVid; C:\WINDOWS\system32\DRIVERS\XSpltVid.sys [118800 2020-09-16] (Microsoft Windows Hardware Compatibility Publisher -> SplitmediaLabs Limited)
S3 ewusbnet; \SystemRoot\System32\drivers\ewusbnet.sys [X]
S3 GPU-Z; \??\C:\Users\thoma\AppData\Local\Temp\GPU-Z.sys [X] <==== ACHTUNG

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-06-27 23:29 - 2021-06-27 23:29 - 000000000 ____D C:\WINDOWS\Panther
2021-06-27 23:27 - 2021-06-27 23:27 - 000008026 _____ C:\Users\thoma\Desktop\RogueKiller.txt
2021-06-27 23:13 - 2021-06-27 23:24 - 000000000 ____D C:\ProgramData\RogueKiller
2021-06-27 23:13 - 2021-06-27 23:13 - 000001421 _____ C:\Users\thoma\Desktop\MBAM.txt
2021-06-27 23:05 - 2021-06-27 23:05 - 000002024 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-06-27 23:05 - 2021-06-27 23:05 - 000002024 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-06-27 22:01 - 2021-06-27 22:01 - 000000000 ____D C:\ProgramData\FLEXnet
2021-06-27 19:13 - 2021-06-27 23:41 - 000000000 ____D C:\FRST
2021-06-27 17:55 - 2021-06-27 17:56 - 000000606 _____ C:\Users\thoma\AppData\Local\cbfsconnect2017-{B0031874-3D4F-4F60-8171-49DE03D3E003}.zip
2021-06-27 17:50 - 2021-06-27 17:50 - 122854203 _____ C:\Users\thoma\AppData\Local\Temp.zip
2021-06-27 02:27 - 2021-06-27 02:28 - 000000159 _____ C:\Users\thoma\Desktop\FeWo1.url
2021-06-26 22:11 - 2021-06-26 22:11 - 000000049 _____ C:\Users\thoma\OneDrive\Documents\.RData
2021-06-26 20:18 - 2021-06-26 20:18 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-26 20:10 - 2021-06-26 20:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-06-26 18:47 - 2021-06-27 10:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-06-24 11:33 - 2021-06-24 11:33 - 000001259 _____ C:\Users\Public\Desktop\XSplit VCam.lnk
2021-06-24 11:33 - 2021-06-24 11:33 - 000001259 _____ C:\ProgramData\Desktop\XSplit VCam.lnk
2021-06-24 11:33 - 2021-06-24 11:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2021-06-24 11:33 - 2021-06-24 11:33 - 000000000 ____D C:\Program Files\XSplit
2021-06-24 09:04 - 2021-06-24 09:04 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-06-24 09:04 - 2021-06-24 09:04 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-24 09:04 - 2021-06-24 09:04 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-24 09:04 - 2021-06-24 09:04 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-24 09:04 - 2021-06-24 09:04 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-24 09:04 - 2021-06-24 09:04 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-24 09:04 - 2021-06-24 09:04 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-06-24 09:04 - 2021-06-24 09:04 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-06-24 09:04 - 2021-06-24 09:04 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-06-24 09:04 - 2021-06-24 09:04 - 000011333 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-24 09:03 - 2021-06-24 09:03 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-06-24 09:03 - 2021-06-24 09:03 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-21 07:45 - 2021-06-21 07:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jabra
2021-06-20 16:42 - 2021-06-20 16:48 - 000000000 ____D C:\Users\thoma\AppData\Roaming\MPP-Engineering
2021-06-20 16:41 - 2021-06-20 16:49 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CarPort
2021-06-20 16:41 - 2021-06-20 16:41 - 000000000 ____D C:\Users\thoma\OneDrive\Documents\CarPort
2021-06-20 16:41 - 2021-06-20 16:41 - 000000000 ____D C:\Users\thoma\AppData\Local\MPP-Engineering
2021-06-20 16:40 - 2021-06-20 16:49 - 000000000 ____D C:\Program Files (x86)\CarPort
2021-06-20 16:40 - 2021-06-20 16:40 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Obsidium
2021-06-16 09:53 - 2021-06-24 23:22 - 000011820 _____ C:\Users\thoma\Desktop\Geburt_Patrick_2.xlsx
