Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Thema geschlossen
Alt 10.11.2021, 11:31   #1
benjis
 
Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender - Standard

Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender



Hallo!

Ich bräuchte bitte eure Hilfe beim Entfernen von "Presnoker" nach Installation der falschen Version von Audacity...

Danke!

B.

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-11-2021
durchgeführt von benji (Administrator) auf AUDIOMACHINE (10-11-2021 11:12:00)
Gestartet von D:\*****\Downloads
Geladene Profile: benji
Plattform: Microsoft Windows 10 Home Version 21H1 19043.1348 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

() [Datei ist nicht signiert] C:\Program Files\Fractal Audio Systems\USB Audio Driver\FASUSBAudioCplApp.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(GuinpinSoft inc) [Datei ist nicht signiert] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Software Development Products -> Intel(R) Corporation) C:\Program Files (x86)\Common Files\Intel\RSDCM_SR300\bin\win32\RealSenseDCMSR300.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <15>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\110\LocalDB\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Ryken Studio) C:\Program Files\WindowsApps\59750RykenApps.myTubeBeta_4.0.16.0_x64__zd92nzxdcatqw\myTube.exe
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Tobias Erichsen) [Datei ist nicht signiert] C:\Program Files (x86)\Tobias Erichsen\loopMIDI\loopMIDI.exe
(Universal Audio, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Universal Audio\Powered Plugins\UADPerfMon.exe
(Universal Audio, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Universal Audio\Powered Plugins\UATrayIcon.exe
(Veeam Software Group GmbH -> Veeam Software Group GmbH) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [Nitro System Tray] => C:\Program Files\Nitro\Pro\13\nitro_pro_systray.exe [334088 2020-03-13] (Nitro Software, Inc. -> Nitro Software, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942744 2018-12-17] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [Veeam.EndPoint.Tray.exe] => C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Tray.exe [853968 2021-02-16] (Veeam Software Group GmbH -> Veeam Software Group GmbH)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] (DivX, LLC -> )
HKLM-x32\...\Run: [CLMLServer_For_P2G9] => C:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvc_P2G9.exe [110344 2013-12-31] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive9] => C:\Program Files (x86)\CyberLink\Power2Go9\VirtualDrive9.exe [983816 2015-02-05] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [PowerDVD13Agent] => C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe [525352 2018-03-02] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [Creative Audio Task] => C:\Program Files (x86)\Creative\Shared Files\Creative Audio Task\CTAudTsk.exe [123848 2016-03-03] (Creative Technology Ltd -> Creative Technology Ltd)
HKLM-x32\...\Run: [Creative HID Task] => C:\Program Files (x86)\Creative\Shared Files\Creative HID Task\CTHIDTsk.exe [104392 2016-02-10] (Creative Technology Ltd -> Creative Technology Ltd)
HKLM-x32\...\Run: [UATrayIcon] => C:\Program Files (x86)\Universal Audio\Powered Plugins\UATrayIcon.exe [3805696 2021-05-14] (Universal Audio, Inc.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [UAPerfMon] => C:\Program Files (x86)\Universal Audio\Powered Plugins\UADPerfMon.exe [6280192 2021-05-14] (Universal Audio, Inc.) [Datei ist nicht signiert]
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2340216 2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\Run: [loopMIDI] => C:\Program Files (x86)\Tobias Erichsen\loopMIDI\loopMIDI.exe [848384 2012-08-15] (Tobias Erichsen) [Datei ist nicht signiert]
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\Run: [MicrosoftEdgeAutoLaunch_B9B057F13E8261F387166E937D6ED4AC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\MountPoints2: {149a0a8a-d7d3-11e9-a9ab-806e6f6e6963} - "J:\setup.exe" 
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\MountPoints2: {2d087356-6db6-11ea-aab4-902b34d55361} - "J:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\MountPoints2: {8568c1c5-ad8b-11eb-ad45-20689d4158af} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [153600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Nitro PDF Port 13 Monitor: C:\WINDOWS\system32\NxPrinterMonitor13.dll [242440 2020-03-13] (Nitro Software, Inc. -> Nitro Software, Inc.)
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FASUSBAudio Control Panel Autostart.lnk [2019-06-25]
ShortcutTarget: FASUSBAudio Control Panel Autostart.lnk -> C:\Program Files\Fractal Audio Systems\USB Audio Driver\FASUSBAudioCplApp.exe () [Datei ist nicht signiert]
Startup: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2021-05-03]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2382A3D3-E5B5-40ED-9221-F0BC6F03E300} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2434424 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {255CA14E-BCF9-4947-B708-11D256B7613F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Keine Datei)
Task: {38F2A021-EA4D-4CC2-AD4D-DEE61AB51E39} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {534B8696-3AA2-4A0C-83B8-CC49191DBFAF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {55191523-34D0-4306-9694-8DBE8E846DAE} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [3978624 2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {56BB76F5-7FF6-4554-94CF-830E0624012E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1910136 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {64FF6312-6276-43E1-9AE4-8FD59320BDA2} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {73AB8BAF-B67F-419D-BBFF-CD3A4038A857} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22655904 2021-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {850218E9-3DAF-482D-9CA9-875932025ED0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1910136 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {9985E02E-3EEB-4958-B927-2DCA650AE6D6} - System32\Tasks\DeviceDetector7 => C:\Program Files (x86)\CyberLink\MediaEspresso7\DeviceDetector\DeviceDetector7.exe [865824 2015-09-10] (CyberLink Corp. -> CyberLink)
Task: {9ABCA37F-8CE2-4423-AC8E-F3839F10F0C1} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-12-16] (Garmin International, Inc. -> )
Task: {9B9B8F10-CD4F-44CB-B6C0-32DCB21F38FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A90E957B-DA43-4A38-91F7-BCDCE0D323E3} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2311528 2020-09-28] (Microsoft Corporation -> Microsoft)
Task: {ACB3A525-A95C-4694-8125-3AF3FF1845C0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1600408 2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA41330F-8F18-4C88-9BC3-C59FA0A57929} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2434424 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {C12C7DA8-CD9E-48B0-BFE3-A46175F6754F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C78C6CDE-3DD3-4DF5-A0DB-A793CCBD92ED} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1146048 2018-10-05] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {D76B7BF7-0B04-4B9C-89C1-8B69744EB10E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {D7732B3F-2CF4-459A-8534-2EEF6DA210F7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC963DE5-44B8-4332-82C7-A49062F04B8F} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [32624 2020-09-28] (Microsoft Corporation -> Microsoft)
Task: {F4FAD552-A74B-45D7-B4E4-A16598756742} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {F56E9419-20B9-4F50-B869-B5E96612D6CD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22655904 2021-10-25] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{d0a3353a-dfb1-461d-ae4c-e74cfdf55e93}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{d4cb2d88-9699-4c58-8e9f-7c92fef8e034}: [DhcpNameServer] 192.168.178.1

Edge: 
=======
DownloadDir: D:\*****\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001 -> about:tabs
Edge Notifications: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001 -> hxxps://www.youtube.com
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Extension: (Amazon Assistant) -> xxx_AmazoncomAmazonAssistant_343d40qqvtj1t => C:\Program Files\WindowsApps\Amazon.com.AmazonAssistant_10.1910.9.0_neutral__343d40qqvtj1t [2019-12-17]
Edge DefaultProfile: Default
Edge Profile: C:\Users\benji\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-10]
Edge DownloadDir: Default -> D:\*****\Downloads
Edge Notifications: Default -> hxxps://forums.steinberg.net
Edge HomePage: Default -> edge://newtab/
Edge Extension: (Just Black) - C:\Users\benji\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2021-08-24]

FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, Inc. -> DivX, LLC.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, Inc. -> DivX, LLC.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3833088 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3603200 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 CdRomArbiterService; C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe [8704 2020-02-13] (GuinpinSoft inc) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-10-12] (Microsoft Corporation -> Microsoft Corporation)
S4 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [85784 2018-03-02] (CyberLink Corp. -> CyberLink)
S4 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [335640 2018-03-02] (CyberLink Corp. -> CyberLink)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncHelper.exe [3253120 2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
S3 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-08-19] (Huawei Technologies Co., Ltd. -> ) [Datei ist nicht signiert]
R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [497568 2021-04-08] (Logitech Inc -> Logitech)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.205.1003.0005\OneDriveUpdaterService.exe [3721600 2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
R2 RealSenseDCMSR300; C:\Program Files (x86)\Common Files\Intel\RSDCM_SR300\bin\win32\RealSenseDCMSR300.exe [4171168 2021-06-16] (Intel(R) Software Development Products -> Intel(R) Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12727576 2021-02-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 VeeamEndpointBackupSvc; C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe [130000 2021-02-16] (Veeam Software Group GmbH -> Veeam Software Group GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 NIHostIntegrationAgent; C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe [X]
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AllenAndHeathFW; C:\WINDOWS\System32\Drivers\AllenAndHeathFW.sys [222744 2012-10-02] (TC Applied Technologies -> Allen and Heath Ltd.)
R3 AllenAndHeathFWAudio; C:\WINDOWS\system32\drivers\AllenAndHeathFWAudio.sys [46360 2012-10-02] (TC Applied Technologies -> Allen and Heath Ltd.)
R3 AllenAndHeathFWMidi; C:\WINDOWS\system32\drivers\AllenAndHeathFWMidi.sys [35224 2012-10-02] (TC Applied Technologies -> Allen and Heath Ltd.)
S3 axefx2load; C:\WINDOWS\System32\Drivers\axefx2load.sys [55600 2013-07-12] (Fractal Audio Systems -> Cypress Semiconductor)
R3 bomebus; C:\WINDOWS\System32\drivers\bomebus.sys [56376 2018-05-16] (Bome Software GmbH & Co.KG -> Bome Software GmbH & Co. KG)
R2 CLFCL5.13; C:\WINDOWS\system32\DRIVERS\CLFCL5.13\000.fcl [46848 2018-02-26] (CyberLink Corp. -> CyberLink Corp.)
R3 CLVirtualBus01; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [103176 2014-11-05] (CyberLink Corp. -> CyberLink)
R1 CLVirtualDrive1.1; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive1_1.sys [91912 2013-11-13] (CyberLink Corp. -> CyberLink)
S3 DCMCamera; C:\WINDOWS\system32\DRIVERS\RealSenseDcmDynamicDriver.sys [81496 2020-06-29] (Intel(R) Software Development Products -> Intel(R) Corporation)
R3 EMUXMIDI; C:\WINDOWS\System32\drivers\EMUXMIDI.sys [257624 2009-12-04] (Creative Labs Inc -> E-MU Systems)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 fasusbaudio; C:\WINDOWS\System32\drivers\fasusbaudio_x64.sys [254464 2014-05-16] (Fractal Audio Systems -> )
S3 fasusbaudioks; C:\WINDOWS\System32\drivers\fasusbaudioks_x64.sys [46080 2014-05-16] (Fractal Audio Systems -> )
R1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [66128 2019-07-16] (Martin Malik - REALiX -> REALiX(tm))
R3 iLokDrvr; C:\WINDOWS\System32\drivers\iLokDrvr.sys [33416 2021-10-22] (PACE Anti-Piracy, Inc. -> )
R3 MpKsl7e387383; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DF3921C3-67C0-4BCF-ABC1-51667F00C61E}\MpKslDrv.sys [130296 2021-11-10] (Microsoft Windows -> Microsoft Corporation)
S0 mvs91xx; C:\WINDOWS\System32\drivers\mvs91xx.sys [327464 2013-09-06] (Marvell Semiconductor -> Marvell Semiconductor, Inc.)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation)
R3 RDID1115; C:\WINDOWS\system32\Drivers\RDWM1115.SYS [91648 2015-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Roland Corporation)
R3 RealSenseDCMBus; C:\WINDOWS\System32\drivers\RealSenseDCMBus.sys [46168 2020-07-01] (Intel(R) Software Development Products -> Intel(R) Corporation)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [134000 2019-01-21] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
R3 synusb64; C:\WINDOWS\System32\drivers\synusb64.sys [30352 2011-12-14] (Steinberg Media Technologies GmbH -> Steinberg Media Technologies GmbH)
R3 teVirtualMIDI64; C:\WINDOWS\System32\drivers\teVirtualMIDI64.sys [30208 2012-08-15] (Tobias Erichsen -> Tobias Erichsen)
R3 UAD2Pcie; C:\WINDOWS\System32\drivers\UAD2Pcie.sys [101640 2021-05-18] (Universal Audio, Inc. -> Universal Audio, Inc.)
R3 UAD2System; C:\WINDOWS\System32\drivers\UAD2System.sys [153856 2021-05-18] (Universal Audio, Inc. -> Universal Audio, Inc.)
R3 UAD2WdmAudio; C:\WINDOWS\System32\drivers\UAD2WdmAudio.sys [37640 2021-05-18] (Universal Audio, Inc. -> )
R3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [127512 2020-09-18] (WDKTestCert dant,132134237881206156 -> Wacom Technology, Corp.)
R3 wacomrouterfilter; C:\WINDOWS\System32\drivers\wacomrouterfilter.sys [28680 2020-09-18] (WDKTestCert dant,132134237881206156 -> Wacom Technology, Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
S3 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-11-10 11:11 - 2021-11-10 11:12 - 000000000 ____D C:\FRST
2021-11-10 10:00 - 2021-11-10 10:00 - 000021232 _____ (Thesycon GmbH) C:\WINDOWS\system32\Drivers\dpclat_driver.sys
2021-11-10 09:55 - 2021-11-10 09:55 - 000000821 _____ C:\Users\benji\Desktop\LatencyMon.lnk
2021-11-10 09:55 - 2021-11-10 09:55 - 000000809 _____ C:\Users\benji\Desktop\In Depth Latency Tests.lnk
2021-11-10 09:55 - 2021-11-10 09:55 - 000000000 ____D C:\Users\benji\AppData\Local\DBG
2021-11-10 09:55 - 2021-11-10 09:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon
2021-11-10 09:55 - 2021-11-10 09:55 - 000000000 ____D C:\Program Files\LatencyMon
2021-11-10 09:55 - 2015-07-13 11:16 - 000026368 _____ (Resplendence Software Projects Sp.) C:\WINDOWS\system32\Drivers\rspLLL64.sys
2021-11-10 09:24 - 2021-11-10 09:24 - 001328408 _____ C:\WINDOWS\system32\FaceTrackerInternal.dll
2021-11-10 09:24 - 2021-11-10 09:24 - 001321984 _____ C:\WINDOWS\system32\FaceProcessor.dll
2021-11-10 09:24 - 2021-11-10 09:24 - 000503576 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2021-11-10 09:24 - 2021-11-10 09:24 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-10 09:24 - 2021-11-10 09:24 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-10 09:24 - 2021-11-10 09:24 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-10 09:24 - 2021-11-10 09:24 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-10 09:20 - 2021-11-10 09:20 - 000000000 ___HD C:\$WinREAgent
2021-11-08 09:11 - 2021-11-08 09:11 - 000001355 _____ C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-08 09:11 - 2021-11-08 09:11 - 000000000 ____D C:\Users\benji\AppData\Local\PCHealthCheck
2021-11-04 17:39 - 2021-11-04 17:40 - 000000000 ____D C:\WINDOWS\Minidump
2021-11-04 17:39 - 2021-11-04 17:39 - 1812290699 _____ C:\WINDOWS\MEMORY.DMP
2021-11-04 17:39 - 2021-11-04 17:39 - 001834980 _____ C:\WINDOWS\Minidump\110421-6281-01.dmp
2021-11-04 17:16 - 2021-11-08 10:48 - 000000591 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-11-04 11:32 - 2021-11-04 11:32 - 000000941 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2021-11-02 12:16 - 2021-11-02 12:16 - 000001029 _____ C:\Users\Public\Desktop\Kontakt.lnk
2021-11-02 12:16 - 2021-11-02 12:16 - 000000000 __HDC C:\ProgramData\{D1F4AB0B-D2A0-4B7F-921B-3369B7D7567C}
2021-11-02 12:13 - 2021-11-02 12:13 - 000001093 _____ C:\Users\Public\Desktop\Native Access.lnk
2021-11-02 12:13 - 2021-11-02 12:13 - 000000000 __HDC C:\ProgramData\{2223478A-85F2-4C4F-9CE3-1404B8DD8A23}
2021-11-02 12:11 - 2021-11-02 12:11 - 000002126 _____ C:\Users\Public\Desktop\WaveLab Elements 11.lnk
2021-11-02 12:11 - 2021-11-02 12:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg WaveLab Elements 11
2021-11-01 16:20 - 2021-11-01 16:20 - 000001203 _____ C:\Users\benji\Desktop\Logitech Capture.lnk
2021-11-01 15:49 - 2021-11-01 15:49 - 000000000 ____D C:\Users\benji\AppData\Roaming\Logishrd
2021-11-01 15:47 - 2021-11-01 15:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2021-11-01 15:47 - 2021-11-01 15:47 - 000000000 ____D C:\Program Files\Logitech
2021-11-01 15:46 - 2021-11-01 15:46 - 000000000 ____D C:\Users\benji\AppData\Local\Logitech
2021-10-27 14:49 - 2021-10-27 14:49 - 000002655 _____ C:\Users\Public\Desktop\Superior Drummer 3.lnk
2021-10-22 11:04 - 2021-10-22 11:04 - 000000879 _____ C:\Users\Public\Desktop\HandBrake.lnk
2021-10-22 11:04 - 2021-10-22 11:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HandBrake
2021-10-21 15:33 - 2021-10-21 15:33 - 000002049 _____ C:\Users\Public\Desktop\Cubase 11.lnk
2021-10-21 15:33 - 2021-10-21 15:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 11
2021-10-21 15:32 - 2021-10-21 15:32 - 000000000 ____D C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg HALion Sonic SE
2021-10-13 14:45 - 2021-10-13 14:45 - 000000000 ____D C:\Program Files\Common Files\Intel
2021-10-13 11:14 - 2021-10-13 11:14 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2021-10-13 11:14 - 2021-10-13 11:14 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-11-10 11:04 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-10 10:12 - 2021-09-14 16:24 - 000000000 ____D C:\Users\benji\AppData\Roaming\Celemony Software GmbH
2021-11-10 10:12 - 2020-02-10 16:20 - 000000000 ____D C:\temp
2021-11-10 09:55 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-10 09:36 - 2020-05-29 13:58 - 000817510 _____ C:\WINDOWS\system32\perfh013.dat
2021-11-10 09:36 - 2020-05-29 13:58 - 000172330 _____ C:\WINDOWS\system32\perfc013.dat
2021-11-10 09:36 - 2020-05-29 13:16 - 002825628 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-10 09:36 - 2019-12-07 15:50 - 000785790 _____ C:\WINDOWS\system32\perfh007.dat
2021-11-10 09:36 - 2019-12-07 15:50 - 000167904 _____ C:\WINDOWS\system32\perfc007.dat
2021-11-10 09:29 - 2021-03-02 14:49 - 000000000 ____D C:\ProgramData\Veeam
2021-11-10 09:29 - 2021-03-02 12:05 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-11-10 09:29 - 2020-12-25 12:50 - 000000000 ____D C:\Users\benji\AppData\Roaming\WTablet
2021-11-10 09:29 - 2020-05-29 13:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-10 09:29 - 2020-05-29 13:10 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-10 09:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-11-10 09:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-11-10 09:29 - 2019-06-23 22:14 - 000000000 __SHD C:\Users\benji\IntelGraphicsProfiles
2021-11-10 09:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-10 09:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-10 09:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-10 09:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-10 09:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-10 09:28 - 2019-12-07 10:03 - 002097152 _____ C:\WINDOWS\system32\config\BBI
2021-11-10 09:25 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-10 09:20 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-10 09:20 - 2019-06-25 10:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-10 09:19 - 2020-08-03 11:40 - 000000000 ____D C:\Program Files\dotnet
2021-11-10 09:19 - 2019-06-25 10:25 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-10 09:19 - 2019-06-25 10:15 - 000000000 ____D C:\ProgramData\Package Cache
2021-11-10 09:17 - 2020-05-29 13:21 - 000004166 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F467C09D-8EE1-4318-AB72-2DB4E63F7A1D}
2021-11-09 16:47 - 2020-05-29 13:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-09 16:47 - 2019-09-04 11:12 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-11-08 09:13 - 2020-01-16 15:30 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-08 09:08 - 2021-06-22 14:00 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2021-11-06 10:32 - 2020-05-29 13:21 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-11-06 10:32 - 2019-10-08 15:11 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-04 18:21 - 2020-05-29 13:10 - 000000000 ____D C:\Users\benji
2021-11-04 14:33 - 2020-11-26 11:52 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-11-04 14:33 - 2019-06-25 10:51 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2021-11-04 14:33 - 2019-06-25 10:44 - 000000000 ____D C:\ProgramData\Adobe
2021-11-04 14:33 - 2019-06-23 22:07 - 000000000 ____D C:\Users\benji\AppData\Roaming\Adobe
2021-11-04 11:54 - 2019-06-23 22:07 - 000000000 ____D C:\Users\benji\AppData\Local\Packages
2021-11-04 11:32 - 2019-07-16 10:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2021-11-04 11:32 - 2019-07-16 10:48 - 000000000 ____D C:\Program Files\CPUID
2021-11-04 10:44 - 2019-12-11 16:22 - 000007602 _____ C:\Users\benji\AppData\Local\Resmon.ResmonCfg
2021-11-03 20:11 - 2020-07-19 12:50 - 000000000 ____D C:\Users\benji\AppData\Local\CrashDumps
2021-11-03 16:13 - 2019-06-25 10:25 - 000000000 ____D C:\Users\benji\AppData\Local\D3DSCache
2021-11-03 15:56 - 2020-02-14 09:03 - 000000000 ____D C:\Users\benji\AppData\Roaming\HandBrake
2021-11-03 14:30 - 2020-03-25 10:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-11-03 13:57 - 2019-06-23 22:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-11-02 12:17 - 2019-07-16 10:48 - 000000880 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2021-11-02 12:15 - 2021-05-28 16:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2021-11-02 12:15 - 2021-03-04 11:29 - 000000000 ____D C:\Program Files\Native Instruments
2021-11-02 12:15 - 2019-06-25 10:54 - 000000000 ____D C:\Program Files\Common Files\VST3
2021-11-02 12:13 - 2021-03-04 11:29 - 000000000 ____D C:\Users\benji\AppData\Roaming\Native Instruments
2021-11-02 12:13 - 2021-03-04 11:29 - 000000000 ____D C:\Users\benji\AppData\Local\Native Instruments
2021-11-02 12:11 - 2020-02-10 16:19 - 000000000 ____D C:\ProgramData\6BCCA8C5-7E69-4622-BCCA-9FAC488059BD
2021-11-02 12:11 - 2019-06-25 20:00 - 000000000 ____D C:\Program Files\Steinberg
2021-11-02 12:10 - 2019-06-25 20:00 - 000001286 _____ C:\Users\Public\Desktop\eLicenser Control Center.lnk
2021-11-02 12:10 - 2019-06-25 19:54 - 000000049 _____ C:\WINDOWS\SysWOW64\SYNSOPOS.exe.cfg
2021-11-02 12:10 - 2019-06-25 19:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser
2021-11-02 12:10 - 2019-06-25 19:54 - 000000000 ____D C:\Program Files\eLicenser
2021-11-02 12:09 - 2019-06-25 19:54 - 000000000 ____D C:\Program Files (x86)\eLicenser
2021-11-02 12:00 - 2020-05-29 13:10 - 001647168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-02 12:00 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-02 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-02 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-02 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-02 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-02 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-02 12:00 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-01 15:41 - 2019-06-25 10:34 - 000000000 ____D C:\Program Files\Microsoft Office
2021-10-27 14:49 - 2019-07-16 13:00 - 000000000 ____D C:\ProgramData\Toontrack
2021-10-27 14:49 - 2019-06-27 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toontrack
2021-10-27 14:47 - 2020-07-19 12:37 - 000002655 _____ C:\Users\Public\Desktop\EZbass.lnk
2021-10-26 09:08 - 2019-06-25 18:50 - 000000000 ____D C:\Users\benji\AppData\Roaming\JamOrigin
2021-10-24 14:37 - 2019-06-25 19:21 - 000000000 ____D C:\ProgramData\Steinberg
2021-10-22 11:43 - 2019-09-08 11:13 - 000000000 ____D C:\Users\benji\AppData\Roaming\ScreenToGif
2021-10-22 11:05 - 2021-05-01 10:33 - 001499904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2021-10-22 11:05 - 2021-05-01 10:33 - 000033416 _____ C:\WINDOWS\system32\Drivers\iLokDrvr.sys
2021-10-22 11:05 - 2020-02-21 12:08 - 000000000 ____D C:\Program Files (x86)\iLok License Manager
2021-10-22 11:05 - 2019-06-25 10:55 - 000002092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLok License Manager.lnk
2021-10-22 11:05 - 2019-06-25 10:55 - 000002080 _____ C:\Users\Public\Desktop\iLok License Manager.lnk
2021-10-22 11:05 - 2019-06-25 10:16 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-10-22 11:04 - 2020-02-14 09:03 - 000000000 ____D C:\Program Files\HandBrake
2021-10-22 10:45 - 2019-06-23 22:07 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-10-21 15:34 - 2021-02-19 16:56 - 000002145 _____ C:\Users\Public\Desktop\SpectraLayers 7.lnk
2021-10-21 15:34 - 2021-02-19 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg SpectraLayers 7
2021-10-21 15:34 - 2019-06-25 18:44 - 000000000 ____D C:\Program Files\VSTPlugins
2021-10-21 15:33 - 2019-06-25 19:54 - 000000000 ____D C:\Users\benji\AppData\Roaming\Steinberg
2021-10-21 15:32 - 2020-11-14 15:55 - 000002272 _____ C:\Users\benji\Desktop\HALion Sonic SE.lnk
2021-10-16 14:38 - 2019-06-25 20:03 - 000000000 ____D C:\Users\benji\AppData\Roaming\Universal Audio
2021-10-13 14:23 - 2020-05-29 13:21 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-10-13 11:04 - 2020-06-11 13:57 - 000002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-10-13 11:03 - 2020-05-29 13:21 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-13 11:03 - 2020-05-29 13:21 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-13 11:01 - 2021-02-22 09:40 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2019-06-25 20:33 - 2019-06-25 20:33 - 000000604 ____H () C:\Program Files (x86)\_43_S
2020-03-25 12:13 - 2020-03-25 12:13 - 000038526 _____ () C:\Users\benji\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR
2020-03-25 12:17 - 2020-04-20 14:21 - 000009413 _____ () C:\Users\benji\AppData\Roaming\Durch Trennzeichen getrennte Werte.EML
2019-07-18 13:31 - 2019-07-18 13:31 - 000000000 _____ () C:\Users\benji\AppData\Local\oobelibMkey.log
2019-12-11 16:22 - 2021-11-04 10:44 - 000007602 _____ () C:\Users\benji\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-11-2021
durchgeführt von benji (10-11-2021 11:13:00)
Gestartet von D:\*****\Downloads
Microsoft Windows 10 Home Version 21H1 19043.1348 (X64) (2020-05-29 12:21:08)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-2387332320-4032506910-2073639800-500 - Administrator - Disabled)
annou (S-1-5-21-2387332320-4032506910-2073639800-1002 - Limited - Disabled)
avisc (S-1-5-21-2387332320-4032506910-2073639800-1003 - Limited - Disabled)
benji (S-1-5-21-2387332320-4032506910-2073639800-1001 - Administrator - Enabled) => C:\Users\benji
DefaultAccount (S-1-5-21-2387332320-4032506910-2073639800-503 - Limited - Disabled)
Gast (S-1-5-21-2387332320-4032506910-2073639800-501 - Limited - Disabled)
noahs (S-1-5-21-2387332320-4032506910-2073639800-1004 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2387332320-4032506910-2073639800-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1394 OHCI Compliant Host Controller (Legacy) (HKLM-x32\...\{B12878BB-DA05-4F25-96E7-E0200428B220}) (Version: 0.0.1 - Microsoft Corporation)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version:  - Adobe)
Advanced Renamer (HKLM\...\Advanced Renamer_is1) (Version: 3.87 - Hulubulu Software)
Allen and Heath Firewire 4.1.0.14624 (HKLM\...\Allen and Heath Firewire_is1) (Version: 4.1.0.14624 - Allen and Heath Ltd.)
ANT Drivers Installer x64 (HKLM\...\{C0ED0478-22DD-4756-B144-EB87A26956AC}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Avid License Control (HKLM-x32\...\{F187D064-F101-4E95-8D05-4027809AA0F8}) (Version: 3.0.1 - Avid Technology, Inc.)
Axe-Edit 3.14.6 (HKLM-x32\...\{0B2FECD3-B4EF-4071-9546-7529D90BAA99}_is1) (Version:  - Fractal Audio)
BlasterX Senz3D (HKLM-x32\...\{111F12F4-87FF-4FAC-83CB-2499EBF3D6EF}) (Version: 1.02.09 - Creative Technology Limited)
Bome Virtual MIDI 2.1.0.44 (HKLM\...\BMIDI_Driver1.0.0.11_is1) (Version:  - Bome Software GmbH & Co. KG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
CPUID CPU-Z 1.98 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.98 - CPUID, Inc.)
CPUID HWMonitor 1.45 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.45 - CPUID, Inc.)
CrystalDiskMark 8.0.1 (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.1 - Crystal Dew World)
CyberLink MediaEspresso 7 (HKLM-x32\...\{F6C47233-40F6-4076-89A9-68B43C2AF5C5}) (Version: 7.0.6909_59349 - CyberLink Corp.)
CyberLink Power2Go 9 (HKLM-x32\...\InstallShield_{57D68FAE-CB5E-4fd6-AE3B-A0B43375AF18}) (Version: 9.0.2602.0 - CyberLink Corp.)
CyberLink PowerDVD 13 (HKLM-x32\...\InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}) (Version: 13.0.8703.62 - CyberLink Corp.)
Dexed version 0.9.4 (HKLM\...\Dexed_is1) (Version: 0.9.4 - Digital Suburban)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Easy Poster Printer (HKLM-x32\...\{085AFF3B-459B-4B8D-9366-F2DC4452D73B}) (Version: 6.8.0 - GD Software)
Elevated Installer (HKLM-x32\...\{630B9854-94D6-42AD-BA59-3CFE0C8A651A}) (Version: 7.2.2.0 - Garmin Ltd or its subsidiaries) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.12.8.1298 - Steinberg Media Technologies GmbH)
E-MU USB-MIDI Windows Drivers (HKLM-x32\...\E-MU USB MIDI Windows Drivers Hotfix) (Version:  - )
EW Installation Center (HKLM\...\{EW Installation Center}}_is1) (Version: 1.4.3 - EastWest Sounds, Inc.)
EW PRODUCT INSTALLER 7.2.3 (HKLM-x32\...\EW PRODUCTS_is1) (Version: 7.2.3 - EastWest Sounds, Inc.)
EZbass (HKLM\...\{10E45B55-3F6B-4ADB-9B70-A3D42D17BDCC}) (Version: 1.0.0 - Toontrack)
EZbass Software Update (HKLM\...\{0DFAC2AE-2736-4ADC-A2C6-9D9CE3DEF3DD}) (Version: 1.1.1 - Toontrack)
EZdrummer 2 64-bit (HKLM\...\{B9217824-0EBE-49C7-98A0-A76CC46BBB7D}) (Version: 2.0.2 - Toontrack)
EZdrummer 2 64-bit Update (HKLM\...\{CFFABFEB-AD0D-4811-B09F-849B19B8FE78}) (Version: 2.2.2 - Toontrack)
EZkeys Software Player 64-bit (HKLM\...\{C8983F26-7DE5-455D-A578-7848A6B3F1C9}) (Version: 1.3.2 - Toontrack)
EZkeys Upright Piano 64 (HKLM\...\{5CC4AF6E-B273-497B-BF7E-9B6E35EBB0E0}) (Version: 1.0.1 - Toontrack)
Fast Duplicate File Finder Professional 4.9.0.1 (HKLM-x32\...\{AFECFED6-0A43-488F-8511-1DC6B52F31C3}_is1) (Version: 4.9.0.1 - MindGems, Inc.)
Finale NotePad 2012 (HKLM-x32\...\Finale NotePad 2012) (Version: 2012..r1.5 - MakeMusic)
Fractal Audio Systems USB Audio Driver v2.23.0 (HKLM-x32\...\Fractal Audio Systems USB Audio Driver v2.23.0) (Version: 2.23.0 - Fractal Audio Systems)
Fractal Audio Systems USB Driver Package 2014.06.06 (HKLM\...\{E992CC59-71FD-4199-B04E-6274F7439EA0}_is1) (Version: 2014.06.06 - Fractal Audio Systems)
Fractal-Bot 3.0.8 (HKLM-x32\...\{6DBF83F6-BE11-414D-82DC-58C414CACF35}_is1) (Version:  - Fractal Audio)
Garmin Express (HKLM-x32\...\{49d6ae2b-f5db-460c-a653-4c7377ee40be}) (Version: 7.2.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{82990251-B13D-419D-A106-7896A8B1F051}) (Version: 7.2.2.0 - Garmin Ltd or its subsidiaries) Hidden
GStreamer 1.14.2 for Transcribe! (HKLM-x32\...\com.seventhstring.GStreamer_is1) (Version: 1.14.2 - )
GStreamer 1.18.4 for Transcribe! (64-bit) (HKLM\...\com.seventhstring.GStreamer_is1) (Version: 1.18.4 - )
Guitar Pro 7 - Soundbanks (HKLM-x32\...\com.arobas-music.guitarpro7-soundbanks_is1) (Version: 1.1.123 - Arobas Music)
Guitar Pro 7 (HKLM-x32\...\{BF4EDCFF-ED20-4AF6-A636-EBAC931336CD}_is1) (Version: 7.5.5.1844 - Arobas Music)
HandBrake 1.4.2 (HKLM-x32\...\HandBrake) (Version: 1.4.2 - )
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.309 - )
HWiNFO64 Version 6.08 (HKLM\...\HWiNFO64_is1) (Version: 6.08 - Martin Malik - REALiX)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.5161 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel® RealSense™ Depth Camera Manager Gold (x86): dptf_com (HKLM-x32\...\{7AF37B0F-CEBD-11EB-A63E-A0510BE9AF3A}) (Version: 2.3.101.9447 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x86): Intel® RealSense™ 3D camera SR300 IO module (HKLM-x32\...\{7AF59DEE-CEBD-11EB-AD80-A0510BE9AF3A}) (Version: 3.4.101.9447 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x86): Intel® RealSense™ Depth Camera Manager Service (HKLM-x32\...\{869318E1-CEBD-11EB-8C5A-A0510BE9AF3A}) (Version: 3.4.101.9447 - Intel Corporation) Hidden
Intel® RealSense™ Tiefenkamera-Manager SR300 (HKLM-x32\...\ARP_for_prd_dcm_runtime_sr300_3.4.101.9447) (Version: 3.4.101.9447 - Intel Corporation)
Ivory 2.5 (HKLM-x32\...\{49660abf-44ec-4553-bfe4-103969712210}) (Version: 2.5.2.20 - Synthogy, LLC)
Ivory Software Components (HKLM\...\{9103CDEB-5FF3-48CD-9646-5D29ED2CCF86}) (Version: 2.5.2.20 - Synthogy, LLC) Hidden
iZotope Ozone 7 Advanced (HKLM-x32\...\iZotope Ozone 7 Advanced 7.01) (Version: 7.01 - iZotope, Inc.)
JBridge (HKLM-x32\...\JBridge) (Version:  - JBridge)
LatencyMon 6.50 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Logitech Capture (HKLM\...\Capture) (Version: 2.06.12 - Logitech)
loopMIDI (HKLM-x32\...\{AEAF7978-3204-451D-8593-BC53EBDDA31D}) (Version: 1.0.5.15 - Tobias Erichsen)
MakeMKV v1.15.0 (HKLM-x32\...\MakeMKV) (Version: v1.15.0 - GuinpinSoft inc)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1039 - Marvell)
Melodyne 5 (HKLM-x32\...\{16DF894D-FC3F-4B87-908D-671E201CD7A8}) (Version: 5.01.01003 - Celemony Software GmbH)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.14527.20234 - Microsoft Corporation)
Microsoft 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.14527.20234 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.44 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 95.0.1020.44 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.205.1003.0005 - Microsoft Corporation)
Microsoft OneNote - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 16.0.14527.20234 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{C18B132E-4032-4425-826A-24B1CA9DFF0C}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{7ED2561C-FBC2-421E-A2B5-C7BEFD623145}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{CECCBAE9-1880-411E-9D28-8E562F6DAAE2}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\Teams) (Version: 1.4.00.4167 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29914 (HKLM-x32\...\{43d1ce82-6f55-4860-a938-20e5deb28b98}) (Version: 14.28.29914.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.26.28720 (HKLM-x32\...\{86380aef-fd23-4fc3-8723-a98ccad8f2c6}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.21 (x64) (HKLM-x32\...\{4be70f3b-2d71-4c79-adc0-d1f1221e41b1}) (Version: 3.1.21.30622 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.12 (x64) (HKLM-x32\...\{ce8037d8-35f7-4142-ad18-23609ac5db17}) (Version: 5.0.12.30623 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 13.221.137.0 - Microsoft Corporation)
MIDI Guitar 2 version 2.2.1.0 (HKLM\...\MIDI Guitar 2_is1) (Version: 2.2.1.0 - )
MKVToolNix 43.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 43.0.0 - Moritz Bunkus)
Mp3tag v2.81 (HKLM-x32\...\Mp3tag) (Version: 2.81 - Florian Heidenreich)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.6.1.139 - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.13.5.139 - Native Instruments)
Neuratron PhotoScore && NotateMe Ultimate (HKLM-x32\...\Neuratron PhotoScore && NotateMe Ultimate) (Version: 9.0.0 - Neuratron Ltd)
Nitro Pro (HKLM\...\{C96C14B3-5E41-49E5-AAB5-22832C08CAED}) (Version: 13.15.1.282 - Nitro) Hidden
Nitro Pro (HKLM-x32\...\{b6447f4a-7f1e-4f4c-b770-5b1e3dafd6f3}) (Version: 13.15.1.282 - Nitro)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.9 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PACE License Support Win64 (HKLM\...\{5AC4321F-FCD1-4a37-BFCB-E1EB0047CDA4}) (Version: 5.4.1.3706 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{5AC4321F-FCD1-4a37-BFCB-E1EB0047CDA4}) (Version: 5.4.1.3706 - PACE Anti-Piracy, Inc.)
PLAY 6.1.9 (HKLM-x32\...\EW PLAY_is1) (Version: 6.1.9 - EastWest Sounds, Inc.)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Rename Master (HKLM-x32\...\Rename Master_is1) (Version:  - )
R-Link 2 Toolbox (HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\{R-Link 2 Toolbox}}_is1) (Version: 1.7.3 - Renault)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.06.60 (17.03.2015) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.00.01.24 - HP Printing Korea Co., Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.3.0.1910 - Samsung Electronics)
Samsung NVM Express Driver (HKLM-x32\...\{d6df2f24-bd8d-49bc-b751-fac310b24a4b}) (Version: 3.1.0.1901 - Samsung Electronics)
Samsung NVM Express Driver 3.1.0.1901 (HKLM\...\{DF7667AF-FC11-48A4-9585-7378B5224C1A}) (Version: 3.1.0.1901 - Samsung Electronics Co., Ltd) Hidden
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.28 - Samsung Electronics Co., Ltd.) Hidden
Sibelius 7 OpenType Fonts (HKLM-x32\...\{623C2BD8-1B28-4F98-B578-E9D139827269}) (Version: 7.1.3 - Avid)
Sibelius 7.5 (HKLM\...\{BBADBAB3-56A4-444B-834E-D8730B574C3E}) (Version: 7.5.1.209 - Avid Technology)
Skype Version 8.78 (HKLM-x32\...\Skype_is1) (Version: 8.78 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Steinberg Cubase 11 (HKLM\...\{49A80F46-11CC-44F9-9FEC-2566FE0AB7A5}) (Version: 11.0.41 - Steinberg Media Technologies GmbH)
Steinberg Dark Planet 64bit (HKLM\...\{52B15329-EA8D-4088-AE8F-BD831D187290}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Dorico 3.5 (HKLM\...\{E72A482D-E6C4-4B92-B248-3880AD721E8A}) (Version: 3.5.12 - Steinberg Media Technologies GmbH)
Steinberg Download Assistant (HKLM-x32\...\Steinberg Download Assistant) (Version: 1.20.2 - Steinberg Media Technologies GmbH)
Steinberg Generic Lower Latency ASIO Driver 64bit (HKLM\...\{16D5A798-10BE-4FF3-BB71-54C012CD0D7D}) (Version: 1.0.20 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 5 (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 5.0.50 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Acoustic Agent (HKLM-x32\...\{F34EA13C-F078-4003-AE21-43EAB2680EC5}) (Version: 1.0.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 3 Component (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 3.4.40 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Standalone (HKLM\...\{2D64E1A0-02C7-4AED-BCC6-3A5E5C91D6E2}) (Version: 3.4.40 - Steinberg Media Technologies GmbH)
Steinberg HALion Symphonic Orchestra 64bit (HKLM\...\{2980E719-19F3-4329-944A-782A7D723741}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Symphonic Orchestra VST Sound Instrument Set (HKLM-x32\...\{1312306D-F0A5-4B64-BA34-AC6169A3A098}) (Version: 1.2.0 - Steinberg Media Technologies GmbH)
Steinberg Install Assistant (HKLM\...\{2E7DF371-6034-4FC7-AE30-100AC21A1003}) (Version: 1.0.4 - Steinberg Media Technologies GmbH)
Steinberg Instrument Set Dark Planet (HKLM-x32\...\{7E95B088-EF08-4093-85E1-B0689BDAB35C}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Library Manager (HKLM\...\{AA78592A-F13C-4C8E-B849-7A398001FA7F}) (Version: 3.1.0 - Steinberg Media Technologies GmbH)
Steinberg Padshop 2 (HKLM\...\{6FBAF5EF-816E-4D80-BFBE-8B237EEA4CD4}) (Version: 2.0.30 - Steinberg Media Technologies GmbH)
Steinberg Retrologue 64bit (HKLM\...\{4D65ECE6-131D-4B5F-8470-2750D3161619}) (Version: 2.2.50 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg SpectraLayers 7 (HKLM\...\424abc1e-aca9-452c-9b47-4g6c6gh53b42_is1) (Version: 7.0.30.251 - Steinberg)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Transit 64bit (HKLM\...\{FF1A114C-0F88-11E5-A6C0-1697F925EC7B}) (Version: 1.0.13 - Steinberg Media Technologies GmbH)
Steinberg WaveLab Elements 10.0 (HKLM\...\{CEE5E0EE-A9EA-4A0B-BE6E-5DD242BF5685}) (Version: 10.0.70 - Steinberg Media Technologies GmbH)
Steinberg WaveLab Elements 11 (HKLM\...\{7470D690-0FA2-44E2-AE7E-E5BCFE716BD5}) (Version: 11.0.10 - Steinberg Media Technologies GmbH)
Superior Drummer 3 (HKLM\...\{C556430A-61B1-4B55-8287-B3D6D26F729B}) (Version: 3.2.6 - Toontrack)
Superior Drummer 64-bit (HKLM\...\{0E54CF79-AE40-409E-9253-9563418C730C}) (Version: 2.4.4 - Toontrack)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.15.5 - TeamViewer)
Toontrack Audio Sender (HKLM\...\{B1412021-F4CD-422C-BC8B-CDE9924C371B}) (Version: 1.1.0 - Toontrack)
Toontrack Product Manager (HKLM-x32\...\{5BAE101A-4AF5-4FBA-99E6-1CE2825F8993}) (Version: 1.0.0 - Toontrack)
Toontrack solo 64-bit (HKLM\...\{FA9D0D8C-FDD1-45C2-8291-079FBA72D2CB}) (Version: 1.3.3 - Toontrack)
Transcribe! 9.00.0 (HKLM\...\com.seventhstring.Transcribe_is1) (Version: 9.00 - Seventh String Software)
UAD drivers. This may take a while... (HKLM-x32\...\{55D16842-4E1E-4917-A017-48B09700A273}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM\...\{8D858241-995D-4F89-BBEE-393A32AF3D6E}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM\...\{AB48EBD1-F812-4FF4-BD0E-B60D9845520D}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM-x32\...\{1C012F00-B5AB-41A7-91D2-E228B371032E}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM-x32\...\{6B682D44-6560-4548-9AF7-CE26C8E541AC}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM-x32\...\{77e84ed1-e5c1-4b65-9241-a0caa38f74df}) (Version: 9.14.5.2390 - Universal Audio, Inc.)
UAD Powered Plug-Ins (HKLM-x32\...\{EE9B955E-7BDE-4FE0-AFDB-16B2B1229701}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UM-ONE Driver (HKLM\...\RolandRDID0115) (Version:  - Roland Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Veeam Agent for Microsoft Windows (HKLM\...\{092807B0-27B2-451E-84EE-8102153D41CA}) (Version: 5.0.0.4301 - Veeam Software Group GmbH)
Visual Similarity Duplicate Image Finder Professional 6.7.0.1 (HKLM-x32\...\{72D6BE71-2A6F-4D01-809E-A3174D1738A0}_is1) (Version: 6.7.0.1 - MindGems, Inc.)
Voxengo CurveEQ (HKLM\...\Voxengo CurveEQ_is1) (Version: 3.5 - Voxengo)
Voxengo Stereo Touch (HKLM\...\Voxengo Stereo Touch_is1) (Version: 2.8.1 - Voxengo)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.42-2 - Wacom Technology Corp.)
WinDirStat 1.1.2 (HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\WinDirStat) (Version:  - )
Windows-PC-Integritätsprüfung (HKLM\...\{AD47C6B2-6C72-4F0E-B66F-7685C28ACDFD}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Fractal Audio Systems (axefx2load) USB  (05/15/2011 1.0.0.9) (HKLM\...\6AEB8A42A154DE456DE5E467C01A582911CB5C6A) (Version: 05/15/2011 1.0.0.9 - Fractal Audio Systems)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\ZoomUMX) (Version: 5.7.7 (1105) - Zoom Video Communications, Inc.)
Zoom Outlook Plugin (HKLM-x32\...\{90C8CDA8-25A0-47C3-9DB7-E0A3E33EFA17}) (Version: 5.6.3 - Zoom)