2021-06-13 23:48 - 2021-06-13 23:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\obs-websocket
2021-06-12 23:41 - 2021-06-26 21:01 - 000000000 ____D C:\Ubuntu_21_04
2021-06-12 22:25 - 2021-06-12 22:26 - 006632332 _____ C:\WINDOWS\Minidump\061221-16718-01.dmp
2021-06-12 22:25 - 2021-06-12 22:26 - 000000000 ____D C:\WINDOWS\Minidump
2021-06-12 22:25 - 2021-06-12 22:25 - 2283833209 _____ C:\WINDOWS\MEMORY.DMP
2021-06-10 08:27 - 2021-06-10 08:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-10 08:27 - 2021-06-10 08:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-10 08:27 - 2021-06-10 08:27 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-10 08:27 - 2021-06-10 08:27 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-10 08:27 - 2021-06-10 08:27 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-10 08:27 - 2021-06-10 08:27 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-10 08:27 - 2021-06-10 08:27 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-10 08:27 - 2021-06-10 08:27 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-10 08:27 - 2021-06-10 08:27 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-10 08:27 - 2021-06-10 08:27 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-10 08:27 - 2021-06-10 08:27 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-04 01:40 - 2021-06-04 22:10 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2021-06-03 18:50 - 2021-06-03 18:50 - 000000000 ____D C:\Users\maxim\AppData\Local\Avast Software
2021-06-03 11:14 - 2021-06-03 11:14 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-06-03 11:14 - 2021-06-03 11:14 - 000215336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-05-31 08:04 - 2021-05-31 08:05 - 000000000 ____D C:\AdwCleaner
2021-05-31 07:38 - 2021-06-27 23:05 - 000002036 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-05-31 07:38 - 2021-05-31 07:38 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-05-31 07:38 - 2021-05-31 07:38 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-05-31 07:38 - 2021-05-31 07:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-05-31 07:38 - 2021-05-31 07:38 - 000000000 ____D C:\Program Files\Malwarebytes
2021-05-30 21:56 - 2021-05-30 21:56 - 000000218 _____ C:\Users\thoma\AppData\Local\recently-used.xbel
2021-05-30 20:25 - 2021-05-30 20:25 - 000001473 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2021-05-30 20:24 - 2021-05-30 20:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2021-05-30 20:24 - 2021-05-30 20:24 - 000000000 ____D C:\Program Files\PDF24
2021-05-30 20:22 - 2021-05-30 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-05-30 20:16 - 2021-05-12 20:07 - 000041816 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2021-05-30 20:15 - 2021-05-30 20:15 - 000017328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-06-27 23:41 - 2019-09-08 21:06 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Slack
2021-06-27 23:40 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-27 23:36 - 2020-09-06 15:23 - 001732926 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-27 23:36 - 2019-12-07 16:51 - 000746436 _____ C:\WINDOWS\system32\perfh007.dat
2021-06-27 23:36 - 2019-12-07 16:51 - 000151384 _____ C:\WINDOWS\system32\perfc007.dat
2021-06-27 23:36 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-27 23:32 - 2017-10-19 01:39 - 000000000 ____D C:\Users\thoma\AppData\LocalLow\Mozilla
2021-06-27 23:31 - 2020-03-14 19:43 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Jabra Direct
2021-06-27 23:29 - 2020-09-06 15:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-27 23:29 - 2020-09-06 15:11 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-27 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-27 23:29 - 2019-11-15 08:09 - 000000000 ____D C:\ProgramData\AVAST Software
2021-06-27 23:29 - 2018-09-09 15:48 - 000002139 _____ C:\Users\thoma\Desktop\Monitor Power OFF.lnk