Packages:
=========
Affinity Designer -> C:\Program Files\WindowsApps\SerifEuropeLtd.AffinityDesigner_11004.1198.0.0_x64__844sdzfcmm7k0 [2021-11-02] (Serif Europe Ltd)
Affinity Photo -> C:\Program Files\WindowsApps\SerifEuropeLtd.AffinityPhoto_11004.1198.0.0_x64__844sdzfcmm7k0 [2021-11-02] (Serif Europe Ltd)
Affinity Publisher -> C:\Program Files\WindowsApps\SerifEuropeLtd.AffinityPublisher_11004.1198.0.0_x64__844sdzfcmm7k0 [2021-11-02] (Serif Europe Ltd)
Amazon Assistant -> C:\Program Files\WindowsApps\Amazon.com.AmazonAssistant_10.1910.9.0_neutral__343d40qqvtj1t [2019-12-17] (Amazon.com)
Drawboard PDF -> C:\Program Files\WindowsApps\DRAWBOARD.DRAWBOARDPDF_6.6.5.0_x64__gqbn7fs4pywxm [2021-11-09] (Drawboard)
DWD WarnWetter -> C:\Program Files\WindowsApps\DeutscherWetterdienst.DWDWarnWetter_1.9.2.0_x64__ea15zn9khdvwy [2019-06-25] (Deutscher Wetterdienst)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-11-04] (Microsoft Corporation)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2020-12-31] (Microsoft Corporation)
Google Maps -> C:\Program Files\WindowsApps\www.google.de-E0D29419_1.0.0.3_neutral__242r1gb6pg1pg [2021-09-28] (www.google.de)
HEVC-Videoerweiterungen -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_1.0.42702.0_x64__8wekyb3d8bbwe [2021-10-21] (Microsoft Corporation)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-11-04] (Microsoft Corporation)
Metronom -> C:\Program Files\WindowsApps\12199Asparion.Metronom_3.0.4.0_x64__f89vgcf3qm37t [2020-11-19] (Asparion) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-25] (Microsoft Corporation) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.56.43053.0_x64__8wekyb3d8bbwe [2021-11-03] (Microsoft Corporation) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_51.0.137.0_x64__8wekyb3d8bbwe [2021-11-10] (Microsoft Corporation)
MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-20] (Microsoft Corporation)
myTube Beta -> C:\Program Files\WindowsApps\59750RykenApps.myTubeBeta_4.0.16.0_x64__zd92nzxdcatqw [2021-11-02] (Ryken Studio)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.41311.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Corporation)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2019-06-25] (Samsung Electronics Co. Ltd.)
ScreenToGif -> C:\Program Files\WindowsApps\33823Nicke.ScreenToGif_2.34.0.0_neutral__99xjgbc30gqtw [2021-09-28] (Nicke)
Steinberg Forums -> C:\Program Files\WindowsApps\forums.steinberg.net-C59F1975_1.0.0.2_neutral__nppzdakyq6tn8 [2021-09-28] (forums.steinberg.net)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-11-01] (Twitter Inc.)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2142.12.0_x64__cv1g1gvanyjgm [2021-11-06] (WhatsApp Inc.)
Zattoo Live TV -> C:\Program Files\WindowsApps\ZattooEuropaAG.ZattooLiveTV_5.2121.3723.0_x64__cwpjhwd4pd0ma [2021-05-28] (Zattoo Europa AG)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2021}\localserver32 -> "C:\Program Files\Adobe\Elements 2021 Organizer\Elements Auto Creations 2021.exe" -toastactivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2022}\localserver32 -> "C:\Program Files\Adobe\Elements 2022 Organizer\Elements Auto Creations 2022.exe" -toastactivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\benji\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2020-09-24] (Notepad++ -> )
ContextMenuHandlers1-x32: [ARenGUID_ContextMenuEntry] -> {E30FF514-33BF-4C2F-A3BD-83C26DC7325C} => C:\Program Files\Advanced Renamer\arencm.dll [2014-04-04] (Kim Jensen) [Datei ist nicht signiert]
ContextMenuHandlers1: [ARenGUID_ContextMenuEntry64] -> {85EF5100-D10C-11E1-82EF-B60A140DCD93} => C:\Program Files\Advanced Renamer\arencm64.dll [2014-11-29] (Kim Jensen) [Datei ist nicht signiert]
ContextMenuHandlers1: [CLVDShellExt9] -> {4E20B104-5D9F-4E01-A01E-100F08E345C9} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt9_20190625_15_15_28.dll [2015-02-05] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-02-17] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers1: [Nitro.Pro.ShellExtension.Shim] -> {211B6F25-950C-49CD-AB86-A448EF85686A} => C:\Program Files\Common Files\Nitro\Nitro.Pro.ShellExtension.Shim.dll [2020-03-13] (Nitro Software, Inc. -> Nitro Software, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt9] -> {4E20B104-5D9F-4E01-A01E-100F08E345C9} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt9_20190625_15_15_28.dll [2015-02-05] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-02-17] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4-x32: [ARenGUID_ContextMenuEntry] -> {E30FF514-33BF-4C2F-A3BD-83C26DC7325C} => C:\Program Files\Advanced Renamer\arencm.dll [2014-04-04] (Kim Jensen) [Datei ist nicht signiert]
ContextMenuHandlers4: [ARenGUID_ContextMenuEntry64] -> {85EF5100-D10C-11E1-82EF-B60A140DCD93} => C:\Program Files\Advanced Renamer\arencm64.dll [2014-11-29] (Kim Jensen) [Datei ist nicht signiert]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-02-17] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [Datei ist nicht signiert]

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2019-06-25 12:58 - 2014-05-16 02:35 - 000192512 _____ () [Datei ist nicht signiert] C:\Program Files\Fractal Audio Systems\USB Audio Driver\fasusbaudioapi.dll
2021-11-02 09:00 - 2021-11-02 09:00 - 032941056 _____ () [Datei ist nicht signiert] C:\Program Files\WindowsApps\59750RykenApps.myTubeBeta_4.0.16.0_x64__zd92nzxdcatqw\myTube.dll
2021-05-14 19:36 - 2021-05-14 19:36 - 000236032 _____ () [Datei ist nicht signiert] C:\WINDOWS\SYSTEM32\UAD2DriverClient.dll
2021-05-14 19:36 - 2021-05-14 19:36 - 002183680 _____ () [Datei ist nicht signiert] C:\WINDOWS\SYSTEM32\UAD2SDK.dll
2021-02-03 10:53 - 2014-11-29 22:55 - 000656896 _____ (Kim Jensen) [Datei ist nicht signiert] C:\Program Files\Advanced Renamer\arencm64.dll
2020-04-18 19:42 - 2020-04-18 19:42 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-04-18 19:42 - 2020-04-18 19:42 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2017-11-08 07:35 - 2017-11-08 07:35 - 000123904 _____ (Samsung Electronics Co., Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Easy Printer Manager\SmartScreenPrint\CDAKEYMonitor64.dll
2018-05-18 09:57 - 2018-05-18 09:57 - 003696128 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Easy Printer Manager\ScanFax2PC\CDAScan2PCMonitor64.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\ProgramData:AC2347AA8E7BFAAC [217]
AlternateDataStreams: C:\ProgramData:B3288E071D841949 [217]
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\Users\All Users:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\Users\All Users:AC2347AA8E7BFAAC [217]
AlternateDataStreams: C:\Users\All Users:B3288E071D841949 [217]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:AC2347AA8E7BFAAC [217]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:B3288E071D841949 [217]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
BHO: NitroPDF.IE.Sharepoint -> {3BFAE61D-4A6D-4467-9E5E-FE5293D10F9F} -> C:\Program Files\Nitro\Pro\13\npnitroie.dll [2020-03-13] (Nitro Software, Inc. -> Nitro Software, Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: NitroPDF.IE.Sharepoint -> {3BFAE61D-4A6D-4467-9E5E-FE5293D10F9F} -> C:\Program Files (x86)\Nitro\Pro\13\npnitroie.dll [2020-03-13] (Nitro Software, Inc. -> Nitro Software, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2020-10-04 10:07 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2021-11-04 17:16 - 2021-11-08 10:48 - 000000591 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
92.168.137.66 BenjiDell.mshome.net # 2021 11 5 12 13 18 24 909
192.168.137.180 HUAWEI_Mate_20_Pro-fade01.mshome.net # 2021 11 5 12 10 25 18 497
97

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\benji\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\internet explorer wallpaper.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\StartupFolder: => "NTKDaemon.lnk"
HKLM\...\StartupApproved\StartupFolder: => "NIHardwareAccessibilityHelper.exe.lnk"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Nitro System Tray"
HKLM\...\StartupApproved\Run: => "Veeam.EndPoint.Tray.exe"
HKLM\...\StartupApproved\Run: => "AdobePSE20AutoAnalyzer"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G9"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive9"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKLM\...\StartupApproved\Run32: => "PowerDVD13Agent"
HKLM\...\StartupApproved\Run32: => "Creative HID Task"
HKLM\...\StartupApproved\Run32: => "Creative Audio Task"
HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant"
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\StartupApproved\Run: => "Power2GoExpress9"
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_B9B057F13E8261F387166E937D6ED4AC"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{BD32B640-A695-41DE-BB0A-350C2CEEF5B1}] => (Allow) C:\Users\benji\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{95C3153E-18D3-4DA0-8C1C-69E8BC2929F1}] => (Allow) C:\Users\benji\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{E7F8E14A-134B-4C27-B777-CF809E81701B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\Movie\PowerDVD Cinema\PowerDVDCinema13.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{792A5922-D3DE-447C-85FD-1B4931FCF9C9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{9F9CBAB8-2D28-493A-9354-4DF4059DCE50}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{87529624-EF96-4290-A210-1E190251E159}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{9BE24340-9BE6-4374-9A0E-F9ED1A90CAD5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{02F7A03C-7094-43ED-84E7-ECFDCBD3DFC3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMR\PowerDVD13DMREngine.exe => Keine Datei
FirewallRules: [{67055D37-9CD7-4B2E-88F1-B0EDD8005ED9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [UDP Query User{EAE42C37-92DB-4F1C-AA81-F1C8D408A87F}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe (HP Inc. -> )
FirewallRules: [TCP Query User{FD2611A4-1C99-4429-A7A4-0A4BB37AF6E9}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe (HP Inc. -> )
FirewallRules: [UDP Query User{06DBC7CA-A662-4E06-93ED-B39AE7D90770}C:\program files\common files\common desktop agent\cdasrv.exe] => (Allow) C:\program files\common files\common desktop agent\cdasrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{2A87F6B4-A594-41A6-ABE5-88533347EBD6}C:\program files\common files\common desktop agent\cdasrv.exe] => (Allow) C:\program files\common files\common desktop agent\cdasrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{9A09785B-A451-4A60-81BE-F0BBFF14B547}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{0F86F150-A8B8-4494-8738-464A271BE319}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe (HP Inc. -> )
FirewallRules: [{175F5FB8-8EE3-4AD5-98B8-3DDCA3602D39}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe (HP Inc. -> HP Printing Korea Co., Ltd.)
FirewallRules: [{C019386B-ACBF-4488-BDC1-6408FD9CE0DE}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (HP Inc. -> HP Printing Korea Co., Ltd.)
FirewallRules: [{60BD100D-AE0B-4769-9869-51ADC3438798}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe (HP Inc. -> )
FirewallRules: [{5BE78D4B-1556-4711-9180-8A2624389400}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{3CF56E2D-C174-468B-8041-5066FD70ECEC}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{A7A9BE79-59A0-46D8-9285-FE4AE4145960}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{5F4039F7-3F7A-445F-8F6D-EB4DD940A201}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [UDP Query User{740BB8D9-2044-48C6-A0E4-B3377ED8FA5E}C:\program files (x86)\common files\scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\scan process machine\imageeng.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{0AFBE750-A090-4C41-A16F-C93D9EB38AD3}C:\program files (x86)\common files\scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\scan process machine\imageeng.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{1C531DB9-31CD-41E0-B1F7-020164811DF4}] => (Allow) LPort=51113
FirewallRules: [{FA44C986-A96A-4DC0-B5EE-9892686BCBB3}] => (Allow) LPort=51112
FirewallRules: [{50E824EE-7C7B-4AD1-901C-A3B7E9B5968C}] => (Allow) LPort=51111
FirewallRules: [{C4BD3006-4928-4079-8344-F9C99A2766A3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E5201CA1-DDA9-4467-8654-92DF7DD81336}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CD0DEE11-2E64-4C82-9A9D-3C3FBF44887A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9591C866-A484-4EFF-880C-F218E754C835}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{FE9B08DC-88C3-4CBF-B1CC-1D76760B5BB7}C:\program files\steinberg\dorico3.5\dorico web helper.exe] => (Allow) C:\program files\steinberg\dorico3.5\dorico web helper.exe (Steinberg Media Technologies GmbH -> )
FirewallRules: [UDP Query User{C80D494F-FE93-4DA0-A767-DB89287156FD}C:\program files\steinberg\dorico3.5\dorico web helper.exe] => (Allow) C:\program files\steinberg\dorico3.5\dorico web helper.exe (Steinberg Media Technologies GmbH -> )
FirewallRules: [{C09080D7-7D05-4BAB-A3C7-48E27A379372}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{579153F5-8151-4FF6-B37F-9D50FA8CAFEE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C44505E1-BAFF-4F38-9B96-9C102C1B502C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{60A43989-32A1-45D0-88E5-E2C1E210DD3C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{685A958B-EA0C-4C04-B704-B1B4F8E86794}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Recovery.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{AC135A27-0F0D-44E8-90D7-BDF56F7561BB}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{96E5B0FA-20C5-4676-AB98-194CDBBA1141}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{4E383B96-C930-46F9-A8D6-6895DFB4F621}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{3C68D018-8144-4FD4-B7BA-379D57D101F0}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{E5233C01-07B3-4CD8-BACC-77FCAAFC7C59}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{BCBDE807-92BF-4262-BF0B-7F5BD3C1D8F2}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{D1176AAA-62ED-4026-A8D8-90573BF06642}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{C6056F8E-0553-411F-8E89-6CD4B30C2C3F}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [TCP Query User{37D332D1-3019-4D75-B897-95EDFAF0D64F}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Allow) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{E238A515-D2B4-4E6F-A652-33256AED6F9D}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Allow) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{8D6703C8-AEE3-4723-922D-E47BE1462B0A}C:\users\benji\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\benji\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{54E67D41-7703-485E-990D-258C4958D4B5}C:\users\benji\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\benji\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FBC919EE-D4BB-4463-8D10-A8C7AB98C9AB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CDC26EBC-6074-40A2-BF95-E48F3D258B4F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C5C5ED4A-8996-438E-85FC-D7741A5202A4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0369BA90-89DC-4FFF-816B-E7F81A65FB53}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\95.0.1020.44\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

02-11-2021 09:09:49 Windows Modules Installer
03-11-2021 16:00:22 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
03-11-2021 16:00:31 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
08-11-2021 09:10:15 Installed Windows PC Health Check
10-11-2021 09:20:57 Windows Modules Installer

==================== Fehlerhafte Geräte im Gerätemanager ============

Name: Microsoft Wi-Fi Direct Virtual Adapter #4
Description: Virtueller Microsoft Wi-Fi Direct-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Qualcomm Atheros AR5BWB222 Wireless Network Adapter
Description: Qualcomm Atheros AR5BWB222-Drahtlosnetzwerkadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (11/10/2021 09:28:46 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (11/10/2021 09:28:46 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (11/10/2021 09:28:46 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (11/10/2021 09:28:46 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (11/09/2021 06:08:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (11/09/2021 06:08:37 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (11/09/2021 01:57:26 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/08/2021 03:33:12 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.


Systemfehler:
=============
Error: (11/10/2021 09:29:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NIHostIntegrationAgent" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (11/10/2021 09:29:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMChameleon" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (11/10/2021 09:20:28 AM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Der Bluetooth-Treiber hat ein HCI-Ereignis mit einer bestimmten Größe erwartet, das aber nicht empfangen wurde.

Error: (11/10/2021 09:10:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NIHostIntegrationAgent" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (11/10/2021 09:10:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMChameleon" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (11/09/2021 01:57:55 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NMPJ99VJBWV-Microsoft.YourPhone

Error: (11/09/2021 01:51:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NIHostIntegrationAgent" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (11/09/2021 01:51:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMChameleon" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.


Windows Defender:
================
Date: 2021-11-10 10:59:57
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {8C90EDB0-4F5D-4D0E-8958-406D33245D86}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Vollständige Überprüfung
Benutzer: AUDIOMACHINE\benji

Date: 2021-11-10 09:55:57
Description: 
Der überwachte Ordnerzugriff hat C:\Program Files\LatencyMon\LatMon.exe daran gehindert, Änderungen am Speicher durchzuführen.
Erkennungszeit: 2021-11-10T08:55:57.402Z
Benutzer: AUDIOMACHINE\benji
Pfad: \Device\CdRom0
Name des Prozesses: C:\Program Files\LatencyMon\LatMon.exe
Sicherheitsversion: 1.353.743.0
Modulversion: 1.1.18700.4
Produktversion: 4.18.2110.6

Date: 2021-11-10 09:55:24
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/InstallCore&threatid=311991&enterprise=0
Name: PUADlManager:Win32/InstallCore
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_D:\*****\Downloads\Software\FreeFileSync_9.4_Windows_Setup.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: AUDIOMACHINE\benji
Prozessname: C:\Windows\explorer.exe
Sicherheitsversion: AV: 1.353.743.0, AS: 1.353.743.0, NIS: 1.353.743.0
Modulversion: AM: 1.1.18700.4, NIS: 1.1.18700.4

Date: 2021-11-10 09:49:16
Description: 
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Documents\AdobeGCData\ zu ändern.
Erkennungszeit: 2021-11-10T08:49:16.479Z
Benutzer: AUDIOMACHINE\benji
Pfad: %userprofile%\Documents\AdobeGCData\
Prozessname: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
Sicherheitsversion: 1.353.743.0
Modulversion: 1.1.18700.4
Produktversion: 4.18.2110.6

Date: 2021-11-10 09:49:16
Description: 
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Documents\AdobeGCData\ zu ändern.
Erkennungszeit: 2021-11-10T08:49:16.478Z
Benutzer: AUDIOMACHINE\benji
Pfad: %userprofile%\Documents\AdobeGCData\
Prozessname: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
Sicherheitsversion: 1.353.743.0
Modulversion: 1.1.18700.4
Produktversion: 4.18.2110.6

CodeIntegrity:
===============
Date: 2021-04-23 11:40:29
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\CastSrv.exe) attempted to load \Device\HarddiskVolume4\Users\benji\AppData\Local\Temp\TeamViewer\tv_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-07-20 19:12:20
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. F16i 11/10/2016
Hauptplatine: Gigabyte Technology Co., Ltd. Z77X-UD5H
Prozessor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 17%
Installierter physikalischer RAM: 32657.15 MB
Verfügbarer physikalischer RAM: 26991.46 MB
Summe virtueller Speicher: 37521.15 MB
Verfügbarer virtueller Speicher: 31873.84 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:232.25 GB) (Free:122.9 GB) NTFS
Drive d: (Documents) (Fixed) (Total:931.51 GB) (Free:367.22 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Audio) (Fixed) (Total:1863.01 GB) (Free:1058.27 GB) NTFS
Drive s: (Samples) (Fixed) (Total:1863 GB) (Free:1225.32 GB) NTFS

\\?\Volume{db23d280-95f9-47ba-9cc2-dcc27975201f}\ (Wiederherstellung) (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS
\\?\Volume{38a2cf03-d0fd-40a4-9227-b7aae9db10e0}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 668E10B2)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 668E10BE)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 3 (Size: 232.9 GB) (Disk ID: 49ADF780)

Partition: GPT.

==================== Ende von Addition.txt =======================
         

Alt 10.11.2021, 11:32   #2
benjis
 
Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender - Standard

Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender



Code:
ATTFilter
Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 09-11-2021
durchgeführt von benji (10-11-2021 11:14:37)
Gestartet von D:\*****\Downloads
Start-Modus: Normal

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\ADD_SMT_115_Dark_Planet_Presets.vstsound.lnk -> S:\Steinberg\VST Sound - Dark Planet\ADD_SMT_115_Dark_Planet_Presets.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\Drum Loop Expansion 01.vstsound.lnk -> S:\Steinberg\VST Sound - CubaseContent\Drum Loop Expansion 01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_001_LoopMash_Loop_Set_01.vstsound.lnk -> S:\Steinberg\VST Sound - CubaseContent\FCP_SMT_001_LoopMash_Loop_Set_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_001_LoopMash_Loop_Set_02.vstsound.lnk -> S:\Steinberg\VST Sound - CubaseContent\FCP_SMT_001_LoopMash_Loop_Set_02.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_027_HSO_Presets_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_027_HSO_Presets_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_076_HSSE_Artist_Instrument_Presets_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSSE Artist\FCP_SMT_076_HSSE_Artist_Instrument_Presets_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_077_HSSE_Pro_Instrument_Presets_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSSE Pro\FCP_SMT_077_HSSE_Pro_Instrument_Presets_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_078_HSSE_GM_Presets_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSSE Basic\FCP_SMT_078_HSSE_GM_Presets_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_080_HSSE_Pro_Presets.vstsound.lnk -> S:\Steinberg\VST Sound - HSSE Pro\FCP_SMT_080_HSSE_Pro_Presets.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_082_HSSE_Artist_Presets.vstsound.lnk -> S:\Steinberg\VST Sound - HSSE Artist\FCP_SMT_082_HSSE_Artist_Presets.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_084_HSSE_S90_Presets.vstsound.lnk -> S:\Steinberg\VST Sound - HSSE Artist\FCP_SMT_084_HSSE_S90_Presets.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_086_HSSE_SR_OneSoundzSilver_Presets.vstsound.lnk -> S:\Steinberg\VST Sound - HSSE Artist\FCP_SMT_086_HSSE_SR_OneSoundzSilver_Presets.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_088_HSSE_VST_Expression_Presets.vstsound.lnk -> S:\Steinberg\VST Sound - HSSE Pro\FCP_SMT_088_HSSE_VST_Expression_Presets.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_089_HSSE_Basic_Synth_Presets_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSSE Basic\FCP_SMT_089_HSSE_Basic_Synth_Presets_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_090_HSSE_Artist_Synth_Presets_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSSE Artist\FCP_SMT_090_HSSE_Artist_Synth_Presets_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_091_HSSE_Pro_Synth_Presets_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSSE Pro\FCP_SMT_091_HSSE_Pro_Synth_Presets_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_101_HSSE_Artist_Instrument_Presets_02.vstsound.lnk -> S:\Steinberg\VST Sound - HSSE Artist\FCP_SMT_101_HSSE_Artist_Instrument_Presets_02.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_112_Retrologue_Presets.vstsound.lnk -> S:\Steinberg\VST Sound - Retrologue\FCP_SMT_112_Retrologue_Presets.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_121_HSSE_Artist_Instrument_Presets_03.vstsound.lnk -> S:\Steinberg\VST Sound - HSSE Hybrid\FCP_SMT_121_HSSE_Artist_Instrument_Presets_03.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_122_Groove_Agent_SE_AM_Drums.vstsound.lnk -> S:\Steinberg\VST Sound - GA\FCP_SMT_122_Groove_Agent_SE_AM_Drums.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_137_Groove_Agent_SE.vstsound.lnk -> S:\Steinberg\VST Sound - GA\FCP_SMT_137_Groove_Agent_SE.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_139_HSSE_Artist_Synth_Presets_02.vstsound.lnk -> S:\Steinberg\VST Sound - HSSE Artist\FCP_SMT_139_HSSE_Artist_Synth_Presets_02.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_140_EDM_Toolbox_MIDI_Loops.vstsound.lnk -> S:\Steinberg\VST Sound - CubaseContent\FCP_SMT_140_EDM_Toolbox_MIDI_Loops.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_152_GASE_Acoustic_Studio_Kit.vstsound.lnk -> S:\Steinberg\VST Sound - GA\FCP_SMT_152_GASE_Acoustic_Studio_Kit.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_153_GASE_Rock_Pop_Toolbox_Drums.vstsound.lnk -> S:\Steinberg\VST Sound - GA\FCP_SMT_153_GASE_Rock_Pop_Toolbox_Drums.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_154_Rock_Pop_Toolbox_01.vstsound.lnk -> S:\Steinberg\VST Sound - CubaseContent\FCP_SMT_154_Rock_Pop_Toolbox_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_157_Rock_Pop_Toolbox_02.vstsound.lnk -> S:\Steinberg\VST Sound - CubaseContent\FCP_SMT_157_Rock_Pop_Toolbox_02.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_209_Caleidoscope.vstsound.lnk -> S:\Steinberg\VST Sound - CubaseContent\FCP_SMT_209_Caleidoscope.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_210_Vintage_Verb_Collection.vstsound.lnk -> S:\Steinberg\VST Sound - CubaseContent\FCP_SMT_210_Vintage_Verb_Collection.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_214_Production_Grooves.vstsound.lnk -> S:\Steinberg\VST Sound - GA\FCP_SMT_214_Production_Grooves.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_215_Production_Grooves_Kits.vstsound.lnk -> S:\Steinberg\VST Sound - GA\FCP_SMT_215_Production_Grooves_Kits.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_232_HSSE_Flux_Presets.vstsound.lnk -> S:\Steinberg\VST Sound - Flux\FCP_SMT_232_HSSE_Flux_Presets.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_244_Analog_Techno.vstsound.lnk -> S:\Steinberg\VST Sound - CubaseContent\FCP_SMT_244_Analog_Techno.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_245_Blockbuster.vstsound.lnk -> S:\Steinberg\VST Sound - CubaseContent\FCP_SMT_245_Blockbuster.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_246_Hip_Hop_Vault.vstsound.lnk -> S:\Steinberg\VST Sound - CubaseContent\FCP_SMT_246_Hip_Hop_Vault.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_247_Raw_Ambience.vstsound.lnk -> S:\Steinberg\VST Sound - CubaseContent\FCP_SMT_247_Raw_Ambience.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_248_Soul_Assembly.vstsound.lnk -> S:\Steinberg\VST Sound - CubaseContent\FCP_SMT_248_Soul_Assembly.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_249_Mystic_Spaces.vstsound.lnk -> S:\Steinberg\VST Sound - CubaseContent\FCP_SMT_249_Mystic_Spaces.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_775_GASE_The_Kit_SE_Presets.vstsound.lnk -> S:\Steinberg\VST Sound - GA\FCP_SMT_775_GASE_The_Kit_SE_Presets.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_777_MPE_Sounds_Retrologue.vstsound.lnk -> S:\Steinberg\VST Sound - Retrologue\FCP_SMT_777_MPE_Sounds_Retrologue.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_778_MPE_Sounds_Padshop.vstsound.lnk -> S:\Steinberg\VST Sound - Padshop\FCP_SMT_778_MPE_Sounds_Padshop.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_779_GASE_Laser_Beams.vstsound.lnk -> S:\Steinberg\VST Sound - GA\FCP_SMT_779_GASE_Laser_Beams.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_788_Padshop_Presets.vstsound.lnk -> S:\Steinberg\VST Sound - Padshop\FCP_SMT_788_Padshop_Presets.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_790_Padshop2_Presets.vstsound.lnk -> S:\Steinberg\VST Sound - Padshop\FCP_SMT_790_Padshop2_Presets.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_796_Retrologue2_Presets.vstsound.lnk -> S:\Steinberg\VST Sound - Retrologue\FCP_SMT_796_Retrologue2_Presets.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_809_Bloom.vstsound.lnk -> S:\Steinberg\VST Sound - CubaseContent\FCP_SMT_809_Bloom.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_810_Dancefloor_Tech_House.vstsound.lnk -> S:\Steinberg\VST Sound - CubaseContent\FCP_SMT_810_Dancefloor_Tech_House.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_811_Hard_Knocks.vstsound.lnk -> S:\Steinberg\VST Sound - CubaseContent\FCP_SMT_811_Hard_Knocks.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_812_LoFi_Dreams.vstsound.lnk -> S:\Steinberg\VST Sound - CubaseContent\FCP_SMT_812_LoFi_Dreams.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_813_Night_Call_Synthwave.vstsound.lnk -> S:\Steinberg\VST Sound - CubaseContent\FCP_SMT_813_Night_Call_Synthwave.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\FCP_SMT_814_Noir.vstsound.lnk -> S:\Steinberg\VST Sound - CubaseContent\FCP_SMT_814_Noir.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\Groove Agent ONE 01.vstsound.lnk -> S:\Steinberg\VST Sound - GA\Groove Agent ONE 01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\Groove Agent ONE 02.vstsound.lnk -> S:\Steinberg\VST Sound - GA\Groove Agent ONE 02.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\Groove Agent ONE 03.vstsound.lnk -> S:\Steinberg\VST Sound - GA\Groove Agent ONE 03.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\SequelContent000.vstsound.lnk -> S:\Steinberg\VST Sound - CubaseContent\SequelContent000.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\VST Sound - Soundiron\Soundiron_Olympus_Micro.vstsound.lnk -> S:\Steinberg\VST Sound - Olympus Choir\Soundiron_Olympus_Micro.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\VST Sound - Keda Music\Indian Drum Basics.vstsound.lnk -> S:\Steinberg\VST Sound - Keda Music\Indian Drum Basics.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\VST Sound\VST Sound - e-Instruments\e-Instruments_Vibrant_Presets.vstsound.lnk -> S:\Steinberg\VST Sound - Vibrant\e-Instruments_Vibrant_Presets.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\Padshop\VST Sound\FCP_SMT_113_Padshop.vstsound.lnk -> S:\Steinberg\VST Sound - Padshop\FCP_SMT_113_Padshop.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\Padshop\VST Sound\FCP_SMT_789_Padshop2.vstsound.lnk -> S:\Steinberg\VST Sound - Padshop\FCP_SMT_789_Padshop2.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\ADD_SMT_114_Dark_Planet.vstsound.lnk -> S:\Steinberg\VST Sound - Dark Planet\ADD_SMT_114_Dark_Planet.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_001_HSO_Bass_Clarinet_Solo.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_001_HSO_Bass_Clarinet_Solo.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_001_HS_Synths_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSFactory\FCP_SMT_001_HS_Synths_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_002_HSO_Bassoon_Solo.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_002_HSO_Bassoon_Solo.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_003_HSO_Clarinet_Solo.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_003_HSO_Clarinet_Solo.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_004_HSO_Double_Bass_Solo.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_004_HSO_Double_Bass_Solo.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_004_HS_Accordion_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSFactory\FCP_SMT_004_HS_Accordion_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_005_HSO_Double_Bass_Tutti.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_005_HSO_Double_Bass_Tutti.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_005_HS_Blues_Harp_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSFactory\FCP_SMT_005_HS_Blues_Harp_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_006_HSO_English_Horn_Solo.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_006_HSO_English_Horn_Solo.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_007_HSO_Flute_Solo.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_007_HSO_Flute_Solo.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_008_HSO_Horn_Solo.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_008_HSO_Horn_Solo.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_008_HS_El_Guitar_02.vstsound.lnk -> S:\Steinberg\VST Sound - HSFactory\FCP_SMT_008_HS_El_Guitar_02.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_009_HSO_Horns_Tutti.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_009_HSO_Horns_Tutti.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_010_HSO_Oboe_Solo.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_010_HSO_Oboe_Solo.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_010_HS_Ac_Guitar_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSFactory\FCP_SMT_010_HS_Ac_Guitar_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_011_HSO_Percussion_Metal.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_011_HSO_Percussion_Metal.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_012_HSO_Percussion_Pitched.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_012_HSO_Percussion_Pitched.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_013_HSO_Percussion_Skinned.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_013_HSO_Percussion_Skinned.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_014_HSO_Percussion_Wood.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_014_HSO_Percussion_Wood.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_015_HSO_Piccolo_Solo.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_015_HSO_Piccolo_Solo.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_016_HSO_Trombone_Solo.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_016_HSO_Trombone_Solo.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_016_HS_Choir_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSFactory\FCP_SMT_016_HS_Choir_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_017_HSO_Trombones_Tutti.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_017_HSO_Trombones_Tutti.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_018_HSO_Trumpet_Solo.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_018_HSO_Trumpet_Solo.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_019_HSO_Trumpets_Tutti.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_019_HSO_Trumpets_Tutti.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_020_HSO_Tuba_Solo.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_020_HSO_Tuba_Solo.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_021_HSO_Viola_Solo.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_021_HSO_Viola_Solo.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_022_HSO_Violas_Tutti.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_022_HSO_Violas_Tutti.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_023_HSO_Violin_Solo.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_023_HSO_Violin_Solo.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_024_HSO_Violins_Tutti.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_024_HSO_Violins_Tutti.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_025_HSO_Violoncello_Solo.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_025_HSO_Violoncello_Solo.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_025_HS_Vintage_Bass_FW_Fing_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSFactory\FCP_SMT_025_HS_Vintage_Bass_FW_Fing_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_026_HSO_Violoncellos_Tutti.vstsound.lnk -> S:\Steinberg\VST Sound - HSO\FCP_SMT_026_HSO_Violoncellos_Tutti.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_026_HS_Vintage_Bass_FW_Fing_Add_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSFactory\FCP_SMT_026_HS_Vintage_Bass_FW_Fing_Add_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_027_HS_Vintage_Bass_FW_Pick_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSFactory\FCP_SMT_027_HS_Vintage_Bass_FW_Pick_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_028_HS_Vintage_Bass_FW_Pick_Add_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSFactory\FCP_SMT_028_HS_Vintage_Bass_FW_Pick_Add_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_048_HS_Pipe_Organ_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSFactory\FCP_SMT_048_HS_Pipe_Organ_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_050_HS_El_Piano_Suitcase_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSFactory\FCP_SMT_050_HS_El_Piano_Suitcase_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_051_HS_El_Piano_MKI_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSFactory\FCP_SMT_051_HS_El_Piano_MKI_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_052_HS_El_Piano_200A_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSFactory\FCP_SMT_052_HS_El_Piano_200A_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_059_HS_Strings_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSFactory\FCP_SMT_059_HS_Strings_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_060_HS_Brass_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSFactory\FCP_SMT_060_HS_Brass_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_063_HS_Winds_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSFactory\FCP_SMT_063_HS_Winds_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_064_HS_Sax_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSFactory\FCP_SMT_064_HS_Sax_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_072_HS_Trumpet_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSFactory\FCP_SMT_072_HS_Trumpet_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_073_HS_Muted_Trumpet_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSFactory\FCP_SMT_073_HS_Muted_Trumpet_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_074_HS_Trombone_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSFactory\FCP_SMT_074_HS_Trombone_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_075_HS_GM_01.vstsound.lnk -> S:\Steinberg\VST Sound - HSFactory\FCP_SMT_075_HS_GM_01.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_079_HSSE_Pro.vstsound.lnk -> S:\Steinberg\VST Sound - HSSE Pro\FCP_SMT_079_HSSE_Pro.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_081_HSSE_Artist.vstsound.lnk -> S:\Steinberg\VST Sound - HSSE Artist\FCP_SMT_081_HSSE_Artist.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_083_HSSE_S90.vstsound.lnk -> S:\Steinberg\VST Sound - HSSE Artist\FCP_SMT_083_HSSE_S90.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_085_HSSE_SR_OneSoundzSilver.vstsound.lnk -> S:\Steinberg\VST Sound - HSSE Artist\FCP_SMT_085_HSSE_SR_OneSoundzSilver.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_087_HSSE_VST_Expression.vstsound.lnk -> S:\Steinberg\VST Sound - HSSE Pro\FCP_SMT_087_HSSE_VST_Expression.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\FCP_SMT_100_HSSE_Artist_Drum.vstsound.lnk -> S:\Steinberg\VST Sound - HSSE Artist\FCP_SMT_100_HSSE_Artist_Drum.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\VST Sound - e-Instruments\e-Instruments_Vibrant_Samples_Clavi.vstsound.lnk -> S:\Steinberg\VST Sound - Vibrant\e-Instruments_Vibrant_Samples_Clavi.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\VST Sound - e-Instruments\e-Instruments_Vibrant_Samples_Stage.vstsound.lnk -> S:\Steinberg\VST Sound - Vibrant\e-Instruments_Vibrant_Samples_Stage.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\VST Sound - e-Instruments\e-Instruments_Vibrant_Samples_Suitcase.vstsound.lnk -> S:\Steinberg\VST Sound - Vibrant\e-Instruments_Vibrant_Samples_Suitcase.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\HALion\VST Sound\VST Sound - e-Instruments\e-Instruments_Vibrant_Samples_Wurli.vstsound.lnk -> S:\Steinberg\VST Sound - Vibrant\e-Instruments_Vibrant_Samples_Wurli.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\Groove Agent\VST Sound\FCP_SMT_146_GA_Studio_Kit_Eco.vstsound.lnk -> S:\Steinberg\VST Sound - GA\FCP_SMT_146_GA_Studio_Kit_Eco.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\Groove Agent\VST Sound\FCP_SMT_776_GASE_The_Kit_SE_Samples.vstsound.lnk -> S:\Steinberg\VST Sound - GA\FCP_SMT_776_GASE_The_Kit_SE_Samples.vstsound ()
Shortcut: C:\ProgramData\Steinberg\Content\Groove Agent\VST Sound\FCP_SMT_780_GASE_Laser_Beams_Instruments.vstsound.lnk -> S:\Steinberg\VST Sound - GA\FCP_SMT_780_GASE_Laser_Beams_Instruments.vstsound ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Poster Printer.lnk -> C:\Windows\Installer\{085AFF3B-459B-4B8D-9366-F2DC4452D73B}\_82E3290B056FC414C53D07.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLok License Manager.lnk -> C:\Program Files (x86)\iLok License Manager\iLok License Manager.exe (PACE Anti-Piracy, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center.lnk -> C:\Program Files\Microsoft Mouse and Keyboard Center\MouseKeyboardCenter.exe (Microsoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro.lnk -> C:\Program Files\Nitro\Pro\13\NitroPDF.exe (Nitro Software, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk -> C:\Program Files\Notepad++\notepad++.exe (Don HO don.h@free.fr)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Program Files\Microsoft OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett\Wacom Desktop Center.lnk -> C:\Program Files\Tablet\Wacom\32\WacomDesktopCenter.exe (Wacom Co. Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett\Wacom Tablett-Eigenschaften.lnk -> C:\Program Files\Tablet\Wacom\Professional_CPL.exe (Wacom Co. Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Similarity Duplicate Image Finder\Order Visual Similarity Duplicate Image Finder.lnk -> C:\Program Files (x86)\Visual Similarity Duplicate Image Finder\OrderVisualSimilarityDuplicateImageFinder.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Similarity Duplicate Image Finder\Uninstall Visual Similarity Duplicate Image Finder.lnk -> C:\Program Files (x86)\Visual Similarity Duplicate Image Finder\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Similarity Duplicate Image Finder\Visual Similarity Duplicate Image Finder Help.lnk -> C:\Program Files (x86)\Visual Similarity Duplicate Image Finder\help.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Similarity Duplicate Image Finder\Visual Similarity Duplicate Image Finder Support.lnk -> C:\Program Files (x86)\Visual Similarity Duplicate Image Finder\VisualSimilarityDuplicateImageFinderSupport.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Similarity Duplicate Image Finder\Visual Similarity Duplicate Image Finder Web Site.lnk -> C:\Program Files (x86)\Visual Similarity Duplicate Image Finder\VisualSimilarityDuplicateImageFinder.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Similarity Duplicate Image Finder\Visual Similarity Duplicate Image Finder.lnk -> C:\Program Files (x86)\Visual Similarity Duplicate Image Finder\DupImageFinder.exe (MindGems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Veeam\Veeam Agent for Microsoft Windows.lnk -> C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Tray.exe (Veeam Software Group GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Veeam\Tools\Configure Backup.lnk -> C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Backup.exe (Veeam Software Group GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Veeam\Tools\Create Recovery Media.lnk -> C:\Program Files\Veeam\Endpoint Backup\Veeam.Endpoint.RecoveryMedia.exe (Veeam Software Group GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Veeam\Tools\File Level Restore.lnk -> C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.FLR.exe (Veeam Software Group GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Veeam\Tools\Volume Restore.lnk -> C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Recovery.exe (Veeam Software Group GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UAD Powered Plug-Ins\Documentation.lnk -> C:\Program Files (x86)\Universal Audio\Powered Plugins\Documentation ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UAD Powered Plug-Ins\Readme.lnk -> C:\Program Files (x86)\Universal Audio\Powered Plugins\ReadMe.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UAD Powered Plug-Ins\UAD Meter & Control Panel.lnk -> C:\Program Files (x86)\Universal Audio\Powered Plugins\UADPerfMon.exe (Universal Audio, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transcribe!\Transcribe! Help.lnk -> C:\Program Files\Transcribe!\xschelp.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transcribe!\Transcribe!.lnk -> C:\Program Files\Transcribe!\Transcribe.exe (Seventh String Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toontrack\EZbass.lnk -> C:\Windows\Installer\{0DFAC2AE-2736-4ADC-A2C6-9D9CE3DEF3DD}\SDhostShortcut_2A71AFECC4714D9ABD4C1B691EF7F8E5.exe (Flexera)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toontrack\EZdrummer (64-bit).lnk -> C:\Windows\Installer\{CFFABFEB-AD0D-4811-B09F-849B19B8FE78}\EZDShortcut_264E25C0F02843ED97B7219727EF0DE4.exe (Flexera)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toontrack\EZkeys (64-bit).lnk -> C:\Windows\Installer\{C8983F26-7DE5-455D-A578-7848A6B3F1C9}\EZKShortcut_EB7ABD1E52AC4C27A68E81FD54EA539B.exe (Flexera)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toontrack\Superior Drummer 3.lnk -> C:\Windows\Installer\{C556430A-61B1-4B55-8287-B3D6D26F729B}\SDhostShortcut_1DD5614954C446F3904755F6FF17F761.exe (Flexera)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toontrack\Toontrack Product Manager.lnk -> C:\Program Files (x86)\Toontrack\Toontrack Product Manager.exe (Toontrack Music AB)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toontrack\Toontrack solo\Operation Manual.lnk -> C:\Program Files\Toontrack\Toontrack solo\TTSDoc.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toontrack\Toontrack solo\Toontrack solo.lnk -> C:\Program Files\Toontrack\Toontrack solo\Toontrack solo.exe (Toontrack Music AB)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toontrack\Documentation\EZdrummer Operation Manual.lnk -> C:\Program Files\Toontrack\EZdrummer\EZdrummer Operation Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toontrack\Documentation\EZkeys Operation Manual.lnk -> C:\Program Files\Toontrack\EZkeys\EZkeys Operation Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthogy Ivory\iLok License Manager.lnk -> C:\Program Files (x86)\iLok License Manager\iLok License Manager.exe (PACE Anti-Piracy, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthogy Ivory\Ivory Cantabile (64-bit).lnk -> C:\Program Files\Synthogy\Ivory\Ivory Cantabile.exe (Synthogy)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthogy Ivory\Ivory Library Tool.lnk -> C:\Program Files (x86)\Synthogy\Ivory\Ivory Library Tool.exe (Synthogy, LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg WaveLab Elements 11\Benutzereinstellungen-Ordner.lnk -> C:\Users\benji\AppData\Roaming\Steinberg\WaveLab Elements 11 ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg WaveLab Elements 11\WaveLab Elements 11.lnk -> C:\Program Files\Steinberg\WaveLab Elements 11\WaveLabElements11.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg WaveLab Elements 10.0\Benutzereinstellungen-Ordner.lnk -> C:\Users\benji\AppData\Roaming\Steinberg\WaveLab Elements 10.0 ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg WaveLab Elements 10.0\WaveLab Elements 10.0.lnk -> C:\Program Files\Steinberg\WaveLab Elements 10.0\WaveLabElements10_0.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg SpectraLayers 7\SpectraLayers 7.lnk -> C:\Program Files\Steinberg\SpectraLayers 7\Win64\SpectraLayers.exe (Steinberg)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg Library Manager\Steinberg Library Manager.lnk -> C:\Program Files\Steinberg\Steinberg Library Manager\Steinberg Library Manager.exe (Steinberg Media Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg Download Assistant\Steinberg Download Assistant.lnk -> C:\Program Files (x86)\Steinberg\Download Assistant\Steinberg Download Assistant.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg Dorico 3.5\Benutzereinstellungen-Ordner.lnk -> C:\Users\benji\AppData\Roaming\Steinberg\Dorico 3.5 ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg Dorico 3.5\Dorico 3.5.lnk -> C:\Program Files\Steinberg\Dorico3.5\Dorico3.5.exe (Steinberg Media Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 11\Benutzereinstellungen-Ordner.lnk -> C:\Users\benji\AppData\Roaming\Steinberg\Cubase 11_64 ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 11\Cubase 11.lnk -> C:\Program Files\Steinberg\Cubase 11\Cubase11.exe (Steinberg Media Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg\ASIO Generic Lower Latency Driver Setup.lnk -> C:\Program Files\Steinberg\Asio\asioglldsetup.exe (Steinberg Media Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Samsung Easy Document Creator.lnk -> C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician\Samsung Magician entfernen.lnk -> C:\Program Files (x86)\Samsung\Samsung Magician\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician\Samsung Magician.lnk -> C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe (Samsung Electronics Co. Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roland\UM-ONE Driver\UM-ONE Readme.lnk -> C:\Program Files\Roland\UM-ONE Driver\README.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roland\UM-ONE Driver\UM-ONE.lnk -> C:\Program Files\Roland\UM-ONE Driver\Files\RDDP1115.EXE (Roland Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva\Recuva.lnk -> C:\Program Files\Recuva\recuva64.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva\Uninstall Recuva.lnk -> C:\Program Files\Recuva\uninst.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neuratron\PhotoScore & NotateMe Ultimate.lnk -> C:\Program Files (x86)\Neuratron\PhotoScore + NotateMe Ultimate 2020\Neuratron PhotoScore.exe (Neuratron Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Native Access\Native Access.lnk -> C:\Program Files\Native Instruments\Native Access\Native Access.exe (Native Instruments GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Kontakt\Kontakt.lnk -> C:\Program Files\Native Instruments\Kontakt\Kontakt.exe (Native Instruments GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\Changelog.lnk -> C:\Program Files\MPC-HC\Changelog.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\MPC-HC entfernen.lnk -> C:\Program Files\MPC-HC\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\MPC-HC x64.lnk -> C:\Program Files\MPC-HC\mpc-hc64.exe (MPC-HC Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Mp3tag Hilfe.lnk -> C:\Program Files (x86)\Mp3tag\help\index.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Mp3tag.lnk -> C:\Program Files (x86)\Mp3tag\Mp3tag.exe (Florian Heidenreich)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Neu in dieser Version.lnk -> C:\Program Files (x86)\Mp3tag\Mp3tagVersion.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix\MKVToolNix GUI.lnk -> C:\Program Files\MKVToolNix\mkvtoolnix-gui.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix\Uninstall.lnk -> C:\Program Files\MKVToolNix\uninst.exe (Moritz Bunkus)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix\Website.lnk -> C:\Program Files\MKVToolNix\MKVToolNix.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix\Documentation\Command line references.lnk -> C:\Program Files\MKVToolNix\doc\command_line_references.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix\Documentation\NEWS.txt - What is new, what has changed.lnk -> C:\Program Files\MKVToolNix\doc\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix\Documentation\README.lnk -> C:\Program Files\MKVToolNix\doc\README.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office-Spracheinstellungen.lnk -> C:\Program Files\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\loopMIDI\loopMIDI.lnk -> C:\Windows\Installer\{AEAF7978-3204-451D-8593-BC53EBDDA31D}\loopMIDI.exe (Tobias Erichsen)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Capture.lnk -> C:\Program Files\Logitech\LogiCapture\bin\LogiCapture.exe (Logitech)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon\In Depth Latency Tests.lnk -> C:\Program Files\LatencyMon\IDLT.exe (Resplendence Software Projects)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon\LatencyMon.lnk -> C:\Program Files\LatencyMon\LatMon.exe (Resplendence Software Projects Sp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jBridge\jBridger.lnk -> C:\Program Files\JBridge\jBridger.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jBridge\Uninstall.lnk -> C:\Program Files\JBridge\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jam Origin\MIDI Guitar\MIDI Guitar 2 (32-bit).lnk -> C:\Program Files\Jam Origin\MIDI Guitar\MIDIGuitar2-32bit.exe (Jam Origin)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jam Origin\MIDI Guitar\MIDI Guitar 2 (64-bit).lnk -> C:\Program Files\Jam Origin\MIDI Guitar\MIDIGuitar2-64bit.exe (Jam Origin)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jam Origin\MIDI Guitar\Uninstall MIDI Guitar 2.lnk -> C:\Program Files\Jam Origin\MIDI Guitar\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZotope\Ozone 7\iZotope Ozone 7 (32-bit).lnk -> C:\Program Files (x86)\iZotope\Ozone 7\win32\iZotope Ozone 7.exe (iZotope, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZotope\Ozone 7\iZotope Ozone 7 (64-bit).lnk -> C:\Program Files (x86)\iZotope\Ozone 7\win64\iZotope Ozone 7.exe (iZotope, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZotope\Ozone 7\Uninstall iZotope Ozone 7.lnk -> C:\Program Files (x86)\iZotope\Ozone 7\Uninstall iZotope Ozone 7 Advanced.exe (iZotope, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64\HWiNFO64.lnk -> C:\Program Files\HWiNFO64\HWiNFO64.EXE (REALiX)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite\HiSuite.lnk -> C:\Program Files (x86)\HiSuite\HiSuite.exe (Huawei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite\Uninstall.lnk -> C:\Program Files (x86)\HiSuite\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HandBrake\HandBrake.lnk -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HandBrake\Uninstall.lnk -> C:\Program Files\HandBrake\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 7\Guitar Pro 7.lnk -> C:\Program Files (x86)\Arobas Music\Guitar Pro 7\GuitarPro7.exe (Arobas Music)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 7\Uninstall.lnk -> C:\Program Files (x86)\Arobas Music\Guitar Pro 7\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\Garmin Express.lnk -> C:\Program Files (x86)\Garmin\Express\express.exe (Garmin Ltd. or its subsidiaries)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fractal Audio Systems\Fractal Audio Systems USB Audio Driver\FASUSBAudio Control Panel.lnk -> C:\Program Files\Fractal Audio Systems\USB Audio Driver\FASUSBAudioCplApp.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fractal Audio\Axe-Edit.lnk -> C:\Program Files (x86)\Fractal Audio\Axe-Edit\Axe-Edit.exe (Fractal Audio Systems)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fractal Audio\Fractal-Bot.lnk -> C:\Program Files\Fractal Audio\Fractal-Bot\Fractal-Bot.exe (Fractal Audio Systems)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Finale NotePad 2012\Finale NotePad 2012.lnk -> C:\Program Files (x86)\Finale NotePad 2012\Finale NotePad.exe (MakeMusic Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Finale NotePad 2012\Uninstall Finale NotePad 2012.lnk -> C:\Program Files (x86)\Finale NotePad 2012\UninstallNotePad.exe (MakeMusic)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast Duplicate File Finder\Fast Duplicate File Finder Help.lnk -> C:\Program Files (x86)\Fast Duplicate File Finder\help.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast Duplicate File Finder\Fast Duplicate File Finder Support.lnk -> C:\Program Files (x86)\Fast Duplicate File Finder\FastDuplicateFileFinderSupport.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast Duplicate File Finder\Fast Duplicate File Finder Web Site.lnk -> C:\Program Files (x86)\Fast Duplicate File Finder\FastDuplicateFileFinder.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast Duplicate File Finder\Fast Duplicate File Finder.lnk -> C:\Program Files (x86)\Fast Duplicate File Finder\DupFileFinder.exe (MindGems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast Duplicate File Finder\Order Fast Duplicate File Finder.lnk -> C:\Program Files (x86)\Fast Duplicate File Finder\OrderFastDuplicateFileFinder.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast Duplicate File Finder\Uninstall Fast Duplicate File Finder.lnk -> C:\Program Files (x86)\Fast Duplicate File Finder\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser\eLicenser Control Center.lnk -> C:\Program Files (x86)\eLicenser\eLCC\eLCC.exe (Steinberg Media Technologies GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser\Documentation\eLicenser Control Release Notes.lnk -> C:\Program Files (x86)\eLicenser\Release Notes.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EastWest\EW Installation Center.lnk -> C:\Program Files\EastWest\Installation Center\EW Installation Center.exe (EastWest Sounds, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EastWest\PLAY.lnk -> C:\ProgramData\East West\play_x64.exe (East West)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\DivX Technische Unterstützung.lnk -> C:\Windows\System32\url.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dexed\Dexed.lnk -> C:\Program Files (x86)\Dexed\Dexed.exe (Digital Suburban)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dexed\Un-install Dexed.lnk -> C:\Program Files (x86)\Dexed\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 13\CyberLink PowerDVD 13.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD13\PDVDLP.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 9\CyberLink Power2Go 9.lnk -> C:\Program Files (x86)\CyberLink\Power2Go9\Power2Go9.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 9\Desktop Burning Gadget.lnk -> C:\Program Files (x86)\CyberLink\Power2Go9\Power2GoExpress9.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 9\ISO Viewer.lnk -> C:\Program Files (x86)\CyberLink\Power2Go9\IsoViewer9.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 9\Virtual Drive.lnk -> C:\Program Files (x86)\CyberLink\Power2Go9\VirtualDrive9.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 7\CyberLink MediaEspresso 7.lnk -> C:\Program Files (x86)\CyberLink\MediaEspresso7\MediaEspresso.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskMark8\CrystalDiskMark 8 (32bit).lnk -> C:\Program Files\CrystalDiskMark8\DiskMark32.exe (Crystal Dew World)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskMark8\CrystalDiskMark 8 (64bit).lnk -> C:\Program Files\CrystalDiskMark8\DiskMark64.exe (Crystal Dew World)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative Professional\E-MU USB-MIDI Documents\E-MU USB-MIDI Read Me.lnk -> C:\Program Files (x86)\Creative Professional\USB-MIDI\Documents\English\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\HWMonitor.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\Uninstall HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Edit CPU-Z Config File.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.ini ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Uninstall CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Celemony\Melodyne 5\Melodyne 5.lnk -> C:\Program Files\Celemony\Melodyne 5\Melodyne.exe (Celemony Software GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avid\Utilities\Avid License Control.lnk -> C:\Windows\Installer\{F187D064-F101-4E95-8D05-4027809AA0F8}\NewShortcut1_D1D572C6FCBA4504ACB2148585EE63D6.exe (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avid\Sibelius 7.5\Sibelius 7.5 User Data.lnk -> C:\Users\benji\AppData\Roaming\Avid\Sibelius 7.5 ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avid\Sibelius 7.5\Sibelius 7.5.lnk -> C:\Program Files\Avid\Sibelius 7.5\Sibelius.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avid\Sibelius 7.5\Sibelius 7.5 (32-Bit)\Sibelius 7.5 (32-Bit).lnk -> C:\Program Files (x86)\Avid\Sibelius 7.5\Sibelius.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allen and Heath Ltd\Allen and Heath Firewire.lnk -> C:\Program Files\AllenAndHeathFW\AllenAndHeathFW.exe (TC Applied Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allen and Heath Ltd\Uninstall  Allen and Heath Firewire.lnk -> C:\Program Files\AllenAndHeathFW\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Renamer\Advanced Renamer.lnk -> C:\Program Files\Advanced Renamer\ARen.exe (Kim Jensen)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Renamer\Uninstall Advanced Renamer.lnk -> C:\Program Files\Advanced Renamer\unins000.exe (Hulubulu Software                                           )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\benji\Links\Desktop.lnk -> C:\Users\benji\Desktop ()
Shortcut: C:\Users\benji\Links\Downloads.lnk -> D:\*****\Downloads ()
Shortcut: C:\Users\benji\Desktop\Allen and Heath Firewire.lnk -> C:\Program Files\AllenAndHeathFW\AllenAndHeathFW.exe (TC Applied Technologies)
Shortcut: C:\Users\benji\Desktop\AmplifireEditor.lnk -> C:\Program Files (x86)\Atomic\AmplifireEditor_6_2_0_1_Win\AmplifireEditor.exe (Atomic Amps)
Shortcut: C:\Users\benji\Desktop\Audio (E).lnk -> E:\ ()
Shortcut: C:\Users\benji\Desktop\Bands.lnk -> D:\*****\OneDrive\Documents\Bands ()
Shortcut: C:\Users\benji\Desktop\BeatlesStones.lnk -> D:\*****\OneDrive\Documents\Bands\Stefan Kling\BeatlesStones ()
Shortcut: C:\Users\benji\Desktop\Benji's Playbacks.lnk -> D:\*****\OneDrive\Music\Benji's Playbacks ()
Shortcut: C:\Users\benji\Desktop\Cloud.lnk -> D:\*****\OneDrive\Documents\Music Materials\Songs for students\Cloud ()
Shortcut: C:\Users\benji\Desktop\CrystalDiskMark 8.lnk -> C:\Program Files\CrystalDiskMark8\DiskMark64.exe (Crystal Dew World)
Shortcut: C:\Users\benji\Desktop\DASH.lnk -> D:\*****\Videos\myTube\DASH ()
Shortcut: C:\Users\benji\Desktop\Desktop NOAH.lnk -> \\NOAHNUC\Users\noahs\Desktop
Shortcut: C:\Users\benji\Desktop\Dexed.lnk -> C:\Program Files (x86)\Dexed\Dexed.exe (Digital Suburban)
Shortcut: C:\Users\benji\Desktop\Documents (NAS).lnk -> \\Fritz-nas\fritz.nas\Music_More\Documents ()
Shortcut: C:\Users\benji\Desktop\Documents (OneDrive).lnk -> D:\*****\OneDrive\Documents ()
Shortcut: C:\Users\benji\Desktop\Dokumente (Local).lnk -> D:\*****\Documents ()
Shortcut: C:\Users\benji\Desktop\Dorico Projects.lnk -> D:\*****\OneDrive\Documents\Dorico Projects ()
Shortcut: C:\Users\benji\Desktop\Downloads.lnk -> D:\*****\Downloads ()
Shortcut: C:\Users\benji\Desktop\Fast Duplicate File Finder.lnk -> C:\Program Files (x86)\Fast Duplicate File Finder\DupFileFinder.exe (MindGems, Inc.)
Shortcut: C:\Users\benji\Desktop\Geräte und Drucker - Verknüpfung.lnk -> [LF@ph&DqdɆ!9qXf}:$D$i\zc1SPS0%G`9Gerte und Drucker-Systemordner1SPSjc(=OйT::{26EE0668-A00A-44D7-9371-BEB064C98683}\2\::{A8A91A66-3A7D-4424-8D24-04E180695C7A}]
Shortcut: C:\Users\benji\Desktop\HALion Sonic SE.lnk -> C:\Program Files\Steinberg\HALion Sonic SE\HALion Sonic SE.exe (Steinberg Media Technologies)
Shortcut: C:\Users\benji\Desktop\In Depth Latency Tests.lnk -> C:\Program Files\LatencyMon\IDLT.exe (Resplendence Software Projects)
Shortcut: C:\Users\benji\Desktop\Indexed Real Books - Verknüpfung.lnk -> D:\*****\OneDrive\Documents\Music Materials\Sheet Music\Indexed Real Books ()
Shortcut: C:\Users\benji\Desktop\Ivory Cantabile (64-bit).lnk -> C:\Program Files\Synthogy\Ivory\Ivory Cantabile.exe (Synthogy)
Shortcut: C:\Users\benji\Desktop\Ivory Library Tool.lnk -> C:\Program Files (x86)\Synthogy\Ivory\Ivory Library Tool.exe (Synthogy, LLC)
Shortcut: C:\Users\benji\Desktop\Jam Track.lnk -> E:\Schüler\Allgemein\Jam Track.cpr ()
Shortcut: C:\Users\benji\Desktop\LatencyMon.lnk -> C:\Program Files\LatencyMon\LatMon.exe (Resplendence Software Projects Sp.)
Shortcut: C:\Users\benji\Desktop\Lessons.lnk -> D:\*****\OneDrive\Documents\Music Materials\Lessons ()
Shortcut: C:\Users\benji\Desktop\Logitech Capture.lnk -> C:\Program Files\Logitech\LogiCapture\bin\LogiCapture.exe (Logitech)
Shortcut: C:\Users\benji\Desktop\MakeMKV.lnk -> C:\Program Files (x86)\MakeMKV\makemkv.exe (GuinpinSoft inc)
Shortcut: C:\Users\benji\Desktop\MediaEspresso.lnk -> C:\Users\benji\MediaEspresso ()
Shortcut: C:\Users\benji\Desktop\Melodyne 5.lnk -> C:\Program Files\Celemony\Melodyne 5\Melodyne.exe (Celemony Software GmbH)
Shortcut: C:\Users\benji\Desktop\MIDI Guitar 2 (64-bit).lnk -> C:\Program Files\Jam Origin\MIDI Guitar\MIDIGuitar2-64bit.exe (Jam Origin)
Shortcut: C:\Users\benji\Desktop\Mixes.lnk -> E:\Schüler\Allgemein\Mixes ()
Shortcut: C:\Users\benji\Desktop\MKVToolNix GUI.lnk -> C:\Program Files\MKVToolNix\mkvtoolnix-gui.exe ()
Shortcut: C:\Users\benji\Desktop\Music Materials.lnk -> D:\*****\OneDrive\Documents\Music Materials ()
Shortcut: C:\Users\benji\Desktop\Musik.lnk -> D:\*****\Music ()
Shortcut: C:\Users\benji\Desktop\Musikschule.lnk -> D:\*****\OneDrive\Documents\Musikschule ()
Shortcut: C:\Users\benji\Desktop\Noah.lnk -> D:\*****\OneDrive\Documents\Noah ()
Shortcut: C:\Users\benji\Desktop\Online Unterricht.lnk -> D:\*****\OneDrive\Documents\Musikschule\Online Unterricht ()
Shortcut: C:\Users\benji\Desktop\PhotoScore & NotateMe Ultimate.lnk -> C:\Program Files (x86)\Neuratron\PhotoScore + NotateMe Ultimate 2020\Neuratron PhotoScore.exe (Neuratron Ltd)
Shortcut: C:\Users\benji\Desktop\Pictures.lnk -> D:\*****\OneDrive\Pictures ()
Shortcut: C:\Users\benji\Desktop\PLAY.lnk -> C:\ProgramData\East West\play_x64.exe (East West)
Shortcut: C:\Users\benji\Desktop\Playalongs.lnk -> D:\*****\OneDrive\Documents\Music Materials\Playalongs ()
Shortcut: C:\Users\benji\Desktop\Recuva.lnk -> C:\Program Files\Recuva\recuva64.exe (Piriform Ltd)
Shortcut: C:\Users\benji\Desktop\RenameMaster.lnk -> C:\Program Files (x86)\Rename Master\RenameMaster.exe ()
Shortcut: C:\Users\benji\Desktop\Scan.lnk -> D:\*****\OneDrive\Scan ()
Shortcut: C:\Users\benji\Desktop\Sibelius 7.5.lnk -> C:\Program Files\Avid\Sibelius 7.5\Sibelius.exe ()
Shortcut: C:\Users\benji\Desktop\Songs for students.lnk -> D:\*****\OneDrive\Documents\Music Materials\Songs for students ()
Shortcut: C:\Users\benji\Desktop\Standards Repertoire.lnk -> D:\*****\OneDrive\Documents\Music Materials\Sheet Music\Standards Repertoire ()
Shortcut: C:\Users\benji\Desktop\Steinberg Library Manager.lnk -> C:\Program Files\Steinberg\Steinberg Library Manager\Steinberg Library Manager.exe (Steinberg Media Technologies)
Shortcut: C:\Users\benji\Desktop\TonePrint.lnk -> C:\Program Files (x86)\TonePrint-4.1.10\TonePrint-4.1.10.exe (MUSIC Group)
Shortcut: C:\Users\benji\Desktop\Transcribe!.lnk -> C:\Program Files\Transcribe!\Transcribe.exe (Seventh String Software)
Shortcut: C:\Users\benji\Desktop\Visual Similarity Duplicate Image Finder.lnk -> C:\Program Files (x86)\Visual Similarity Duplicate Image Finder\DupImageFinder.exe (MindGems, Inc.)
Shortcut: C:\Users\benji\Desktop\WinDirStat.lnk -> C:\Program Files (x86)\WinDirStat\windirstat.exe (Seifert)
Shortcut: C:\Users\benji\Desktop\YourMusic.Pro.lnk -> D:\*****\OneDrive\Documents\YourMusic.Pro ()
Shortcut: C:\Users\benji\Desktop\Zoom.lnk -> C:\Users\benji\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\benji\Desktop\Standards\There Will Never Be Another You - Ohne Thema.xsc.lnk -> C:\Users\benji\Desktop\Noah Jugend Jazzt\There Will Never Be Another You - Ohne Thema.xsc (Keine Datei)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk -> C:\Users\benji\AppData\Local\PCHealthCheck\PCHealthCheck.exe ()
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Zoom.lnk -> C:\Users\benji\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat\Deinstalliere WinDirStat.lnk -> C:\Program Files (x86)\WinDirStat\Uninstall.exe ()
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat\Hilfe (DEU).lnk -> C:\Program Files (x86)\WinDirStat\wdsh0407.chm ()
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat\Hilfe (ENG).lnk -> C:\Program Files (x86)\WinDirStat\windirstat.chm ()
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat\WinDirStat.lnk -> C:\Program Files (x86)\WinDirStat\windirstat.exe (Seifert)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg HALion Sonic SE\HALion Sonic SE.lnk -> C:\Program Files\Steinberg\HALion Sonic SE\HALion Sonic SE.exe (Steinberg Media Technologies)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Renault\R-Link 2 Toolbox.lnk -> C:\Users\benji\AppData\Local\R-Link 2 Toolbox\R-Link 2 Toolbox.exe ()
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell\91xx driver\UnInstall.lnk -> C:\Program Files (x86)\Marvell\mv91xx\uninst-91xx.exe (Marvell)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMKV\MakeMKV Website.lnk -> C:\Program Files (x86)\MakeMKV\MakeMKV.url ()
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMKV\MakeMKV.lnk -> C:\Program Files (x86)\MakeMKV\makemkv.exe (GuinpinSoft inc)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMKV\Uninstall.lnk -> C:\Program Files (x86)\MakeMKV\uninst.exe (GuinpinSoft inc)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Finale NotePad 2012.lnk -> C:\Program Files (x86)\Finale NotePad 2012\Finale NotePad.exe (MakeMusic Inc.)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Dorico 3.5.lnk -> C:\Program Files\Steinberg\Dorico3.5\Dorico3.5.exe (Steinberg Media Technologies)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Excel.lnk -> C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Guitar Pro 7.lnk -> C:\Program Files (x86)\Arobas Music\Guitar Pro 7\GuitarPro7.exe (Arobas Music)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Nitro Pro.lnk -> C:\Program Files\Nitro\Pro\13\NitroPDF.exe (Nitro Software, Inc.)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Transcribe!.lnk -> C:\Program Files (x86)\Transcribe!\Transcribe.exe (Seventh String Software)
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\WaveLab Elements 10.0.lnk -> C:\Program Files\Steinberg\WaveLab Elements 10.0\WaveLabElements10_0.exe ()
Shortcut: C:\Users\benji\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Word.lnk -> C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\benji\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\benji\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\benji\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Axe-Edit.lnk -> C:\Program Files (x86)\Fractal Audio\Axe-Edit\Axe-Edit.exe (Fractal Audio Systems)
Shortcut: C:\Users\Public\Desktop\CPUID CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.exe (CPUID)
Shortcut: C:\Users\Public\Desktop\CPUID HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\HWMonitor.exe (CPUID)
Shortcut: C:\Users\Public\Desktop\Cubase 11.lnk -> C:\Program Files\Steinberg\Cubase 11\Cubase11.exe (Steinberg Media Technologies)
Shortcut: C:\Users\Public\Desktop\CyberLink MediaEspresso 7.lnk -> C:\Program Files (x86)\CyberLink\MediaEspresso7\MediaEspresso.exe (CyberLink Corp.)
Shortcut: C:\Users\Public\Desktop\CyberLink Power2Go 9.lnk -> C:\Program Files (x86)\CyberLink\Power2Go9\Power2Go9.exe (CyberLink Corp.)
Shortcut: C:\Users\Public\Desktop\CyberLink PowerDVD 13.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD13\PDVDLP.exe (CyberLink Corp.)
Shortcut: C:\Users\Public\Desktop\Dorico 3.5.lnk -> C:\Program Files\Steinberg\Dorico3.5\Dorico3.5.exe (Steinberg Media Technologies)
Shortcut: C:\Users\Public\Desktop\eLicenser Control Center.lnk -> C:\Program Files (x86)\eLicenser\eLCC\eLCC.exe (Steinberg Media Technologies GmbH)
Shortcut: C:\Users\Public\Desktop\EW Installation Center.lnk -> C:\Program Files\EastWest\Installation Center\EW Installation Center.exe (EastWest Sounds, Inc.)
Shortcut: C:\Users\Public\Desktop\EZbass.lnk -> C:\Windows\Installer\{0DFAC2AE-2736-4ADC-A2C6-9D9CE3DEF3DD}\DtpShortcut_D5A50F74848A4AB0A27E28B561F8F30A.exe (Flexera)
Shortcut: C:\Users\Public\Desktop\EZdrummer (64-bit).lnk -> C:\Windows\Installer\{CFFABFEB-AD0D-4811-B09F-849B19B8FE78}\NewShortcut1_9B36AC3378184E8096118A0EFDD3A7CF.exe (Flexera)
Shortcut: C:\Users\Public\Desktop\EZkeys (64-bit).lnk -> C:\Windows\Installer\{C8983F26-7DE5-455D-A578-7848A6B3F1C9}\NewShortcut1_218A179DBCBC425AA13EA3AC8DCAD7B2.exe (Flexera)
Shortcut: C:\Users\Public\Desktop\Finale NotePad 2012.lnk -> C:\Program Files (x86)\Finale NotePad 2012\Finale NotePad.exe (MakeMusic Inc.)
Shortcut: C:\Users\Public\Desktop\Fractal-Bot.lnk -> C:\Program Files\Fractal Audio\Fractal-Bot\Fractal-Bot.exe (Fractal Audio Systems)
Shortcut: C:\Users\Public\Desktop\Garmin Express.lnk -> C:\Program Files (x86)\Garmin\Express\express.exe (Garmin Ltd. or its subsidiaries)
Shortcut: C:\Users\Public\Desktop\Guitar Pro 7.lnk -> C:\Program Files (x86)\Arobas Music\Guitar Pro 7\GuitarPro7.exe (Arobas Music)
Shortcut: C:\Users\Public\Desktop\HandBrake.lnk -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team)
Shortcut: C:\Users\Public\Desktop\iLok License Manager.lnk -> C:\Program Files (x86)\iLok License Manager\iLok License Manager.exe (PACE Anti-Piracy, Inc.)
Shortcut: C:\Users\Public\Desktop\iZotope Ozone 7 (64-bit).lnk -> C:\Program Files (x86)\iZotope\Ozone 7\win64\iZotope Ozone 7.exe (iZotope, Inc.)
Shortcut: C:\Users\Public\Desktop\Kontakt.lnk -> C:\Program Files\Native Instruments\Kontakt\Kontakt.exe (Native Instruments GmbH)
Shortcut: C:\Users\Public\Desktop\loopMIDI.lnk -> C:\Program Files (x86)\Tobias Erichsen\loopMIDI\loopMIDI.exe (Tobias Erichsen)
Shortcut: C:\Users\Public\Desktop\Mp3tag.lnk -> C:\Program Files (x86)\Mp3tag\Mp3tag.exe (Florian Heidenreich)
Shortcut: C:\Users\Public\Desktop\MPC-HC x64.lnk -> C:\Program Files\MPC-HC\mpc-hc64.exe (MPC-HC Team)
Shortcut: C:\Users\Public\Desktop\Native Access.lnk -> C:\Program Files\Native Instruments\Native Access\Native Access.exe (Native Instruments GmbH)
Shortcut: C:\Users\Public\Desktop\Nitro Pro.lnk -> C:\Program Files\Nitro\Pro\13\NitroPDF.exe (Nitro Software, Inc.)
Shortcut: C:\Users\Public\Desktop\Notepad++.lnk -> C:\Program Files\Notepad++\notepad++.exe (Don HO don.h@free.fr)
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\Users\Public\Desktop\SpectraLayers 7.lnk -> C:\Program Files\Steinberg\SpectraLayers 7\Win64\SpectraLayers.exe (Steinberg)
Shortcut: C:\Users\Public\Desktop\Steinberg Download Assistant.lnk -> C:\Program Files (x86)\Steinberg\Download Assistant\Steinberg Download Assistant.exe ()
Shortcut: C:\Users\Public\Desktop\Superior Drummer 3.lnk -> C:\Windows\Installer\{C556430A-61B1-4B55-8287-B3D6D26F729B}\DtpShortcut_392805F5A6584A95964CD82279578F4B.exe (Flexera)
Shortcut: C:\Users\Public\Desktop\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH)
Shortcut: C:\Users\Public\Desktop\Toontrack Product Manager.lnk -> C:\Program Files (x86)\Toontrack\Toontrack Product Manager.exe (Toontrack Music AB)
Shortcut: C:\Users\Public\Desktop\Toontrack solo 64.lnk -> C:\Program Files\Toontrack\Toontrack solo\Toontrack solo.exe (Toontrack Music AB)
Shortcut: C:\Users\Public\Desktop\WaveLab Elements 11.lnk -> C:\Program Files\Steinberg\WaveLab Elements 11\WaveLabElements11.exe ()
         