2021-06-27 23:29 - 2017-10-19 08:21 - 000000000 ____D C:\ProgramData\VMware
2021-06-27 23:29 - 2017-10-19 08:16 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-06-27 23:29 - 2017-10-19 01:48 - 000000000 ____D C:\ProgramData\Hauppauge
2021-06-27 23:29 - 2017-10-19 01:25 - 000000000 __SHD C:\Users\thoma\IntelGraphicsProfiles
2021-06-27 23:29 - 2017-10-19 01:25 - 000000000 ____D C:\Intel
2021-06-27 23:28 - 2019-12-07 11:03 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2021-06-27 23:27 - 2017-10-19 01:38 - 000000000 ____D C:\Users\thoma\AppData\Roaming\KeePass
2021-06-27 23:10 - 2020-04-27 22:07 - 000000000 ____D C:\Users\thoma\AppData\Local\AVAST Software
2021-06-27 23:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-27 22:55 - 2021-04-11 17:18 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2021-06-27 22:55 - 2021-04-10 23:53 - 000002970 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2021-06-27 22:55 - 2021-04-10 23:53 - 000002604 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2021-06-27 22:55 - 2021-03-27 20:21 - 000002464 _____ C:\WINDOWS\system32\Tasks\MiniToolPartitionWizard
2021-06-27 22:55 - 2021-03-21 12:14 - 000003314 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{5B4F6576-251A-43E1-A98E-A8FEBC528C28}
2021-06-27 22:55 - 2021-02-20 17:45 - 000003598 _____ C:\WINDOWS\system32\Tasks\Xerox XeroxPrintExperience Printer Configuration - User Logon
2021-06-27 22:55 - 2020-09-06 15:20 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-06-27 22:55 - 2020-09-06 15:20 - 000003558 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-06-27 22:55 - 2020-09-06 15:20 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-06-27 22:55 - 2020-09-06 15:20 - 000003468 _____ C:\WINDOWS\system32\Tasks\Xerox XeroxPrintExperience Printer Configuration - New or Changed
2021-06-27 22:55 - 2020-09-06 15:20 - 000003404 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-06-27 22:55 - 2020-09-06 15:20 - 000003334 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-06-27 22:55 - 2020-09-06 15:20 - 000003270 _____ C:\WINDOWS\system32\Tasks\Xerox XeroxPrintExperience Printer Configuration - Periodic Refresh
2021-06-27 22:55 - 2020-09-06 15:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-06-27 22:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-27 22:35 - 2019-12-04 01:06 - 000000000 ____D C:\Users\thoma\AppData\Roaming\IObit
2021-06-27 22:33 - 2020-09-06 15:11 - 000803320 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-27 22:02 - 2017-10-19 01:37 - 000000000 ____D C:\Users\thoma\AppData\Local\Adobe
2021-06-27 22:02 - 2017-10-19 01:37 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-06-27 22:02 - 2017-10-19 01:36 - 000000000 ____D C:\ProgramData\Adobe
2021-06-27 21:59 - 2017-10-19 01:34 - 000000000 ____D C:\ProgramData\Package Cache
2021-06-27 21:57 - 2019-04-22 23:08 - 000000000 ____D C:\Users\thoma\AppData\Local\BraveSoftware
2021-06-27 21:57 - 2019-04-22 23:08 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2021-06-27 21:56 - 2017-10-19 08:13 - 000000000 ____D C:\Program Files (x86)\Audacity
2021-06-27 20:53 - 2019-12-07 16:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-06-27 20:52 - 2017-10-19 08:26 - 000000000 ____D C:\Users\thoma\AppData\Roaming\VMware
2021-06-27 20:29 - 2017-10-19 07:42 - 000000000 ____D C:\Program Files (x86)\Canon
2021-06-27 20:28 - 2017-10-22 16:12 - 000000000 ____D C:\Users\thoma\AppData\Local\Packages
2021-06-27 20:28 - 2017-10-20 21:36 - 000000000 ____D C:\Users\sandr\AppData\Roaming\Canon
2021-06-27 20:28 - 2017-10-19 07:52 - 000000000 ___HD C:\ProgramData\CanonIJScan
2021-06-27 20:25 - 2021-02-10 23:05 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Kite