__________________


Alt 10.11.2021, 11:33   #3
benjis
 
Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender - Standard

Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender



Code:
ATTFilter
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg WaveLab Elements 11\Deinstallieren.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {7470D690-0FA2-44E2-AE7E-E5BCFE716BD5}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg WaveLab Elements 10.0\Deinstallieren.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {CEE5E0EE-A9EA-4A0B-BE6E-5DD242BF5685}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg Library Manager\Deinstallieren.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {AA78592A-F13C-4C8E-B849-7A398001FA7F}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg Dorico 3.5\Deinstallieren.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {E72A482D-E6C4-4B92-B248-3880AD721E8A}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 11\Deinstallieren.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {49A80F46-11CC-44F9-9FEC-2566FE0AB7A5}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\FASUSBAudio Control Panel Autostart.lnk -> C:\Program Files\Fractal Audio Systems\USB Audio Driver\FASUSBAudioCplApp.exe () -> -hide
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Order Supplies.lnk -> C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe () -> /ordersupplies
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Samsung Easy Printer Manager.lnk -> C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe () -> /epm
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\loopMIDI\Uninstall loopMIDI.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {AEAF7978-3204-451D-8593-BC53EBDDA31D}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Finale NotePad 2012\User Manual.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> C:\Program Files (x86)\Finale NotePad 2012\Help Files\NotePad.htm
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser\License Activation.lnk -> C:\Program Files (x86)\eLicenser\eLCC\eLCC.exe (Steinberg Media Technologies GmbH) -> -GuidedActivation
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EastWest\EW Stormdrum 3.lnk -> C:\ProgramData\East West\play_x64.exe (East West) -> "C:\ProgramData\East West\products\stormdrum3.ewb"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\Codec-Einstellungen.lnk -> C:\Program Files (x86)\DivX\DivX Control Panel\DivXControlPanelLauncher.exe (DivX, Inc.) -> /start=decoder
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\Nach Updates suchen.lnk -> C:\Program Files (x86)\DivX\DivX Control Panel\DivXControlPanelLauncher.exe (DivX, Inc.) -> /start=update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\Registrieren.lnk -> C:\Program Files (x86)\DivX\DivX Control Panel\DivXControlPanelLauncher.exe (DivX, Inc.) -> /start=registration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 7\CyberLink MediaEspresso 7 Gadget.lnk -> C:\Program Files (x86)\CyberLink\MediaEspresso7\MediaEspresso.exe (CyberLink Corp.) -> gadget
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\benji\Desktop\Microsoft Teams.lnk -> C:\Users\benji\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe"
ShortcutWithArgument: C:\Users\benji\Desktop\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk -> C:\Users\benji\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe"
ShortcutWithArgument: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\benji\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Video Communications, Inc.) -> /uninstall
ShortcutWithArgument: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg HALion Sonic SE\Deinstallieren.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {2D64E1A0-02C7-4AED-BCC6-3A5E5C91D6E2}
ShortcutWithArgument: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) -> /tsr
ShortcutWithArgument: C:\Users\benji\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\benji\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\benji\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto
ShortcutWithArgument: C:\Users\benji\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) -> /recycle
ShortcutWithArgument: C:\Users\benji\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\benji\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\benji\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\benji\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\benji\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\benji\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\benji\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\benji\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\benji\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\benji\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\benji\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva\Recuva Homepage.url -> URL: hxxp://www.piriform.com/recuva
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\MPC-HC im Internet.url -> URL: hxxps://mpc-hc.org/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Mp3tag Website.url -> URL: hxxp://www.mp3tag.de
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jam Origin\MIDI Guitar\Documentation.url -> URL: hxxp://www.jamorigin.com/docs
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jam Origin\MIDI Guitar\Visit JamOrigin.com.url -> URL: hxxp://www.jamorigin.com/
InternetURL: C:\ProgramData\Bome Software\Bome Virtual MIDI\BMIDI Driver on the web.url -> URL: hxxp://www.bome.com/
InternetURL: C:\Users\benji\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\benji\Favorites\Website\http--www.kiteboardingbonaire.com-.URL -> URL: hxxp://www.kiteboardingbonaire.com/
InternetURL: C:\Users\benji\Favorites\Website\https--portal.office.com-Admin-Default.aspx.url -> BASEURL: hxxps://portal.office.com/Admin/Default.aspx URL: hxxps://portal.office.com/Admin/Default.aspx#EAdminDefaultPage_AdminHomePageESKU_AdminDashboardPage
InternetURL: C:\Users\benji\Favorites\Website\Island Music.URL -> URL: hxxp://www.islandmusic.pro/
InternetURL: C:\Users\benji\Favorites\Website\SiteControl Logon (From Firefox).URL -> URL: hxxps://sitecontrol.hostway.com/
InternetURL: C:\Users\benji\Favorites\Website\Swoop.URL -> URL: hxxp://swoopcoaching.voorvertoon.nl/page_02.htm
InternetURL: C:\Users\benji\Favorites\Website\Underwater Videographer, Nature Photography, HD videography, Arcturus Productions.URL -> URL: hxxp://www.arcturusproductions.com/
InternetURL: C:\Users\benji\Favorites\Website\www.breathebonaire.com.URL -> URL: hxxp://www.breathebonaire.com/
InternetURL: C:\Users\benji\Favorites\Weather\Bonaire Weather & Climate.URL -> URL: hxxp://www.bonaire-travelguide.com/weather/index.shtml
InternetURL: C:\Users\benji\Favorites\Weather\Caribbean Hurricane Network - stormCARIB.com - Local Reports on Tropical Systems threatening the Caribbean Islands.URL -> URL: hxxp://stormcarib.com/
InternetURL: C:\Users\benji\Favorites\Weather\Departamento Meteorologico Aruba - Radar.url -> URL: hxxp://www.meteo.aw/radar.php
InternetURL: C:\Users\benji\Favorites\Weather\Interactive Weather Satellite Imagery Viewers from NASA Earth Science Office.URL -> URL: hxxp://wwwghcc.msfc.nasa.gov/GOES/goeseasthurr.html
InternetURL: C:\Users\benji\Favorites\Weather\Kralendijk Weather - Yahoo!7 Weather.URL -> URL: hxxp://au.weather.yahoo.com/NTXX/NTXX0002/index_c.html
InternetURL: C:\Users\benji\Favorites\Weather\Meteorological Department Curacao.url -> URL: hxxp://www.meteo.cw/
InternetURL: C:\Users\benji\Favorites\Weather\National Hurricane Center.URL -> URL: hxxp://www.nhc.noaa.gov/
InternetURL: C:\Users\benji\Favorites\Weather\Navy-NRL Tropical Cyclone Page.URL -> URL: hxxp://www.nrlmry.navy.mil/tc_pages/tc_home.html
InternetURL: C:\Users\benji\Favorites\Weather\RAMSDIS ONLINE.URL -> URL: hxxp://www.cira.colostate.edu/cira/RAMM//rmsdsol/main.html
InternetURL: C:\Users\benji\Favorites\Weather\Weather Satellite Pictures.URL -> URL: hxxp://wwwghcc.msfc.nasa.gov/GOES/getsatellite.html
InternetURL: C:\Users\benji\Favorites\Weather\weather.com - Hurricane Central.URL -> URL: hxxp://www.weather.com/newscenter/tropical/
InternetURL: C:\Users\benji\Favorites\Weather\weather.com - Map Room - Satellite Map, Weather Map, Doppler Radar Caribbean Satellite.URL -> URL: hxxp://www.weather.com/maps/maptype/satelliteworld/caribbeansatellite_large.html?clip=undefined&region=undefined&collection=localwxforecast&presname=undefined
InternetURL: C:\Users\benji\Favorites\Weather\Wind & weather statistic-Wind & Wetter Statistik Bonaire.URL -> URL: hxxp://www.windfinder.com/windstats/windstatistic_bonaire.htm
InternetURL: C:\Users\benji\Favorites\Weather\WindGURU Bonaire.URL -> URL: hxxp://www.windguru.cz/int/index.php
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\cyl_dim_spec2.pdf (application pdf Object).URL -> URL: hxxp://www.advancedspecialtygases.com/includes/cyl_dim_spec2.pdf
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Decompression chamber Hyperbaric chamber for divers with the bends decompression illness, London Recompression & Hyperbaric facilities - The London Diving Chamber.URL -> URL: hxxp://www.londondivingchamber.co.uk/index.php?id=home
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\dict.cc review English Dictionary.URL -> URL: hxxp://www.dict.cc/?s=review
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\DIR-EU DIR-EUROPE.URL -> URL: hxxp://groups.yahoo.com/group/DIR-EU/
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\DIR-EUROPE.URL -> URL: hxxp://dir-europe.eu/
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Driver XP.URL -> URL: hxxp://home.comcast.net/~SupportCD/DriverXP.html
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Free GPS Software for Mobile and Other.URL -> URL: hxxp://www.maps-gps-info.com/fgpfwmobile.html#Java
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Global Underwater Explorers.URL -> URL: hxxp://forums.gue.com/
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Goofy Aqua Video.URL -> URL: hxxp://www.goofyaquavideo.com/?p=films
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Google.URL -> URL: hxxps://www.google.com/
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\GOTOH - Machine Heads Catalog 2009.URL -> URL: hxxp://www.quest-md.com/gotoh.html
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Guitar & Bass Wiring Techniques.URL -> URL: hxxp://www.guitarnucleus.com/wiring.html
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Guitar Mania - Poole Bournemouth guitar shop.URL -> URL: hxxp://www.guitar-mania.com/
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Guitar software - Guitar Pro tablature editor, Audio playback, Guitar Fretboard.URL -> URL: hxxp://www.guitar-pro.com/en/index.php?pg=product
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\GuitarNuts.com - Stock Stratocaster Wiring.URL -> URL: hxxp://www.guitarnuts.com/wiring/stockstrat.php
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Hasta la Vista, baby Ars reviews Windows 7 - Ars Technica.URL -> URL: hxxp://arstechnica.com/microsoft/reviews/2009/10/windows-7-the-review.ars
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\HOME.URL -> URL: hxxp://www.liquidtravel.org/
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Jazz Standards Songs and Instrumentals Contents.URL -> URL: hxxp://www.jazzstandards.com/compositions/index.htm
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Login to a private Photobucket.com album.URL -> URL: hxxp://photobucket.com/guestlogin?albumUrl=hxxp://s20.photobucket.com/albums/b218/a_passenier/GUE/Fundamentals/
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Lumber Dimensions.URL -> URL: hxxp://mistupid.com/homeimpr/lumber.htm
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Marshall JVM410C Guitar Tube Amplifier Combo - DV247.COM.URL -> URL: hxxp://www.dv247.com/invt/61155/
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Martin Schaub bei Denkmalkunst Kunstdenkmal.URL -> URL: hxxp://www.denkmalkunst-kunstdenkmal.de/artists/martin-schaub.html
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Meivakantie 2010 - Alle meivakanties in 2010.URL -> URL: hxxp://www.schoolvakanties-nederland.nl/meivakantie-2010.html
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Modern musical symbols - Wikipedia, the free encyclopedia.URL -> URL: hxxp://en.wikipedia.org/wiki/Modern_musical_symbols
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\NASA - NASA's Hurricane Resource Page.URL -> URL: hxxp://www.nasa.gov/mission_pages/hurricanes/main/index.html
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Online Metronome.URL -> URL: hxxp://www.seventhstring.com/metronome/metronome.html
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Online Tuner.URL -> URL: hxxp://www.seventhstring.com/tuner/tuner.html
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Online Tuning Fork.URL -> URL: hxxp://www.seventhstring.com/tuningfork/tuningfork.html
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Patent Foramen Ovale Current Pathology, Pathophysiology, and Clinical Status -- Hara et al. 46 (9) 1768 -- Journal of the American College of Cardiology.URL -> URL: hxxp://content.onlinejacc.org/cgi/content/full/46/9/1768
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Pictures by Fundamentals_2009 - Photobucket.URL -> URL: hxxp://s588.photobucket.com/albums/ss325/Fundamentals_2009/
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Principal Parts and Sails of 19th-Century Sailing Ships.URL -> URL: hxxp://cnx.org/content/m31285/latest/
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Products & Ordering - Graph Tech.URL -> URL: hxxp://www.graphtech.com/products.html?CategoryID=1
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\RTOFS (Atlantic) Graphic Nowcasts Forecasts.URL -> URL: hxxp://polar.ncep.noaa.gov/ofs/viewer.shtml?-hurr-
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Scuba Diving - New Jersey & Long Island New York - dive Wreck Valley - Gear & Training - Decompression Theory.URL -> URL: hxxp://njscuba.net/gear/trng_10_deco.html
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Stefan Redtenbacher - Transcriptions - funkybassonline.com.URL -> URL: hxxp://www.stefanredtenbacher.com/transcriptions/
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Still own your 1st PRS - Page 13 - The Forums @ Birds And Moons.com.URL -> URL: hxxp://forums.birdsandmoons.com/forum/showthread.php?t=51832&highlight=ce24+alder&page=13
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Stratocaster Master Tone Configuration - Premier Guitar.URL -> URL: hxxp://www.premierguitar.com/Magazine/Issue/2009/Jan/Stratocaster_Master_Tone_Configuration.aspx
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Sven König sCrAmBlEd HaCkZ! on MySpace Music - Free Streaming MP3s, Pictures & Music Downloads.URL -> URL: hxxp://www.myspace.com/svenkoenig
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Symptoms, Their Causes & Cures Night Sweats.URL -> URL: hxxp://www.mothernature.com/Library/Bookshelf/Books/16/160.cfm
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\tbx_fdp.pdf (application pdf Object).URL -> URL: hxxp://www.blueguitar.org/new/schem/_gtr/tbx_fdp.pdf
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Text and Web - Google Translate.URL -> URL: hxxp://translate.google.com/translate_t#
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\The Fake Book Index.URL -> URL: hxxp://www.seventhstring.co.uk/fbindex.html
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\The official U.S. time - clock.URL -> URL: hxxp://www.time.gov/timezone.cgi?Eastern/d/-5/java
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\The Tone Checklist Eight Steps to Tone - Premier Guitar.URL -> URL: hxxp://www.premierguitar.com/Magazine/Issue/2008/Apr/The_Tone_Checklist_Eight_Steps_to_Tone.aspx
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\UNITAR Operational Satellite Applications Programme UNOSAT, the Operational Satellite Applications Programme.URL -> URL: hxxp://www.unitar.org/unosat/
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\WD Music Products - FENDER® STRATOCASTER® - PARCHMENT 3 PLY.URL -> URL: hxxp://www.wdmusic.com/fender_strat_pickguard_st_255.html
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\WD Music Products - WILKINSON® CONTEMPORARY 5+1 HOLE TREMOLO CHROME.URL -> URL: hxxp://www.wdmusic.com/wilkinson_contemporary_5_1_hole_tremolo_chrome.html
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Wilkinson Guitar Parts.URL -> URL: hxxp://www.jhs.co.uk/wilkinson.html#vibratos
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Windfinder - Wind & weather forecast Bonaire Airport.URL -> URL: hxxp://www.windfinder.com/forecast/bonaire
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Yellowpages-Curacao.com Industry & Trade Ocean freight Curaçao, Netherlands Antilles.URL -> URL: hxxp://www.yellowpages-curacao.com/?category=freight&name=&city=&phone=&address=&url=&zipcode=&email=&submit=Find
InternetURL: C:\Users\benji\Favorites\Unsorted Bookmarks\Your Shopping Cart.URL -> URL: hxxp://www.wdmusic.com/cgi-sys/cgiwrap/wdmusic7/sc/order.cgi
InternetURL: C:\Users\benji\Favorites\TV\AMC Schedule - American Movie Classics.URL -> URL: hxxp://movies.amctv.com/schedule
InternetURL: C:\Users\benji\Favorites\TV\bvn.tv Vandaag.URL -> URL: hxxp://www.bvn.nl/tvgids/vandaag
InternetURL: C:\Users\benji\Favorites\TV\CBS.com.URL -> URL: hxxp://www.cbs.com/info/hdtv/index.php
InternetURL: C:\Users\benji\Favorites\TV\HBO Schedule Grid View.URL -> URL: hxxp://www.hbo.com/apps/schedule/ScheduleServlet
InternetURL: C:\Users\benji\Favorites\TV\Spike TV Show Schedule - Spike Powered by IFILM.URL -> URL: hxxp://www.spike.com/schedule/spike/
InternetURL: C:\Users\benji\Favorites\TV\Starz - Encore Mystery - Mystery Movies, Thriller Movies.URL -> URL: hxxp://www.starz.com/channels/encore/encoremystery/
InternetURL: C:\Users\benji\Favorites\TV\Subtitles Fabuleux destin d'Amélie Poulain, Le - subtitles english 1CD srt (eng) - Subtitles - download DivX subtitles from the biggest open subtitles database.URL -> URL: hxxp://www.opensubtitles.org/en/subtitles/3262255/fabuleux-destin-d-amelie-poulain-le-en
InternetURL: C:\Users\benji\Favorites\TV\SuperstationWGN.com TV.URL -> URL: hxxp://affiliate.zap2it.com/tvlistings/ZCSGrid.do?aid=twgncable
InternetURL: C:\Users\benji\Favorites\TV\TNT Daily Schedule.URL -> URL: hxxp://www.tnt.tv/schedule/daily/
InternetURL: C:\Users\benji\Favorites\TV\TV Network for Primetime, Daytime and Late Night Television Shows - NBC Official Site#.URL -> URL: hxxp://www.nbc.com/Schedule/#
InternetURL: C:\Users\benji\Favorites\TV\TV Schedule tbs.com - TV Shows - Television Shows - very funny.URL -> URL: hxxp://www.tbs.com/schedule/
InternetURL: C:\Users\benji\Favorites\TV\TV Schedules, Cable and Satellite Television and Show Schedules - USA Network.URL -> URL: hxxp://www.usanetwork.com/schedules/sched.php
InternetURL: C:\Users\benji\Favorites\Travel\Airline Tickets and Airline Reservations from American Airlines AA.com.URL -> URL: hxxp://www.aa.com/index_us.jhtml
InternetURL: C:\Users\benji\Favorites\Travel\Bonaire International Airport.URL -> URL: hxxp://www.flamingoairport.com/flightinfo.asp
InternetURL: C:\Users\benji\Favorites\Travel\Book a flight - KLM.com.URL -> URL: hxxps://www.klm.com/travel/bq_nl/plan_and_book/booking/book_a_flight/index.htm
InternetURL: C:\Users\benji\Favorites\Travel\NASA - Total Solar Eclipse of 2017 Aug 21.URL -> URL: hxxp://eclipse.gsfc.nasa.gov/SEgoogle/SEgoogle2001/SE2017Aug21Tgoogle.html
InternetURL: C:\Users\benji\Favorites\Travel\New York\YMCA of Greater New York Accomodations.URL -> URL: hxxp://www.ymcanyc.org/index.php?id=1382
InternetURL: C:\Users\benji\Favorites\Travel\Guatemala\Google Image Result for http--www.worldbackpackers.net-destination-pictures-guatemala-atitlan.jpg.URL -> URL: hxxp://images.google.com/imgres?imgurl=hxxp://www.worldbackpackers.net/destination/pictures/guatemala-atitlan.jpg&imgrefurl=hxxp://www.worldbackpackers.net/destination/guatemala.html&h=480&w=640&sz=49&hl=en&start=1&tbnid=bOSh6xyMeIyoDM:&tbnh=103&tbnw=137&prev
InternetURL: C:\Users\benji\Favorites\Studio\Voiceover rates for voice talent services.URL -> URL: hxxp://www.toddschick.com/VoiceoverRatesForVoiceTalentServices.htm
InternetURL: C:\Users\benji\Favorites\Shopping\amazon.com Online Shopping for Electronics, Apparel, Computers, Books, DVDs & more.URL -> URL: hxxp://www.amazon.com/
InternetURL: C:\Users\benji\Favorites\Shopping\Boutique to You - Celebrity Fashion & Style.URL -> URL: hxxp://www.boutiquetoyou.com/PhotoDetails.asp?ShowDESC=N&ProductCode=16030
InternetURL: C:\Users\benji\Favorites\Shopping\Digitally Printed Nylon Flags.URL -> URL: hxxp://www.united-states-flag.com/diprfl.html
InternetURL: C:\Users\benji\Favorites\Shopping\Ergo Baby Carrier - Parenting By Nature, Canada.URL -> URL: hxxp://www.parentingbynature.com/ergo-baby-carrier.htm#buynow
InternetURL: C:\Users\benji\Favorites\Shopping\Gainesville Shopping at Butler Plaza - Gainesville, FL.URL -> URL: hxxp://www.butlerplaza.com/default.asp
InternetURL: C:\Users\benji\Favorites\Shopping\Marktplaats - De plek om Nieuwe en Tweedehands spullen te kopen en verkopen.URL -> URL: hxxp://www.marktplaats.nl/
InternetURL: C:\Users\benji\Favorites\Shopping\Microsoft Store - Xbox, Surface 2 Tablet, PC, Office, Windows Phone.url -> URL: hxxp://www.microsoftstore.com/store/msusa/en_US/DisplayHomePage
InternetURL: C:\Users\benji\Favorites\Shopping\Software\. SUMO Paint .URL -> URL: hxxp://www.sumopaint.com/app/
InternetURL: C:\Users\benji\Favorites\Shopping\Software\Download Donny Hathaway - Discography 1970-1990 [FLAC] Torrent - KickassTorrents.URL -> URL: hxxp://kickass.to/donny-hathaway-discography-1970-1990-flac-t7208920.html#main
InternetURL: C:\Users\benji\Favorites\Shopping\Software\Free download ABC Amber Absolute Convertor, convert Absolute files.URL -> URL: hxxp://www.processtext.com/abcabsolutedatabase.html
InternetURL: C:\Users\benji\Favorites\Shopping\Software\isoHunt - BitTorrent & P2P torrent search engine.url -> URL: hxxps://isohunt.to/
InternetURL: C:\Users\benji\Favorites\Shopping\Software\MediaCoder - more than a universal audio video transcoder - MediaCoder official website.URL -> URL: hxxp://www.mediacoderhq.com/
InternetURL: C:\Users\benji\Favorites\Shopping\Software\Synergy Premium.url -> URL: hxxps://synergy-foss.org/premium/
InternetURL: C:\Users\benji\Favorites\Shopping\Software\The Pirate Bay - The galaxy's most resilient bittorrent site.url -> URL: hxxp://thepiratebay.se/browse
InternetURL: C:\Users\benji\Favorites\Reference\Bing Translator.url -> URL: hxxp://www.bing.com/translator/?FORM=HPSFLT
InternetURL: C:\Users\benji\Favorites\Reference\Country Codes, Phone Codes, Dialing Codes, Telephone Codes, ISO Country Codes.URL -> URL: hxxp://countrycode.org/
InternetURL: C:\Users\benji\Favorites\Reference\De Telefoongids Bedrijvengids, telefoonboek, telefoonnummer en adres.URL -> URL: hxxp://www.detelefoongids.nl/
InternetURL: C:\Users\benji\Favorites\Reference\FILExt - The File Extension Source.URL -> URL: hxxp://filext.com/
InternetURL: C:\Users\benji\Favorites\Reference\How to Read Tire Sizes eHow.com.URL -> URL: hxxp://www.ehow.com/how_2364482_read-tire-sizes.html
InternetURL: C:\Users\benji\Favorites\Reference\IBAN nummer opzoeken - IBAN SEPA & BIC Informatie.URL -> URL: hxxp://www.ibannl.org/
InternetURL: C:\Users\benji\Favorites\Reference\Main Page - Wikipedia, the free encyclopedia.URL -> URL: hxxp://en.wikipedia.org/wiki/Main_Page
InternetURL: C:\Users\benji\Favorites\Reference\MultimediaWiki.url -> URL: hxxp://wiki.multimedia.cx/index.php?title=Main_Page
InternetURL: C:\Users\benji\Favorites\Reference\Online English to Dutch to English Dictionary.URL -> URL: hxxp://www.freedict.com/onldict/dut.html
InternetURL: C:\Users\benji\Favorites\Reference\Specific Gravity Weights Of Materials from READE.URL -> URL: hxxp://www.reade.com/Particle_Briefings/spec_gra2.html
InternetURL: C:\Users\benji\Favorites\Reference\Substitute Sizes for 15 Tires.URL -> URL: hxxp://www.nebraskatire.com/tires_101/size15.htm
InternetURL: C:\Users\benji\Favorites\Reference\Tire Tech Information - A Guide to Tire Sizes.URL -> URL: hxxp://www.tirerack.com/tires/tiretech/techpage.jsp?techid=46
InternetURL: C:\Users\benji\Favorites\Reference\WikiAnswers Categories.URL -> URL: hxxp://wiki.answers.com/Q/FAQ
InternetURL: C:\Users\benji\Favorites\Reference\Wikipedia – Die freie Enzyklopädie.URL -> URL: hxxp://de.wikipedia.org/wiki/Wikipedia:Hauptseite
InternetURL: C:\Users\benji\Favorites\Reference\Wikipedia, de vrije encyclopedie.URL -> URL: hxxp://nl.wikipedia.org/wiki/Hoofdpagina
InternetURL: C:\Users\benji\Favorites\Reference\Wolfram Alpha.URL -> URL: hxxp://www.wolframalpha.com/
InternetURL: C:\Users\benji\Favorites\Reference\World Time Server- current local time and date in any zone.url -> URL: hxxp://www.worldtimeserver.com/
InternetURL: C:\Users\benji\Favorites\Reference\★ Postleitzahl (PLZ) - Rotenburg an der Fulda - Postleitzahl (PLZ).url -> URL: hxxp://www.plz-postleitzahl.de/land.hessen/23331/index.html
InternetURL: C:\Users\benji\Favorites\Plants\4HPSJ21 4H001 Florida 4-H Horticulture Identification and Judging Study Manual Flowers and Foliage Plants.URL -> URL: hxxp://edis.ifas.ufl.edu/4H001
InternetURL: C:\Users\benji\Favorites\Plants\A Curious Houseplant, Indeed.URL -> URL: hxxp://ag.udel.edu/ncc/jm-curious.html
InternetURL: C:\Users\benji\Favorites\Plants\TopTropicals.com - rare plants for home and garden.URL -> URL: hxxp://www.toptropicals.com/
InternetURL: C:\Users\benji\Favorites\Music\. Fender®.com .URL -> URL: hxxp://www.fender.com/support/wiring_diagrams_parts_lists.php
InternetURL: C:\Users\benji\Favorites\Music\3D Warehouse.URL -> URL: hxxp://sketchup.google.com/3dwarehouse/
InternetURL: C:\Users\benji\Favorites\Music\Acoustics Forum • View topic - Partition Walls.URL -> URL: hxxp://forum.studiotips.com/viewtopic.php?f=9&t=52
InternetURL: C:\Users\benji\Favorites\Music\ADK Pro Audio  Digital Audio workstations, Pro Audio Laptops, Pro audio interfaces, Pro audio software, DAW.URL -> URL: hxxp://www.adkproaudio.com/
InternetURL: C:\Users\benji\Favorites\Music\Avid - Your Account.url -> URL: hxxps://account.avid.com/
InternetURL: C:\Users\benji\Favorites\Music\Axe-Fx II Wiki Home - Axe-Fx II Wiki.URL -> URL: hxxp://wiki.fractalaudio.com/axefx2/index.php?title=Axe-Fx_II_Wiki_Home
InternetURL: C:\Users\benji\Favorites\Music\Band Name Generator.url -> BASEURL: hxxp://www.1728.org/bandname.htm URL: hxxp://www.1728.org/bandname.htm
InternetURL: C:\Users\benji\Favorites\Music\Benji's Order History   Sweetwater.com.URL -> URL: hxxps://www.sweetwater.com/myaccount/history.php
InternetURL: C:\Users\benji\Favorites\Music\Boston Musical Products.url -> BASEURL: hxxp://bostonguitarparts.com/about.php URL: hxxp://bostonguitarparts.com/about.php
InternetURL: C:\Users\benji\Favorites\Music\BUMA Stemra.URL -> URL: hxxps://portal.bumastemra.nl/en-us/Paginas/login.aspx
InternetURL: C:\Users\benji\Favorites\Music\Buying Guides  Direct Boxes (DI) Buying Guide   Musician's Friend.URL -> URL: hxxp://community.musiciansfriend.com/docs/DOC-1669
InternetURL: C:\Users\benji\Favorites\Music\Cubase 7 Keyboard Shortcuts.url -> URL: hxxp://keycommands.info/cubase-7-keyboard-shortcuts.php#edit1
InternetURL: C:\Users\benji\Favorites\Music\Delay Time Calculator   TheWhippinpost.URL -> URL: hxxp://www.thewhippinpost.co.uk/tools/delay-time-calculator.htm
InternetURL: C:\Users\benji\Favorites\Music\Dirpy - Internet DVR - YouTube to Mp3 Converter and YouTube Video Downloader.URL -> URL: hxxp://dirpy.com/
InternetURL: C:\Users\benji\Favorites\Music\DIY Bass Traps - kits & Acoustic Panels  Ready Acoustics.URL -> URL: hxxp://www.readyacoustics.com/
InternetURL: C:\Users\benji\Favorites\Music\EastWest-Quantum Leap - Award Winning Virtual Instruments.url -> URL: hxxp://www.soundsonline.com/
InternetURL: C:\Users\benji\Favorites\Music\eBooks & SongBooks & Tabs & Magazines.URL -> URL: hxxp://forum.guitarplayer.ru/index.php?topic=127546.615
InternetURL: C:\Users\benji\Favorites\Music\Elderly Instruments.url -> BASEURL: hxxp://www.elderly.com/ URL: hxxp://www.elderly.com/
InternetURL: C:\Users\benji\Favorites\Music\EQEM -- How to Build a Personal Studio on Any Budget.URL -> URL: hxxp://www.emusician.com/news/0766/how-to-build-a-personal-studio-on-any-budget/145419
InternetURL: C:\Users\benji\Favorites\Music\Equal loudness contours and audiometry - Test your own hearing.URL -> URL: hxxp://www.phys.unsw.edu.au/jw/hearing.html
InternetURL: C:\Users\benji\Favorites\Music\Fractal Audio Systems - Axe-Fx II Guitar Processor, Preamp, Effects Processor - MFC-101 MIDI Foot Controller.URL -> URL: hxxp://www.fractalaudio.com/
InternetURL: C:\Users\benji\Favorites\Music\Fractal Audio Systems Forum.URL -> URL: hxxp://forum.fractalaudio.com/
InternetURL: C:\Users\benji\Favorites\Music\Gearslutz.com.URL -> URL: hxxp://www.gearslutz.com/board/
InternetURL: C:\Users\benji\Favorites\Music\Home - NetSuite (EastWest-Soundsonline).url -> URL: hxxps://soundsonline.securedcheckout.com/app/center/nlvisitor.nl/sc.6/.f
InternetURL: C:\Users\benji\Favorites\Music\http   www.allen-heath.com uk products pages ProductDetails.aspx catId=ZEDSeries&ProductId=ZEDR16&SubCatId=.URL -> URL: hxxp://www.allen-heath.com/uk/products/pages/ProductDetails.aspx?catId=ZEDSeries&ProductId=ZEDR16&SubCatId=
InternetURL: C:\Users\benji\Favorites\Music\iLok.com - Account Profile.url -> URL: hxxps://www.ilok.com/#!profile
InternetURL: C:\Users\benji\Favorites\Music\International Music Score Library Project (IMSLP) Portal.URL -> URL: hxxp://imslp.org/
InternetURL: C:\Users\benji\Favorites\Music\Jam Origin  Audio To Midi.url -> URL: hxxp://jamorigin.com/
InternetURL: C:\Users\benji\Favorites\Music\JK Studios.URL -> URL: hxxp://www.hofvanheden.com/jkstudios/
InternetURL: C:\Users\benji\Favorites\Music\John Sayers' Recording Studio Design Forum • Index page.URL -> URL: hxxp://www.johnlsayers.com/phpBB2/index.php
InternetURL: C:\Users\benji\Favorites\Music\JVM Forum • Index page.URL -> URL: hxxp://jvmforum.com/phpBB3/
InternetURL: C:\Users\benji\Favorites\Music\KeyboardMag  Roland RD-300NX.URL -> URL: hxxp://www.keyboardmag.com/article/roland-rd-300nx/6255
InternetURL: C:\Users\benji\Favorites\Music\LA-610 Simple improvements.URL -> URL: hxxp://www.foxaudioresearch.ca/LA610.htm
InternetURL: C:\Users\benji\Favorites\Music\Main Index of Articles at TweakHeadz Lab.URL -> URL: hxxp://tweakheadz.com/index_of_articles.html
InternetURL: C:\Users\benji\Favorites\Music\MIDI Controllers.URL -> URL: hxxp://www.soundonsound.com/sos/dec10/articles/cubase-tech-1210.htm
InternetURL: C:\Users\benji\Favorites\Music\Mogami Instrument Cable  Redco Audio.url -> URL: hxxp://www.redco.com/Mogami-Instrument-Cable/
InternetURL: C:\Users\benji\Favorites\Music\Mogami W2319  Redco Audio.url -> URL: hxxp://www.redco.com/Mogami-W2319.html
InternetURL: C:\Users\benji\Favorites\Music\Morel Muziek   Acoustics.URL -> URL: hxxp://www.morelmuziek.nl/acoustics
InternetURL: C:\Users\benji\Favorites\Music\My Products  Toontrack.url -> URL: hxxps://www.toontrack.com/my-products/
InternetURL: C:\Users\benji\Favorites\Music\NI Support.url -> URL: hxxp://www.native-instruments.com/en/support/
InternetURL: C:\Users\benji\Favorites\Music\Noise and Vibration Damping Materials by INDUSTRIAL NOISE - Acoustical Absorption by Zoro Tools Industrial Supplies.URL -> URL: hxxp://www.zorotools.com/g/Noise%20and%20Vibration%20Damping%20Materials/00060579/
InternetURL: C:\Users\benji\Favorites\Music\NU9N - Behringer DEQ-2496 Initial Setup for SSB eSSB Hi-fi Audio.url -> URL: hxxp://www.icycolors.com/nu9n/deq2496.html
InternetURL: C:\Users\benji\Favorites\Music\Official PRS Guitars Forum.url -> BASEURL: hxxp://prsguitars.com/forum/forum.php URL: hxxp://prsguitars.com/forum/forum.php
InternetURL: C:\Users\benji\Favorites\Music\Online Metronome.URL -> URL: hxxp://www.seventhstring.com/metronome/metronome.html
InternetURL: C:\Users\benji\Favorites\Music\PB International   home page.URL -> URL: hxxp://www.pbinternational.eu/
InternetURL: C:\Users\benji\Favorites\Music\Play Crossroads - Powered by Ernie Ball.URL -> URL: hxxp://www.playcrossroads.com/u/benjischaub
InternetURL: C:\Users\benji\Favorites\Music\Plugins for Sibelius.url -> URL: hxxp://www.sibelius.com/download/plugins/index.html
InternetURL: C:\Users\benji\Favorites\Music\Professional Recording Equipment Accessories  Shop Our Selection of Audio Equipment Accessories, Custom Engraved Panels and Custom Audio Cables - Design Your Own Multi-channel Cable.URL -> URL: hxxp://www.redco.com/shopexd.asp?multi=yes&id=655
InternetURL: C:\Users\benji\Favorites\Music\Prosonic Studios - Member Downloads.url -> URL: hxxp://www.prosonic-studios.com/member-index
InternetURL: C:\Users\benji\Favorites\Music\QuietGround 250 1 4  Recycled Rubber Tire Underlayment.URL -> URL: hxxp://www.soundisolationstore.com/quarter-inch-quietground-rubber-underlayment.html
InternetURL: C:\Users\benji\Favorites\Music\Recording Vocals In The Computer Studio.URL -> URL: hxxp://www.soundonsound.com/sos/mar04/articles/computervocals.htm
InternetURL: C:\Users\benji\Favorites\Music\RECORDING.ORG.URL -> URL: hxxp://recording.org/
InternetURL: C:\Users\benji\Favorites\Music\RT4FC-B REAN - Neutrik  Mouser.url -> URL: hxxp://www.mouser.com/Search/ProductDetail.aspx?R=RT4FC-Bvirtualkey56810000virtualkey568-RT4FC-B
InternetURL: C:\Users\benji\Favorites\Music\Sheet Music « Open Source Music.URL -> URL: hxxp://opensourcemusic.org/?page_id=553
InternetURL: C:\Users\benji\Favorites\Music\Sibelius - Help Center.URL -> URL: hxxp://www.sibelius.com/cgi-bin/helpcenter/chat/chat.pl?groupid=3
InternetURL: C:\Users\benji\Favorites\Music\Solid Walnut 19 Inch Rack Shop   Mixingtable.com.URL -> URL: hxxp://www.mixingtable.com/solid-walnut-19-inch-rack-shop
InternetURL: C:\Users\benji\Favorites\Music\Soundproofing, Sound Control Acoustic Foam, Drop Ceiling Tiles.URL -> URL: hxxp://www.foambymail.com/DCT/drop-ceiling-tiles.html
InternetURL: C:\Users\benji\Favorites\Music\Sweetwater.url -> URL: hxxp://www.sweetwater.com/
InternetURL: C:\Users\benji\Favorites\Music\SWR® Products.URL -> URL: hxxp://www.swramps.com/products/search.php?partno=4452600010
InternetURL: C:\Users\benji\Favorites\Music\Synthogy.URL -> URL: hxxp://www.synthogy.com/
InternetURL: C:\Users\benji\Favorites\Music\The Recording Manual.URL -> URL: hxxp://johnlsayers.com/Recmanual/index.htm
InternetURL: C:\Users\benji\Favorites\Music\Vocalist - Pleasing The Audience - www.vocalist.org.uk.URL -> URL: hxxp://www.vocalist.org.uk/pleasing_the_audience.html
InternetURL: C:\Users\benji\Favorites\Music\Who is using Green Glue in their studio build  - Gearslutz.com.URL -> URL: hxxp://www.gearslutz.com/board/studio-building-acoustics/142906-who-using-green-glue-their-studio-build.html
InternetURL: C:\Users\benji\Favorites\Music\www.steinberg.net • Index page.URL -> URL: hxxp://www.steinberg.net/forum/
InternetURL: C:\Users\benji\Favorites\Music\ZED-R16 - Allen & Heath.url -> BASEURL: hxxp://www.allen-heath.com/ahproducts/zed-r16/ URL: hxxp://www.allen-heath.com/ahproducts/zed-r16/
InternetURL: C:\Users\benji\Favorites\Movies\Ain't It Cool News The best in movie, TV, DVD, and comic book news.URL -> URL: hxxp://www.aintitcool.com/
InternetURL: C:\Users\benji\Favorites\Movies\Hobbit Movie News and Information - TheOneRing.net - Forged by the Fans of J.R.R. Tolkien.URL -> URL: hxxp://www.theonering.net/torwp/
InternetURL: C:\Users\benji\Favorites\Movies\KillerMovies.com Movies That Matter!.URL -> URL: hxxp://www.killermovies.com/
InternetURL: C:\Users\benji\Favorites\Movies\review 88 Minutes - Dark Horizons.URL -> URL: hxxp://www.darkhorizons.com/reviews/88minutes.php
InternetURL: C:\Users\benji\Favorites\Movies\rogerebert.com FRONTPAGE (xhtml).URL -> URL: hxxp://rogerebert.suntimes.com/
InternetURL: C:\Users\benji\Favorites\Money\1.00 EUR to USD.URL -> URL: hxxp://www.xe.com/ucc/convert.cgi?Amount=1.00&From=EUR&To=USD
InternetURL: C:\Users\benji\Favorites\Money\MCBDirect Business.URL -> URL: hxxps://mcbdirect.mcbbonaire.com/business/online/
InternetURL: C:\Users\benji\Favorites\Money\Send Money, Money Transfer - PayPal.URL -> URL: hxxps://www.paypal.com/row/cgi-bin/webscr?cmd=_logout
InternetURL: C:\Users\benji\Favorites\Money\XE.com Conversion - 1.00 EUR to USD.URL -> URL: hxxp://www.xe.com/ucc/convert.cgi?Amount=1.00&From=EUR&To=USD
InternetURL: C:\Users\benji\Favorites\Money\XE.com Conversion - 1.00 USD to CAD.URL -> URL: hxxp://www.xe.com/ucc/convert.cgi?Amount=1.00&From=USD&To=CAD
InternetURL: C:\Users\benji\Favorites\Money\XE.com Conversion - 1.00 USD to SEK.URL -> URL: hxxp://www.xe.com/ucc/convert.cgi
InternetURL: C:\Users\benji\Favorites\Language\empty - Synonyms from Thesaurus.com.URL -> URL: hxxp://thesaurus.reference.com/browse/empty
InternetURL: C:\Users\benji\Favorites\Language\rhymezone rat.url -> BASEURL: hxxp://rhymezone.com/r/rhyme.cgi?Word=rat&org1=syl&org2=l&org3=y&typeofrhyme=perfect URL: http%3A%2F%2Frhymezone.com%2Fr%2Frhyme.cgi%3FWord%3Drat%26org1%3Dsyl%26org2%3Dl%26org3%3Dy%26typeofrhyme%3Dperfect&wgl=1&dt=1442938266313&bpp=5&bdt=61&shv=r20150917&cbv=r20150820&saldr=sa&correlator=929404030716&frm=20&ga_vid=969020619.1442938266&ga_sid=1442938266&ga_hid=381860082&ga_fc=0&pv=2&u_tz=-240&u_his=25&u_java=1&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&dff=times%20new%20roman&dfs=16&adx=431&ady=5&biw=1649&bih=994&eid=575144604%2C317150304&oid=3&ref=http%3A%2F%2Frhymezone.com%2Fr%2Frhyme.cgi%3FWord%3Drat%26org1%3Dsyl%26org2%3Dl%26org3%3Dy%26typeofrhyme%3Dexa&rx=0&eae=0&fc=88&docm=11&brdim=2191%2C85%2C1912%2C-8%2C1920%2C%2C1936%2C1096%2C1649%2C994&vis=1&rsz=d%7C%7C%7C&abl=CS&ppjl=f&pfx=0&fu=16&bc=1&ifi=1&xpc=HeNwN7RYW9&p=http%3A//rhymezone.com&dtd=67
InternetURL: C:\Users\benji\Favorites\Language\The Idiom Connection.url -> BASEURL: hxxp://www.idiomconnection.com/animal.html URL: http%3A%2F%2Fwww.idiomconnection.com%2Fanimal.html&wgl=1&dt=1442933937624&bpp=8&bdt=593&shv=r20150917&cbv=r20150820&saldr=sa&correlator=5775977749473&frm=20&ga_vid=758753229.1442933938&ga_sid=1442933938&ga_hid=854322788&ga_fc=0&pv=2&u_tz=-240&u_his=6&u_java=1&u_h=1080&u_w=1920&u_ah=1080&u_aw=1920&u_cd=24&u_nplug=1&u_nmime=2&dff=times%20new%20roman&dfs=16&adx=452&ady=106&biw=1632&bih=994&eid=575144605%2C317150304&oid=3&ref=http%3A%2F%2Fwww.bing.com%2F&rx=0&eae=0&fc=88&docm=11&brdim=2191%2C85%2C1912%2C-8%2C1920%2C%2C1936%2C1096%2C1649%2C994&vis=1&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&srr=1&fu=16&bc=1&ifi=1&xpc=wVJDi8HXbB&p=http%3A//www.idiomconnection.com&dtd=70
InternetURL: C:\Users\benji\Favorites\Kids\Alles over Kinderen tips voor als je peuter niet (alleen) wil slapen.URL -> URL: hxxp://www.allesoverkinderen.nl/ne_slapen_tips.htm
InternetURL: C:\Users\benji\Favorites\Kids\Kids-n-Fun   Portal voor Kids   Alle kleurplaten.URL -> URL: hxxp://www.kids-n-fun.nl/Kleuren/Kleurplaten.aspx
InternetURL: C:\Users\benji\Favorites\Kids\Kresh Bon Kwido.URL -> URL: hxxp://www.kreshbonkwido.com/
InternetURL: C:\Users\benji\Favorites\Kids\Uitnodigingen - Overzicht van alle uitnodigingen.URL -> URL: hxxp://www.party-gifts.nl/uitnodigingen.asp
InternetURL: C:\Users\benji\Favorites\Health\Oma Weet Raad.URL -> URL: hxxp://www.omaweetraad.com/tips.php?rubriek=gezondheid
InternetURL: C:\Users\benji\Favorites\Hardware\anandtech your source for hardware analysis and news.URL -> URL: hxxp://www.anandtech.com/
InternetURL: C:\Users\benji\Favorites\Hardware\DailyTech.URL -> URL: hxxp://www.dailytech.com/
InternetURL: C:\Users\benji\Favorites\Hardware\Gateway Official Site Shop - Notebooks - P-172X Laptop Product Details.URL -> URL: hxxp://support.gateway.com/s/Mobile/2008/Godzilla/2906032R/2906032Rnv.shtml
InternetURL: C:\Users\benji\Favorites\Hardware\New Tech News Blog Network ~ Lockergnome.URL -> URL: hxxp://www.lockergnome.com/
InternetURL: C:\Users\benji\Favorites\Hardware\Newegg.com - Computer Parts, PC Components, Laptop Computers, LED LCD TV, Digital Cameras and more!.URL -> URL: hxxp://www.newegg.com/
InternetURL: C:\Users\benji\Favorites\Hardware\SyncThru Web Service.URL -> URL: hxxp://192.168.1.10/sws/index.html
InternetURL: C:\Users\benji\Favorites\Hardware\The INQUIRER - microprocessors, servers, memory, PCs, graphics, networking, storage.URL -> URL: hxxp://www.theinquirer.net/
InternetURL: C:\Users\benji\Favorites\Hardware\The Internet Movie Database (IMDb).URL -> URL: hxxp://www.imdb.com/
InternetURL: C:\Users\benji\Favorites\Hardware\Tt Community.url -> BASEURL: hxxp://community.thermaltake.com/index.php? URL: hxxp://community.thermaltake.com/index.php?
InternetURL: C:\Users\benji\Favorites\Hardware\[H]ardOCP - www.hardocp.com.URL -> URL: hxxp://www.hardocp.com/
InternetURL: C:\Users\benji\Favorites\GPS & Mapping\Ashtead Technology - Ashtead Technology Rental Offshore Division.URL -> URL: hxxp://www.ashtead-technology.com/us/Offshore/Content/019_S.html
InternetURL: C:\Users\benji\Favorites\GPS & Mapping\BaseNav.com GPS Navigation Mobile GPS nautical Navigation AnchorWatcher Track and Trace Feel free to navigate.URL -> URL: hxxp://www.basenav.com/navigate.html
InternetURL: C:\Users\benji\Favorites\GPS & Mapping\Brookhouse home for NMEA products.URL -> URL: hxxp://brookhouseonline.com/
InternetURL: C:\Users\benji\Favorites\GPS & Mapping\Equipment and Processing - Archive of Side Scan Sonar and Bathymetry Data Collected During USGS Cruise 06FSH01 Offshore of Siesta Key, Florida, 2006.URL -> URL: hxxp://pubs.usgs.gov/ds/291/html/equipment_processing.html#Anchor-Singlebea-31912
InternetURL: C:\Users\benji\Favorites\GPS & Mapping\GeoMapApp.URL -> URL: hxxp://www.geomapapp.org/index.htm
InternetURL: C:\Users\benji\Favorites\GPS & Mapping\Home - Kongsberg Maritime.URL -> URL: hxxp://www.km.kongsberg.com/
InternetURL: C:\Users\benji\Favorites\GPS & Mapping\HYPACK, Inc. Products.URL -> URL: hxxp://www.hypack.com/new/Sales/Products/tabid/55/Default.aspx
InternetURL: C:\Users\benji\Favorites\GPS & Mapping\International Federation of Hydrographic Societies.URL -> URL: hxxp://www.hydrographicsociety.org/welcome.html
InternetURL: C:\Users\benji\Favorites\GPS & Mapping\Seabed Imaging.URL -> URL: hxxp://www.theshipwreckproject.com/imaging.htm
InternetURL: C:\Users\benji\Favorites\GPS & Mapping\StarFish Seabed Imaging System - Digital CHIRP Side Scan Sonar Towfish.URL -> URL: hxxp://www.starfishsonar.com/index.htm
InternetURL: C:\Users\benji\Favorites\GPS & Mapping\Tritech Super SeaKing DFP Dual Frequency Profiler.URL -> URL: hxxp://www.tritech.co.uk/products/products-super_seaking_profiler.htm
InternetURL: C:\Users\benji\Favorites\GPS & Mapping\Virtual Ocean.URL -> URL: hxxp://www.virtualocean.org/
InternetURL: C:\Users\benji\Favorites\Food\Boodschappen online recepten overzicht.URL -> URL: hxxp://www.boodschappen.nl/recepten.php
InternetURL: C:\Users\benji\Favorites\Food\Strat's Place - Daniel Rogov - Bechamel - A Most Insignificant Sauce.URL -> URL: hxxp://www.stratsplace.com/rogov/bechamel.html
InternetURL: C:\Users\benji\Favorites\Fonts\Fonts101.com - Orator Font TTF (Brandname Category).URL -> URL: hxxp://www.fonts101.com/xt_fontdetails_az_FID!14782~Orator~font.html
InternetURL: C:\Users\benji\Favorites\Electronics\Leap Motion   Mac & PC Gesture Controller for Games, Design, & More.URL -> URL: hxxps://www.leapmotion.com/
InternetURL: C:\Users\benji\Favorites\Electronics\Replacement Light Parts and Temporary Lighting.url -> URL: hxxp://www.lightbulbsurplus.com/index.php?main_page=index&cPath=69
InternetURL: C:\Users\benji\Favorites\Electronics\Sony eSupport - DCR-TRV950 - Manuals - Specs - Warranty.URL -> URL: hxxp://esupport.sony.com/US/perl/model-documents.pl?mdl=DCRTRV950
InternetURL: C:\Users\benji\Favorites\Electronics\The WRT54G Revival Guide. - LinksysInfo - Community Forums for Linksys Devices.URL -> URL: hxxp://www.linksysinfo.org/forums/showthread.php?t=47259
InternetURL: C:\Users\benji\Favorites\Diving\A-Plus Marine Supply, Inc.URL -> URL: hxxp://www.aplusmarine.com/
InternetURL: C:\Users\benji\Favorites\Diving\Air Bags Lift Bags Air Lift Bags Safety Sausage Tubes Safety Sausage.URL -> URL: hxxp://www.carterbag.com/home.html
InternetURL: C:\Users\benji\Favorites\Diving\Compressed Air Testing Specialists - Makers of the AirCheck Air Sampling System - Trace Analytics.URL -> URL: hxxp://www.airchecklab.com/
InternetURL: C:\Users\benji\Favorites\Diving\DAN Divers Alert Network - Scuba Diving and Dive Safety Association.URL -> URL: hxxp://www.diversalertnetwork.org/
InternetURL: C:\Users\benji\Favorites\Diving\DIR Diving.URL -> URL: hxxp://www.direxplorers.com/
InternetURL: C:\Users\benji\Favorites\Diving\dir-nl Doing It Right duiken.URL -> URL: hxxp://groups.yahoo.com/group/dir-nl/
InternetURL: C:\Users\benji\Favorites\Diving\DIR-NL Forum.URL -> URL: hxxp://www.dir-nl.nl/forum/index.php
InternetURL: C:\Users\benji\Favorites\Diving\Dive Planning forms, tables & formulas.URL -> URL: hxxp://www.ndc.noaa.gov/dp_forms.html
InternetURL: C:\Users\benji\Favorites\Diving\DIVING ACCESSORY PRODUCT INDEX.URL -> URL: hxxp://www.tridentdive.com/productlistw.htm
InternetURL: C:\Users\benji\Favorites\Diving\Flow meters, Flow Switch, Flow Switches, Level Switches.URL -> URL: hxxp://www.fluidcomponents.com/default.asp
InternetURL: C:\Users\benji\Favorites\Diving\Foto's Mairi Bhan Bonaire.URL -> URL: hxxp://web.mac.com/arvanginkel/iWeb/Mairi%20Bhan/Foto%27s%20Mairi%20Bhan%20Bonaire.html
InternetURL: C:\Users\benji\Favorites\Diving\gue.com-.URL -> URL: hxxp://www.gue.com/
InternetURL: C:\Users\benji\Favorites\Diving\halcyon DIR Dive Systems.URL -> URL: hxxp://www.halcyon.net/
InternetURL: C:\Users\benji\Favorites\Diving\http--www.gateshousings.com-.URL -> URL: hxxp://www.gateshousings.com/
InternetURL: C:\Users\benji\Favorites\Diving\Linde Gas Benelux - het adres voor gassen!.URL -> URL: hxxp://www.lindegasbenelux.com/
InternetURL: C:\Users\benji\Favorites\Diving\MAIRI BHAN built by Barclay Curle & Company Glasgow Clydebuilt Ships Database.URL -> URL: hxxp://www.clydesite.co.uk/clydebuilt/viewship.asp?id=3775
InternetURL: C:\Users\benji\Favorites\Diving\Mairi bhan.URL -> URL: hxxp://www.shawsavillships.co.uk/bhan.htm
InternetURL: C:\Users\benji\Favorites\Diving\Maritieme kalender - Scheepvaartmuseum.URL -> URL: hxxp://www.scheepvaartmuseum.nl/1114?j=&m=6&d=24
InternetURL: C:\Users\benji\Favorites\Diving\Nationaal Archief van de Nederlandse Antillen.URL -> URL: hxxp://www.willemstad.net/link/Nationaal+Archief+van+de+Nederlandse+Antillen.675
InternetURL: C:\Users\benji\Favorites\Diving\nitrox32.pdf (application pdf Object).URL -> URL: hxxp://www.ndc.noaa.gov/pdfs/nitrox32.pdf
InternetURL: C:\Users\benji\Favorites\Diving\nitrox36.pdf (application pdf Object).URL -> URL: hxxp://www.ndc.noaa.gov/pdfs/nitrox36.pdf
InternetURL: C:\Users\benji\Favorites\Diving\NOAA Ocean Explorer Bonaire 2008 Exploring Coral Reef Sustainability with New Technologies.URL -> URL: hxxp://oceanexplorer.noaa.gov/explorations/08bonaire/welcome.html
InternetURL: C:\Users\benji\Favorites\Diving\Oxycheq.URL -> URL: hxxp://oxycheq.com/Oxycheq/Welcome.html
InternetURL: C:\Users\benji\Favorites\Diving\PADI Members Site.URL -> URL: hxxp://www.padimembers.com/cgi-bin/reqpg.exe?ALUM/HQ//+America/home
InternetURL: C:\Users\benji\Favorites\Diving\Papers Past — Otago Witness — 1 August 1874 — THE MAIRI BHAN.URL -> URL: hxxp://paperspast.natlib.govt.nz/cgi-bin/paperspast?a=d&d=OW18740801.2.12&e=-------10--1----0-all
InternetURL: C:\Users\benji\Favorites\Diving\Point Lobos Underwater Maps.URL -> URL: hxxp://www.baue.org/lobos_maps/index.php
InternetURL: C:\Users\benji\Favorites\Diving\PST-Scuba - products.URL -> URL: hxxp://www.pstscuba.com/products.htm#e780
InternetURL: C:\Users\benji\Favorites\Diving\Reef Check - Saving Reefs Worldwide.URL -> URL: hxxp://www.reefcheck.org/
InternetURL: C:\Users\benji\Favorites\Diving\Reef Check California - Saving Reefs Worldwide.URL -> URL: hxxp://ned.reefcheck.org/
InternetURL: C:\Users\benji\Favorites\Diving\Remote Sensing for Coastal Management - Sensor Summaries - Single Beam Sonar.URL -> URL: hxxp://www.csc.noaa.gov/crs/rs_apps/sensors/single_beam.htm
InternetURL: C:\Users\benji\Favorites\Diving\SLSA A.D. Edwardes Collection PRG 1373 7 26.URL -> URL: hxxp://images.slsa.sa.gov.au/edwardes/07/PRG1373_7_26.htm
InternetURL: C:\Users\benji\Favorites\Diving\Taucher-Zentrum Planet Scuba Hamburg-das Tauchfachgeschäft im Norden.URL -> URL: hxxp://www.taucher-zentrum.de/
InternetURL: C:\Users\benji\Favorites\Diving\Technical diving, GUE training courses, charters, forum.URL -> URL: hxxp://www.ocean-discovery.org/
InternetURL: C:\Users\benji\Favorites\Diving\The DIR Project - Dive Trips.URL -> URL: hxxp://www.thedirproject.com/trips/
InternetURL: C:\Users\benji\Favorites\Diving\The Mairi Bhan NZETC.URL -> URL: hxxp://www.nzetc.org/tm/scholarly/tei-Bre02Whit-t1-body-d2-d8-d5.html
InternetURL: C:\Users\benji\Favorites\Diving\Timeframes - National Library of New Zealand - Object Details.URL -> URL: hxxp://timeframes.natlib.govt.nz/logicrouter/servlet/LogicRouter?PAGE=object&OUTPUTXSL=object.xslt&pm_PRC=REPO02DB&pm_POI=1603&pm_GS=10&ds_svAPI_RelGroups=1&api_1=GET_CHILDREN_GROUPS&pm_PRC=REPO02DB&pm_POI=1603&pm_CGI=10&ds_svGeneric_CGI=1&ds_svAPI_RelContent
InternetURL: C:\Users\benji\Favorites\Diving\TRIDENT-DIVING-ACCESSORIES.URL -> URL: hxxp://www.tridentdive.com/
InternetURL: C:\Users\benji\Favorites\Diving\Ultralight Control Systems.URL -> URL: hxxp://www.ulcs.com/
InternetURL: C:\Users\benji\Favorites\Diving\Underwater Scuba Diving Photography.URL -> URL: hxxp://www.underwater-photography.ca/index.htm
InternetURL: C:\Users\benji\Favorites\Diving\Welcome to AGIR.URL -> URL: hxxp://www.agir-brokk.com/
InternetURL: C:\Users\benji\Favorites\Communications\***** - Google+.URL -> URL: hxxps://plus.google.com/u/0/100331733976615536386/posts
InternetURL: C:\Users\benji\Favorites\Communications\*****.URL -> URL: hxxps://www.facebook.com/benji.schaub
InternetURL: C:\Users\benji\Favorites\Communications\*****’s stream on SoundCloud - Hear the world’s sounds.URL -> URL: hxxps://soundcloud.com/benji-schaub
InternetURL: C:\Users\benji\Favorites\Communications\Bonaire Talk - The place to discuss everything and anything about Bonaire!.URL -> URL: hxxp://www.bonairetalk.com/
InternetURL: C:\Users\benji\Favorites\Communications\Facebook.URL -> URL: hxxps://www.facebook.com/
InternetURL: C:\Users\benji\Favorites\Communications\Fb pages  Sizes & Dimensions.URL -> URL: hxxps://www.facebook.com/PagesSizesDimensions
InternetURL: C:\Users\benji\Favorites\Communications\Free QR Code Generator - quickly create your codes, no email or log in required. Click for instant access now!.URL -> URL: hxxp://www.quikqr.com/
InternetURL: C:\Users\benji\Favorites\Communications\Gmail - Inbox - benjischaub@gmail.com.URL -> URL: hxxp://mail.google.com/mail/?hl=en&tab=wm#inbox
InternetURL: C:\Users\benji\Favorites\Communications\Island Music.URL -> URL: hxxps://www.facebook.com/islandmusicpro
InternetURL: C:\Users\benji\Favorites\Communications\islandmusicpro's Channel - YouTube.URL -> URL: hxxp://www.youtube.com/user/islandmusicpro?ob=video-mustangbase
InternetURL: C:\Users\benji\Favorites\Communications\My Saved Places - Google Maps.URL -> URL: hxxps://maps.google.com/maps?hl=en
InternetURL: C:\Users\benji\Favorites\Communications\Pipl - People Search.URL -> URL: hxxp://www.pipl.com/
InternetURL: C:\Users\benji\Favorites\Communications\Speedtest.net - The Global Broadband Speed Test.URL -> URL: hxxp://www.speedtest.net/
InternetURL: C:\Users\benji\Favorites\Communications\Twitter   Home.URL -> URL: hxxps://twitter.com/#!/
InternetURL: C:\Users\benji\Favorites\Communications\Welcome, Benji!   LinkedIn.URL -> URL: hxxp://www.linkedin.com/home
InternetURL: C:\Users\benji\Favorites\Business\Administratiekantoor Brandaris B.V. - Welkom op onze website.URL -> URL: hxxp://www.brandarisbv.com/
InternetURL: C:\Users\benji\Favorites\Business\AmCar Freight - Guaranteed Weekly Sailings to Aruba, Bonaire, Curacao, Dominican Republic, Central America & West Coast South America.URL -> URL: hxxp://www.amcarfreight.com/contact
InternetURL: C:\Users\benji\Favorites\Business\CPost International N.V.URL -> URL: hxxp://cpostinternational.com/
InternetURL: C:\Users\benji\Favorites\Business\De Zwarte Raaf Bonaire Nederlandse Antillen. Voor onderhoud en al uw techniek, renovatie, demolition, maintenance bouw en sloopwerk. 24 uur per dag 7 dagen in de week.URL -> URL: hxxp://www.dezwarteraaf.com/
InternetURL: C:\Users\benji\Favorites\Business\Den Laman Condominiums Bonaire, Netherlands Antilles, Dutch Caribbean.URL -> URL: hxxp://www.denlaman.com/
InternetURL: C:\Users\benji\Favorites\Business\Drukwerkdeal.nl, goedkoop drukwerk o.a. visitekaartjes, briefpapier, enveloppen, folders, flyers en posters.URL -> URL: hxxp://www.drukwerkdeal.nl/
InternetURL: C:\Users\benji\Favorites\Business\E Zone Limited.URL -> URL: hxxp://www.getezone.com/
InternetURL: C:\Users\benji\Favorites\Business\FedEx Track.URL -> URL: hxxp://www.fedex.com/Tracking
InternetURL: C:\Users\benji\Favorites\Business\Hang Out Beach Bar.URL -> URL: hxxp://www.hangoutbeachbar.com/index.htm
InternetURL: C:\Users\benji\Favorites\Business\Home  Google AdSense.URL -> URL: hxxps://www.google.com/adsense/v3/app#home
InternetURL: C:\Users\benji\Favorites\Business\IFC.URL -> URL: hxxp://www.ifc-consolidators.nl/
InternetURL: C:\Users\benji\Favorites\Business\Info Bonaire - Scuba Diving Operators, Dive Shops, and Scuba Diving Instructors.URL -> URL: hxxp://www.infobonaire.com/diveoperators.html
InternetURL: C:\Users\benji\Favorites\Business\Loan Calculator.URL -> URL: hxxp://www4.bmo.com/popup/loans/Calculator.html
InternetURL: C:\Users\benji\Favorites\Business\Puntomio.url -> URL: hxxps://cpostint.puntomio.com/eng/login_my_info
InternetURL: C:\Users\benji\Favorites\Business\Sabalpalm 80 - Google Maps.URL -> URL: hxxps://maps.google.com/maps/ms?msa=0&msid=218406327294865164034.0004a75ec3226cbc28b73&hl=en&ie=UTF8&ll=12.125547,-68.278463&spn=0.007479,0.009109&t=m&z=17&vpsrc=6&iwloc=0004c6c63ab68c61f7519
InternetURL: C:\Users\benji\Favorites\Business\SVB ZV OV Web Declaration.URL -> URL: hxxp://216.152.175.66/SVBWebAangifte/Companies/ShowCompaniesTablePage.aspx
InternetURL: C:\Users\benji\Favorites\Business\The Bonaire Insider - The latest independent tourism news from the Caribbean island of Bonaire - Home Page.URL -> URL: hxxp://www.bonaireinsider.com/
InternetURL: C:\Users\benji\Favorites\Business\USPS - Track & Confirm - Put our delivery information to work for you.URL -> URL: hxxp://www.usps.com/shipping/trackandconfirm.htm?from=home&page=0035trackandconfirm
InternetURL: C:\Users\benji\Favorites\Business\Welcome at Bonaire.biz.URL -> URL: hxxp://www.bonaire.biz/
InternetURL: C:\Users\benji\Favorites\Business\Welcome to UPS.URL -> URL: hxxp://www.ups.com/
InternetURL: C:\Users\benji\Favorites\Business\Wetboek-online.nl  Auteurswet  Artikel 25.url -> URL: hxxp://www.wetboek-online.nl/wet/Aw/25.html
InternetURL: C:\Users\benji\Desktop\Dorico Shortcuts.url -> URL: hxxps://steinberg.help/dorico-manuals/dorico-pro/dorico-pro-3/

==================== Ende vom Shortcut.txt =============================
         
__________________

Alt 10.11.2021, 16:25   #4
M-K-D-B
/// TB-Ausbilder
 
Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender - Standard

Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender







Mein Name ist Matthias und ich werde dir bei der Analyse und der eventuell notwendigen Bereinigung deines Computers helfen.





Schritt 1
Führe Malwarebytes' AntiMalware (MBAM) gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei.





Schritt 2
Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei.





Schritt 3
  • Starte FRST erneut und klicke auf Untersuchen.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Bitte poste mit deiner nächsten Antwort:
  • die Logdatei von MBAM
  • die Logdatei von AdwCleaner
  • die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt)

Alt 12.11.2021, 10:22   #5
benjis
 
Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender - Standard

Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender



Hi Matthias, sorry dass es ein wenig gedauert hat, hier die logs:

Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 12.11.21
Scan-Zeit: 10:04
Protokolldatei: 7cd2a362-4397-11ec-bc9d-20689d4158af.json

-Softwaredaten-
Version: 4.4.10.144
Komponentenversion: 1.0.1499
Version des Aktualisierungspakets: 1.0.47136
Lizenz: Abgelaufen

-Systemdaten-
Betriebssystem: Windows 10 (Build 19043.1348)
CPU: x64
Dateisystem: NTFS
Benutzer: AUDIOMACHINE\benji

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 386912
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 6 Min., 6 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build:    06-29-2021
# Database: 2021-10-26.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    11-12-2021
# Duration: 00:00:00
# OS:       Windows 10 Home
# Cleaned:  4
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
Deleted       HKCU\Software\Conduit
Deleted       HKLM\Software\DivX\Install\Setup\WizardLayout\UniblueDriverScanner

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2366 octets] - [12/11/2021 10:11:48]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-11-2021
durchgeführt von benji (Administrator) auf AUDIOMACHINE (12-11-2021 10:14:30)
Gestartet von D:\*****\Downloads
Geladene Profile: benji
Plattform: Microsoft Windows 10 Home Version 21H1 19043.1348 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel(R) Software Development Products -> Intel(R) Corporation) C:\Program Files (x86)\Common Files\Intel\RSDCM_SR300\bin\win32\RealSenseDCMSR300.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> ) C:\Program Files (x86)\Microsoft\Edge\Application\95.0.1020.44\identity_helper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\110\LocalDB\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Veeam Software Group GmbH -> Veeam Software Group GmbH) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [Nitro System Tray] => C:\Program Files\Nitro\Pro\13\nitro_pro_systray.exe [334088 2020-03-13] (Nitro Software, Inc. -> Nitro Software, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942744 2018-12-17] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [Veeam.EndPoint.Tray.exe] => C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Tray.exe [853968 2021-02-16] (Veeam Software Group GmbH -> Veeam Software Group GmbH)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] (DivX, LLC -> )
HKLM-x32\...\Run: [CLMLServer_For_P2G9] => C:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvc_P2G9.exe [110344 2013-12-31] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive9] => C:\Program Files (x86)\CyberLink\Power2Go9\VirtualDrive9.exe [983816 2015-02-05] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [PowerDVD13Agent] => C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe [525352 2018-03-02] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [Creative Audio Task] => C:\Program Files (x86)\Creative\Shared Files\Creative Audio Task\CTAudTsk.exe [123848 2016-03-03] (Creative Technology Ltd -> Creative Technology Ltd)
HKLM-x32\...\Run: [Creative HID Task] => C:\Program Files (x86)\Creative\Shared Files\Creative HID Task\CTHIDTsk.exe [104392 2016-02-10] (Creative Technology Ltd -> Creative Technology Ltd)
HKLM-x32\...\Run: [UATrayIcon] => C:\Program Files (x86)\Universal Audio\Powered Plugins\UATrayIcon.exe [3805696 2021-05-14] (Universal Audio, Inc.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [UAPerfMon] => C:\Program Files (x86)\Universal Audio\Powered Plugins\UADPerfMon.exe [6280192 2021-05-14] (Universal Audio, Inc.) [Datei ist nicht signiert]
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2340216 2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\Run: [loopMIDI] => C:\Program Files (x86)\Tobias Erichsen\loopMIDI\loopMIDI.exe [848384 2012-08-15] (Tobias Erichsen) [Datei ist nicht signiert]
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\Run: [MicrosoftEdgeAutoLaunch_B9B057F13E8261F387166E937D6ED4AC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\MountPoints2: {149a0a8a-d7d3-11e9-a9ab-806e6f6e6963} - "J:\setup.exe" 
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\MountPoints2: {2d087356-6db6-11ea-aab4-902b34d55361} - "J:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\MountPoints2: {8568c1c5-ad8b-11eb-ad45-20689d4158af} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [153600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Nitro PDF Port 13 Monitor: C:\WINDOWS\system32\NxPrinterMonitor13.dll [242440 2020-03-13] (Nitro Software, Inc. -> Nitro Software, Inc.)
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FASUSBAudio Control Panel Autostart.lnk [2019-06-25]
ShortcutTarget: FASUSBAudio Control Panel Autostart.lnk -> C:\Program Files\Fractal Audio Systems\USB Audio Driver\FASUSBAudioCplApp.exe () [Datei ist nicht signiert]
Startup: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2021-05-03]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2382A3D3-E5B5-40ED-9221-F0BC6F03E300} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2434424 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {255CA14E-BCF9-4947-B708-11D256B7613F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Keine Datei)
Task: {38F2A021-EA4D-4CC2-AD4D-DEE61AB51E39} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {534B8696-3AA2-4A0C-83B8-CC49191DBFAF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {55191523-34D0-4306-9694-8DBE8E846DAE} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [3978624 2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {56BB76F5-7FF6-4554-94CF-830E0624012E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1910136 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {64FF6312-6276-43E1-9AE4-8FD59320BDA2} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {73AB8BAF-B67F-419D-BBFF-CD3A4038A857} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22655904 2021-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {850218E9-3DAF-482D-9CA9-875932025ED0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1910136 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {9985E02E-3EEB-4958-B927-2DCA650AE6D6} - System32\Tasks\DeviceDetector7 => C:\Program Files (x86)\CyberLink\MediaEspresso7\DeviceDetector\DeviceDetector7.exe [865824 2015-09-10] (CyberLink Corp. -> CyberLink)
Task: {9ABCA37F-8CE2-4423-AC8E-F3839F10F0C1} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-12-16] (Garmin International, Inc. -> )
Task: {9B9B8F10-CD4F-44CB-B6C0-32DCB21F38FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A90E957B-DA43-4A38-91F7-BCDCE0D323E3} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2311528 2020-09-28] (Microsoft Corporation -> Microsoft)
Task: {ACB3A525-A95C-4694-8125-3AF3FF1845C0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1600408 2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA41330F-8F18-4C88-9BC3-C59FA0A57929} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2434424 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {C12C7DA8-CD9E-48B0-BFE3-A46175F6754F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C78C6CDE-3DD3-4DF5-A0DB-A793CCBD92ED} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1146048 2018-10-05] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {D76B7BF7-0B04-4B9C-89C1-8B69744EB10E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {D7732B3F-2CF4-459A-8534-2EEF6DA210F7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC963DE5-44B8-4332-82C7-A49062F04B8F} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [32624 2020-09-28] (Microsoft Corporation -> Microsoft)
Task: {F4FAD552-A74B-45D7-B4E4-A16598756742} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {F56E9419-20B9-4F50-B869-B5E96612D6CD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22655904 2021-10-25] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4a2814a0-5b29-48ea-98d3-0ef43718891a}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{d0a3353a-dfb1-461d-ae4c-e74cfdf55e93}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{d4cb2d88-9699-4c58-8e9f-7c92fef8e034}: [DhcpNameServer] 192.168.178.1

Edge: 
=======
DownloadDir: D:\*****\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001 -> about:tabs
Edge Notifications: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001 -> hxxps://www.youtube.com
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Extension: (Amazon Assistant) -> xxx_AmazoncomAmazonAssistant_343d40qqvtj1t => C:\Program Files\WindowsApps\Amazon.com.AmazonAssistant_10.1910.9.0_neutral__343d40qqvtj1t [2019-12-17]
Edge DefaultProfile: Default
Edge Profile: C:\Users\benji\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-12]
Edge DownloadDir: Default -> D:\*****\Downloads
Edge Notifications: Default -> hxxps://forums.steinberg.net
Edge HomePage: Default -> edge://newtab/
Edge Extension: (Just Black) - C:\Users\benji\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2021-08-24]

FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, Inc. -> DivX, LLC.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, Inc. -> DivX, LLC.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3833088 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3603200 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 CdRomArbiterService; C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe [8704 2020-02-13] (GuinpinSoft inc) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-10-12] (Microsoft Corporation -> Microsoft Corporation)
S4 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [85784 2018-03-02] (CyberLink Corp. -> CyberLink)
S4 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [335640 2018-03-02] (CyberLink Corp. -> CyberLink)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncHelper.exe [3253120 2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
S3 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-08-19] (Huawei Technologies Co., Ltd. -> ) [Datei ist nicht signiert]
R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [497568 2021-04-08] (Logitech Inc -> Logitech)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-12] (Malwarebytes Inc -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.205.1003.0005\OneDriveUpdaterService.exe [3721600 2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
R2 RealSenseDCMSR300; C:\Program Files (x86)\Common Files\Intel\RSDCM_SR300\bin\win32\RealSenseDCMSR300.exe [4171168 2021-06-16] (Intel(R) Software Development Products -> Intel(R) Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12727576 2021-02-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 VeeamEndpointBackupSvc; C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe [130000 2021-02-16] (Veeam Software Group GmbH -> Veeam Software Group GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 NIHostIntegrationAgent; C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe [X]
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AllenAndHeathFW; C:\WINDOWS\System32\Drivers\AllenAndHeathFW.sys [222744 2012-10-02] (TC Applied Technologies -> Allen and Heath Ltd.)
R3 AllenAndHeathFWAudio; C:\WINDOWS\system32\drivers\AllenAndHeathFWAudio.sys [46360 2012-10-02] (TC Applied Technologies -> Allen and Heath Ltd.)
R3 AllenAndHeathFWMidi; C:\WINDOWS\system32\drivers\AllenAndHeathFWMidi.sys [35224 2012-10-02] (TC Applied Technologies -> Allen and Heath Ltd.)
S3 axefx2load; C:\WINDOWS\System32\Drivers\axefx2load.sys [55600 2013-07-12] (Fractal Audio Systems -> Cypress Semiconductor)
R3 bomebus; C:\WINDOWS\System32\drivers\bomebus.sys [56376 2018-05-16] (Bome Software GmbH & Co.KG -> Bome Software GmbH & Co. KG)
R2 CLFCL5.13; C:\WINDOWS\system32\DRIVERS\CLFCL5.13\000.fcl [46848 2018-02-26] (CyberLink Corp. -> CyberLink Corp.)
R3 CLVirtualBus01; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [103176 2014-11-05] (CyberLink Corp. -> CyberLink)
R1 CLVirtualDrive1.1; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive1_1.sys [91912 2013-11-13] (CyberLink Corp. -> CyberLink)
S3 DCMCamera; C:\WINDOWS\system32\DRIVERS\RealSenseDcmDynamicDriver.sys [81496 2020-06-29] (Intel(R) Software Development Products -> Intel(R) Corporation)
R3 EMUXMIDI; C:\WINDOWS\System32\drivers\EMUXMIDI.sys [257624 2009-12-04] (Creative Labs Inc -> E-MU Systems)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 fasusbaudio; C:\WINDOWS\System32\drivers\fasusbaudio_x64.sys [254464 2014-05-16] (Fractal Audio Systems -> )
S3 fasusbaudioks; C:\WINDOWS\System32\drivers\fasusbaudioks_x64.sys [46080 2014-05-16] (Fractal Audio Systems -> )
R1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [66128 2019-07-16] (Martin Malik - REALiX -> REALiX(tm))
R3 iLokDrvr; C:\WINDOWS\System32\drivers\iLokDrvr.sys [33416 2021-10-22] (PACE Anti-Piracy, Inc. -> )
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2021-11-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-11-12] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-12] (Malwarebytes Inc -> Malwarebytes)
S0 mvs91xx; C:\WINDOWS\System32\drivers\mvs91xx.sys [327464 2013-09-06] (Marvell Semiconductor -> Marvell Semiconductor, Inc.)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation)
R3 RDID1115; C:\WINDOWS\system32\Drivers\RDWM1115.SYS [91648 2015-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Roland Corporation)
R3 RealSenseDCMBus; C:\WINDOWS\System32\drivers\RealSenseDCMBus.sys [46168 2020-07-01] (Intel(R) Software Development Products -> Intel(R) Corporation)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [134000 2019-01-21] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
R3 synusb64; C:\WINDOWS\System32\drivers\synusb64.sys [30352 2011-12-14] (Steinberg Media Technologies GmbH -> Steinberg Media Technologies GmbH)
R3 teVirtualMIDI64; C:\WINDOWS\System32\drivers\teVirtualMIDI64.sys [30208 2012-08-15] (Tobias Erichsen -> Tobias Erichsen)
R3 UAD2Pcie; C:\WINDOWS\System32\drivers\UAD2Pcie.sys [101640 2021-05-18] (Universal Audio, Inc. -> Universal Audio, Inc.)
R3 UAD2System; C:\WINDOWS\System32\drivers\UAD2System.sys [153856 2021-05-18] (Universal Audio, Inc. -> Universal Audio, Inc.)
R3 UAD2WdmAudio; C:\WINDOWS\System32\drivers\UAD2WdmAudio.sys [37640 2021-05-18] (Universal Audio, Inc. -> )
R3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [127512 2020-09-18] (WDKTestCert dant,132134237881206156 -> Wacom Technology, Corp.)
R3 wacomrouterfilter; C:\WINDOWS\System32\drivers\wacomrouterfilter.sys [28680 2020-09-18] (WDKTestCert dant,132134237881206156 -> Wacom Technology, Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-11-12 10:13 - 2021-11-12 10:13 - 000002090 _____ C:\Users\benji\Desktop\AdwCleaner[C00].txt
2021-11-12 10:10 - 2021-11-12 10:10 - 000001419 _____ C:\Users\benji\Desktop\MBAM.txt
2021-11-12 10:02 - 2021-11-12 10:12 - 000000000 ____D C:\AdwCleaner
2021-11-12 10:02 - 2021-11-12 10:02 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-11-12 10:02 - 2021-11-12 10:02 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-11-12 10:02 - 2021-11-12 10:02 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-11-12 10:02 - 2021-11-12 10:02 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-11-12 10:02 - 2021-11-12 10:02 - 000001999 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-11-12 10:02 - 2021-11-12 10:02 - 000001987 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-11-12 10:02 - 2021-11-12 10:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-11-12 10:02 - 2021-11-12 10:02 - 000000000 ____D C:\Program Files\Malwarebytes
2021-11-10 11:11 - 2021-11-12 10:14 - 000000000 ____D C:\FRST
2021-11-10 10:00 - 2021-11-10 10:00 - 000021232 _____ (Thesycon GmbH) C:\WINDOWS\system32\Drivers\dpclat_driver.sys
2021-11-10 09:55 - 2021-11-10 09:55 - 000000821 _____ C:\Users\benji\Desktop\LatencyMon.lnk
2021-11-10 09:55 - 2021-11-10 09:55 - 000000809 _____ C:\Users\benji\Desktop\In Depth Latency Tests.lnk
2021-11-10 09:55 - 2021-11-10 09:55 - 000000000 ____D C:\Users\benji\AppData\Local\DBG
2021-11-10 09:55 - 2021-11-10 09:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon
2021-11-10 09:55 - 2021-11-10 09:55 - 000000000 ____D C:\Program Files\LatencyMon
2021-11-10 09:55 - 2015-07-13 11:16 - 000026368 _____ (Resplendence Software Projects Sp.) C:\WINDOWS\system32\Drivers\rspLLL64.sys
2021-11-10 09:24 - 2021-11-10 09:24 - 001328408 _____ C:\WINDOWS\system32\FaceTrackerInternal.dll
2021-11-10 09:24 - 2021-11-10 09:24 - 001321984 _____ C:\WINDOWS\system32\FaceProcessor.dll
2021-11-10 09:24 - 2021-11-10 09:24 - 000503576 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2021-11-10 09:24 - 2021-11-10 09:24 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-10 09:24 - 2021-11-10 09:24 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-10 09:24 - 2021-11-10 09:24 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-10 09:24 - 2021-11-10 09:24 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-10 09:20 - 2021-11-10 09:20 - 000000000 ___HD C:\$WinREAgent
2021-11-08 09:11 - 2021-11-08 09:11 - 000001355 _____ C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-08 09:11 - 2021-11-08 09:11 - 000000000 ____D C:\Users\benji\AppData\Local\PCHealthCheck
2021-11-04 17:39 - 2021-11-04 17:40 - 000000000 ____D C:\WINDOWS\Minidump
2021-11-04 17:39 - 2021-11-04 17:39 - 1812290699 _____ C:\WINDOWS\MEMORY.DMP
2021-11-04 17:39 - 2021-11-04 17:39 - 001834980 _____ C:\WINDOWS\Minidump\110421-6281-01.dmp
2021-11-04 17:16 - 2021-11-08 10:48 - 000000591 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-11-04 11:32 - 2021-11-04 11:32 - 000000941 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2021-11-02 12:16 - 2021-11-02 12:16 - 000001029 _____ C:\Users\Public\Desktop\Kontakt.lnk
2021-11-02 12:16 - 2021-11-02 12:16 - 000000000 __HDC C:\ProgramData\{D1F4AB0B-D2A0-4B7F-921B-3369B7D7567C}
2021-11-02 12:13 - 2021-11-02 12:13 - 000001093 _____ C:\Users\Public\Desktop\Native Access.lnk
2021-11-02 12:13 - 2021-11-02 12:13 - 000000000 __HDC C:\ProgramData\{2223478A-85F2-4C4F-9CE3-1404B8DD8A23}
2021-11-02 12:11 - 2021-11-02 12:11 - 000002126 _____ C:\Users\Public\Desktop\WaveLab Elements 11.lnk
2021-11-02 12:11 - 2021-11-02 12:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg WaveLab Elements 11
2021-11-01 16:20 - 2021-11-01 16:20 - 000001203 _____ C:\Users\benji\Desktop\Logitech Capture.lnk
2021-11-01 15:49 - 2021-11-01 15:49 - 000000000 ____D C:\Users\benji\AppData\Roaming\Logishrd
2021-11-01 15:47 - 2021-11-01 15:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2021-11-01 15:47 - 2021-11-01 15:47 - 000000000 ____D C:\Program Files\Logitech
2021-11-01 15:46 - 2021-11-01 15:46 - 000000000 ____D C:\Users\benji\AppData\Local\Logitech
2021-10-27 14:49 - 2021-10-27 14:49 - 000002655 _____ C:\Users\Public\Desktop\Superior Drummer 3.lnk
2021-10-22 11:04 - 2021-10-22 11:04 - 000000879 _____ C:\Users\Public\Desktop\HandBrake.lnk
2021-10-22 11:04 - 2021-10-22 11:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HandBrake
2021-10-21 15:33 - 2021-10-21 15:33 - 000002049 _____ C:\Users\Public\Desktop\Cubase 11.lnk
2021-10-21 15:33 - 2021-10-21 15:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 11
2021-10-21 15:32 - 2021-10-21 15:32 - 000000000 ____D C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg HALion Sonic SE
2021-10-13 14:45 - 2021-10-13 14:45 - 000000000 ____D C:\Program Files\Common Files\Intel
2021-10-13 11:14 - 2021-10-13 11:14 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2021-10-13 11:14 - 2021-10-13 11:14 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-11-12 10:13 - 2021-03-02 14:49 - 000000000 ____D C:\ProgramData\Veeam
2021-11-12 10:09 - 2019-12-11 16:22 - 000007602 _____ C:\Users\benji\AppData\Local\Resmon.ResmonCfg
2021-11-12 10:06 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-12 10:02 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-11-12 10:01 - 2020-05-29 13:21 - 000004166 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F467C09D-8EE1-4318-AB72-2DB4E63F7A1D}
2021-11-12 09:59 - 2020-05-29 13:58 - 000817510 _____ C:\WINDOWS\system32\perfh013.dat
2021-11-12 09:59 - 2020-05-29 13:58 - 000172330 _____ C:\WINDOWS\system32\perfc013.dat
2021-11-12 09:59 - 2020-05-29 13:16 - 002825628 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-12 09:59 - 2019-12-07 15:50 - 000785790 _____ C:\WINDOWS\system32\perfh007.dat
2021-11-12 09:59 - 2019-12-07 15:50 - 000167904 _____ C:\WINDOWS\system32\perfc007.dat
2021-11-12 09:59 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-12 09:54 - 2021-03-02 12:05 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-11-12 09:54 - 2020-12-25 12:50 - 000000000 ____D C:\Users\benji\AppData\Roaming\WTablet
2021-11-12 09:54 - 2020-05-29 13:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-12 09:54 - 2020-05-29 13:10 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-12 09:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-11-12 09:54 - 2019-06-23 22:14 - 000000000 __SHD C:\Users\benji\IntelGraphicsProfiles
2021-11-11 18:18 - 2019-12-07 10:03 - 002097152 _____ C:\WINDOWS\system32\config\BBI
2021-11-11 17:11 - 2019-09-04 11:12 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-11-11 17:02 - 2020-05-29 13:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-11 14:10 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-11 14:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-10 17:45 - 2020-07-19 12:50 - 000000000 ____D C:\Users\benji\AppData\Local\CrashDumps
2021-11-10 10:12 - 2021-09-14 16:24 - 000000000 ____D C:\Users\benji\AppData\Roaming\Celemony Software GmbH
2021-11-10 10:12 - 2020-02-10 16:20 - 000000000 ____D C:\temp
2021-11-10 09:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-11-10 09:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-10 09:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-10 09:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-10 09:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-10 09:25 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-10 09:20 - 2019-06-25 10:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-10 09:19 - 2020-08-03 11:40 - 000000000 ____D C:\Program Files\dotnet
2021-11-10 09:19 - 2019-06-25 10:25 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-10 09:19 - 2019-06-25 10:15 - 000000000 ____D C:\ProgramData\Package Cache
2021-11-08 09:13 - 2020-01-16 15:30 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-08 09:08 - 2021-06-22 14:00 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2021-11-06 10:32 - 2020-05-29 13:21 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-11-06 10:32 - 2019-10-08 15:11 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-04 18:21 - 2020-05-29 13:10 - 000000000 ____D C:\Users\benji
2021-11-04 14:33 - 2020-11-26 11:52 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-11-04 14:33 - 2019-06-25 10:51 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2021-11-04 14:33 - 2019-06-25 10:44 - 000000000 ____D C:\ProgramData\Adobe
2021-11-04 14:33 - 2019-06-23 22:07 - 000000000 ____D C:\Users\benji\AppData\Roaming\Adobe
2021-11-04 11:54 - 2019-06-23 22:07 - 000000000 ____D C:\Users\benji\AppData\Local\Packages
2021-11-04 11:32 - 2019-07-16 10:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2021-11-04 11:32 - 2019-07-16 10:48 - 000000000 ____D C:\Program Files\CPUID
2021-11-03 16:13 - 2019-06-25 10:25 - 000000000 ____D C:\Users\benji\AppData\Local\D3DSCache
2021-11-03 15:56 - 2020-02-14 09:03 - 000000000 ____D C:\Users\benji\AppData\Roaming\HandBrake
2021-11-03 14:30 - 2020-03-25 10:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-11-03 13:57 - 2019-06-23 22:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-11-02 12:17 - 2019-07-16 10:48 - 000000880 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2021-11-02 12:15 - 2021-05-28 16:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2021-11-02 12:15 - 2021-03-04 11:29 - 000000000 ____D C:\Program Files\Native Instruments
2021-11-02 12:15 - 2019-06-25 10:54 - 000000000 ____D C:\Program Files\Common Files\VST3
2021-11-02 12:13 - 2021-03-04 11:29 - 000000000 ____D C:\Users\benji\AppData\Roaming\Native Instruments
2021-11-02 12:13 - 2021-03-04 11:29 - 000000000 ____D C:\Users\benji\AppData\Local\Native Instruments
2021-11-02 12:11 - 2020-02-10 16:19 - 000000000 ____D C:\ProgramData\6BCCA8C5-7E69-4622-BCCA-9FAC488059BD
2021-11-02 12:11 - 2019-06-25 20:00 - 000000000 ____D C:\Program Files\Steinberg
2021-11-02 12:10 - 2019-06-25 20:00 - 000001286 _____ C:\Users\Public\Desktop\eLicenser Control Center.lnk
2021-11-02 12:10 - 2019-06-25 19:54 - 000000049 _____ C:\WINDOWS\SysWOW64\SYNSOPOS.exe.cfg
2021-11-02 12:10 - 2019-06-25 19:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser
2021-11-02 12:10 - 2019-06-25 19:54 - 000000000 ____D C:\Program Files\eLicenser
2021-11-02 12:09 - 2019-06-25 19:54 - 000000000 ____D C:\Program Files (x86)\eLicenser
2021-11-02 12:00 - 2020-05-29 13:10 - 001647168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-02 12:00 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-02 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-02 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-02 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-02 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-02 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-02 12:00 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-01 15:41 - 2019-06-25 10:34 - 000000000 ____D C:\Program Files\Microsoft Office
2021-10-27 14:49 - 2019-07-16 13:00 - 000000000 ____D C:\ProgramData\Toontrack
2021-10-27 14:49 - 2019-06-27 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toontrack
2021-10-27 14:47 - 2020-07-19 12:37 - 000002655 _____ C:\Users\Public\Desktop\EZbass.lnk
2021-10-26 09:08 - 2019-06-25 18:50 - 000000000 ____D C:\Users\benji\AppData\Roaming\JamOrigin
2021-10-24 14:37 - 2019-06-25 19:21 - 000000000 ____D C:\ProgramData\Steinberg
2021-10-24 14:26 - 2019-06-25 10:03 - 000000000 ____D C:\ProgramData\Packages
2021-10-22 11:43 - 2019-09-08 11:13 - 000000000 ____D C:\Users\benji\AppData\Roaming\ScreenToGif
2021-10-22 11:05 - 2021-05-01 10:33 - 001499904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2021-10-22 11:05 - 2021-05-01 10:33 - 000033416 _____ C:\WINDOWS\system32\Drivers\iLokDrvr.sys
2021-10-22 11:05 - 2020-02-21 12:08 - 000000000 ____D C:\Program Files (x86)\iLok License Manager
2021-10-22 11:05 - 2019-06-25 10:55 - 000002092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLok License Manager.lnk
2021-10-22 11:05 - 2019-06-25 10:55 - 000002080 _____ C:\Users\Public\Desktop\iLok License Manager.lnk
2021-10-22 11:05 - 2019-06-25 10:16 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-10-22 11:04 - 2020-02-14 09:03 - 000000000 ____D C:\Program Files\HandBrake
2021-10-22 10:45 - 2019-06-23 22:07 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-10-21 15:34 - 2021-02-19 16:56 - 000002145 _____ C:\Users\Public\Desktop\SpectraLayers 7.lnk
2021-10-21 15:34 - 2021-02-19 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg SpectraLayers 7
2021-10-21 15:34 - 2019-06-25 18:44 - 000000000 ____D C:\Program Files\VSTPlugins
2021-10-21 15:33 - 2019-06-25 19:54 - 000000000 ____D C:\Users\benji\AppData\Roaming\Steinberg
2021-10-21 15:32 - 2020-11-14 15:55 - 000002272 _____ C:\Users\benji\Desktop\HALion Sonic SE.lnk
2021-10-16 14:38 - 2019-06-25 20:03 - 000000000 ____D C:\Users\benji\AppData\Roaming\Universal Audio
2021-10-13 14:23 - 2020-05-29 13:21 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-10-13 11:04 - 2020-06-11 13:57 - 000002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-10-13 11:03 - 2020-05-29 13:21 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-13 11:03 - 2020-05-29 13:21 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-13 11:01 - 2021-02-22 09:40 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2019-06-25 20:33 - 2019-06-25 20:33 - 000000604 ____H () C:\Program Files (x86)\_43_S
2020-03-25 12:13 - 2020-03-25 12:13 - 000038526 _____ () C:\Users\benji\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR
2020-03-25 12:17 - 2020-04-20 14:21 - 000009413 _____ () C:\Users\benji\AppData\Roaming\Durch Trennzeichen getrennte Werte.EML
2019-07-18 13:31 - 2019-07-18 13:31 - 000000000 _____ () C:\Users\benji\AppData\Local\oobelibMkey.log
2019-12-11 16:22 - 2021-11-12 10:09 - 000007602 _____ () C:\Users\benji\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-11-2021
durchgeführt von benji (12-11-2021 10:15:27)
Gestartet von D:\*****\Downloads
Microsoft Windows 10 Home Version 21H1 19043.1348 (X64) (2020-05-29 12:21:08)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-2387332320-4032506910-2073639800-500 - Administrator - Disabled)
annou (S-1-5-21-2387332320-4032506910-2073639800-1002 - Limited - Disabled)
avisc (S-1-5-21-2387332320-4032506910-2073639800-1003 - Limited - Disabled)
benji (S-1-5-21-2387332320-4032506910-2073639800-1001 - Administrator - Enabled) => C:\Users\benji
DefaultAccount (S-1-5-21-2387332320-4032506910-2073639800-503 - Limited - Disabled)
Gast (S-1-5-21-2387332320-4032506910-2073639800-501 - Limited - Disabled)
noahs (S-1-5-21-2387332320-4032506910-2073639800-1004 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2387332320-4032506910-2073639800-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1394 OHCI Compliant Host Controller (Legacy) (HKLM-x32\...\{B12878BB-DA05-4F25-96E7-E0200428B220}) (Version: 0.0.1 - Microsoft Corporation)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version:  - Adobe)
Advanced Renamer (HKLM\...\Advanced Renamer_is1) (Version: 3.87 - Hulubulu Software)
Allen and Heath Firewire 4.1.0.14624 (HKLM\...\Allen and Heath Firewire_is1) (Version: 4.1.0.14624 - Allen and Heath Ltd.)
ANT Drivers Installer x64 (HKLM\...\{C0ED0478-22DD-4756-B144-EB87A26956AC}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Avid License Control (HKLM-x32\...\{F187D064-F101-4E95-8D05-4027809AA0F8}) (Version: 3.0.1 - Avid Technology, Inc.)
Axe-Edit 3.14.6 (HKLM-x32\...\{0B2FECD3-B4EF-4071-9546-7529D90BAA99}_is1) (Version:  - Fractal Audio)
BlasterX Senz3D (HKLM-x32\...\{111F12F4-87FF-4FAC-83CB-2499EBF3D6EF}) (Version: 1.02.09 - Creative Technology Limited)
Bome Virtual MIDI 2.1.0.44 (HKLM\...\BMIDI_Driver1.0.0.11_is1) (Version:  - Bome Software GmbH & Co. KG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
CPUID CPU-Z 1.98 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.98 - CPUID, Inc.)
CPUID HWMonitor 1.45 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.45 - CPUID, Inc.)
CrystalDiskMark 8.0.1 (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.1 - Crystal Dew World)
CyberLink MediaEspresso 7 (HKLM-x32\...\{F6C47233-40F6-4076-89A9-68B43C2AF5C5}) (Version: 7.0.6909_59349 - CyberLink Corp.)
CyberLink Power2Go 9 (HKLM-x32\...\InstallShield_{57D68FAE-CB5E-4fd6-AE3B-A0B43375AF18}) (Version: 9.0.2602.0 - CyberLink Corp.)
CyberLink PowerDVD 13 (HKLM-x32\...\InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}) (Version: 13.0.8703.62 - CyberLink Corp.)
Dexed version 0.9.4 (HKLM\...\Dexed_is1) (Version: 0.9.4 - Digital Suburban)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Easy Poster Printer (HKLM-x32\...\{085AFF3B-459B-4B8D-9366-F2DC4452D73B}) (Version: 6.8.0 - GD Software)
Elevated Installer (HKLM-x32\...\{630B9854-94D6-42AD-BA59-3CFE0C8A651A}) (Version: 7.2.2.0 - Garmin Ltd or its subsidiaries) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.12.8.1298 - Steinberg Media Technologies GmbH)
E-MU USB-MIDI Windows Drivers (HKLM-x32\...\E-MU USB MIDI Windows Drivers Hotfix) (Version:  - )
EW Installation Center (HKLM\...\{EW Installation Center}}_is1) (Version: 1.4.3 - EastWest Sounds, Inc.)
EW PRODUCT INSTALLER 7.2.3 (HKLM-x32\...\EW PRODUCTS_is1) (Version: 7.2.3 - EastWest Sounds, Inc.)
EZbass (HKLM\...\{10E45B55-3F6B-4ADB-9B70-A3D42D17BDCC}) (Version: 1.0.0 - Toontrack)
EZbass Software Update (HKLM\...\{0DFAC2AE-2736-4ADC-A2C6-9D9CE3DEF3DD}) (Version: 1.1.1 - Toontrack)
EZdrummer 2 64-bit (HKLM\...\{B9217824-0EBE-49C7-98A0-A76CC46BBB7D}) (Version: 2.0.2 - Toontrack)
EZdrummer 2 64-bit Update (HKLM\...\{CFFABFEB-AD0D-4811-B09F-849B19B8FE78}) (Version: 2.2.2 - Toontrack)
EZkeys Software Player 64-bit (HKLM\...\{C8983F26-7DE5-455D-A578-7848A6B3F1C9}) (Version: 1.3.2 - Toontrack)
EZkeys Upright Piano 64 (HKLM\...\{5CC4AF6E-B273-497B-BF7E-9B6E35EBB0E0}) (Version: 1.0.1 - Toontrack)
Fast Duplicate File Finder Professional 4.9.0.1 (HKLM-x32\...\{AFECFED6-0A43-488F-8511-1DC6B52F31C3}_is1) (Version: 4.9.0.1 - MindGems, Inc.)
Finale NotePad 2012 (HKLM-x32\...\Finale NotePad 2012) (Version: 2012..r1.5 - MakeMusic)
Fractal Audio Systems USB Audio Driver v2.23.0 (HKLM-x32\...\Fractal Audio Systems USB Audio Driver v2.23.0) (Version: 2.23.0 - Fractal Audio Systems)
Fractal Audio Systems USB Driver Package 2014.06.06 (HKLM\...\{E992CC59-71FD-4199-B04E-6274F7439EA0}_is1) (Version: 2014.06.06 - Fractal Audio Systems)
Fractal-Bot 3.0.8 (HKLM-x32\...\{6DBF83F6-BE11-414D-82DC-58C414CACF35}_is1) (Version:  - Fractal Audio)
Garmin Express (HKLM-x32\...\{49d6ae2b-f5db-460c-a653-4c7377ee40be}) (Version: 7.2.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{82990251-B13D-419D-A106-7896A8B1F051}) (Version: 7.2.2.0 - Garmin Ltd or its subsidiaries) Hidden
GStreamer 1.14.2 for Transcribe! (HKLM-x32\...\com.seventhstring.GStreamer_is1) (Version: 1.14.2 - )
GStreamer 1.18.4 for Transcribe! (64-bit) (HKLM\...\com.seventhstring.GStreamer_is1) (Version: 1.18.4 - )
Guitar Pro 7 - Soundbanks (HKLM-x32\...\com.arobas-music.guitarpro7-soundbanks_is1) (Version: 1.1.123 - Arobas Music)
Guitar Pro 7 (HKLM-x32\...\{BF4EDCFF-ED20-4AF6-A636-EBAC931336CD}_is1) (Version: 7.5.5.1844 - Arobas Music)
HandBrake 1.4.2 (HKLM-x32\...\HandBrake) (Version: 1.4.2 - )
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.309 - )
HWiNFO64 Version 6.08 (HKLM\...\HWiNFO64_is1) (Version: 6.08 - Martin Malik - REALiX)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.5161 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel® RealSense™ Depth Camera Manager Gold (x86): dptf_com (HKLM-x32\...\{7AF37B0F-CEBD-11EB-A63E-A0510BE9AF3A}) (Version: 2.3.101.9447 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x86): Intel® RealSense™ 3D camera SR300 IO module (HKLM-x32\...\{7AF59DEE-CEBD-11EB-AD80-A0510BE9AF3A}) (Version: 3.4.101.9447 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x86): Intel® RealSense™ Depth Camera Manager Service (HKLM-x32\...\{869318E1-CEBD-11EB-8C5A-A0510BE9AF3A}) (Version: 3.4.101.9447 - Intel Corporation) Hidden
Intel® RealSense™ Tiefenkamera-Manager SR300 (HKLM-x32\...\ARP_for_prd_dcm_runtime_sr300_3.4.101.9447) (Version: 3.4.101.9447 - Intel Corporation)
Ivory 2.5 (HKLM-x32\...\{49660abf-44ec-4553-bfe4-103969712210}) (Version: 2.5.2.20 - Synthogy, LLC)
Ivory Software Components (HKLM\...\{9103CDEB-5FF3-48CD-9646-5D29ED2CCF86}) (Version: 2.5.2.20 - Synthogy, LLC) Hidden
iZotope Ozone 7 Advanced (HKLM-x32\...\iZotope Ozone 7 Advanced 7.01) (Version: 7.01 - iZotope, Inc.)
JBridge (HKLM-x32\...\JBridge) (Version:  - JBridge)
LatencyMon 6.50 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Logitech Capture (HKLM\...\Capture) (Version: 2.06.12 - Logitech)
loopMIDI (HKLM-x32\...\{AEAF7978-3204-451D-8593-BC53EBDDA31D}) (Version: 1.0.5.15 - Tobias Erichsen)
MakeMKV v1.15.0 (HKLM-x32\...\MakeMKV) (Version: v1.15.0 - GuinpinSoft inc)
Malwarebytes version 4.4.10.144 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.10.144 - Malwarebytes)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1039 - Marvell)
Melodyne 5 (HKLM-x32\...\{16DF894D-FC3F-4B87-908D-671E201CD7A8}) (Version: 5.01.01003 - Celemony Software GmbH)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.14527.20234 - Microsoft Corporation)
Microsoft 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.14527.20234 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.44 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 95.0.1020.44 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.205.1003.0005 - Microsoft Corporation)
Microsoft OneNote - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 16.0.14527.20234 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{C18B132E-4032-4425-826A-24B1CA9DFF0C}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{7ED2561C-FBC2-421E-A2B5-C7BEFD623145}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{CECCBAE9-1880-411E-9D28-8E562F6DAAE2}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\Teams) (Version: 1.4.00.4167 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29914 (HKLM-x32\...\{43d1ce82-6f55-4860-a938-20e5deb28b98}) (Version: 14.28.29914.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.26.28720 (HKLM-x32\...\{86380aef-fd23-4fc3-8723-a98ccad8f2c6}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.21 (x64) (HKLM-x32\...\{4be70f3b-2d71-4c79-adc0-d1f1221e41b1}) (Version: 3.1.21.30622 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.12 (x64) (HKLM-x32\...\{ce8037d8-35f7-4142-ad18-23609ac5db17}) (Version: 5.0.12.30623 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 13.221.137.0 - Microsoft Corporation)
MIDI Guitar 2 version 2.2.1.0 (HKLM\...\MIDI Guitar 2_is1) (Version: 2.2.1.0 - )
MKVToolNix 43.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 43.0.0 - Moritz Bunkus)
Mp3tag v2.81 (HKLM-x32\...\Mp3tag) (Version: 2.81 - Florian Heidenreich)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.6.1.139 - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.13.5.139 - Native Instruments)
Neuratron PhotoScore && NotateMe Ultimate (HKLM-x32\...\Neuratron PhotoScore && NotateMe Ultimate) (Version: 9.0.0 - Neuratron Ltd)
Nitro Pro (HKLM\...\{C96C14B3-5E41-49E5-AAB5-22832C08CAED}) (Version: 13.15.1.282 - Nitro) Hidden
Nitro Pro (HKLM-x32\...\{b6447f4a-7f1e-4f4c-b770-5b1e3dafd6f3}) (Version: 13.15.1.282 - Nitro)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.9 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PACE License Support Win64 (HKLM\...\{5AC4321F-FCD1-4a37-BFCB-E1EB0047CDA4}) (Version: 5.4.1.3706 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{5AC4321F-FCD1-4a37-BFCB-E1EB0047CDA4}) (Version: 5.4.1.3706 - PACE Anti-Piracy, Inc.)
PLAY 6.1.9 (HKLM-x32\...\EW PLAY_is1) (Version: 6.1.9 - EastWest Sounds, Inc.)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Rename Master (HKLM-x32\...\Rename Master_is1) (Version:  - )
R-Link 2 Toolbox (HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\{R-Link 2 Toolbox}}_is1) (Version: 1.7.3 - Renault)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.06.60 (17.03.2015) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.00.01.24 - HP Printing Korea Co., Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.3.0.1910 - Samsung Electronics)
Samsung NVM Express Driver (HKLM-x32\...\{d6df2f24-bd8d-49bc-b751-fac310b24a4b}) (Version: 3.1.0.1901 - Samsung Electronics)
Samsung NVM Express Driver 3.1.0.1901 (HKLM\...\{DF7667AF-FC11-48A4-9585-7378B5224C1A}) (Version: 3.1.0.1901 - Samsung Electronics Co., Ltd) Hidden
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.28 - Samsung Electronics Co., Ltd.) Hidden
Sibelius 7 OpenType Fonts (HKLM-x32\...\{623C2BD8-1B28-4F98-B578-E9D139827269}) (Version: 7.1.3 - Avid)
Sibelius 7.5 (HKLM\...\{BBADBAB3-56A4-444B-834E-D8730B574C3E}) (Version: 7.5.1.209 - Avid Technology)
Skype Version 8.78 (HKLM-x32\...\Skype_is1) (Version: 8.78 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Steinberg Cubase 11 (HKLM\...\{49A80F46-11CC-44F9-9FEC-2566FE0AB7A5}) (Version: 11.0.41 - Steinberg Media Technologies GmbH)
Steinberg Dark Planet 64bit (HKLM\...\{52B15329-EA8D-4088-AE8F-BD831D187290}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Dorico 3.5 (HKLM\...\{E72A482D-E6C4-4B92-B248-3880AD721E8A}) (Version: 3.5.12 - Steinberg Media Technologies GmbH)
Steinberg Download Assistant (HKLM-x32\...\Steinberg Download Assistant) (Version: 1.20.2 - Steinberg Media Technologies GmbH)
Steinberg Generic Lower Latency ASIO Driver 64bit (HKLM\...\{16D5A798-10BE-4FF3-BB71-54C012CD0D7D}) (Version: 1.0.20 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 5 (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 5.0.50 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Acoustic Agent (HKLM-x32\...\{F34EA13C-F078-4003-AE21-43EAB2680EC5}) (Version: 1.0.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 3 Component (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 3.4.40 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Standalone (HKLM\...\{2D64E1A0-02C7-4AED-BCC6-3A5E5C91D6E2}) (Version: 3.4.40 - Steinberg Media Technologies GmbH)
Steinberg HALion Symphonic Orchestra 64bit (HKLM\...\{2980E719-19F3-4329-944A-782A7D723741}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Symphonic Orchestra VST Sound Instrument Set (HKLM-x32\...\{1312306D-F0A5-4B64-BA34-AC6169A3A098}) (Version: 1.2.0 - Steinberg Media Technologies GmbH)
Steinberg Install Assistant (HKLM\...\{2E7DF371-6034-4FC7-AE30-100AC21A1003}) (Version: 1.0.4 - Steinberg Media Technologies GmbH)
Steinberg Instrument Set Dark Planet (HKLM-x32\...\{7E95B088-EF08-4093-85E1-B0689BDAB35C}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Library Manager (HKLM\...\{AA78592A-F13C-4C8E-B849-7A398001FA7F}) (Version: 3.1.0 - Steinberg Media Technologies GmbH)
Steinberg Padshop 2 (HKLM\...\{6FBAF5EF-816E-4D80-BFBE-8B237EEA4CD4}) (Version: 2.0.30 - Steinberg Media Technologies GmbH)
Steinberg Retrologue 64bit (HKLM\...\{4D65ECE6-131D-4B5F-8470-2750D3161619}) (Version: 2.2.50 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg SpectraLayers 7 (HKLM\...\424abc1e-aca9-452c-9b47-4g6c6gh53b42_is1) (Version: 7.0.30.251 - Steinberg)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Transit 64bit (HKLM\...\{FF1A114C-0F88-11E5-A6C0-1697F925EC7B}) (Version: 1.0.13 - Steinberg Media Technologies GmbH)
Steinberg WaveLab Elements 10.0 (HKLM\...\{CEE5E0EE-A9EA-4A0B-BE6E-5DD242BF5685}) (Version: 10.0.70 - Steinberg Media Technologies GmbH)
Steinberg WaveLab Elements 11 (HKLM\...\{7470D690-0FA2-44E2-AE7E-E5BCFE716BD5}) (Version: 11.0.10 - Steinberg Media Technologies GmbH)
Superior Drummer 3 (HKLM\...\{C556430A-61B1-4B55-8287-B3D6D26F729B}) (Version: 3.2.6 - Toontrack)
Superior Drummer 64-bit (HKLM\...\{0E54CF79-AE40-409E-9253-9563418C730C}) (Version: 2.4.4 - Toontrack)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.15.5 - TeamViewer)
Toontrack Audio Sender (HKLM\...\{B1412021-F4CD-422C-BC8B-CDE9924C371B}) (Version: 1.1.0 - Toontrack)
Toontrack Product Manager (HKLM-x32\...\{5BAE101A-4AF5-4FBA-99E6-1CE2825F8993}) (Version: 1.0.0 - Toontrack)
Toontrack solo 64-bit (HKLM\...\{FA9D0D8C-FDD1-45C2-8291-079FBA72D2CB}) (Version: 1.3.3 - Toontrack)
Transcribe! 9.00.0 (HKLM\...\com.seventhstring.Transcribe_is1) (Version: 9.00 - Seventh String Software)
UAD drivers. This may take a while... (HKLM-x32\...\{55D16842-4E1E-4917-A017-48B09700A273}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM\...\{8D858241-995D-4F89-BBEE-393A32AF3D6E}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM\...\{AB48EBD1-F812-4FF4-BD0E-B60D9845520D}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM-x32\...\{1C012F00-B5AB-41A7-91D2-E228B371032E}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM-x32\...\{6B682D44-6560-4548-9AF7-CE26C8E541AC}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM-x32\...\{77e84ed1-e5c1-4b65-9241-a0caa38f74df}) (Version: 9.14.5.2390 - Universal Audio, Inc.)
UAD Powered Plug-Ins (HKLM-x32\...\{EE9B955E-7BDE-4FE0-AFDB-16B2B1229701}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UM-ONE Driver (HKLM\...\RolandRDID0115) (Version:  - Roland Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Veeam Agent for Microsoft Windows (HKLM\...\{092807B0-27B2-451E-84EE-8102153D41CA}) (Version: 5.0.0.4301 - Veeam Software Group GmbH)
Visual Similarity Duplicate Image Finder Professional 6.7.0.1 (HKLM-x32\...\{72D6BE71-2A6F-4D01-809E-A3174D1738A0}_is1) (Version: 6.7.0.1 - MindGems, Inc.)
Voxengo CurveEQ (HKLM\...\Voxengo CurveEQ_is1) (Version: 3.5 - Voxengo)
Voxengo Stereo Touch (HKLM\...\Voxengo Stereo Touch_is1) (Version: 2.8.1 - Voxengo)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.42-2 - Wacom Technology Corp.)
WinDirStat 1.1.2 (HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\WinDirStat) (Version:  - )
Windows-PC-Integritätsprüfung (HKLM\...\{AD47C6B2-6C72-4F0E-B66F-7685C28ACDFD}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Fractal Audio Systems (axefx2load) USB  (05/15/2011 1.0.0.9) (HKLM\...\6AEB8A42A154DE456DE5E467C01A582911CB5C6A) (Version: 05/15/2011 1.0.0.9 - Fractal Audio Systems)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\ZoomUMX) (Version: 5.7.7 (1105) - Zoom Video Communications, Inc.)
Zoom Outlook Plugin (HKLM-x32\...\{90C8CDA8-25A0-47C3-9DB7-E0A3E33EFA17}) (Version: 5.6.3 - Zoom)