2021-06-27 20:21 - 2020-09-06 15:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-27 19:59 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-27 19:30 - 2018-04-30 21:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-27 19:20 - 2019-04-12 21:10 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-06-27 19:19 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-06-27 19:07 - 2020-09-06 11:11 - 000000000 ____D C:\Users\thoma\AppData\Local\KeeForm
2021-06-27 18:47 - 2020-03-14 19:43 - 000000000 ____D C:\Users\thoma\AppData\Roaming\JabraSDK
2021-06-27 10:01 - 2017-10-19 01:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-06-26 23:25 - 2017-10-20 06:15 - 000000000 ____D C:\Users\thoma\AppData\Local\CrashDumps
2021-06-26 23:12 - 2020-02-16 16:09 - 000000000 ____D C:\Users\thoma\Desktop\ADS
2021-06-26 22:26 - 2021-04-24 01:55 - 000000000 ____D C:\Users\thoma\AppData\Local\RStudio
2021-06-26 22:26 - 2020-02-22 00:21 - 000000000 ____D C:\Users\thoma\AppData\Roaming\RStudio
2021-06-26 22:22 - 2020-02-22 00:21 - 000019443 _____ C:\Users\thoma\OneDrive\Documents\.Rhistory
2021-06-26 21:01 - 2017-10-19 08:26 - 000000000 ____D C:\Users\thoma\AppData\Local\VMware
2021-06-26 20:10 - 2017-10-19 01:39 - 000001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-06-26 18:50 - 2020-06-23 07:43 - 000002399 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-26 18:50 - 2017-10-19 01:41 - 000002256 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-24 11:34 - 2018-05-05 14:07 - 000000000 ____D C:\Users\thoma\AppData\Local\D3DSCache
2021-06-24 11:33 - 2021-05-16 20:45 - 000000000 ____D C:\ProgramData\XSplit
2021-06-24 11:33 - 2021-01-09 23:18 - 000000000 ____D C:\ProgramData\SplitmediaLabs
2021-06-24 11:29 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-06-24 11:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-24 08:55 - 2019-12-04 01:06 - 000000000 ____D C:\ProgramData\ProductData
2021-06-21 07:48 - 2017-10-19 23:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-06-21 07:45 - 2020-03-14 19:43 - 000000000 ____D C:\Program Files (x86)\Jabra
2021-06-20 16:41 - 2017-10-20 22:42 - 000000000 ____D C:\Program Files\DIFX
2021-06-17 23:36 - 2019-02-05 12:34 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Sqrl
2021-06-16 08:07 - 2021-02-10 23:04 - 000000000 ____D C:\Program Files\Kite
2021-06-16 08:07 - 2020-12-20 16:43 - 000001132 _____ C:\Users\thoma\Desktop\MicroSIP.lnk
2021-06-16 08:07 - 2020-12-20 16:43 - 000000000 ____D C:\Users\thoma\AppData\Local\MicroSIP
2021-06-14 15:12 - 2017-10-19 08:15 - 000000000 ____D C:\Users\thoma\AppData\Roaming\vlc
2021-06-14 15:04 - 2020-09-14 00:02 - 000000000 ____D C:\Users\thoma\AppData\Roaming\obs-studio
2021-06-14 00:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-06-13 23:48 - 2020-09-14 00:02 - 000000000 ____D C:\Program Files\obs-studio
2021-06-12 23:47 - 2021-01-02 23:56 - 000000000 ____D C:\Ubuntu_20_10
2021-06-12 22:26 - 2020-09-06 13:52 - 000000000 ____D C:\Users\thoma
2021-06-11 13:01 - 2021-02-17 21:21 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-10 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-06-10 08:20 - 2017-10-19 22:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-10 08:12 - 2017-10-19 22:06 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-09 16:10 - 2017-10-19 01:37 - 000002099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-06-06 16:38 - 2019-10-04 00:31 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-06-06 15:44 - 2021-02-18 23:17 - 000002206 _____ C:\Users\thoma\Desktop\Slack.lnk
2021-06-06 15:44 - 2021-02-18 23:17 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2021-06-06 15:44 - 2021-02-18 23:17 - 000000000 ____D C:\Users\thoma\AppData\Local\slack
2021-06-06 15:44 - 2017-10-19 08:12 - 000000000 ____D C:\Users\thoma\AppData\Local\SquirrelTemp