Packages:
=========
Affinity Designer -> C:\Program Files\WindowsApps\SerifEuropeLtd.AffinityDesigner_11004.1198.0.0_x64__844sdzfcmm7k0 [2021-11-02] (Serif Europe Ltd)
Affinity Photo -> C:\Program Files\WindowsApps\SerifEuropeLtd.AffinityPhoto_11004.1198.0.0_x64__844sdzfcmm7k0 [2021-11-02] (Serif Europe Ltd)
Affinity Publisher -> C:\Program Files\WindowsApps\SerifEuropeLtd.AffinityPublisher_11004.1198.0.0_x64__844sdzfcmm7k0 [2021-11-02] (Serif Europe Ltd)
Amazon Assistant -> C:\Program Files\WindowsApps\Amazon.com.AmazonAssistant_10.1910.9.0_neutral__343d40qqvtj1t [2019-12-17] (Amazon.com)
Drawboard PDF -> C:\Program Files\WindowsApps\DRAWBOARD.DRAWBOARDPDF_6.6.7.0_x64__gqbn7fs4pywxm [2021-11-11] (Drawboard)
DWD WarnWetter -> C:\Program Files\WindowsApps\DeutscherWetterdienst.DWDWarnWetter_1.9.2.0_x64__ea15zn9khdvwy [2019-06-25] (Deutscher Wetterdienst)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-11-04] (Microsoft Corporation)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2020-12-31] (Microsoft Corporation)
Google Maps -> C:\Program Files\WindowsApps\www.google.de-E0D29419_1.0.0.3_neutral__242r1gb6pg1pg [2021-09-28] (www.google.de)
HEVC-Videoerweiterungen -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_1.0.42702.0_x64__8wekyb3d8bbwe [2021-10-21] (Microsoft Corporation)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-11-04] (Microsoft Corporation)
Metronom -> C:\Program Files\WindowsApps\12199Asparion.Metronom_3.0.4.0_x64__f89vgcf3qm37t [2020-11-19] (Asparion) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-25] (Microsoft Corporation) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.56.43053.0_x64__8wekyb3d8bbwe [2021-11-03] (Microsoft Corporation) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_51.0.137.0_x64__8wekyb3d8bbwe [2021-11-10] (Microsoft Corporation)
MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-20] (Microsoft Corporation)
myTube Beta -> C:\Program Files\WindowsApps\59750RykenApps.myTubeBeta_4.0.16.0_x64__zd92nzxdcatqw [2021-11-02] (Ryken Studio)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.41311.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Corporation)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2019-06-25] (Samsung Electronics Co. Ltd.)
ScreenToGif -> C:\Program Files\WindowsApps\33823Nicke.ScreenToGif_2.34.0.0_neutral__99xjgbc30gqtw [2021-09-28] (Nicke)
Steinberg Forums -> C:\Program Files\WindowsApps\forums.steinberg.net-C59F1975_1.0.0.2_neutral__nppzdakyq6tn8 [2021-09-28] (forums.steinberg.net)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-11-01] (Twitter Inc.)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2142.12.0_x64__cv1g1gvanyjgm [2021-11-06] (WhatsApp Inc.)
Zattoo Live TV -> C:\Program Files\WindowsApps\ZattooEuropaAG.ZattooLiveTV_5.2121.3723.0_x64__cwpjhwd4pd0ma [2021-05-28] (Zattoo Europa AG)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2021}\localserver32 -> "C:\Program Files\Adobe\Elements 2021 Organizer\Elements Auto Creations 2021.exe" -toastactivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2022}\localserver32 -> "C:\Program Files\Adobe\Elements 2022 Organizer\Elements Auto Creations 2022.exe" -toastactivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\benji\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2020-09-24] (Notepad++ -> )
ContextMenuHandlers1-x32: [ARenGUID_ContextMenuEntry] -> {E30FF514-33BF-4C2F-A3BD-83C26DC7325C} => C:\Program Files\Advanced Renamer\arencm.dll [2014-04-04] (Kim Jensen) [Datei ist nicht signiert]
ContextMenuHandlers1: [ARenGUID_ContextMenuEntry64] -> {85EF5100-D10C-11E1-82EF-B60A140DCD93} => C:\Program Files\Advanced Renamer\arencm64.dll [2014-11-29] (Kim Jensen) [Datei ist nicht signiert]
ContextMenuHandlers1: [CLVDShellExt9] -> {4E20B104-5D9F-4E01-A01E-100F08E345C9} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt9_20190625_15_15_28.dll [2015-02-05] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-02-17] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers1: [Nitro.Pro.ShellExtension.Shim] -> {211B6F25-950C-49CD-AB86-A448EF85686A} => C:\Program Files\Common Files\Nitro\Nitro.Pro.ShellExtension.Shim.dll [2020-03-13] (Nitro Software, Inc. -> Nitro Software, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt9] -> {4E20B104-5D9F-4E01-A01E-100F08E345C9} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt9_20190625_15_15_28.dll [2015-02-05] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-02-17] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-11-12] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4-x32: [ARenGUID_ContextMenuEntry] -> {E30FF514-33BF-4C2F-A3BD-83C26DC7325C} => C:\Program Files\Advanced Renamer\arencm.dll [2014-04-04] (Kim Jensen) [Datei ist nicht signiert]
ContextMenuHandlers4: [ARenGUID_ContextMenuEntry64] -> {85EF5100-D10C-11E1-82EF-B60A140DCD93} => C:\Program Files\Advanced Renamer\arencm64.dll [2014-11-29] (Kim Jensen) [Datei ist nicht signiert]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-02-17] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-11-12] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [Datei ist nicht signiert]

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2021-02-03 10:53 - 2014-11-29 22:55 - 000656896 _____ (Kim Jensen) [Datei ist nicht signiert] C:\Program Files\Advanced Renamer\arencm64.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\ProgramData:AC2347AA8E7BFAAC [217]
AlternateDataStreams: C:\ProgramData:B3288E071D841949 [217]
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\Users\All Users:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\Users\All Users:AC2347AA8E7BFAAC [217]
AlternateDataStreams: C:\Users\All Users:B3288E071D841949 [217]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:AC2347AA8E7BFAAC [217]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:B3288E071D841949 [217]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
BHO: NitroPDF.IE.Sharepoint -> {3BFAE61D-4A6D-4467-9E5E-FE5293D10F9F} -> C:\Program Files\Nitro\Pro\13\npnitroie.dll [2020-03-13] (Nitro Software, Inc. -> Nitro Software, Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: NitroPDF.IE.Sharepoint -> {3BFAE61D-4A6D-4467-9E5E-FE5293D10F9F} -> C:\Program Files (x86)\Nitro\Pro\13\npnitroie.dll [2020-03-13] (Nitro Software, Inc. -> Nitro Software, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2020-10-04 10:07 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2021-11-04 17:16 - 2021-11-08 10:48 - 000000591 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
92.168.137.66 BenjiDell.mshome.net # 2021 11 5 12 13 18 24 909
192.168.137.180 HUAWEI_Mate_20_Pro-fade01.mshome.net # 2021 11 5 12 10 25 18 497
97

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\benji\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\internet explorer wallpaper.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\StartupFolder: => "NTKDaemon.lnk"
HKLM\...\StartupApproved\StartupFolder: => "NIHardwareAccessibilityHelper.exe.lnk"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Nitro System Tray"
HKLM\...\StartupApproved\Run: => "Veeam.EndPoint.Tray.exe"
HKLM\...\StartupApproved\Run: => "AdobePSE20AutoAnalyzer"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G9"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive9"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKLM\...\StartupApproved\Run32: => "PowerDVD13Agent"
HKLM\...\StartupApproved\Run32: => "Creative HID Task"
HKLM\...\StartupApproved\Run32: => "Creative Audio Task"
HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant"
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\StartupApproved\Run: => "Power2GoExpress9"
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_B9B057F13E8261F387166E937D6ED4AC"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{BD32B640-A695-41DE-BB0A-350C2CEEF5B1}] => (Allow) C:\Users\benji\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{95C3153E-18D3-4DA0-8C1C-69E8BC2929F1}] => (Allow) C:\Users\benji\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{E7F8E14A-134B-4C27-B777-CF809E81701B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\Movie\PowerDVD Cinema\PowerDVDCinema13.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{792A5922-D3DE-447C-85FD-1B4931FCF9C9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{9F9CBAB8-2D28-493A-9354-4DF4059DCE50}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{87529624-EF96-4290-A210-1E190251E159}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{9BE24340-9BE6-4374-9A0E-F9ED1A90CAD5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{02F7A03C-7094-43ED-84E7-ECFDCBD3DFC3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMR\PowerDVD13DMREngine.exe => Keine Datei
FirewallRules: [{67055D37-9CD7-4B2E-88F1-B0EDD8005ED9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [UDP Query User{EAE42C37-92DB-4F1C-AA81-F1C8D408A87F}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe (HP Inc. -> )
FirewallRules: [TCP Query User{FD2611A4-1C99-4429-A7A4-0A4BB37AF6E9}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe (HP Inc. -> )
FirewallRules: [UDP Query User{06DBC7CA-A662-4E06-93ED-B39AE7D90770}C:\program files\common files\common desktop agent\cdasrv.exe] => (Allow) C:\program files\common files\common desktop agent\cdasrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{2A87F6B4-A594-41A6-ABE5-88533347EBD6}C:\program files\common files\common desktop agent\cdasrv.exe] => (Allow) C:\program files\common files\common desktop agent\cdasrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{9A09785B-A451-4A60-81BE-F0BBFF14B547}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{0F86F150-A8B8-4494-8738-464A271BE319}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe (HP Inc. -> )
FirewallRules: [{175F5FB8-8EE3-4AD5-98B8-3DDCA3602D39}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe (HP Inc. -> HP Printing Korea Co., Ltd.)
FirewallRules: [{C019386B-ACBF-4488-BDC1-6408FD9CE0DE}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (HP Inc. -> HP Printing Korea Co., Ltd.)
FirewallRules: [{60BD100D-AE0B-4769-9869-51ADC3438798}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe (HP Inc. -> )
FirewallRules: [{5BE78D4B-1556-4711-9180-8A2624389400}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{3CF56E2D-C174-468B-8041-5066FD70ECEC}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{A7A9BE79-59A0-46D8-9285-FE4AE4145960}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{5F4039F7-3F7A-445F-8F6D-EB4DD940A201}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [UDP Query User{740BB8D9-2044-48C6-A0E4-B3377ED8FA5E}C:\program files (x86)\common files\scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\scan process machine\imageeng.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{0AFBE750-A090-4C41-A16F-C93D9EB38AD3}C:\program files (x86)\common files\scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\scan process machine\imageeng.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{1C531DB9-31CD-41E0-B1F7-020164811DF4}] => (Allow) LPort=51113
FirewallRules: [{FA44C986-A96A-4DC0-B5EE-9892686BCBB3}] => (Allow) LPort=51112
FirewallRules: [{50E824EE-7C7B-4AD1-901C-A3B7E9B5968C}] => (Allow) LPort=51111
FirewallRules: [{C4BD3006-4928-4079-8344-F9C99A2766A3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E5201CA1-DDA9-4467-8654-92DF7DD81336}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CD0DEE11-2E64-4C82-9A9D-3C3FBF44887A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9591C866-A484-4EFF-880C-F218E754C835}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{FE9B08DC-88C3-4CBF-B1CC-1D76760B5BB7}C:\program files\steinberg\dorico3.5\dorico web helper.exe] => (Allow) C:\program files\steinberg\dorico3.5\dorico web helper.exe (Steinberg Media Technologies GmbH -> )
FirewallRules: [UDP Query User{C80D494F-FE93-4DA0-A767-DB89287156FD}C:\program files\steinberg\dorico3.5\dorico web helper.exe] => (Allow) C:\program files\steinberg\dorico3.5\dorico web helper.exe (Steinberg Media Technologies GmbH -> )
FirewallRules: [{C09080D7-7D05-4BAB-A3C7-48E27A379372}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{579153F5-8151-4FF6-B37F-9D50FA8CAFEE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C44505E1-BAFF-4F38-9B96-9C102C1B502C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{60A43989-32A1-45D0-88E5-E2C1E210DD3C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{685A958B-EA0C-4C04-B704-B1B4F8E86794}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Recovery.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{AC135A27-0F0D-44E8-90D7-BDF56F7561BB}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{96E5B0FA-20C5-4676-AB98-194CDBBA1141}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{4E383B96-C930-46F9-A8D6-6895DFB4F621}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{3C68D018-8144-4FD4-B7BA-379D57D101F0}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{E5233C01-07B3-4CD8-BACC-77FCAAFC7C59}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{BCBDE807-92BF-4262-BF0B-7F5BD3C1D8F2}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{D1176AAA-62ED-4026-A8D8-90573BF06642}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{C6056F8E-0553-411F-8E89-6CD4B30C2C3F}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [TCP Query User{37D332D1-3019-4D75-B897-95EDFAF0D64F}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Allow) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{E238A515-D2B4-4E6F-A652-33256AED6F9D}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Allow) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{8D6703C8-AEE3-4723-922D-E47BE1462B0A}C:\users\benji\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\benji\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{54E67D41-7703-485E-990D-258C4958D4B5}C:\users\benji\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\benji\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FBC919EE-D4BB-4463-8D10-A8C7AB98C9AB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CDC26EBC-6074-40A2-BF95-E48F3D258B4F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C5C5ED4A-8996-438E-85FC-D7741A5202A4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0369BA90-89DC-4FFF-816B-E7F81A65FB53}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\95.0.1020.44\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

02-11-2021 09:09:49 Windows Modules Installer
03-11-2021 16:00:22 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
03-11-2021 16:00:31 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
08-11-2021 09:10:15 Installed Windows PC Health Check
10-11-2021 09:20:57 Windows Modules Installer

==================== Fehlerhafte Geräte im Gerätemanager ============

Name: Microsoft Wi-Fi Direct Virtual Adapter #4
Description: Virtueller Microsoft Wi-Fi Direct-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Qualcomm Atheros AR5BWB222 Wireless Network Adapter
Description: Qualcomm Atheros AR5BWB222-Drahtlosnetzwerkadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (11/12/2021 10:04:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamtray.exe, Version: 4.0.0.1162, Zeitstempel: 0x61783b28
Name des fehlerhaften Moduls: Qt5Core.dll, Version: 5.14.1.0, Zeitstempel: 0x603971ce
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000219dc5
ID des fehlerhaften Prozesses: 0x1e70
Startzeit der fehlerhaften Anwendung: 0x01d7d7a41060de27
Pfad der fehlerhaften Anwendung: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Berichtskennung: 865ba759-e66f-4cc8-ab75-c1f2f652d9dc
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/12/2021 10:03:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 4.0.0.1162, Zeitstempel: 0x61783b44
Name des fehlerhaften Moduls: Qt5Qml.dll, Version: 5.14.1.0, Zeitstempel: 0x60398085
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00000000001aa2b7
ID des fehlerhaften Prozesses: 0xb10
Startzeit der fehlerhaften Anwendung: 0x01d7d7a4140cd7a0
Pfad der fehlerhaften Anwendung: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
Berichtskennung: 26edee10-b022-40d3-b66e-88690c2a3bf4
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/12/2021 10:03:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 4.0.0.1162, Zeitstempel: 0x61783b44
Name des fehlerhaften Moduls: Qt5Qml.dll, Version: 5.14.1.0, Zeitstempel: 0x60398085
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000001aa2b7
ID des fehlerhaften Prozesses: 0xb10
Startzeit der fehlerhaften Anwendung: 0x01d7d7a4140cd7a0
Pfad der fehlerhaften Anwendung: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
Berichtskennung: b1e738cd-21b3-40d6-879d-b408b5f75256
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/11/2021 02:03:28 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/10/2021 05:45:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VSTAudioEngine3.exe, Version: 3.1.11.23, Zeitstempel: 0x5fca3cdf
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.1288, Zeitstempel: 0xa280d1d6
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ff199
ID des fehlerhaften Prozesses: 0x1700
Startzeit der fehlerhaften Anwendung: 0x01d7d651e664ff2d
Pfad der fehlerhaften Anwendung: C:\Program Files\Steinberg\Dorico3.5\VSTAudioEngine\VSTAudioEngine3.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: ee39212b-35cf-4b70-a859-b503b74a5ce8
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/10/2021 04:45:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (11/10/2021 04:45:35 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (11/10/2021 04:45:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm SystemSettings.exe Version 10.0.19041.1320 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: bdc

Startzeit: 01d7d649f6fc6f0f

Beendigungszeit: 4294967295

Anwendungspfad: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

Bericht-ID: 30781cf8-77f7-4f51-8097-dff03ff3936e

Vollständiger Name des fehlerhaften Pakets: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

Relative Anwendungs-ID des fehlerhaften Pakets: microsoft.windows.immersivecontrolpanel

Absturztyp: Quiesce


Systemfehler:
=============
Error: (11/12/2021 10:12:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/12/2021 10:12:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Veeam Agent for Microsoft Windows" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/12/2021 10:12:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Logi Facecam Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/12/2021 10:12:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/12/2021 10:12:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Wacom Professional Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/12/2021 10:12:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/12/2021 10:12:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "PACE License Services" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/12/2021 10:12:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) RealSense(TM) Depth Camera Manager Service SR300" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.


Windows Defender:
================
Date: 2021-11-12 10:05:50
Description: 
Der überwachte Ordnerzugriff hat C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe daran gehindert, Änderungen am Speicher durchzuführen.
Erkennungszeit: 2021-11-12T09:05:50.723Z
Benutzer: NT-AUTORITÄT\SYSTEM
Pfad: \Device\HarddiskVolume4
Name des Prozesses: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Sicherheitsversion: 1.353.868.0
Modulversion: 1.1.18700.4
Produktversion: 4.18.2110.6

Date: 2021-11-12 09:56:45
Description: 
Der überwachte Ordnerzugriff hat C:\Windows\System32\svchost.exe daran gehindert, Änderungen am Speicher durchzuführen.
Erkennungszeit: 2021-11-12T08:56:45.916Z
Benutzer: NT-AUTORITÄT\SYSTEM
Pfad: \Device\CdRom0
Name des Prozesses: C:\Windows\System32\svchost.exe
Sicherheitsversion: 1.353.810.0
Modulversion: 1.1.18700.4
Produktversion: 4.18.2110.6

Date: 2021-11-10 17:06:04
Description: 
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Documents\AdobeGCData\ zu ändern.
Erkennungszeit: 2021-11-10T16:06:04.530Z
Benutzer: AUDIOMACHINE\benji
Pfad: %userprofile%\Documents\AdobeGCData\
Prozessname: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
Sicherheitsversion: 1.353.743.0
Modulversion: 1.1.18700.4
Produktversion: 4.18.2110.6

Date: 2021-11-10 17:06:04
Description: 
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Documents\AdobeGCData\ zu ändern.
Erkennungszeit: 2021-11-10T16:06:04.530Z
Benutzer: AUDIOMACHINE\benji
Pfad: %userprofile%\Documents\AdobeGCData\
Prozessname: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
Sicherheitsversion: 1.353.743.0
Modulversion: 1.1.18700.4
Produktversion: 4.18.2110.6

Date: 2021-11-10 17:06:04
Description: 
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Documents\AdobeGCData\ zu ändern.
Erkennungszeit: 2021-11-10T16:06:04.530Z
Benutzer: AUDIOMACHINE\benji
Pfad: %userprofile%\Documents\AdobeGCData\
Prozessname: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
Sicherheitsversion: 1.353.743.0
Modulversion: 1.1.18700.4
Produktversion: 4.18.2110.6

CodeIntegrity:
===============
Date: 2021-04-23 11:40:29
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\CastSrv.exe) attempted to load \Device\HarddiskVolume4\Users\benji\AppData\Local\Temp\TeamViewer\tv_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-07-20 19:12:20
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. F16i 11/10/2016
Hauptplatine: Gigabyte Technology Co., Ltd. Z77X-UD5H
Prozessor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 14%
Installierter physikalischer RAM: 32657.15 MB
Verfügbarer physikalischer RAM: 27889.53 MB
Summe virtueller Speicher: 37521.15 MB
Verfügbarer virtueller Speicher: 33055.23 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:232.25 GB) (Free:120.46 GB) NTFS
Drive d: (Documents) (Fixed) (Total:931.51 GB) (Free:367.21 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Audio) (Fixed) (Total:1863.01 GB) (Free:1058.27 GB) NTFS
Drive s: (Samples) (Fixed) (Total:1863 GB) (Free:1225.32 GB) NTFS

\\?\Volume{db23d280-95f9-47ba-9cc2-dcc27975201f}\ (Wiederherstellung) (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS
\\?\Volume{38a2cf03-d0fd-40a4-9227-b7aae9db10e0}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 668E10B2)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 668E10BE)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 3 (Size: 232.9 GB) (Disk ID: 49ADF780)

Partition: GPT.

==================== Ende von Addition.txt =======================
         


Alt 12.11.2021, 10:23   #6
benjis
 
Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender - Standard

Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-11-2021
durchgeführt von benji (12-11-2021 10:15:27)
Gestartet von D:\*****\Downloads
Microsoft Windows 10 Home Version 21H1 19043.1348 (X64) (2020-05-29 12:21:08)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-2387332320-4032506910-2073639800-500 - Administrator - Disabled)
annou (S-1-5-21-2387332320-4032506910-2073639800-1002 - Limited - Disabled)
avisc (S-1-5-21-2387332320-4032506910-2073639800-1003 - Limited - Disabled)
benji (S-1-5-21-2387332320-4032506910-2073639800-1001 - Administrator - Enabled) => C:\Users\benji
DefaultAccount (S-1-5-21-2387332320-4032506910-2073639800-503 - Limited - Disabled)
Gast (S-1-5-21-2387332320-4032506910-2073639800-501 - Limited - Disabled)
noahs (S-1-5-21-2387332320-4032506910-2073639800-1004 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2387332320-4032506910-2073639800-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1394 OHCI Compliant Host Controller (Legacy) (HKLM-x32\...\{B12878BB-DA05-4F25-96E7-E0200428B220}) (Version: 0.0.1 - Microsoft Corporation)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version:  - Adobe)
Advanced Renamer (HKLM\...\Advanced Renamer_is1) (Version: 3.87 - Hulubulu Software)
Allen and Heath Firewire 4.1.0.14624 (HKLM\...\Allen and Heath Firewire_is1) (Version: 4.1.0.14624 - Allen and Heath Ltd.)
ANT Drivers Installer x64 (HKLM\...\{C0ED0478-22DD-4756-B144-EB87A26956AC}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Avid License Control (HKLM-x32\...\{F187D064-F101-4E95-8D05-4027809AA0F8}) (Version: 3.0.1 - Avid Technology, Inc.)
Axe-Edit 3.14.6 (HKLM-x32\...\{0B2FECD3-B4EF-4071-9546-7529D90BAA99}_is1) (Version:  - Fractal Audio)
BlasterX Senz3D (HKLM-x32\...\{111F12F4-87FF-4FAC-83CB-2499EBF3D6EF}) (Version: 1.02.09 - Creative Technology Limited)
Bome Virtual MIDI 2.1.0.44 (HKLM\...\BMIDI_Driver1.0.0.11_is1) (Version:  - Bome Software GmbH & Co. KG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
CPUID CPU-Z 1.98 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.98 - CPUID, Inc.)
CPUID HWMonitor 1.45 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.45 - CPUID, Inc.)
CrystalDiskMark 8.0.1 (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.1 - Crystal Dew World)
CyberLink MediaEspresso 7 (HKLM-x32\...\{F6C47233-40F6-4076-89A9-68B43C2AF5C5}) (Version: 7.0.6909_59349 - CyberLink Corp.)
CyberLink Power2Go 9 (HKLM-x32\...\InstallShield_{57D68FAE-CB5E-4fd6-AE3B-A0B43375AF18}) (Version: 9.0.2602.0 - CyberLink Corp.)
CyberLink PowerDVD 13 (HKLM-x32\...\InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}) (Version: 13.0.8703.62 - CyberLink Corp.)
Dexed version 0.9.4 (HKLM\...\Dexed_is1) (Version: 0.9.4 - Digital Suburban)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Easy Poster Printer (HKLM-x32\...\{085AFF3B-459B-4B8D-9366-F2DC4452D73B}) (Version: 6.8.0 - GD Software)
Elevated Installer (HKLM-x32\...\{630B9854-94D6-42AD-BA59-3CFE0C8A651A}) (Version: 7.2.2.0 - Garmin Ltd or its subsidiaries) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.12.8.1298 - Steinberg Media Technologies GmbH)
E-MU USB-MIDI Windows Drivers (HKLM-x32\...\E-MU USB MIDI Windows Drivers Hotfix) (Version:  - )
EW Installation Center (HKLM\...\{EW Installation Center}}_is1) (Version: 1.4.3 - EastWest Sounds, Inc.)
EW PRODUCT INSTALLER 7.2.3 (HKLM-x32\...\EW PRODUCTS_is1) (Version: 7.2.3 - EastWest Sounds, Inc.)
EZbass (HKLM\...\{10E45B55-3F6B-4ADB-9B70-A3D42D17BDCC}) (Version: 1.0.0 - Toontrack)
EZbass Software Update (HKLM\...\{0DFAC2AE-2736-4ADC-A2C6-9D9CE3DEF3DD}) (Version: 1.1.1 - Toontrack)
EZdrummer 2 64-bit (HKLM\...\{B9217824-0EBE-49C7-98A0-A76CC46BBB7D}) (Version: 2.0.2 - Toontrack)
EZdrummer 2 64-bit Update (HKLM\...\{CFFABFEB-AD0D-4811-B09F-849B19B8FE78}) (Version: 2.2.2 - Toontrack)
EZkeys Software Player 64-bit (HKLM\...\{C8983F26-7DE5-455D-A578-7848A6B3F1C9}) (Version: 1.3.2 - Toontrack)
EZkeys Upright Piano 64 (HKLM\...\{5CC4AF6E-B273-497B-BF7E-9B6E35EBB0E0}) (Version: 1.0.1 - Toontrack)
Fast Duplicate File Finder Professional 4.9.0.1 (HKLM-x32\...\{AFECFED6-0A43-488F-8511-1DC6B52F31C3}_is1) (Version: 4.9.0.1 - MindGems, Inc.)
Finale NotePad 2012 (HKLM-x32\...\Finale NotePad 2012) (Version: 2012..r1.5 - MakeMusic)
Fractal Audio Systems USB Audio Driver v2.23.0 (HKLM-x32\...\Fractal Audio Systems USB Audio Driver v2.23.0) (Version: 2.23.0 - Fractal Audio Systems)
Fractal Audio Systems USB Driver Package 2014.06.06 (HKLM\...\{E992CC59-71FD-4199-B04E-6274F7439EA0}_is1) (Version: 2014.06.06 - Fractal Audio Systems)
Fractal-Bot 3.0.8 (HKLM-x32\...\{6DBF83F6-BE11-414D-82DC-58C414CACF35}_is1) (Version:  - Fractal Audio)
Garmin Express (HKLM-x32\...\{49d6ae2b-f5db-460c-a653-4c7377ee40be}) (Version: 7.2.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{82990251-B13D-419D-A106-7896A8B1F051}) (Version: 7.2.2.0 - Garmin Ltd or its subsidiaries) Hidden
GStreamer 1.14.2 for Transcribe! (HKLM-x32\...\com.seventhstring.GStreamer_is1) (Version: 1.14.2 - )
GStreamer 1.18.4 for Transcribe! (64-bit) (HKLM\...\com.seventhstring.GStreamer_is1) (Version: 1.18.4 - )
Guitar Pro 7 - Soundbanks (HKLM-x32\...\com.arobas-music.guitarpro7-soundbanks_is1) (Version: 1.1.123 - Arobas Music)
Guitar Pro 7 (HKLM-x32\...\{BF4EDCFF-ED20-4AF6-A636-EBAC931336CD}_is1) (Version: 7.5.5.1844 - Arobas Music)
HandBrake 1.4.2 (HKLM-x32\...\HandBrake) (Version: 1.4.2 - )
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.309 - )
HWiNFO64 Version 6.08 (HKLM\...\HWiNFO64_is1) (Version: 6.08 - Martin Malik - REALiX)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.5161 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel® RealSense™ Depth Camera Manager Gold (x86): dptf_com (HKLM-x32\...\{7AF37B0F-CEBD-11EB-A63E-A0510BE9AF3A}) (Version: 2.3.101.9447 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x86): Intel® RealSense™ 3D camera SR300 IO module (HKLM-x32\...\{7AF59DEE-CEBD-11EB-AD80-A0510BE9AF3A}) (Version: 3.4.101.9447 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x86): Intel® RealSense™ Depth Camera Manager Service (HKLM-x32\...\{869318E1-CEBD-11EB-8C5A-A0510BE9AF3A}) (Version: 3.4.101.9447 - Intel Corporation) Hidden
Intel® RealSense™ Tiefenkamera-Manager SR300 (HKLM-x32\...\ARP_for_prd_dcm_runtime_sr300_3.4.101.9447) (Version: 3.4.101.9447 - Intel Corporation)
Ivory 2.5 (HKLM-x32\...\{49660abf-44ec-4553-bfe4-103969712210}) (Version: 2.5.2.20 - Synthogy, LLC)
Ivory Software Components (HKLM\...\{9103CDEB-5FF3-48CD-9646-5D29ED2CCF86}) (Version: 2.5.2.20 - Synthogy, LLC) Hidden
iZotope Ozone 7 Advanced (HKLM-x32\...\iZotope Ozone 7 Advanced 7.01) (Version: 7.01 - iZotope, Inc.)
JBridge (HKLM-x32\...\JBridge) (Version:  - JBridge)
LatencyMon 6.50 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Logitech Capture (HKLM\...\Capture) (Version: 2.06.12 - Logitech)
loopMIDI (HKLM-x32\...\{AEAF7978-3204-451D-8593-BC53EBDDA31D}) (Version: 1.0.5.15 - Tobias Erichsen)
MakeMKV v1.15.0 (HKLM-x32\...\MakeMKV) (Version: v1.15.0 - GuinpinSoft inc)
Malwarebytes version 4.4.10.144 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.10.144 - Malwarebytes)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1039 - Marvell)
Melodyne 5 (HKLM-x32\...\{16DF894D-FC3F-4B87-908D-671E201CD7A8}) (Version: 5.01.01003 - Celemony Software GmbH)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.14527.20234 - Microsoft Corporation)
Microsoft 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.14527.20234 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.44 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 95.0.1020.44 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.205.1003.0005 - Microsoft Corporation)
Microsoft OneNote - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 16.0.14527.20234 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{C18B132E-4032-4425-826A-24B1CA9DFF0C}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{7ED2561C-FBC2-421E-A2B5-C7BEFD623145}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{CECCBAE9-1880-411E-9D28-8E562F6DAAE2}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\Teams) (Version: 1.4.00.4167 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29914 (HKLM-x32\...\{43d1ce82-6f55-4860-a938-20e5deb28b98}) (Version: 14.28.29914.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.26.28720 (HKLM-x32\...\{86380aef-fd23-4fc3-8723-a98ccad8f2c6}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.21 (x64) (HKLM-x32\...\{4be70f3b-2d71-4c79-adc0-d1f1221e41b1}) (Version: 3.1.21.30622 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.12 (x64) (HKLM-x32\...\{ce8037d8-35f7-4142-ad18-23609ac5db17}) (Version: 5.0.12.30623 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 13.221.137.0 - Microsoft Corporation)
MIDI Guitar 2 version 2.2.1.0 (HKLM\...\MIDI Guitar 2_is1) (Version: 2.2.1.0 - )
MKVToolNix 43.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 43.0.0 - Moritz Bunkus)
Mp3tag v2.81 (HKLM-x32\...\Mp3tag) (Version: 2.81 - Florian Heidenreich)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.6.1.139 - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.13.5.139 - Native Instruments)
Neuratron PhotoScore && NotateMe Ultimate (HKLM-x32\...\Neuratron PhotoScore && NotateMe Ultimate) (Version: 9.0.0 - Neuratron Ltd)
Nitro Pro (HKLM\...\{C96C14B3-5E41-49E5-AAB5-22832C08CAED}) (Version: 13.15.1.282 - Nitro) Hidden
Nitro Pro (HKLM-x32\...\{b6447f4a-7f1e-4f4c-b770-5b1e3dafd6f3}) (Version: 13.15.1.282 - Nitro)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.9 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PACE License Support Win64 (HKLM\...\{5AC4321F-FCD1-4a37-BFCB-E1EB0047CDA4}) (Version: 5.4.1.3706 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{5AC4321F-FCD1-4a37-BFCB-E1EB0047CDA4}) (Version: 5.4.1.3706 - PACE Anti-Piracy, Inc.)
PLAY 6.1.9 (HKLM-x32\...\EW PLAY_is1) (Version: 6.1.9 - EastWest Sounds, Inc.)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Rename Master (HKLM-x32\...\Rename Master_is1) (Version:  - )
R-Link 2 Toolbox (HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\{R-Link 2 Toolbox}}_is1) (Version: 1.7.3 - Renault)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.06.60 (17.03.2015) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.00.01.24 - HP Printing Korea Co., Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.3.0.1910 - Samsung Electronics)
Samsung NVM Express Driver (HKLM-x32\...\{d6df2f24-bd8d-49bc-b751-fac310b24a4b}) (Version: 3.1.0.1901 - Samsung Electronics)
Samsung NVM Express Driver 3.1.0.1901 (HKLM\...\{DF7667AF-FC11-48A4-9585-7378B5224C1A}) (Version: 3.1.0.1901 - Samsung Electronics Co., Ltd) Hidden
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.28 - Samsung Electronics Co., Ltd.) Hidden
Sibelius 7 OpenType Fonts (HKLM-x32\...\{623C2BD8-1B28-4F98-B578-E9D139827269}) (Version: 7.1.3 - Avid)
Sibelius 7.5 (HKLM\...\{BBADBAB3-56A4-444B-834E-D8730B574C3E}) (Version: 7.5.1.209 - Avid Technology)
Skype Version 8.78 (HKLM-x32\...\Skype_is1) (Version: 8.78 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Steinberg Cubase 11 (HKLM\...\{49A80F46-11CC-44F9-9FEC-2566FE0AB7A5}) (Version: 11.0.41 - Steinberg Media Technologies GmbH)
Steinberg Dark Planet 64bit (HKLM\...\{52B15329-EA8D-4088-AE8F-BD831D187290}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Dorico 3.5 (HKLM\...\{E72A482D-E6C4-4B92-B248-3880AD721E8A}) (Version: 3.5.12 - Steinberg Media Technologies GmbH)
Steinberg Download Assistant (HKLM-x32\...\Steinberg Download Assistant) (Version: 1.20.2 - Steinberg Media Technologies GmbH)
Steinberg Generic Lower Latency ASIO Driver 64bit (HKLM\...\{16D5A798-10BE-4FF3-BB71-54C012CD0D7D}) (Version: 1.0.20 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 5 (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 5.0.50 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Acoustic Agent (HKLM-x32\...\{F34EA13C-F078-4003-AE21-43EAB2680EC5}) (Version: 1.0.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 3 Component (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 3.4.40 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Standalone (HKLM\...\{2D64E1A0-02C7-4AED-BCC6-3A5E5C91D6E2}) (Version: 3.4.40 - Steinberg Media Technologies GmbH)
Steinberg HALion Symphonic Orchestra 64bit (HKLM\...\{2980E719-19F3-4329-944A-782A7D723741}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Symphonic Orchestra VST Sound Instrument Set (HKLM-x32\...\{1312306D-F0A5-4B64-BA34-AC6169A3A098}) (Version: 1.2.0 - Steinberg Media Technologies GmbH)
Steinberg Install Assistant (HKLM\...\{2E7DF371-6034-4FC7-AE30-100AC21A1003}) (Version: 1.0.4 - Steinberg Media Technologies GmbH)
Steinberg Instrument Set Dark Planet (HKLM-x32\...\{7E95B088-EF08-4093-85E1-B0689BDAB35C}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Library Manager (HKLM\...\{AA78592A-F13C-4C8E-B849-7A398001FA7F}) (Version: 3.1.0 - Steinberg Media Technologies GmbH)
Steinberg Padshop 2 (HKLM\...\{6FBAF5EF-816E-4D80-BFBE-8B237EEA4CD4}) (Version: 2.0.30 - Steinberg Media Technologies GmbH)
Steinberg Retrologue 64bit (HKLM\...\{4D65ECE6-131D-4B5F-8470-2750D3161619}) (Version: 2.2.50 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg SpectraLayers 7 (HKLM\...\424abc1e-aca9-452c-9b47-4g6c6gh53b42_is1) (Version: 7.0.30.251 - Steinberg)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Transit 64bit (HKLM\...\{FF1A114C-0F88-11E5-A6C0-1697F925EC7B}) (Version: 1.0.13 - Steinberg Media Technologies GmbH)
Steinberg WaveLab Elements 10.0 (HKLM\...\{CEE5E0EE-A9EA-4A0B-BE6E-5DD242BF5685}) (Version: 10.0.70 - Steinberg Media Technologies GmbH)
Steinberg WaveLab Elements 11 (HKLM\...\{7470D690-0FA2-44E2-AE7E-E5BCFE716BD5}) (Version: 11.0.10 - Steinberg Media Technologies GmbH)
Superior Drummer 3 (HKLM\...\{C556430A-61B1-4B55-8287-B3D6D26F729B}) (Version: 3.2.6 - Toontrack)
Superior Drummer 64-bit (HKLM\...\{0E54CF79-AE40-409E-9253-9563418C730C}) (Version: 2.4.4 - Toontrack)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.15.5 - TeamViewer)
Toontrack Audio Sender (HKLM\...\{B1412021-F4CD-422C-BC8B-CDE9924C371B}) (Version: 1.1.0 - Toontrack)
Toontrack Product Manager (HKLM-x32\...\{5BAE101A-4AF5-4FBA-99E6-1CE2825F8993}) (Version: 1.0.0 - Toontrack)
Toontrack solo 64-bit (HKLM\...\{FA9D0D8C-FDD1-45C2-8291-079FBA72D2CB}) (Version: 1.3.3 - Toontrack)
Transcribe! 9.00.0 (HKLM\...\com.seventhstring.Transcribe_is1) (Version: 9.00 - Seventh String Software)
UAD drivers. This may take a while... (HKLM-x32\...\{55D16842-4E1E-4917-A017-48B09700A273}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM\...\{8D858241-995D-4F89-BBEE-393A32AF3D6E}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM\...\{AB48EBD1-F812-4FF4-BD0E-B60D9845520D}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM-x32\...\{1C012F00-B5AB-41A7-91D2-E228B371032E}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM-x32\...\{6B682D44-6560-4548-9AF7-CE26C8E541AC}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM-x32\...\{77e84ed1-e5c1-4b65-9241-a0caa38f74df}) (Version: 9.14.5.2390 - Universal Audio, Inc.)
UAD Powered Plug-Ins (HKLM-x32\...\{EE9B955E-7BDE-4FE0-AFDB-16B2B1229701}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UM-ONE Driver (HKLM\...\RolandRDID0115) (Version:  - Roland Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Veeam Agent for Microsoft Windows (HKLM\...\{092807B0-27B2-451E-84EE-8102153D41CA}) (Version: 5.0.0.4301 - Veeam Software Group GmbH)
Visual Similarity Duplicate Image Finder Professional 6.7.0.1 (HKLM-x32\...\{72D6BE71-2A6F-4D01-809E-A3174D1738A0}_is1) (Version: 6.7.0.1 - MindGems, Inc.)
Voxengo CurveEQ (HKLM\...\Voxengo CurveEQ_is1) (Version: 3.5 - Voxengo)
Voxengo Stereo Touch (HKLM\...\Voxengo Stereo Touch_is1) (Version: 2.8.1 - Voxengo)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.42-2 - Wacom Technology Corp.)
WinDirStat 1.1.2 (HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\WinDirStat) (Version:  - )
Windows-PC-Integritätsprüfung (HKLM\...\{AD47C6B2-6C72-4F0E-B66F-7685C28ACDFD}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Fractal Audio Systems (axefx2load) USB  (05/15/2011 1.0.0.9) (HKLM\...\6AEB8A42A154DE456DE5E467C01A582911CB5C6A) (Version: 05/15/2011 1.0.0.9 - Fractal Audio Systems)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\ZoomUMX) (Version: 5.7.7 (1105) - Zoom Video Communications, Inc.)
Zoom Outlook Plugin (HKLM-x32\...\{90C8CDA8-25A0-47C3-9DB7-E0A3E33EFA17}) (Version: 5.6.3 - Zoom)

Packages:
=========
Affinity Designer -> C:\Program Files\WindowsApps\SerifEuropeLtd.AffinityDesigner_11004.1198.0.0_x64__844sdzfcmm7k0 [2021-11-02] (Serif Europe Ltd)
Affinity Photo -> C:\Program Files\WindowsApps\SerifEuropeLtd.AffinityPhoto_11004.1198.0.0_x64__844sdzfcmm7k0 [2021-11-02] (Serif Europe Ltd)
Affinity Publisher -> C:\Program Files\WindowsApps\SerifEuropeLtd.AffinityPublisher_11004.1198.0.0_x64__844sdzfcmm7k0 [2021-11-02] (Serif Europe Ltd)
Amazon Assistant -> C:\Program Files\WindowsApps\Amazon.com.AmazonAssistant_10.1910.9.0_neutral__343d40qqvtj1t [2019-12-17] (Amazon.com)
Drawboard PDF -> C:\Program Files\WindowsApps\DRAWBOARD.DRAWBOARDPDF_6.6.7.0_x64__gqbn7fs4pywxm [2021-11-11] (Drawboard)
DWD WarnWetter -> C:\Program Files\WindowsApps\DeutscherWetterdienst.DWDWarnWetter_1.9.2.0_x64__ea15zn9khdvwy [2019-06-25] (Deutscher Wetterdienst)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-11-04] (Microsoft Corporation)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2020-12-31] (Microsoft Corporation)
Google Maps -> C:\Program Files\WindowsApps\www.google.de-E0D29419_1.0.0.3_neutral__242r1gb6pg1pg [2021-09-28] (www.google.de)
HEVC-Videoerweiterungen -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_1.0.42702.0_x64__8wekyb3d8bbwe [2021-10-21] (Microsoft Corporation)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-11-04] (Microsoft Corporation)
Metronom -> C:\Program Files\WindowsApps\12199Asparion.Metronom_3.0.4.0_x64__f89vgcf3qm37t [2020-11-19] (Asparion) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-25] (Microsoft Corporation) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.56.43053.0_x64__8wekyb3d8bbwe [2021-11-03] (Microsoft Corporation) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_51.0.137.0_x64__8wekyb3d8bbwe [2021-11-10] (Microsoft Corporation)
MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-20] (Microsoft Corporation)
myTube Beta -> C:\Program Files\WindowsApps\59750RykenApps.myTubeBeta_4.0.16.0_x64__zd92nzxdcatqw [2021-11-02] (Ryken Studio)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.41311.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Corporation)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2019-06-25] (Samsung Electronics Co. Ltd.)
ScreenToGif -> C:\Program Files\WindowsApps\33823Nicke.ScreenToGif_2.34.0.0_neutral__99xjgbc30gqtw [2021-09-28] (Nicke)
Steinberg Forums -> C:\Program Files\WindowsApps\forums.steinberg.net-C59F1975_1.0.0.2_neutral__nppzdakyq6tn8 [2021-09-28] (forums.steinberg.net)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-11-01] (Twitter Inc.)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2142.12.0_x64__cv1g1gvanyjgm [2021-11-06] (WhatsApp Inc.)
Zattoo Live TV -> C:\Program Files\WindowsApps\ZattooEuropaAG.ZattooLiveTV_5.2121.3723.0_x64__cwpjhwd4pd0ma [2021-05-28] (Zattoo Europa AG)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2021}\localserver32 -> "C:\Program Files\Adobe\Elements 2021 Organizer\Elements Auto Creations 2021.exe" -toastactivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2022}\localserver32 -> "C:\Program Files\Adobe\Elements 2022 Organizer\Elements Auto Creations 2022.exe" -toastactivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\benji\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2020-09-24] (Notepad++ -> )
ContextMenuHandlers1-x32: [ARenGUID_ContextMenuEntry] -> {E30FF514-33BF-4C2F-A3BD-83C26DC7325C} => C:\Program Files\Advanced Renamer\arencm.dll [2014-04-04] (Kim Jensen) [Datei ist nicht signiert]
ContextMenuHandlers1: [ARenGUID_ContextMenuEntry64] -> {85EF5100-D10C-11E1-82EF-B60A140DCD93} => C:\Program Files\Advanced Renamer\arencm64.dll [2014-11-29] (Kim Jensen) [Datei ist nicht signiert]
ContextMenuHandlers1: [CLVDShellExt9] -> {4E20B104-5D9F-4E01-A01E-100F08E345C9} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt9_20190625_15_15_28.dll [2015-02-05] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-02-17] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers1: [Nitro.Pro.ShellExtension.Shim] -> {211B6F25-950C-49CD-AB86-A448EF85686A} => C:\Program Files\Common Files\Nitro\Nitro.Pro.ShellExtension.Shim.dll [2020-03-13] (Nitro Software, Inc. -> Nitro Software, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt9] -> {4E20B104-5D9F-4E01-A01E-100F08E345C9} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt9_20190625_15_15_28.dll [2015-02-05] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-02-17] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-11-12] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4-x32: [ARenGUID_ContextMenuEntry] -> {E30FF514-33BF-4C2F-A3BD-83C26DC7325C} => C:\Program Files\Advanced Renamer\arencm.dll [2014-04-04] (Kim Jensen) [Datei ist nicht signiert]
ContextMenuHandlers4: [ARenGUID_ContextMenuEntry64] -> {85EF5100-D10C-11E1-82EF-B60A140DCD93} => C:\Program Files\Advanced Renamer\arencm64.dll [2014-11-29] (Kim Jensen) [Datei ist nicht signiert]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-02-17] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-11-12] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [Datei ist nicht signiert]