2021-06-04 22:11 - 2017-10-19 01:40 - 000001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-06-03 18:50 - 2020-04-30 07:10 - 000000000 ____D C:\Users\sandr\AppData\Local\AVAST Software
2021-06-03 11:16 - 2019-02-01 00:09 - 000000000 ____D C:\ProgramData\Mozilla
2021-06-03 11:14 - 2020-10-26 21:56 - 000180944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-06-03 11:14 - 2020-09-06 15:20 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-06-03 11:14 - 2020-04-20 20:52 - 000522864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-06-03 11:14 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-03 11:14 - 2019-11-15 08:10 - 000851144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-06-03 11:14 - 2019-11-15 08:10 - 000471352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-06-03 11:14 - 2019-11-15 08:10 - 000365536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-06-03 11:14 - 2019-11-15 08:10 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-06-03 11:14 - 2019-11-15 08:10 - 000250336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-06-03 11:14 - 2019-11-15 08:10 - 000216360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-06-03 11:14 - 2019-11-15 08:10 - 000107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-06-03 11:14 - 2019-11-15 08:10 - 000099296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-06-03 11:14 - 2019-11-15 08:10 - 000082856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-06-03 11:14 - 2019-11-15 08:10 - 000041296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-06-03 11:14 - 2019-11-15 08:10 - 000035664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-06-03 11:14 - 2017-12-25 23:33 - 000351544 _____ C:\WINDOWS\Macrium Reflect Patch Log.txt
2021-05-31 08:03 - 2021-01-04 00:27 - 000000000 ____D C:\Users\thoma\Desktop\Programme
2021-05-31 07:32 - 2019-11-09 23:01 - 000000000 ____D C:\Users\thoma\AppData\Local\Opera Software
2021-05-30 21:56 - 2019-03-02 00:25 - 000000000 ____D C:\Users\thoma\.dbus-keyrings
2021-05-30 20:25 - 2017-10-19 01:25 - 000000000 ____D C:\Program Files (x86)\Intel
2021-05-30 20:22 - 2018-09-04 21:15 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2021-05-30 20:16 - 2019-09-15 01:23 - 000002166 _____ C:\Users\thoma\Desktop\DeepL.lnk
2021-05-30 20:16 - 2019-09-15 01:23 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeepL GmbH
2021-05-30 20:16 - 2019-09-15 01:23 - 000000000 ____D C:\Users\thoma\AppData\Local\DeepL

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2020-10-04 17:19 - 2020-10-04 17:19 - 000000000 _____ () C:\Users\thoma\.mongorc.js
2020-11-27 09:35 - 2020-11-18 15:04 - 114459920 _____ (Microsoft Corporation) C:\Program Files\Teams_windows_x64.exe
2018-10-21 00:46 - 2017-10-25 03:31 - 007438336 _____ () C:\Program Files (x86)\WinAuth.exe
2018-02-10 21:14 - 2018-02-10 21:14 - 000000171 _____ () C:\Users\thoma\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
2018-02-10 21:14 - 2018-10-14 18:06 - 000000904 _____ () C:\Users\thoma\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
2019-12-04 08:33 - 2019-12-04 08:33 - 000000171 _____ () C:\Users\thoma\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2018-02-10 21:14 - 2018-02-10 21:14 - 000000175 _____ () C:\Users\thoma\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
2017-10-19 08:13 - 2017-12-10 16:12 - 000000883 _____ () C:\Users\thoma\AppData\Roaming\gnuplot_history
2021-01-09 22:59 - 2021-01-13 19:59 - 000000016 _____ () C:\Users\thoma\AppData\Roaming\obs-virtualcam.txt
2018-07-22 15:03 - 2021-02-06 17:56 - 000000128 _____ () C:\Users\thoma\AppData\Roaming\winscp.rnd
2021-06-27 17:55 - 2021-06-27 17:56 - 000000606 _____ () C:\Users\thoma\AppData\Local\cbfsconnect2017-{B0031874-3D4F-4F60-8171-49DE03D3E003}.zip
2019-05-16 06:28 - 2020-09-26 09:37 - 000009728 _____ () C:\Users\thoma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-07-01 16:15 - 2018-07-01 16:15 - 000000600 _____ () C:\Users\thoma\AppData\Local\PUTTY.RND