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2021-02-03 10:53 - 2014-11-29 22:55 - 000656896 _____ (Kim Jensen) [Datei ist nicht signiert] C:\Program Files\Advanced Renamer\arencm64.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\ProgramData:AC2347AA8E7BFAAC [217]
AlternateDataStreams: C:\ProgramData:B3288E071D841949 [217]
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\Users\All Users:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\Users\All Users:AC2347AA8E7BFAAC [217]
AlternateDataStreams: C:\Users\All Users:B3288E071D841949 [217]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:AC2347AA8E7BFAAC [217]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:B3288E071D841949 [217]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
BHO: NitroPDF.IE.Sharepoint -> {3BFAE61D-4A6D-4467-9E5E-FE5293D10F9F} -> C:\Program Files\Nitro\Pro\13\npnitroie.dll [2020-03-13] (Nitro Software, Inc. -> Nitro Software, Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: NitroPDF.IE.Sharepoint -> {3BFAE61D-4A6D-4467-9E5E-FE5293D10F9F} -> C:\Program Files (x86)\Nitro\Pro\13\npnitroie.dll [2020-03-13] (Nitro Software, Inc. -> Nitro Software, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2020-10-04 10:07 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2021-11-04 17:16 - 2021-11-08 10:48 - 000000591 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
92.168.137.66 BenjiDell.mshome.net # 2021 11 5 12 13 18 24 909
192.168.137.180 HUAWEI_Mate_20_Pro-fade01.mshome.net # 2021 11 5 12 10 25 18 497
97

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\benji\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\internet explorer wallpaper.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\StartupFolder: => "NTKDaemon.lnk"
HKLM\...\StartupApproved\StartupFolder: => "NIHardwareAccessibilityHelper.exe.lnk"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Nitro System Tray"
HKLM\...\StartupApproved\Run: => "Veeam.EndPoint.Tray.exe"
HKLM\...\StartupApproved\Run: => "AdobePSE20AutoAnalyzer"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G9"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive9"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKLM\...\StartupApproved\Run32: => "PowerDVD13Agent"
HKLM\...\StartupApproved\Run32: => "Creative HID Task"
HKLM\...\StartupApproved\Run32: => "Creative Audio Task"
HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant"
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\StartupApproved\Run: => "Power2GoExpress9"
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_B9B057F13E8261F387166E937D6ED4AC"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{BD32B640-A695-41DE-BB0A-350C2CEEF5B1}] => (Allow) C:\Users\benji\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{95C3153E-18D3-4DA0-8C1C-69E8BC2929F1}] => (Allow) C:\Users\benji\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{E7F8E14A-134B-4C27-B777-CF809E81701B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\Movie\PowerDVD Cinema\PowerDVDCinema13.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{792A5922-D3DE-447C-85FD-1B4931FCF9C9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{9F9CBAB8-2D28-493A-9354-4DF4059DCE50}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{87529624-EF96-4290-A210-1E190251E159}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{9BE24340-9BE6-4374-9A0E-F9ED1A90CAD5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{02F7A03C-7094-43ED-84E7-ECFDCBD3DFC3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMR\PowerDVD13DMREngine.exe => Keine Datei
FirewallRules: [{67055D37-9CD7-4B2E-88F1-B0EDD8005ED9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [UDP Query User{EAE42C37-92DB-4F1C-AA81-F1C8D408A87F}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe (HP Inc. -> )
FirewallRules: [TCP Query User{FD2611A4-1C99-4429-A7A4-0A4BB37AF6E9}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe (HP Inc. -> )
FirewallRules: [UDP Query User{06DBC7CA-A662-4E06-93ED-B39AE7D90770}C:\program files\common files\common desktop agent\cdasrv.exe] => (Allow) C:\program files\common files\common desktop agent\cdasrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{2A87F6B4-A594-41A6-ABE5-88533347EBD6}C:\program files\common files\common desktop agent\cdasrv.exe] => (Allow) C:\program files\common files\common desktop agent\cdasrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{9A09785B-A451-4A60-81BE-F0BBFF14B547}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{0F86F150-A8B8-4494-8738-464A271BE319}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe (HP Inc. -> )
FirewallRules: [{175F5FB8-8EE3-4AD5-98B8-3DDCA3602D39}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe (HP Inc. -> HP Printing Korea Co., Ltd.)
FirewallRules: [{C019386B-ACBF-4488-BDC1-6408FD9CE0DE}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (HP Inc. -> HP Printing Korea Co., Ltd.)
FirewallRules: [{60BD100D-AE0B-4769-9869-51ADC3438798}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe (HP Inc. -> )
FirewallRules: [{5BE78D4B-1556-4711-9180-8A2624389400}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{3CF56E2D-C174-468B-8041-5066FD70ECEC}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{A7A9BE79-59A0-46D8-9285-FE4AE4145960}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{5F4039F7-3F7A-445F-8F6D-EB4DD940A201}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [UDP Query User{740BB8D9-2044-48C6-A0E4-B3377ED8FA5E}C:\program files (x86)\common files\scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\scan process machine\imageeng.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{0AFBE750-A090-4C41-A16F-C93D9EB38AD3}C:\program files (x86)\common files\scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\scan process machine\imageeng.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{1C531DB9-31CD-41E0-B1F7-020164811DF4}] => (Allow) LPort=51113
FirewallRules: [{FA44C986-A96A-4DC0-B5EE-9892686BCBB3}] => (Allow) LPort=51112
FirewallRules: [{50E824EE-7C7B-4AD1-901C-A3B7E9B5968C}] => (Allow) LPort=51111
FirewallRules: [{C4BD3006-4928-4079-8344-F9C99A2766A3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E5201CA1-DDA9-4467-8654-92DF7DD81336}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CD0DEE11-2E64-4C82-9A9D-3C3FBF44887A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9591C866-A484-4EFF-880C-F218E754C835}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{FE9B08DC-88C3-4CBF-B1CC-1D76760B5BB7}C:\program files\steinberg\dorico3.5\dorico web helper.exe] => (Allow) C:\program files\steinberg\dorico3.5\dorico web helper.exe (Steinberg Media Technologies GmbH -> )
FirewallRules: [UDP Query User{C80D494F-FE93-4DA0-A767-DB89287156FD}C:\program files\steinberg\dorico3.5\dorico web helper.exe] => (Allow) C:\program files\steinberg\dorico3.5\dorico web helper.exe (Steinberg Media Technologies GmbH -> )
FirewallRules: [{C09080D7-7D05-4BAB-A3C7-48E27A379372}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{579153F5-8151-4FF6-B37F-9D50FA8CAFEE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C44505E1-BAFF-4F38-9B96-9C102C1B502C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{60A43989-32A1-45D0-88E5-E2C1E210DD3C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{685A958B-EA0C-4C04-B704-B1B4F8E86794}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Recovery.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{AC135A27-0F0D-44E8-90D7-BDF56F7561BB}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{96E5B0FA-20C5-4676-AB98-194CDBBA1141}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{4E383B96-C930-46F9-A8D6-6895DFB4F621}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{3C68D018-8144-4FD4-B7BA-379D57D101F0}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{E5233C01-07B3-4CD8-BACC-77FCAAFC7C59}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{BCBDE807-92BF-4262-BF0B-7F5BD3C1D8F2}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{D1176AAA-62ED-4026-A8D8-90573BF06642}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{C6056F8E-0553-411F-8E89-6CD4B30C2C3F}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [TCP Query User{37D332D1-3019-4D75-B897-95EDFAF0D64F}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Allow) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{E238A515-D2B4-4E6F-A652-33256AED6F9D}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Allow) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{8D6703C8-AEE3-4723-922D-E47BE1462B0A}C:\users\benji\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\benji\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{54E67D41-7703-485E-990D-258C4958D4B5}C:\users\benji\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\benji\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FBC919EE-D4BB-4463-8D10-A8C7AB98C9AB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CDC26EBC-6074-40A2-BF95-E48F3D258B4F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C5C5ED4A-8996-438E-85FC-D7741A5202A4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0369BA90-89DC-4FFF-816B-E7F81A65FB53}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\95.0.1020.44\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

02-11-2021 09:09:49 Windows Modules Installer
03-11-2021 16:00:22 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
03-11-2021 16:00:31 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
08-11-2021 09:10:15 Installed Windows PC Health Check
10-11-2021 09:20:57 Windows Modules Installer

==================== Fehlerhafte Geräte im Gerätemanager ============

Name: Microsoft Wi-Fi Direct Virtual Adapter #4
Description: Virtueller Microsoft Wi-Fi Direct-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Qualcomm Atheros AR5BWB222 Wireless Network Adapter
Description: Qualcomm Atheros AR5BWB222-Drahtlosnetzwerkadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (11/12/2021 10:04:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamtray.exe, Version: 4.0.0.1162, Zeitstempel: 0x61783b28
Name des fehlerhaften Moduls: Qt5Core.dll, Version: 5.14.1.0, Zeitstempel: 0x603971ce
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000219dc5
ID des fehlerhaften Prozesses: 0x1e70
Startzeit der fehlerhaften Anwendung: 0x01d7d7a41060de27
Pfad der fehlerhaften Anwendung: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Berichtskennung: 865ba759-e66f-4cc8-ab75-c1f2f652d9dc
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/12/2021 10:03:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 4.0.0.1162, Zeitstempel: 0x61783b44
Name des fehlerhaften Moduls: Qt5Qml.dll, Version: 5.14.1.0, Zeitstempel: 0x60398085
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00000000001aa2b7
ID des fehlerhaften Prozesses: 0xb10
Startzeit der fehlerhaften Anwendung: 0x01d7d7a4140cd7a0
Pfad der fehlerhaften Anwendung: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
Berichtskennung: 26edee10-b022-40d3-b66e-88690c2a3bf4
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/12/2021 10:03:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 4.0.0.1162, Zeitstempel: 0x61783b44
Name des fehlerhaften Moduls: Qt5Qml.dll, Version: 5.14.1.0, Zeitstempel: 0x60398085
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000001aa2b7
ID des fehlerhaften Prozesses: 0xb10
Startzeit der fehlerhaften Anwendung: 0x01d7d7a4140cd7a0
Pfad der fehlerhaften Anwendung: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
Berichtskennung: b1e738cd-21b3-40d6-879d-b408b5f75256
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/11/2021 02:03:28 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/10/2021 05:45:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VSTAudioEngine3.exe, Version: 3.1.11.23, Zeitstempel: 0x5fca3cdf
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.1288, Zeitstempel: 0xa280d1d6
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ff199
ID des fehlerhaften Prozesses: 0x1700
Startzeit der fehlerhaften Anwendung: 0x01d7d651e664ff2d
Pfad der fehlerhaften Anwendung: C:\Program Files\Steinberg\Dorico3.5\VSTAudioEngine\VSTAudioEngine3.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: ee39212b-35cf-4b70-a859-b503b74a5ce8
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/10/2021 04:45:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (11/10/2021 04:45:35 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (11/10/2021 04:45:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm SystemSettings.exe Version 10.0.19041.1320 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: bdc

Startzeit: 01d7d649f6fc6f0f

Beendigungszeit: 4294967295

Anwendungspfad: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

Bericht-ID: 30781cf8-77f7-4f51-8097-dff03ff3936e

Vollständiger Name des fehlerhaften Pakets: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

Relative Anwendungs-ID des fehlerhaften Pakets: microsoft.windows.immersivecontrolpanel

Absturztyp: Quiesce


Systemfehler:
=============
Error: (11/12/2021 10:12:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/12/2021 10:12:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Veeam Agent for Microsoft Windows" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/12/2021 10:12:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Logi Facecam Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/12/2021 10:12:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/12/2021 10:12:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Wacom Professional Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/12/2021 10:12:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/12/2021 10:12:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "PACE License Services" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/12/2021 10:12:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) RealSense(TM) Depth Camera Manager Service SR300" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.


Windows Defender:
================
Date: 2021-11-12 10:05:50
Description: 
Der überwachte Ordnerzugriff hat C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe daran gehindert, Änderungen am Speicher durchzuführen.
Erkennungszeit: 2021-11-12T09:05:50.723Z
Benutzer: NT-AUTORITÄT\SYSTEM
Pfad: \Device\HarddiskVolume4
Name des Prozesses: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Sicherheitsversion: 1.353.868.0
Modulversion: 1.1.18700.4
Produktversion: 4.18.2110.6

Date: 2021-11-12 09:56:45
Description: 
Der überwachte Ordnerzugriff hat C:\Windows\System32\svchost.exe daran gehindert, Änderungen am Speicher durchzuführen.
Erkennungszeit: 2021-11-12T08:56:45.916Z
Benutzer: NT-AUTORITÄT\SYSTEM
Pfad: \Device\CdRom0
Name des Prozesses: C:\Windows\System32\svchost.exe
Sicherheitsversion: 1.353.810.0
Modulversion: 1.1.18700.4
Produktversion: 4.18.2110.6

Date: 2021-11-10 17:06:04
Description: 
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Documents\AdobeGCData\ zu ändern.
Erkennungszeit: 2021-11-10T16:06:04.530Z
Benutzer: AUDIOMACHINE\benji
Pfad: %userprofile%\Documents\AdobeGCData\
Prozessname: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
Sicherheitsversion: 1.353.743.0
Modulversion: 1.1.18700.4
Produktversion: 4.18.2110.6

Date: 2021-11-10 17:06:04
Description: 
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Documents\AdobeGCData\ zu ändern.
Erkennungszeit: 2021-11-10T16:06:04.530Z
Benutzer: AUDIOMACHINE\benji
Pfad: %userprofile%\Documents\AdobeGCData\
Prozessname: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
Sicherheitsversion: 1.353.743.0
Modulversion: 1.1.18700.4
Produktversion: 4.18.2110.6

Date: 2021-11-10 17:06:04
Description: 
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Documents\AdobeGCData\ zu ändern.
Erkennungszeit: 2021-11-10T16:06:04.530Z
Benutzer: AUDIOMACHINE\benji
Pfad: %userprofile%\Documents\AdobeGCData\
Prozessname: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
Sicherheitsversion: 1.353.743.0
Modulversion: 1.1.18700.4
Produktversion: 4.18.2110.6

CodeIntegrity:
===============
Date: 2021-04-23 11:40:29
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\CastSrv.exe) attempted to load \Device\HarddiskVolume4\Users\benji\AppData\Local\Temp\TeamViewer\tv_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-07-20 19:12:20
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. F16i 11/10/2016
Hauptplatine: Gigabyte Technology Co., Ltd. Z77X-UD5H
Prozessor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 14%
Installierter physikalischer RAM: 32657.15 MB
Verfügbarer physikalischer RAM: 27889.53 MB
Summe virtueller Speicher: 37521.15 MB
Verfügbarer virtueller Speicher: 33055.23 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:232.25 GB) (Free:120.46 GB) NTFS
Drive d: (Documents) (Fixed) (Total:931.51 GB) (Free:367.21 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Audio) (Fixed) (Total:1863.01 GB) (Free:1058.27 GB) NTFS
Drive s: (Samples) (Fixed) (Total:1863 GB) (Free:1225.32 GB) NTFS

\\?\Volume{db23d280-95f9-47ba-9cc2-dcc27975201f}\ (Wiederherstellung) (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS
\\?\Volume{38a2cf03-d0fd-40a4-9227-b7aae9db10e0}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 668E10B2)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 668E10BE)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 3 (Size: 232.9 GB) (Disk ID: 49ADF780)

Partition: GPT.

==================== Ende von Addition.txt =======================
         

Alt 13.11.2021, 10:44   #7
M-K-D-B
/// TB-Ausbilder
 
Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender - Standard

Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender



Schritt 1
WARNUNG AN ALLE MITLESER !!!
Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System angewendet werden!
  • Speichere deine Arbeiten und schließe alle offenen Programme, damit keine Daten verloren gehen.
  • Kopiere den gesamten Inhalt der folgenden Code-Box:
    Code:
    ATTFilter
    Start::
    SystemRestore: On 
    CreateRestorePoint:
    CloseProcesses:
    GroupPolicy: Beschränkung ? <==== ACHTUNG
    Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
    Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
    Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
    Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
    Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
    S2 NIHostIntegrationAgent; C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe [X]
    S3 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X]
    AlternateDataStreams: C:\ProgramData:482EE99B1E21CE8C [217]
    AlternateDataStreams: C:\ProgramData:AC2347AA8E7BFAAC [217]
    AlternateDataStreams: C:\ProgramData:B3288E071D841949 [217]
    AlternateDataStreams: C:\Windows:nlsPreferences [386]
    AlternateDataStreams: C:\Users\All Users:482EE99B1E21CE8C [217]
    AlternateDataStreams: C:\Users\All Users:AC2347AA8E7BFAAC [217]
    AlternateDataStreams: C:\Users\All Users:B3288E071D841949 [217]
    AlternateDataStreams: C:\ProgramData\Anwendungsdaten:482EE99B1E21CE8C [217]
    AlternateDataStreams: C:\ProgramData\Anwendungsdaten:AC2347AA8E7BFAAC [217]
    AlternateDataStreams: C:\ProgramData\Anwendungsdaten:B3288E071D841949 [217]
    Unlock: C:\Program Files (x86)\_43_S
    Folder: C:\Program Files (x86)\_43_S
    CMD: ipconfig /flushdns
    CMD: netsh winsock reset catalog
    CMD: netsh advfirewall reset
    CMD: netsh advfirewall set allprofiles state ON
    CMD: Bitsadmin /Reset /Allusers
    CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
    CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
    CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
    CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
    powershell: Set-MpPreference -PUAProtection Enabled
    powershell: Set-MpPreference -DisableScanningNetworkFiles 0
    StartRegedit:
    Windows Registry Editor Version 5.00
        
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl]
    "AutoReboot"=dword:00000000
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
    "NoAutoUpdate"=-
    
    [SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection]
    "DisableBehaviorMonitoring"=-
    "DisableOnAccessProtection"=-
    "DisableScanOnRealtimeEnable"=-
    EndRegedit:
    
    Hosts:
    RemoveProxy:
    EmptyTemp:
    End::
             
  • Starte nun FRST und klicke direkt den Reparieren Button.
    Wichtig: Du brauchst den Inhalt der Code-Box nirgends einfügen, da sich FRST den Code aus der Zwischenablage holt!
  • Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich FRST befindet.
  • Gegebenenfalls muss dein Rechner neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.





Schritt 2
Führe RogueKiller Anti-Malware gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei.





Schritt 3
  • Starte FRST erneut und klicke auf Untersuchen.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Bitte poste mit deiner nächsten Antwort:
  • die Logdatei des FRST-Fix (fixlog.txt)
  • die Logdatei von RogueKiller
  • die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt)

Alt 13.11.2021, 20:36   #8
benjis
 
Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender - Standard

Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender



Hallo Matthias, hier sind die gewünschten logs!

Danke,
B.

Code:
ATTFilter
Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-11-2021
durchgeführt von benji (13-11-2021 19:48:48) Run:1
Gestartet von D:\Benji Schaub\Downloads
Geladene Profile: benji
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
SystemRestore: On 
CreateRestorePoint:
CloseProcesses:
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
S2 NIHostIntegrationAgent; C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe [X]
S3 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X]
AlternateDataStreams: C:\ProgramData:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\ProgramData:AC2347AA8E7BFAAC [217]
AlternateDataStreams: C:\ProgramData:B3288E071D841949 [217]
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\Users\All Users:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\Users\All Users:AC2347AA8E7BFAAC [217]
AlternateDataStreams: C:\Users\All Users:B3288E071D841949 [217]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:AC2347AA8E7BFAAC [217]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:B3288E071D841949 [217]
Unlock: C:\Program Files (x86)\_43_S
Folder: C:\Program Files (x86)\_43_S
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: Bitsadmin /Reset /Allusers
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
powershell: Set-MpPreference -PUAProtection Enabled
powershell: Set-MpPreference -DisableScanningNetworkFiles 0
StartRegedit:
Windows Registry Editor Version 5.00
    
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl]
"AutoReboot"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
"NoAutoUpdate"=-
[SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection]
"DisableBehaviorMonitoring"=-
"DisableOnAccessProtection"=-
"DisableScanOnRealtimeEnable"=-
EndRegedit:
Hosts:
RemoveProxy:
EmptyTemp:

*****************

SystemRestore: On => abgeschlossen
Wiederherstellungspunkt wurde erfolgreich erstellt.
Prozesse erfolgreich geschlossen.
C:\WINDOWS\system32\GroupPolicy\Machine => erfolgreich verschoben
C:\WINDOWS\system32\GroupPolicy\GPT.ini => erfolgreich verschoben
C:\ProgramData\NTUSER.pol => erfolgreich verschoben
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => erfolgreich entfernt
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => erfolgreich entfernt
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => erfolgreich entfernt
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\NIHostIntegrationAgent => erfolgreich entfernt
NIHostIntegrationAgent => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\semav6msr64 => erfolgreich entfernt
semav6msr64 => Dienst erfolgreich entfernt
C:\ProgramData => ":482EE99B1E21CE8C" ADS erfolgreich entfernt
C:\ProgramData => ":AC2347AA8E7BFAAC" ADS erfolgreich entfernt
C:\ProgramData => ":B3288E071D841949" ADS erfolgreich entfernt
C:\Windows => ":nlsPreferences" ADS erfolgreich entfernt
"C:\Users\All Users" => ":482EE99B1E21CE8C" ADS nicht gefunden.
"C:\Users\All Users" => ":AC2347AA8E7BFAAC" ADS nicht gefunden.
"C:\Users\All Users" => ":B3288E071D841949" ADS nicht gefunden.
"C:\ProgramData\Anwendungsdaten" => ":482EE99B1E21CE8C" ADS nicht gefunden.
"C:\ProgramData\Anwendungsdaten" => ":AC2347AA8E7BFAAC" ADS nicht gefunden.
"C:\ProgramData\Anwendungsdaten" => ":B3288E071D841949" ADS nicht gefunden.
"C:\Program Files (x86)\_43_S" => wurde entsperrt

========================= Folder: C:\Program Files (x86)\_43_S ========================

C:\Program Files (x86)\_43_S = Datei

====== Ende von Folder: ======


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Auflösungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset catalog =========


Der Winsock-Katalog wurde zurückgesetzt.
Sie müssen den Computer neu starten, um den Vorgang abzuschließen.


========= Ende von CMD: =========


========= netsh advfirewall reset =========

OK.


========= Ende von CMD: =========


========= netsh advfirewall set allprofiles state ON =========

OK.


========= Ende von CMD: =========


========= Bitsadmin /Reset /Allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

{FA821738-B699-4BD3-A71F-BCBF006958C5} canceled.
{921849C6-646B-4BBE-8FAA-E536274F968C} canceled.
{EE19393A-2856-4D53-A1D2-3812B31547C8} canceled.
3 out of 3 jobs canceled.

========= Ende von CMD: =========


========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========


Fehler: Die Leistungsindikatoreinstellung konnte nicht aus dem Systemsicherungsspeicher neu erstellt werden. Fehlercode: 2.
========= Ende von CMD: =========


========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========


========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========


========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========


========= Set-MpPreference -PUAProtection Enabled =========


========= Ende von Powershell: =========


========= Set-MpPreference -DisableScanningNetworkFiles 0 =========


========= Ende von Powershell: =========

Registry ====> Der Vorgang wurde erfolgreich beendet.

C:\Windows\System32\Drivers\etc\hosts => erfolgreich verschoben
Hosts erfolgreich wiederhergestellt.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1880012681 B
Java, Flash, Steam htmlcache => 1110 B
Windows/system/drivers => 67558428 B
Edge => 15542861 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 18436 B
systemprofile32 => 32052 B
LocalService => 54880 B
NetworkService => 1524116 B
benji => 970616427 B

RecycleBin => 2849741 B
EmptyTemp: => 2.7 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 20:01:24 ====
         
Code:
ATTFilter
Program            : RogueKiller Anti-Malware
Version            : 15.1.3.0
x64                : Yes
Program Date       : Nov  9 2021
Location           : D:\Benji Schaub\Downloads\RogueKiller_portable64.exe
Premium            : No
Company            : Adlice Software
Website            : https://www.adlice.com/
Contact            : https://adlice.com/contact/
Website            : https://adlice.com/download/roguekiller/
Operating System   : Windows 10 (10.0.19043) 64-bit
64-bit OS          : Yes
Startup            : 0
WindowsPE          : No
User               : benji
User is Admin      : Yes
Date               : 2021/11/13 19:28:54
Type               : Removal
Aborted            : No
Scan Mode          : Standard
Duration           : 355
Found items        : 2
Total scanned      : 116003
Signatures Version : 20211112_123736
Truesight Driver   : Yes
Updates Count      : 8

************************* Warnings *************************

************************* Removal *************************
[PUP.Gen1 (Potenziell bösartig)] HKEY_USERS\S-1-5-21-2387332320-4032506910-2073639800-1001\Software\OCS --  -> Gelöscht
  [+] scan_what       : 2
  [+] vendors         : PUP.Gen1
  [+] Name            : HKEY_USERS\S-1-5-21-2387332320-4032506910-2073639800-1001\Software\OCS
  [+] Type            : Registry
  [+] file_vtscore    : -1
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 0
  [+] status          : 3
  [+] status_str      : Gelöscht
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : -1

[PUM.Policies (Potenziell bösartig)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin --  -> Ersetzt (2)
  [+] scan_what       : 1
  [+] vendors         : PUM.Policies
  [+] Name            : HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin
  [+] Type            : Registry
  [+] file_vtscore    : -1
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 4
  [+] id              : 1
  [+] status          : 3
  [+] status_str      : Ersetzt (2)
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : -1
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-11-2021
durchgeführt von benji (Administrator) auf AUDIOMACHINE (13-11-2021 20:30:41)
Gestartet von D:\Benji Schaub\Downloads
Geladene Profile: benji
Plattform: Microsoft Windows 10 Home Version 21H1 19043.1348 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

() [Datei ist nicht signiert] C:\Program Files\Fractal Audio Systems\USB Audio Driver\FASUSBAudioCplApp.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(GuinpinSoft inc) [Datei ist nicht signiert] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Software Development Products -> Intel(R) Corporation) C:\Program Files (x86)\Common Files\Intel\RSDCM_SR300\bin\win32\RealSenseDCMSR300.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\110\LocalDB\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Ryken Studio) C:\Program Files\WindowsApps\59750RykenApps.myTubeBeta_4.0.17.0_x64__zd92nzxdcatqw\myTube.exe
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Tobias Erichsen) [Datei ist nicht signiert] C:\Program Files (x86)\Tobias Erichsen\loopMIDI\loopMIDI.exe
(Universal Audio, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Universal Audio\Powered Plugins\UADPerfMon.exe
(Universal Audio, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Universal Audio\Powered Plugins\UATrayIcon.exe
(Veeam Software Group GmbH -> Veeam Software Group GmbH) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [Nitro System Tray] => C:\Program Files\Nitro\Pro\13\nitro_pro_systray.exe [334088 2020-03-13] (Nitro Software, Inc. -> Nitro Software, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942744 2018-12-17] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [Veeam.EndPoint.Tray.exe] => C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Tray.exe [853968 2021-02-16] (Veeam Software Group GmbH -> Veeam Software Group GmbH)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] (DivX, LLC -> )
HKLM-x32\...\Run: [CLMLServer_For_P2G9] => C:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvc_P2G9.exe [110344 2013-12-31] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive9] => C:\Program Files (x86)\CyberLink\Power2Go9\VirtualDrive9.exe [983816 2015-02-05] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [PowerDVD13Agent] => C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe [525352 2018-03-02] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [Creative Audio Task] => C:\Program Files (x86)\Creative\Shared Files\Creative Audio Task\CTAudTsk.exe [123848 2016-03-03] (Creative Technology Ltd -> Creative Technology Ltd)
HKLM-x32\...\Run: [Creative HID Task] => C:\Program Files (x86)\Creative\Shared Files\Creative HID Task\CTHIDTsk.exe [104392 2016-02-10] (Creative Technology Ltd -> Creative Technology Ltd)
HKLM-x32\...\Run: [UATrayIcon] => C:\Program Files (x86)\Universal Audio\Powered Plugins\UATrayIcon.exe [3805696 2021-05-14] (Universal Audio, Inc.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [UAPerfMon] => C:\Program Files (x86)\Universal Audio\Powered Plugins\UADPerfMon.exe [6280192 2021-05-14] (Universal Audio, Inc.) [Datei ist nicht signiert]
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2340216 2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\Run: [loopMIDI] => C:\Program Files (x86)\Tobias Erichsen\loopMIDI\loopMIDI.exe [848384 2012-08-15] (Tobias Erichsen) [Datei ist nicht signiert]
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\Run: [MicrosoftEdgeAutoLaunch_B9B057F13E8261F387166E937D6ED4AC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\MountPoints2: {149a0a8a-d7d3-11e9-a9ab-806e6f6e6963} - "J:\setup.exe" 
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\MountPoints2: {2d087356-6db6-11ea-aab4-902b34d55361} - "J:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\MountPoints2: {8568c1c5-ad8b-11eb-ad45-20689d4158af} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [153600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Nitro PDF Port 13 Monitor: C:\WINDOWS\system32\NxPrinterMonitor13.dll [242440 2020-03-13] (Nitro Software, Inc. -> Nitro Software, Inc.)
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FASUSBAudio Control Panel Autostart.lnk [2019-06-25]
ShortcutTarget: FASUSBAudio Control Panel Autostart.lnk -> C:\Program Files\Fractal Audio Systems\USB Audio Driver\FASUSBAudioCplApp.exe () [Datei ist nicht signiert]
Startup: C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2021-05-03]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0068A998-7E3B-4945-9BFB-891D6055F784} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {070CD98F-19BD-4BB8-B53C-F34D50EF4E14} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {2382A3D3-E5B5-40ED-9221-F0BC6F03E300} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2434424 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {255CA14E-BCF9-4947-B708-11D256B7613F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Keine Datei)
Task: {38F2A021-EA4D-4CC2-AD4D-DEE61AB51E39} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {48706C72-B845-4B8B-A896-ACDE5E25D5C2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {534B8696-3AA2-4A0C-83B8-CC49191DBFAF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {55191523-34D0-4306-9694-8DBE8E846DAE} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [3978624 2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {56BB76F5-7FF6-4554-94CF-830E0624012E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1910136 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {64FF6312-6276-43E1-9AE4-8FD59320BDA2} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {850218E9-3DAF-482D-9CA9-875932025ED0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1910136 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {9985E02E-3EEB-4958-B927-2DCA650AE6D6} - System32\Tasks\DeviceDetector7 => C:\Program Files (x86)\CyberLink\MediaEspresso7\DeviceDetector\DeviceDetector7.exe [865824 2015-09-10] (CyberLink Corp. -> CyberLink)
Task: {9ABCA37F-8CE2-4423-AC8E-F3839F10F0C1} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-12-16] (Garmin International, Inc. -> )
Task: {9B9B8F10-CD4F-44CB-B6C0-32DCB21F38FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9E165D2D-1197-4D95-B95D-D27331E73024} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {A90E957B-DA43-4A38-91F7-BCDCE0D323E3} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2311528 2020-09-28] (Microsoft Corporation -> Microsoft)
Task: {ACB3A525-A95C-4694-8125-3AF3FF1845C0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1600416 2021-11-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA41330F-8F18-4C88-9BC3-C59FA0A57929} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2434424 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {C12C7DA8-CD9E-48B0-BFE3-A46175F6754F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C78C6CDE-3DD3-4DF5-A0DB-A793CCBD92ED} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1146048 2018-10-05] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {D76B7BF7-0B04-4B9C-89C1-8B69744EB10E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {DC963DE5-44B8-4332-82C7-A49062F04B8F} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [32624 2020-09-28] (Microsoft Corporation -> Microsoft)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4a2814a0-5b29-48ea-98d3-0ef43718891a}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{d0a3353a-dfb1-461d-ae4c-e74cfdf55e93}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{d4cb2d88-9699-4c58-8e9f-7c92fef8e034}: [DhcpNameServer] 192.168.178.1

Edge: 
=======
DownloadDir: D:\Benji Schaub\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001 -> about:tabs
Edge Notifications: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001 -> hxxps://www.youtube.com
Edge Extension: (Amazon Assistant) -> xxx_AmazoncomAmazonAssistant_343d40qqvtj1t => C:\Program Files\WindowsApps\Amazon.com.AmazonAssistant_10.1910.9.0_neutral__343d40qqvtj1t [2019-12-17]
Edge DefaultProfile: Default
Edge Profile: C:\Users\benji\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-13]
Edge DownloadDir: Default -> D:\Benji Schaub\Downloads
Edge Notifications: Default -> hxxps://forums.steinberg.net
Edge HomePage: Default -> edge://newtab/
Edge Extension: (Just Black) - C:\Users\benji\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2021-08-24]

FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, Inc. -> DivX, LLC.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, Inc. -> DivX, LLC.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3833088 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3603200 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 CdRomArbiterService; C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe [8704 2020-02-13] (GuinpinSoft inc) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
S4 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [85784 2018-03-02] (CyberLink Corp. -> CyberLink)
S4 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [335640 2018-03-02] (CyberLink Corp. -> CyberLink)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncHelper.exe [3253120 2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
S3 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-08-19] (Huawei Technologies Co., Ltd. -> ) [Datei ist nicht signiert]
R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [497568 2021-04-08] (Logitech Inc -> Logitech)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-12] (Malwarebytes Inc -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.205.1003.0005\OneDriveUpdaterService.exe [3721600 2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
R2 RealSenseDCMSR300; C:\Program Files (x86)\Common Files\Intel\RSDCM_SR300\bin\win32\RealSenseDCMSR300.exe [4171168 2021-06-16] (Intel(R) Software Development Products -> Intel(R) Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12727576 2021-02-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 VeeamEndpointBackupSvc; C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe [130000 2021-02-16] (Veeam Software Group GmbH -> Veeam Software Group GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AllenAndHeathFW; C:\WINDOWS\System32\Drivers\AllenAndHeathFW.sys [222744 2012-10-02] (TC Applied Technologies -> Allen and Heath Ltd.)
S3 AllenAndHeathFWAudio; C:\WINDOWS\system32\drivers\AllenAndHeathFWAudio.sys [46360 2012-10-02] (TC Applied Technologies -> Allen and Heath Ltd.)
S3 AllenAndHeathFWMidi; C:\WINDOWS\system32\drivers\AllenAndHeathFWMidi.sys [35224 2012-10-02] (TC Applied Technologies -> Allen and Heath Ltd.)
S3 axefx2load; C:\WINDOWS\System32\Drivers\axefx2load.sys [55600 2013-07-12] (Fractal Audio Systems -> Cypress Semiconductor)
R3 bomebus; C:\WINDOWS\System32\drivers\bomebus.sys [56376 2018-05-16] (Bome Software GmbH & Co.KG -> Bome Software GmbH & Co. KG)
R2 CLFCL5.13; C:\WINDOWS\system32\DRIVERS\CLFCL5.13\000.fcl [46848 2018-02-26] (CyberLink Corp. -> CyberLink Corp.)
R3 CLVirtualBus01; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [103176 2014-11-05] (CyberLink Corp. -> CyberLink)
R1 CLVirtualDrive1.1; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive1_1.sys [91912 2013-11-13] (CyberLink Corp. -> CyberLink)
S3 DCMCamera; C:\WINDOWS\system32\DRIVERS\RealSenseDcmDynamicDriver.sys [81496 2020-06-29] (Intel(R) Software Development Products -> Intel(R) Corporation)
R3 EMUXMIDI; C:\WINDOWS\System32\drivers\EMUXMIDI.sys [257624 2009-12-04] (Creative Labs Inc -> E-MU Systems)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 fasusbaudio; C:\WINDOWS\System32\drivers\fasusbaudio_x64.sys [254464 2014-05-16] (Fractal Audio Systems -> )
S3 fasusbaudioks; C:\WINDOWS\System32\drivers\fasusbaudioks_x64.sys [46080 2014-05-16] (Fractal Audio Systems -> )
R1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [66128 2019-07-16] (Martin Malik - REALiX -> REALiX(tm))
R3 iLokDrvr; C:\WINDOWS\System32\drivers\iLokDrvr.sys [33416 2021-10-22] (PACE Anti-Piracy, Inc. -> )
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-11-12] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-12] (Malwarebytes Inc -> Malwarebytes)
S0 mvs91xx; C:\WINDOWS\System32\drivers\mvs91xx.sys [327464 2013-09-06] (Marvell Semiconductor -> Marvell Semiconductor, Inc.)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation)
R3 RDID1115; C:\WINDOWS\system32\Drivers\RDWM1115.SYS [91648 2015-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Roland Corporation)
R3 RealSenseDCMBus; C:\WINDOWS\System32\drivers\RealSenseDCMBus.sys [46168 2020-07-01] (Intel(R) Software Development Products -> Intel(R) Corporation)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [134000 2019-01-21] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
R3 synusb64; C:\WINDOWS\System32\drivers\synusb64.sys [30352 2011-12-14] (Steinberg Media Technologies GmbH -> Steinberg Media Technologies GmbH)
R3 teVirtualMIDI64; C:\WINDOWS\System32\drivers\teVirtualMIDI64.sys [30208 2012-08-15] (Tobias Erichsen -> Tobias Erichsen)
R3 UAD2Pcie; C:\WINDOWS\System32\drivers\UAD2Pcie.sys [101640 2021-05-18] (Universal Audio, Inc. -> Universal Audio, Inc.)
R3 UAD2System; C:\WINDOWS\System32\drivers\UAD2System.sys [153856 2021-05-18] (Universal Audio, Inc. -> Universal Audio, Inc.)
R3 UAD2WdmAudio; C:\WINDOWS\System32\drivers\UAD2WdmAudio.sys [37640 2021-05-18] (Universal Audio, Inc. -> )
R3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [127512 2020-09-18] (WDKTestCert dant,132134237881206156 -> Wacom Technology, Corp.)
R3 wacomrouterfilter; C:\WINDOWS\System32\drivers\wacomrouterfilter.sys [28680 2020-09-18] (WDKTestCert dant,132134237881206156 -> Wacom Technology, Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-11-13 20:06 - 2021-11-13 20:12 - 000000000 ____D C:\ProgramData\RogueKiller
2021-11-13 20:02 - 2021-11-13 20:02 - 000000008 __RSH C:\ProgramData\ntuser.pol
2021-11-12 10:02 - 2021-11-12 10:12 - 000000000 ____D C:\AdwCleaner
2021-11-12 10:02 - 2021-11-12 10:02 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-11-12 10:02 - 2021-11-12 10:02 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-11-12 10:02 - 2021-11-12 10:02 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-11-12 10:02 - 2021-11-12 10:02 - 000001999 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-11-12 10:02 - 2021-11-12 10:02 - 000001987 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-11-12 10:02 - 2021-11-12 10:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-11-12 10:02 - 2021-11-12 10:02 - 000000000 ____D C:\Program Files\Malwarebytes
2021-11-10 11:11 - 2021-11-13 20:30 - 000000000 ____D C:\FRST
2021-11-10 10:00 - 2021-11-10 10:00 - 000021232 _____ (Thesycon GmbH) C:\WINDOWS\system32\Drivers\dpclat_driver.sys
2021-11-10 09:55 - 2021-11-10 09:55 - 000000821 _____ C:\Users\benji\Desktop\LatencyMon.lnk
2021-11-10 09:55 - 2021-11-10 09:55 - 000000809 _____ C:\Users\benji\Desktop\In Depth Latency Tests.lnk
2021-11-10 09:55 - 2021-11-10 09:55 - 000000000 ____D C:\Users\benji\AppData\Local\DBG
2021-11-10 09:55 - 2021-11-10 09:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon
2021-11-10 09:55 - 2021-11-10 09:55 - 000000000 ____D C:\Program Files\LatencyMon
2021-11-10 09:55 - 2015-07-13 11:16 - 000026368 _____ (Resplendence Software Projects Sp.) C:\WINDOWS\system32\Drivers\rspLLL64.sys
2021-11-10 09:24 - 2021-11-10 09:24 - 001328408 _____ C:\WINDOWS\system32\FaceTrackerInternal.dll
2021-11-10 09:24 - 2021-11-10 09:24 - 001321984 _____ C:\WINDOWS\system32\FaceProcessor.dll
2021-11-10 09:24 - 2021-11-10 09:24 - 000503576 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2021-11-10 09:24 - 2021-11-10 09:24 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-10 09:24 - 2021-11-10 09:24 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-10 09:24 - 2021-11-10 09:24 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-10 09:24 - 2021-11-10 09:24 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-10 09:20 - 2021-11-10 09:20 - 000000000 ___HD C:\$WinREAgent
2021-11-08 09:11 - 2021-11-08 09:11 - 000001355 _____ C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-08 09:11 - 2021-11-08 09:11 - 000000000 ____D C:\Users\benji\AppData\Local\PCHealthCheck
2021-11-04 17:39 - 2021-11-04 17:40 - 000000000 ____D C:\WINDOWS\Minidump
2021-11-04 17:39 - 2021-11-04 17:39 - 1812290699 _____ C:\WINDOWS\MEMORY.DMP
2021-11-04 17:39 - 2021-11-04 17:39 - 001834980 _____ C:\WINDOWS\Minidump\110421-6281-01.dmp
2021-11-04 17:16 - 2021-11-08 10:48 - 000000591 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-11-04 11:32 - 2021-11-04 11:32 - 000000941 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2021-11-02 12:16 - 2021-11-02 12:16 - 000001029 _____ C:\Users\Public\Desktop\Kontakt.lnk
2021-11-02 12:16 - 2021-11-02 12:16 - 000000000 __HDC C:\ProgramData\{D1F4AB0B-D2A0-4B7F-921B-3369B7D7567C}
2021-11-02 12:13 - 2021-11-02 12:13 - 000001093 _____ C:\Users\Public\Desktop\Native Access.lnk
2021-11-02 12:13 - 2021-11-02 12:13 - 000000000 __HDC C:\ProgramData\{2223478A-85F2-4C4F-9CE3-1404B8DD8A23}
2021-11-02 12:11 - 2021-11-02 12:11 - 000002126 _____ C:\Users\Public\Desktop\WaveLab Elements 11.lnk
2021-11-02 12:11 - 2021-11-02 12:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg WaveLab Elements 11
2021-11-01 16:20 - 2021-11-01 16:20 - 000001203 _____ C:\Users\benji\Desktop\Logitech Capture.lnk
2021-11-01 15:49 - 2021-11-01 15:49 - 000000000 ____D C:\Users\benji\AppData\Roaming\Logishrd
2021-11-01 15:47 - 2021-11-01 15:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2021-11-01 15:47 - 2021-11-01 15:47 - 000000000 ____D C:\Program Files\Logitech
2021-11-01 15:46 - 2021-11-01 15:46 - 000000000 ____D C:\Users\benji\AppData\Local\Logitech
2021-10-27 14:49 - 2021-10-27 14:49 - 000002655 _____ C:\Users\Public\Desktop\Superior Drummer 3.lnk
2021-10-22 11:04 - 2021-10-22 11:04 - 000000879 _____ C:\Users\Public\Desktop\HandBrake.lnk
2021-10-22 11:04 - 2021-10-22 11:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HandBrake
2021-10-21 15:33 - 2021-10-21 15:33 - 000002049 _____ C:\Users\Public\Desktop\Cubase 11.lnk
2021-10-21 15:33 - 2021-10-21 15:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 11
2021-10-21 15:32 - 2021-10-21 15:32 - 000000000 ____D C:\Users\benji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg HALion Sonic SE