2021-05-30 21:56 - 2021-05-30 21:56 - 000000218 _____ () C:\Users\thoma\AppData\Local\recently-used.xbel
2021-04-09 19:33 - 2021-04-09 19:33 - 000007609 _____ () C:\Users\thoma\AppData\Local\Resmon.ResmonCfg
2019-11-09 22:48 - 2019-11-09 22:48 - 000000000 _____ () C:\Users\thoma\AppData\Local\TaskMan.cmd.done
2019-11-09 22:48 - 2019-11-09 22:48 - 000000105 _____ () C:\Users\thoma\AppData\Local\TaskMan.cmd.errors
2021-06-27 17:50 - 2021-06-27 17:50 - 122854203 _____ () C:\Users\thoma\AppData\Local\Temp.zip

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         
--- --- ---

Antwort

Themen zu Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt
appdata, bytes, canon, datei, einloggen, exe, fenster, folge, folgende, login, malwarebytes, melde, meldet, microsoft, programm, roaming, start, startup, temp, troyaner, umgeleitet, virus, virustotal, windows, zahlen, öffnet



Ähnliche Themen: Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt


  1. TR/BitCoinMiner.Gen und ander TR Viren in C:/User/Jannis/Appdata/Local/Temp/msupdate
    Log-Analyse und Auswertung - 08.10.2015 (13)
  2. WIN 7 / E-Mail-ZIP ausgeführt / KIS meldet Trojaner C:\Users\Büro\AppData\Local\Temp\Grade_born\grade-try.exe
    Log-Analyse und Auswertung - 13.06.2015 (28)
  3. C:\Users\User\AppData\Local\Temp\ljubZufuv Malware-Problem
    Log-Analyse und Auswertung - 07.09.2014 (6)
  4. gvu will svchost.exe unter C:\users\user\appdata\local\temp starten
    Log-Analyse und Auswertung - 16.01.2014 (13)
  5. C:\Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exe wurde nicht Gefunden
    Log-Analyse und Auswertung - 19.12.2012 (2)
  6. C:\Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exe wurde nicht Gefunden
    Plagegeister aller Art und deren Bekämpfung - 10.11.2012 (11)
  7. Fehlermeldung beim Neustart C:\ Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exe
    Log-Analyse und Auswertung - 22.10.2012 (48)
  8. C:/Users/User/AppData/Local/Temp/er_00_0_l.exe
    Log-Analyse und Auswertung - 17.10.2012 (4)
  9. C:\Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exe wurde nicht Gefunden - GVU Trojaner
    Plagegeister aller Art und deren Bekämpfung - 22.09.2012 (16)
  10. C:/Users/User/AppData/Local/Temp/i4jdel0.exe
    Plagegeister aller Art und deren Bekämpfung - 20.09.2012 (5)
  11. Bundespolizei Virus ch8l0.exe in C:\User\USERNAME\Appdata\Local\Temp\ch810.exe
    Log-Analyse und Auswertung - 21.04.2012 (10)
  12. Bundespolizei Virus ch8l0.exe in C:\User\USERNAME\Appdata\Local\Temp\ch810.exe
    Log-Analyse und Auswertung - 11.04.2012 (22)
  13. Bundespolizei Virus ch8l0.exe in C:\User\USERNAME\Appdata\Local\Temp\ch810.exe
    Log-Analyse und Auswertung - 06.04.2012 (34)
  14. (2x) Virus ch8l0.exe in C:\User\USERNAME\Appdata\Local\Temp\ch810.exe
    Mülltonne - 06.04.2012 (0)
  15. Avira findet TR/EyeStye.N.1213 unter C:\User\***\AppData\Local\Temp\203.temp
    Log-Analyse und Auswertung - 31.10.2011 (5)
  16. Systemprozess in C:\Users\<user>\AppData\Local\Temp\7SDX33Y5VV.exe
    Plagegeister aller Art und deren Bekämpfung - 07.10.2011 (18)
  17. TR/Crypt.XPACK.Gen in C:\User\***\AppData\Local\Temp\...\http.dll
    Log-Analyse und Auswertung - 10.11.2009 (1)

Zum Thema Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt - Hallo, bei mir wir nach dem Login unter AppData\Local\Temp immer ein exe ausgeführt, der Name ändert sich, Bsp: a8ee9d2a-7120-4192-aaa3-0558ee0ba707.tmp.exe (82.944 Bytes) Das Programm öffnet ein Fenster und gibt Zahlen und - Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt...
Archiv
Du betrachtest: Nach dem Einloggen wird Programm *.tmp.exe in USER\AppData\Local\Temp ausgeführt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.