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-11-13 20:28 - 2020-05-29 13:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-13 20:17 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-13 20:07 - 2020-05-29 13:58 - 000754006 _____ C:\WINDOWS\system32\perfh013.dat
2021-11-13 20:07 - 2020-05-29 13:58 - 000163132 _____ C:\WINDOWS\system32\perfc013.dat
2021-11-13 20:07 - 2020-05-29 13:16 - 002617934 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-13 20:07 - 2019-12-07 15:50 - 000726580 _____ C:\WINDOWS\system32\perfh007.dat
2021-11-13 20:07 - 2019-12-07 15:50 - 000158730 _____ C:\WINDOWS\system32\perfc007.dat
2021-11-13 20:07 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-13 20:03 - 2021-03-02 14:49 - 000000000 ____D C:\ProgramData\Veeam
2021-11-13 20:03 - 2020-12-25 12:50 - 000000000 ____D C:\Users\benji\AppData\Roaming\WTablet
2021-11-13 20:02 - 2021-03-02 12:05 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-11-13 20:02 - 2020-05-29 13:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-13 20:02 - 2020-05-29 13:10 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-13 20:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-11-13 20:02 - 2019-12-07 10:03 - 002097152 _____ C:\WINDOWS\system32\config\BBI
2021-11-13 20:02 - 2019-06-23 22:14 - 000000000 __SHD C:\Users\benji\IntelGraphicsProfiles
2021-11-13 19:58 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-13 19:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-13 19:54 - 2019-06-25 10:34 - 000000000 ____D C:\Program Files\Microsoft Office
2021-11-13 19:51 - 2020-05-29 13:21 - 000004166 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F467C09D-8EE1-4318-AB72-2DB4E63F7A1D}
2021-11-13 19:49 - 2020-03-22 15:31 - 000000000 ____D C:\Users\benji\AppData\LocalLow\Temp
2021-11-13 19:48 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-11-13 11:21 - 2019-09-04 11:12 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-11-13 10:05 - 2019-06-25 20:03 - 000000000 ____D C:\Users\benji\AppData\Roaming\Universal Audio
2021-11-12 12:08 - 2019-06-25 11:40 - 000000000 ____D C:\Users\benji\AppData\Roaming\AllenAndHeathFW
2021-11-12 10:09 - 2019-12-11 16:22 - 000007602 _____ C:\Users\benji\AppData\Local\Resmon.ResmonCfg
2021-11-12 10:02 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-11-10 17:45 - 2020-07-19 12:50 - 000000000 ____D C:\Users\benji\AppData\Local\CrashDumps
2021-11-10 10:12 - 2021-09-14 16:24 - 000000000 ____D C:\Users\benji\AppData\Roaming\Celemony Software GmbH
2021-11-10 10:12 - 2020-02-10 16:20 - 000000000 ____D C:\temp
2021-11-10 09:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-11-10 09:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-10 09:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-10 09:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-10 09:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-10 09:25 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-10 09:20 - 2019-06-25 10:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-10 09:19 - 2020-08-03 11:40 - 000000000 ____D C:\Program Files\dotnet
2021-11-10 09:19 - 2019-06-25 10:25 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-10 09:19 - 2019-06-25 10:15 - 000000000 ____D C:\ProgramData\Package Cache
2021-11-08 09:13 - 2020-01-16 15:30 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-08 09:08 - 2021-06-22 14:00 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2021-11-06 10:32 - 2020-05-29 13:21 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-11-06 10:32 - 2019-10-08 15:11 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-04 18:21 - 2020-05-29 13:10 - 000000000 ____D C:\Users\benji
2021-11-04 14:33 - 2020-11-26 11:52 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-11-04 14:33 - 2019-06-25 10:51 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2021-11-04 14:33 - 2019-06-25 10:44 - 000000000 ____D C:\ProgramData\Adobe
2021-11-04 14:33 - 2019-06-23 22:07 - 000000000 ____D C:\Users\benji\AppData\Roaming\Adobe
2021-11-04 11:54 - 2019-06-23 22:07 - 000000000 ____D C:\Users\benji\AppData\Local\Packages
2021-11-04 11:32 - 2019-07-16 10:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2021-11-04 11:32 - 2019-07-16 10:48 - 000000000 ____D C:\Program Files\CPUID
2021-11-03 16:13 - 2019-06-25 10:25 - 000000000 ____D C:\Users\benji\AppData\Local\D3DSCache
2021-11-03 15:56 - 2020-02-14 09:03 - 000000000 ____D C:\Users\benji\AppData\Roaming\HandBrake
2021-11-03 14:30 - 2020-03-25 10:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-11-03 13:57 - 2019-06-23 22:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-11-02 12:17 - 2019-07-16 10:48 - 000000880 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2021-11-02 12:15 - 2021-05-28 16:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2021-11-02 12:15 - 2021-03-04 11:29 - 000000000 ____D C:\Program Files\Native Instruments
2021-11-02 12:15 - 2019-06-25 10:54 - 000000000 ____D C:\Program Files\Common Files\VST3
2021-11-02 12:13 - 2021-03-04 11:29 - 000000000 ____D C:\Users\benji\AppData\Roaming\Native Instruments
2021-11-02 12:13 - 2021-03-04 11:29 - 000000000 ____D C:\Users\benji\AppData\Local\Native Instruments
2021-11-02 12:11 - 2020-02-10 16:19 - 000000000 ____D C:\ProgramData\6BCCA8C5-7E69-4622-BCCA-9FAC488059BD
2021-11-02 12:11 - 2019-06-25 20:00 - 000000000 ____D C:\Program Files\Steinberg
2021-11-02 12:10 - 2019-06-25 20:00 - 000001286 _____ C:\Users\Public\Desktop\eLicenser Control Center.lnk
2021-11-02 12:10 - 2019-06-25 19:54 - 000000049 _____ C:\WINDOWS\SysWOW64\SYNSOPOS.exe.cfg
2021-11-02 12:10 - 2019-06-25 19:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser
2021-11-02 12:10 - 2019-06-25 19:54 - 000000000 ____D C:\Program Files\eLicenser
2021-11-02 12:09 - 2019-06-25 19:54 - 000000000 ____D C:\Program Files (x86)\eLicenser
2021-11-02 12:00 - 2020-05-29 13:10 - 001647168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-02 12:00 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-02 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-02 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-02 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-02 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-02 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-02 12:00 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-10-27 14:49 - 2019-07-16 13:00 - 000000000 ____D C:\ProgramData\Toontrack
2021-10-27 14:49 - 2019-06-27 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toontrack
2021-10-27 14:47 - 2020-07-19 12:37 - 000002655 _____ C:\Users\Public\Desktop\EZbass.lnk
2021-10-26 09:08 - 2019-06-25 18:50 - 000000000 ____D C:\Users\benji\AppData\Roaming\JamOrigin
2021-10-24 14:37 - 2019-06-25 19:21 - 000000000 ____D C:\ProgramData\Steinberg
2021-10-24 14:26 - 2019-06-25 10:03 - 000000000 ____D C:\ProgramData\Packages
2021-10-22 11:43 - 2019-09-08 11:13 - 000000000 ____D C:\Users\benji\AppData\Roaming\ScreenToGif
2021-10-22 11:05 - 2021-05-01 10:33 - 001499904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2021-10-22 11:05 - 2021-05-01 10:33 - 000033416 _____ C:\WINDOWS\system32\Drivers\iLokDrvr.sys
2021-10-22 11:05 - 2020-02-21 12:08 - 000000000 ____D C:\Program Files (x86)\iLok License Manager
2021-10-22 11:05 - 2019-06-25 10:55 - 000002092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLok License Manager.lnk
2021-10-22 11:05 - 2019-06-25 10:55 - 000002080 _____ C:\Users\Public\Desktop\iLok License Manager.lnk
2021-10-22 11:05 - 2019-06-25 10:16 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-10-22 11:04 - 2020-02-14 09:03 - 000000000 ____D C:\Program Files\HandBrake
2021-10-22 10:45 - 2019-06-23 22:07 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-10-21 15:34 - 2021-02-19 16:56 - 000002145 _____ C:\Users\Public\Desktop\SpectraLayers 7.lnk
2021-10-21 15:34 - 2021-02-19 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg SpectraLayers 7
2021-10-21 15:34 - 2019-06-25 18:44 - 000000000 ____D C:\Program Files\VSTPlugins
2021-10-21 15:33 - 2019-06-25 19:54 - 000000000 ____D C:\Users\benji\AppData\Roaming\Steinberg
2021-10-21 15:32 - 2020-11-14 15:55 - 000002272 _____ C:\Users\benji\Desktop\HALion Sonic SE.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2019-06-25 20:33 - 2019-06-25 20:33 - 000000604 ____H () C:\Program Files (x86)\_43_S
2020-03-25 12:13 - 2020-03-25 12:13 - 000038526 _____ () C:\Users\benji\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR
2020-03-25 12:17 - 2020-04-20 14:21 - 000009413 _____ () C:\Users\benji\AppData\Roaming\Durch Trennzeichen getrennte Werte.EML
2019-07-18 13:31 - 2019-07-18 13:31 - 000000000 _____ () C:\Users\benji\AppData\Local\oobelibMkey.log
2019-12-11 16:22 - 2021-11-12 10:09 - 000007602 _____ () C:\Users\benji\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-11-2021
durchgeführt von benji (13-11-2021 20:31:31)
Gestartet von D:\*****\Downloads
Microsoft Windows 10 Home Version 21H1 19043.1348 (X64) (2020-05-29 12:21:08)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-2387332320-4032506910-2073639800-500 - Administrator - Disabled)
annou (S-1-5-21-2387332320-4032506910-2073639800-1002 - Limited - Disabled)
avisc (S-1-5-21-2387332320-4032506910-2073639800-1003 - Limited - Disabled)
benji (S-1-5-21-2387332320-4032506910-2073639800-1001 - Administrator - Enabled) => C:\Users\benji
DefaultAccount (S-1-5-21-2387332320-4032506910-2073639800-503 - Limited - Disabled)
Gast (S-1-5-21-2387332320-4032506910-2073639800-501 - Limited - Disabled)
noahs (S-1-5-21-2387332320-4032506910-2073639800-1004 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2387332320-4032506910-2073639800-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1394 OHCI Compliant Host Controller (Legacy) (HKLM-x32\...\{B12878BB-DA05-4F25-96E7-E0200428B220}) (Version: 0.0.1 - Microsoft Corporation)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version:  - Adobe)
Advanced Renamer (HKLM\...\Advanced Renamer_is1) (Version: 3.87 - Hulubulu Software)
Allen and Heath Firewire 4.1.0.14624 (HKLM\...\Allen and Heath Firewire_is1) (Version: 4.1.0.14624 - Allen and Heath Ltd.)
ANT Drivers Installer x64 (HKLM\...\{C0ED0478-22DD-4756-B144-EB87A26956AC}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Avid License Control (HKLM-x32\...\{F187D064-F101-4E95-8D05-4027809AA0F8}) (Version: 3.0.1 - Avid Technology, Inc.)
Axe-Edit 3.14.6 (HKLM-x32\...\{0B2FECD3-B4EF-4071-9546-7529D90BAA99}_is1) (Version:  - Fractal Audio)
BlasterX Senz3D (HKLM-x32\...\{111F12F4-87FF-4FAC-83CB-2499EBF3D6EF}) (Version: 1.02.09 - Creative Technology Limited)
Bome Virtual MIDI 2.1.0.44 (HKLM\...\BMIDI_Driver1.0.0.11_is1) (Version:  - Bome Software GmbH & Co. KG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
CPUID CPU-Z 1.98 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.98 - CPUID, Inc.)
CPUID HWMonitor 1.45 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.45 - CPUID, Inc.)
CrystalDiskMark 8.0.1 (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.1 - Crystal Dew World)
CyberLink MediaEspresso 7 (HKLM-x32\...\{F6C47233-40F6-4076-89A9-68B43C2AF5C5}) (Version: 7.0.6909_59349 - CyberLink Corp.)
CyberLink Power2Go 9 (HKLM-x32\...\InstallShield_{57D68FAE-CB5E-4fd6-AE3B-A0B43375AF18}) (Version: 9.0.2602.0 - CyberLink Corp.)
CyberLink PowerDVD 13 (HKLM-x32\...\InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}) (Version: 13.0.8703.62 - CyberLink Corp.)
Dexed version 0.9.4 (HKLM\...\Dexed_is1) (Version: 0.9.4 - Digital Suburban)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Easy Poster Printer (HKLM-x32\...\{085AFF3B-459B-4B8D-9366-F2DC4452D73B}) (Version: 6.8.0 - GD Software)
Elevated Installer (HKLM-x32\...\{630B9854-94D6-42AD-BA59-3CFE0C8A651A}) (Version: 7.2.2.0 - Garmin Ltd or its subsidiaries) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.12.8.1298 - Steinberg Media Technologies GmbH)
E-MU USB-MIDI Windows Drivers (HKLM-x32\...\E-MU USB MIDI Windows Drivers Hotfix) (Version:  - )
EW Installation Center (HKLM\...\{EW Installation Center}}_is1) (Version: 1.4.3 - EastWest Sounds, Inc.)
EW PRODUCT INSTALLER 7.2.3 (HKLM-x32\...\EW PRODUCTS_is1) (Version: 7.2.3 - EastWest Sounds, Inc.)
EZbass (HKLM\...\{10E45B55-3F6B-4ADB-9B70-A3D42D17BDCC}) (Version: 1.0.0 - Toontrack)
EZbass Software Update (HKLM\...\{0DFAC2AE-2736-4ADC-A2C6-9D9CE3DEF3DD}) (Version: 1.1.1 - Toontrack)
EZdrummer 2 64-bit (HKLM\...\{B9217824-0EBE-49C7-98A0-A76CC46BBB7D}) (Version: 2.0.2 - Toontrack)
EZdrummer 2 64-bit Update (HKLM\...\{CFFABFEB-AD0D-4811-B09F-849B19B8FE78}) (Version: 2.2.2 - Toontrack)
EZkeys Software Player 64-bit (HKLM\...\{C8983F26-7DE5-455D-A578-7848A6B3F1C9}) (Version: 1.3.2 - Toontrack)
EZkeys Upright Piano 64 (HKLM\...\{5CC4AF6E-B273-497B-BF7E-9B6E35EBB0E0}) (Version: 1.0.1 - Toontrack)
Fast Duplicate File Finder Professional 4.9.0.1 (HKLM-x32\...\{AFECFED6-0A43-488F-8511-1DC6B52F31C3}_is1) (Version: 4.9.0.1 - MindGems, Inc.)
Finale NotePad 2012 (HKLM-x32\...\Finale NotePad 2012) (Version: 2012..r1.5 - MakeMusic)
Fractal Audio Systems USB Audio Driver v2.23.0 (HKLM-x32\...\Fractal Audio Systems USB Audio Driver v2.23.0) (Version: 2.23.0 - Fractal Audio Systems)
Fractal Audio Systems USB Driver Package 2014.06.06 (HKLM\...\{E992CC59-71FD-4199-B04E-6274F7439EA0}_is1) (Version: 2014.06.06 - Fractal Audio Systems)
Fractal-Bot 3.0.8 (HKLM-x32\...\{6DBF83F6-BE11-414D-82DC-58C414CACF35}_is1) (Version:  - Fractal Audio)
Garmin Express (HKLM-x32\...\{49d6ae2b-f5db-460c-a653-4c7377ee40be}) (Version: 7.2.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{82990251-B13D-419D-A106-7896A8B1F051}) (Version: 7.2.2.0 - Garmin Ltd or its subsidiaries) Hidden
GStreamer 1.14.2 for Transcribe! (HKLM-x32\...\com.seventhstring.GStreamer_is1) (Version: 1.14.2 - )
GStreamer 1.18.4 for Transcribe! (64-bit) (HKLM\...\com.seventhstring.GStreamer_is1) (Version: 1.18.4 - )
Guitar Pro 7 - Soundbanks (HKLM-x32\...\com.arobas-music.guitarpro7-soundbanks_is1) (Version: 1.1.123 - Arobas Music)
Guitar Pro 7 (HKLM-x32\...\{BF4EDCFF-ED20-4AF6-A636-EBAC931336CD}_is1) (Version: 7.5.5.1844 - Arobas Music)
HandBrake 1.4.2 (HKLM-x32\...\HandBrake) (Version: 1.4.2 - )
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.309 - )
HWiNFO64 Version 6.08 (HKLM\...\HWiNFO64_is1) (Version: 6.08 - Martin Malik - REALiX)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.5161 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel® RealSense™ Depth Camera Manager Gold (x86): dptf_com (HKLM-x32\...\{7AF37B0F-CEBD-11EB-A63E-A0510BE9AF3A}) (Version: 2.3.101.9447 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x86): Intel® RealSense™ 3D camera SR300 IO module (HKLM-x32\...\{7AF59DEE-CEBD-11EB-AD80-A0510BE9AF3A}) (Version: 3.4.101.9447 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager SR300 Gold (x86): Intel® RealSense™ Depth Camera Manager Service (HKLM-x32\...\{869318E1-CEBD-11EB-8C5A-A0510BE9AF3A}) (Version: 3.4.101.9447 - Intel Corporation) Hidden
Intel® RealSense™ Tiefenkamera-Manager SR300 (HKLM-x32\...\ARP_for_prd_dcm_runtime_sr300_3.4.101.9447) (Version: 3.4.101.9447 - Intel Corporation)
Ivory 2.5 (HKLM-x32\...\{49660abf-44ec-4553-bfe4-103969712210}) (Version: 2.5.2.20 - Synthogy, LLC)
Ivory Software Components (HKLM\...\{9103CDEB-5FF3-48CD-9646-5D29ED2CCF86}) (Version: 2.5.2.20 - Synthogy, LLC) Hidden
iZotope Ozone 7 Advanced (HKLM-x32\...\iZotope Ozone 7 Advanced 7.01) (Version: 7.01 - iZotope, Inc.)
JBridge (HKLM-x32\...\JBridge) (Version:  - JBridge)
LatencyMon 6.50 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Logitech Capture (HKLM\...\Capture) (Version: 2.06.12 - Logitech)
loopMIDI (HKLM-x32\...\{AEAF7978-3204-451D-8593-BC53EBDDA31D}) (Version: 1.0.5.15 - Tobias Erichsen)
MakeMKV v1.15.0 (HKLM-x32\...\MakeMKV) (Version: v1.15.0 - GuinpinSoft inc)
Malwarebytes version 4.4.10.144 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.10.144 - Malwarebytes)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1039 - Marvell)
Melodyne 5 (HKLM-x32\...\{16DF894D-FC3F-4B87-908D-671E201CD7A8}) (Version: 5.01.01003 - Celemony Software GmbH)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.14527.20276 - Microsoft Corporation)
Microsoft 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.14527.20276 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.44 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 95.0.1020.53 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.205.1003.0005 - Microsoft Corporation)
Microsoft OneNote - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 16.0.14527.20276 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{C18B132E-4032-4425-826A-24B1CA9DFF0C}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{7ED2561C-FBC2-421E-A2B5-C7BEFD623145}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{CECCBAE9-1880-411E-9D28-8E562F6DAAE2}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\Teams) (Version: 1.4.00.4167 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29914 (HKLM-x32\...\{43d1ce82-6f55-4860-a938-20e5deb28b98}) (Version: 14.28.29914.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.26.28720 (HKLM-x32\...\{86380aef-fd23-4fc3-8723-a98ccad8f2c6}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.21 (x64) (HKLM-x32\...\{4be70f3b-2d71-4c79-adc0-d1f1221e41b1}) (Version: 3.1.21.30622 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.12 (x64) (HKLM-x32\...\{ce8037d8-35f7-4142-ad18-23609ac5db17}) (Version: 5.0.12.30623 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 13.221.137.0 - Microsoft Corporation)
MIDI Guitar 2 version 2.2.1.0 (HKLM\...\MIDI Guitar 2_is1) (Version: 2.2.1.0 - )
MKVToolNix 43.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 43.0.0 - Moritz Bunkus)
Mp3tag v2.81 (HKLM-x32\...\Mp3tag) (Version: 2.81 - Florian Heidenreich)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.6.1.139 - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.13.5.139 - Native Instruments)
Neuratron PhotoScore && NotateMe Ultimate (HKLM-x32\...\Neuratron PhotoScore && NotateMe Ultimate) (Version: 9.0.0 - Neuratron Ltd)
Nitro Pro (HKLM\...\{C96C14B3-5E41-49E5-AAB5-22832C08CAED}) (Version: 13.15.1.282 - Nitro) Hidden
Nitro Pro (HKLM-x32\...\{b6447f4a-7f1e-4f4c-b770-5b1e3dafd6f3}) (Version: 13.15.1.282 - Nitro)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.9 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PACE License Support Win64 (HKLM\...\{5AC4321F-FCD1-4a37-BFCB-E1EB0047CDA4}) (Version: 5.4.1.3706 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{5AC4321F-FCD1-4a37-BFCB-E1EB0047CDA4}) (Version: 5.4.1.3706 - PACE Anti-Piracy, Inc.)
PLAY 6.1.9 (HKLM-x32\...\EW PLAY_is1) (Version: 6.1.9 - EastWest Sounds, Inc.)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Rename Master (HKLM-x32\...\Rename Master_is1) (Version:  - )
R-Link 2 Toolbox (HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\{R-Link 2 Toolbox}}_is1) (Version: 1.7.3 - Renault)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.06.60 (17.03.2015) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.00.01.24 - HP Printing Korea Co., Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.3.0.1910 - Samsung Electronics)
Samsung NVM Express Driver (HKLM-x32\...\{d6df2f24-bd8d-49bc-b751-fac310b24a4b}) (Version: 3.1.0.1901 - Samsung Electronics)
Samsung NVM Express Driver 3.1.0.1901 (HKLM\...\{DF7667AF-FC11-48A4-9585-7378B5224C1A}) (Version: 3.1.0.1901 - Samsung Electronics Co., Ltd) Hidden
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.28 - Samsung Electronics Co., Ltd.) Hidden
Sibelius 7 OpenType Fonts (HKLM-x32\...\{623C2BD8-1B28-4F98-B578-E9D139827269}) (Version: 7.1.3 - Avid)
Sibelius 7.5 (HKLM\...\{BBADBAB3-56A4-444B-834E-D8730B574C3E}) (Version: 7.5.1.209 - Avid Technology)
Skype Version 8.78 (HKLM-x32\...\Skype_is1) (Version: 8.78 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Steinberg Cubase 11 (HKLM\...\{49A80F46-11CC-44F9-9FEC-2566FE0AB7A5}) (Version: 11.0.41 - Steinberg Media Technologies GmbH)
Steinberg Dark Planet 64bit (HKLM\...\{52B15329-EA8D-4088-AE8F-BD831D187290}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Dorico 3.5 (HKLM\...\{E72A482D-E6C4-4B92-B248-3880AD721E8A}) (Version: 3.5.12 - Steinberg Media Technologies GmbH)
Steinberg Download Assistant (HKLM-x32\...\Steinberg Download Assistant) (Version: 1.20.2 - Steinberg Media Technologies GmbH)
Steinberg Generic Lower Latency ASIO Driver 64bit (HKLM\...\{16D5A798-10BE-4FF3-BB71-54C012CD0D7D}) (Version: 1.0.20 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 5 (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 5.0.50 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Acoustic Agent (HKLM-x32\...\{F34EA13C-F078-4003-AE21-43EAB2680EC5}) (Version: 1.0.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 3 Component (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 3.4.40 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Standalone (HKLM\...\{2D64E1A0-02C7-4AED-BCC6-3A5E5C91D6E2}) (Version: 3.4.40 - Steinberg Media Technologies GmbH)
Steinberg HALion Symphonic Orchestra 64bit (HKLM\...\{2980E719-19F3-4329-944A-782A7D723741}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Symphonic Orchestra VST Sound Instrument Set (HKLM-x32\...\{1312306D-F0A5-4B64-BA34-AC6169A3A098}) (Version: 1.2.0 - Steinberg Media Technologies GmbH)
Steinberg Install Assistant (HKLM\...\{2E7DF371-6034-4FC7-AE30-100AC21A1003}) (Version: 1.0.4 - Steinberg Media Technologies GmbH)
Steinberg Instrument Set Dark Planet (HKLM-x32\...\{7E95B088-EF08-4093-85E1-B0689BDAB35C}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Library Manager (HKLM\...\{AA78592A-F13C-4C8E-B849-7A398001FA7F}) (Version: 3.1.0 - Steinberg Media Technologies GmbH)
Steinberg Padshop 2 (HKLM\...\{6FBAF5EF-816E-4D80-BFBE-8B237EEA4CD4}) (Version: 2.0.30 - Steinberg Media Technologies GmbH)
Steinberg Retrologue 64bit (HKLM\...\{4D65ECE6-131D-4B5F-8470-2750D3161619}) (Version: 2.2.50 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg SpectraLayers 7 (HKLM\...\424abc1e-aca9-452c-9b47-4g6c6gh53b42_is1) (Version: 7.0.30.251 - Steinberg)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Transit 64bit (HKLM\...\{FF1A114C-0F88-11E5-A6C0-1697F925EC7B}) (Version: 1.0.13 - Steinberg Media Technologies GmbH)
Steinberg WaveLab Elements 10.0 (HKLM\...\{CEE5E0EE-A9EA-4A0B-BE6E-5DD242BF5685}) (Version: 10.0.70 - Steinberg Media Technologies GmbH)
Steinberg WaveLab Elements 11 (HKLM\...\{7470D690-0FA2-44E2-AE7E-E5BCFE716BD5}) (Version: 11.0.10 - Steinberg Media Technologies GmbH)
Superior Drummer 3 (HKLM\...\{C556430A-61B1-4B55-8287-B3D6D26F729B}) (Version: 3.2.6 - Toontrack)
Superior Drummer 64-bit (HKLM\...\{0E54CF79-AE40-409E-9253-9563418C730C}) (Version: 2.4.4 - Toontrack)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.15.5 - TeamViewer)
Toontrack Audio Sender (HKLM\...\{B1412021-F4CD-422C-BC8B-CDE9924C371B}) (Version: 1.1.0 - Toontrack)
Toontrack Product Manager (HKLM-x32\...\{5BAE101A-4AF5-4FBA-99E6-1CE2825F8993}) (Version: 1.0.0 - Toontrack)
Toontrack solo 64-bit (HKLM\...\{FA9D0D8C-FDD1-45C2-8291-079FBA72D2CB}) (Version: 1.3.3 - Toontrack)
Transcribe! 9.00.0 (HKLM\...\com.seventhstring.Transcribe_is1) (Version: 9.00 - Seventh String Software)
UAD drivers. This may take a while... (HKLM-x32\...\{55D16842-4E1E-4917-A017-48B09700A273}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM\...\{8D858241-995D-4F89-BBEE-393A32AF3D6E}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM\...\{AB48EBD1-F812-4FF4-BD0E-B60D9845520D}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM-x32\...\{1C012F00-B5AB-41A7-91D2-E228B371032E}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM-x32\...\{6B682D44-6560-4548-9AF7-CE26C8E541AC}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM-x32\...\{77e84ed1-e5c1-4b65-9241-a0caa38f74df}) (Version: 9.14.5.2390 - Universal Audio, Inc.)
UAD Powered Plug-Ins (HKLM-x32\...\{EE9B955E-7BDE-4FE0-AFDB-16B2B1229701}) (Version: 9.14.5.2390 - Universal Audio, Inc.) Hidden
UM-ONE Driver (HKLM\...\RolandRDID0115) (Version:  - Roland Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Veeam Agent for Microsoft Windows (HKLM\...\{092807B0-27B2-451E-84EE-8102153D41CA}) (Version: 5.0.0.4301 - Veeam Software Group GmbH)
Visual Similarity Duplicate Image Finder Professional 6.7.0.1 (HKLM-x32\...\{72D6BE71-2A6F-4D01-809E-A3174D1738A0}_is1) (Version: 6.7.0.1 - MindGems, Inc.)
Voxengo CurveEQ (HKLM\...\Voxengo CurveEQ_is1) (Version: 3.5 - Voxengo)
Voxengo Stereo Touch (HKLM\...\Voxengo Stereo Touch_is1) (Version: 2.8.1 - Voxengo)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.42-2 - Wacom Technology Corp.)
WinDirStat 1.1.2 (HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\WinDirStat) (Version:  - )
Windows-PC-Integritätsprüfung (HKLM\...\{AD47C6B2-6C72-4F0E-B66F-7685C28ACDFD}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Fractal Audio Systems (axefx2load) USB  (05/15/2011 1.0.0.9) (HKLM\...\6AEB8A42A154DE456DE5E467C01A582911CB5C6A) (Version: 05/15/2011 1.0.0.9 - Fractal Audio Systems)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\ZoomUMX) (Version: 5.7.7 (1105) - Zoom Video Communications, Inc.)
Zoom Outlook Plugin (HKLM-x32\...\{90C8CDA8-25A0-47C3-9DB7-E0A3E33EFA17}) (Version: 5.6.3 - Zoom)

Packages:
=========
Affinity Designer -> C:\Program Files\WindowsApps\SerifEuropeLtd.AffinityDesigner_11004.1198.0.0_x64__844sdzfcmm7k0 [2021-11-02] (Serif Europe Ltd)
Affinity Photo -> C:\Program Files\WindowsApps\SerifEuropeLtd.AffinityPhoto_11004.1198.0.0_x64__844sdzfcmm7k0 [2021-11-02] (Serif Europe Ltd)
Affinity Publisher -> C:\Program Files\WindowsApps\SerifEuropeLtd.AffinityPublisher_11004.1198.0.0_x64__844sdzfcmm7k0 [2021-11-02] (Serif Europe Ltd)
Amazon Assistant -> C:\Program Files\WindowsApps\Amazon.com.AmazonAssistant_10.1910.9.0_neutral__343d40qqvtj1t [2019-12-17] (Amazon.com)
Drawboard PDF -> C:\Program Files\WindowsApps\DRAWBOARD.DRAWBOARDPDF_6.6.7.0_x64__gqbn7fs4pywxm [2021-11-11] (Drawboard)
DWD WarnWetter -> C:\Program Files\WindowsApps\DeutscherWetterdienst.DWDWarnWetter_1.9.2.0_x64__ea15zn9khdvwy [2019-06-25] (Deutscher Wetterdienst)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-11-04] (Microsoft Corporation)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2020-12-31] (Microsoft Corporation)
Google Maps -> C:\Program Files\WindowsApps\www.google.de-E0D29419_1.0.0.3_neutral__242r1gb6pg1pg [2021-09-28] (www.google.de)
HEVC-Videoerweiterungen -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_1.0.42702.0_x64__8wekyb3d8bbwe [2021-10-21] (Microsoft Corporation)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-11-04] (Microsoft Corporation)
Metronom -> C:\Program Files\WindowsApps\12199Asparion.Metronom_3.0.4.0_x64__f89vgcf3qm37t [2020-11-19] (Asparion) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-25] (Microsoft Corporation) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.56.43053.0_x64__8wekyb3d8bbwe [2021-11-03] (Microsoft Corporation) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_51.0.137.0_x64__8wekyb3d8bbwe [2021-11-10] (Microsoft Corporation)
MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-20] (Microsoft Corporation)
myTube Beta -> C:\Program Files\WindowsApps\59750RykenApps.myTubeBeta_4.0.17.0_x64__zd92nzxdcatqw [2021-11-13] (Ryken Studio)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.41311.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Corporation)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2019-06-25] (Samsung Electronics Co. Ltd.)
ScreenToGif -> C:\Program Files\WindowsApps\33823Nicke.ScreenToGif_2.34.0.0_neutral__99xjgbc30gqtw [2021-09-28] (Nicke)
Steinberg Forums -> C:\Program Files\WindowsApps\forums.steinberg.net-C59F1975_1.0.0.2_neutral__nppzdakyq6tn8 [2021-09-28] (forums.steinberg.net)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-11-01] (Twitter Inc.)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2142.12.0_x64__cv1g1gvanyjgm [2021-11-06] (WhatsApp Inc.)
Zattoo Live TV -> C:\Program Files\WindowsApps\ZattooEuropaAG.ZattooLiveTV_5.2121.3723.0_x64__cwpjhwd4pd0ma [2021-05-28] (Zattoo Europa AG)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2021}\localserver32 -> "C:\Program Files\Adobe\Elements 2021 Organizer\Elements Auto Creations 2021.exe" -toastactivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2022}\localserver32 -> "C:\Program Files\Adobe\Elements 2022 Organizer\Elements Auto Creations 2022.exe" -toastactivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\benji\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2387332320-4032506910-2073639800-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2020-09-24] (Notepad++ -> )
ContextMenuHandlers1-x32: [ARenGUID_ContextMenuEntry] -> {E30FF514-33BF-4C2F-A3BD-83C26DC7325C} => C:\Program Files\Advanced Renamer\arencm.dll [2014-04-04] (Kim Jensen) [Datei ist nicht signiert]
ContextMenuHandlers1: [ARenGUID_ContextMenuEntry64] -> {85EF5100-D10C-11E1-82EF-B60A140DCD93} => C:\Program Files\Advanced Renamer\arencm64.dll [2014-11-29] (Kim Jensen) [Datei ist nicht signiert]
ContextMenuHandlers1: [CLVDShellExt9] -> {4E20B104-5D9F-4E01-A01E-100F08E345C9} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt9_20190625_15_15_28.dll [2015-02-05] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-02-17] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers1: [Nitro.Pro.ShellExtension.Shim] -> {211B6F25-950C-49CD-AB86-A448EF85686A} => C:\Program Files\Common Files\Nitro\Nitro.Pro.ShellExtension.Shim.dll [2020-03-13] (Nitro Software, Inc. -> Nitro Software, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt9] -> {4E20B104-5D9F-4E01-A01E-100F08E345C9} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt9_20190625_15_15_28.dll [2015-02-05] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-02-17] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-11-12] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4-x32: [ARenGUID_ContextMenuEntry] -> {E30FF514-33BF-4C2F-A3BD-83C26DC7325C} => C:\Program Files\Advanced Renamer\arencm.dll [2014-04-04] (Kim Jensen) [Datei ist nicht signiert]
ContextMenuHandlers4: [ARenGUID_ContextMenuEntry64] -> {85EF5100-D10C-11E1-82EF-B60A140DCD93} => C:\Program Files\Advanced Renamer\arencm64.dll [2014-11-29] (Kim Jensen) [Datei ist nicht signiert]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-02-17] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncShell64.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-11-12] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [Datei ist nicht signiert]

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2019-06-25 12:58 - 2014-05-16 02:35 - 000192512 _____ () [Datei ist nicht signiert] C:\Program Files\Fractal Audio Systems\USB Audio Driver\fasusbaudioapi.dll
2021-11-13 19:58 - 2021-11-13 19:58 - 032939008 _____ () [Datei ist nicht signiert] C:\Program Files\WindowsApps\59750RykenApps.myTubeBeta_4.0.17.0_x64__zd92nzxdcatqw\myTube.dll
2021-05-14 19:36 - 2021-05-14 19:36 - 000236032 _____ () [Datei ist nicht signiert] C:\WINDOWS\SYSTEM32\UAD2DriverClient.dll
2021-05-14 19:36 - 2021-05-14 19:36 - 002183680 _____ () [Datei ist nicht signiert] C:\WINDOWS\SYSTEM32\UAD2SDK.dll
2017-11-08 07:35 - 2017-11-08 07:35 - 000123904 _____ (Samsung Electronics Co., Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Easy Printer Manager\SmartScreenPrint\CDAKEYMonitor64.dll
2018-05-18 09:57 - 2018-05-18 09:57 - 003696128 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Easy Printer Manager\ScanFax2PC\CDAScan2PCMonitor64.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:B3288E071D841949 [1]
AlternateDataStreams: C:\Users\All Users:B3288E071D841949 [1]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:B3288E071D841949 [1]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
BHO: NitroPDF.IE.Sharepoint -> {3BFAE61D-4A6D-4467-9E5E-FE5293D10F9F} -> C:\Program Files\Nitro\Pro\13\npnitroie.dll [2020-03-13] (Nitro Software, Inc. -> Nitro Software, Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: NitroPDF.IE.Sharepoint -> {3BFAE61D-4A6D-4467-9E5E-FE5293D10F9F} -> C:\Program Files (x86)\Nitro\Pro\13\npnitroie.dll [2020-03-13] (Nitro Software, Inc. -> Nitro Software, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2020-10-04 10:07 - 2021-11-13 19:49 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

2021-11-04 17:16 - 2021-11-08 10:48 - 000000591 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
92.168.137.66 BenjiDell.mshome.net # 2021 11 5 12 13 18 24 909
192.168.137.180 HUAWEI_Mate_20_Pro-fade01.mshome.net # 2021 11 5 12 10 25 18 497
97

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\benji\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\internet explorer wallpaper.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\StartupFolder: => "NTKDaemon.lnk"
HKLM\...\StartupApproved\StartupFolder: => "NIHardwareAccessibilityHelper.exe.lnk"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Nitro System Tray"
HKLM\...\StartupApproved\Run: => "Veeam.EndPoint.Tray.exe"
HKLM\...\StartupApproved\Run: => "AdobePSE20AutoAnalyzer"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G9"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive9"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKLM\...\StartupApproved\Run32: => "PowerDVD13Agent"
HKLM\...\StartupApproved\Run32: => "Creative HID Task"
HKLM\...\StartupApproved\Run32: => "Creative Audio Task"
HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant"
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\StartupApproved\Run: => "Power2GoExpress9"
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-2387332320-4032506910-2073639800-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_B9B057F13E8261F387166E937D6ED4AC"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{DF5D22F9-2B93-4D17-9CC5-B1BDD5831C4A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{6B57BE46-6223-4077-AEA0-2B637B6E0FE1}C:\program files\common files\common desktop agent\cdasrv.exe] => (Allow) C:\program files\common files\common desktop agent\cdasrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [UDP Query User{CD0224EF-7135-426F-AF9A-9C5893E349FC}C:\program files\common files\common desktop agent\cdasrv.exe] => (Allow) C:\program files\common files\common desktop agent\cdasrv.exe (Samsung Electronics CO., LTD. -> )

==================== Wiederherstellungspunkte =========================

02-11-2021 09:09:49 Windows Modules Installer
03-11-2021 16:00:22 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
03-11-2021 16:00:31 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
08-11-2021 09:10:15 Installed Windows PC Health Check
10-11-2021 09:20:57 Windows Modules Installer

==================== Fehlerhafte Geräte im Gerätemanager ============

Name: Qualcomm Atheros AR5BWB222 Wireless Network Adapter
Description: Qualcomm Atheros AR5BWB222-Drahtlosnetzwerkadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (11/13/2021 07:58:46 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf Documents (D:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)

Error: (11/13/2021 07:58:06 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf Audio (E:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)

Error: (11/13/2021 07:48:58 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007001f, Ein an das System angeschlossenes Gerät funktioniert nicht.
.


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet

Error: (11/13/2021 07:48:49 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {bcda5a59-d731-420e-8fff-6a0b9cbc309f}

Error: (11/13/2021 11:27:45 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (11/13/2021 11:16:08 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (11/13/2021 11:16:08 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (11/13/2021 11:16:08 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.


Systemfehler:
=============
Error: (11/13/2021 07:48:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/13/2021 07:48:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/13/2021 07:48:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Veeam Agent for Microsoft Windows" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/13/2021 07:48:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Wacom Professional Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/13/2021 07:48:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "TeamViewer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/13/2021 07:48:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SQL Server VSS Writer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/13/2021 07:48:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) RealSense(TM) Depth Camera Manager Service SR300" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/13/2021 07:48:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "PACE License Services" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.


Windows Defender:
================
Date: 2021-11-13 20:06:17
Description: 
Der überwachte Ordnerzugriff hat D:\*****\Downloads\RogueKiller_portable64.exe daran gehindert, Änderungen am Speicher durchzuführen.
Erkennungszeit: 2021-11-13T19:06:17.357Z
Benutzer: AUDIOMACHINE\benji
Pfad: \Device\Harddisk0\DR0
Name des Prozesses: D:\*****\Downloads\RogueKiller_portable64.exe
Sicherheitsversion: 1.353.949.0
Modulversion: 1.1.18700.4
Produktversion: 4.18.2110.6

Date: 2021-11-13 19:59:08
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {310D083A-1250-41F3-815E-22C7B96CD43E}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-11-13 19:55:49
Description: 
Der überwachte Ordnerzugriff hat C:\Windows\System32\SearchIndexer.exe daran gehindert, Änderungen am Speicher durchzuführen.
Erkennungszeit: 2021-11-13T18:55:49.542Z
Benutzer: NT-AUTORITÄT\SYSTEM
Pfad: \Device\HarddiskVolume4
Name des Prozesses: C:\Windows\System32\SearchIndexer.exe
Sicherheitsversion: 1.353.929.0
Modulversion: 1.1.18700.4
Produktversion: 4.18.2110.6

Date: 2021-11-13 19:55:09
Description: 
Der überwachte Ordnerzugriff hat C:\Windows\System32\SearchIndexer.exe daran gehindert, Änderungen am Speicher durchzuführen.
Erkennungszeit: 2021-11-13T18:55:09.451Z
Benutzer: NT-AUTORITÄT\SYSTEM
Pfad: \Device\HarddiskVolume4
Name des Prozesses: C:\Windows\System32\SearchIndexer.exe
Sicherheitsversion: 1.353.929.0
Modulversion: 1.1.18700.4
Produktversion: 4.18.2110.6

Date: 2021-11-13 19:50:07
Description: 
Der überwachte Ordnerzugriff hat C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe daran gehindert, Änderungen am Speicher durchzuführen.
Erkennungszeit: 2021-11-13T18:50:07.404Z
Benutzer: NT-AUTORITÄT\SYSTEM
Pfad: \Device\HarddiskVolume1
Name des Prozesses: C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe
Sicherheitsversion: 1.353.929.0
Modulversion: 1.1.18700.4
Produktversion: 4.18.2110.6

CodeIntegrity:
===============
Date: 2021-04-23 11:40:29
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\CastSrv.exe) attempted to load \Device\HarddiskVolume4\Users\benji\AppData\Local\Temp\TeamViewer\tv_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-07-20 19:12:20
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. F16i 11/10/2016
Hauptplatine: Gigabyte Technology Co., Ltd. Z77X-UD5H
Prozessor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 16%
Installierter physikalischer RAM: 32657.15 MB
Verfügbarer physikalischer RAM: 27329.79 MB
Summe virtueller Speicher: 37521.15 MB
Verfügbarer virtueller Speicher: 32373.09 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:232.25 GB) (Free:121.2 GB) NTFS
Drive d: (Documents) (Fixed) (Total:931.51 GB) (Free:367.17 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Audio) (Fixed) (Total:1863.01 GB) (Free:1058.27 GB) NTFS
Drive s: (Samples) (Fixed) (Total:1863 GB) (Free:1225.32 GB) NTFS

\\?\Volume{db23d280-95f9-47ba-9cc2-dcc27975201f}\ (Wiederherstellung) (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS
\\?\Volume{38a2cf03-d0fd-40a4-9227-b7aae9db10e0}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 668E10B2)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 668E10BE)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 3 (Size: 232.9 GB) (Disk ID: 49ADF780)

Partition: GPT.

==================== Ende von Addition.txt =======================
         

Alt 13.11.2021, 21:25   #9
M-K-D-B
/// TB-Ausbilder
 
Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender - Standard

Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender



Schritt 1 dauert etwas, bitte gedulde dich.
Wir überprüfen die Windows-Systemdateien damit.







Schritt 1
  • Speichere deine Arbeiten und schließe alle offenen Programme, damit keine Daten verloren gehen.
  • Kopiere den gesamten Inhalt der folgenden Code-Box:
    Code:
    ATTFilter
    Start::
    Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
    C:\Program Files (x86)\_43_S
    CMD: sfc /scannow
    DeleteQuarantine:
    Unlock: C:\FRST
    Reboot:
    End::
             
  • Starte nun FRST und klicke direkt den Reparieren Button.
    Wichtig: Du brauchst den Inhalt der Code-Box nirgends einfügen, da sich FRST den Code aus der Zwischenablage holt!
  • Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich FRST befindet.
  • Gegebenenfalls muss dein Rechner neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.






Dann wären wir durch!
Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.


Abschließend bitte noch einen Cleanup mit unserem TBCleanUpTool durchführen und unbedingt die Sicherheitsmaßnahmen lesen und umsetzen - beides ist in folgendem Lesestoff verlinkt:




Wenn Du möchtest, kannst Du hier sagen, ob du mit mir und meiner Hilfe zufrieden warst...
Vielleicht möchtest du das Forum mit einer kleinen Spende unterstützen.


Hinweis:
Bitte gib mir eine kurze Rückmeldung, sobald du die oben verlinkten Informationen gelesen hast, alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Alt 14.11.2021, 10:21   #10
benjis
 
Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender - Standard

Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender



Hi Matthias!

habe alles gelesen, verstanden, erledigt und keine Fragen mehr. Ich danke euch! Werde auch direkt spenden...

Hier ist das Log:

Code:
ATTFilter
Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-11-2021
durchgeführt von benji (14-11-2021 10:11:53) Run:2
Gestartet von D:\Benji Schaub\Downloads
Geladene Profile: benji
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
C:\Program Files (x86)\_43_S
CMD: sfc /scannow
DeleteQuarantine:
Unlock: C:\FRST
Reboot:

*****************

C:\ProgramData\NTUSER.pol => erfolgreich verschoben
C:\Program Files (x86)\_43_S => erfolgreich verschoben

========= sfc /scannow =========



Systemsuche wird gestartet. Dieser Vorgang kann einige Zeit dauern.



Überprüfungsphase der Systemsuche wird gestartet.


Überprüfung 0 % abgeschlossen.
Überprüfung 0 % abgeschlossen.
Überprüfung 1 % abgeschlossen.
Überprüfung 1 % abgeschlossen.
Überprüfung 2 % abgeschlossen.
Überprüfung 2 % abgeschlossen.
Überprüfung 3 % abgeschlossen.
Überprüfung 3 % abgeschlossen.
Überprüfung 4 % abgeschlossen.
Überprüfung 4 % abgeschlossen.
Überprüfung 5 % abgeschlossen.
Überprüfung 5 % abgeschlossen.
Überprüfung 6 % abgeschlossen.
Überprüfung 6 % abgeschlossen.
Überprüfung 7 % abgeschlossen.
Überprüfung 7 % abgeschlossen.
Überprüfung 8 % abgeschlossen.
Überprüfung 8 % abgeschlossen.
Überprüfung 9 % abgeschlossen.
Überprüfung 9 % abgeschlossen.
Überprüfung 9 % abgeschlossen.
Überprüfung 10 % abgeschlossen.
Überprüfung 10 % abgeschlossen.
Überprüfung 11 % abgeschlossen.
Überprüfung 11 % abgeschlossen.
Überprüfung 12 % abgeschlossen.
Überprüfung 12 % abgeschlossen.
Überprüfung 13 % abgeschlossen.
Überprüfung 13 % abgeschlossen.
Überprüfung 14 % abgeschlossen.
Überprüfung 14 % abgeschlossen.
Überprüfung 15 % abgeschlossen.
Überprüfung 15 % abgeschlossen.
Überprüfung 16 % abgeschlossen.
Überprüfung 16 % abgeschlossen.
Überprüfung 17 % abgeschlossen.
Überprüfung 17 % abgeschlossen.
Überprüfung 18 % abgeschlossen.
Überprüfung 18 % abgeschlossen.
Überprüfung 18 % abgeschlossen.
Überprüfung 19 % abgeschlossen.
Überprüfung 19 % abgeschlossen.
Überprüfung 20 % abgeschlossen.
Überprüfung 20 % abgeschlossen.
Überprüfung 21 % abgeschlossen.
Überprüfung 21 % abgeschlossen.
Überprüfung 22 % abgeschlossen.
Überprüfung 22 % abgeschlossen.
Überprüfung 23 % abgeschlossen.
Überprüfung 23 % abgeschlossen.
Überprüfung 24 % abgeschlossen.
Überprüfung 24 % abgeschlossen.
Überprüfung 25 % abgeschlossen.
Überprüfung 25 % abgeschlossen.
Überprüfung 26 % abgeschlossen.
Überprüfung 26 % abgeschlossen.
Überprüfung 27 % abgeschlossen.
Überprüfung 27 % abgeschlossen.
Überprüfung 27 % abgeschlossen.
Überprüfung 28 % abgeschlossen.
Überprüfung 28 % abgeschlossen.
Überprüfung 29 % abgeschlossen.
Überprüfung 29 % abgeschlossen.
Überprüfung 30 % abgeschlossen.
Überprüfung 30 % abgeschlossen.
Überprüfung 31 % abgeschlossen.
Überprüfung 31 % abgeschlossen.
Überprüfung 32 % abgeschlossen.
Überprüfung 32 % abgeschlossen.
Überprüfung 33 % abgeschlossen.
Überprüfung 33 % abgeschlossen.
Überprüfung 34 % abgeschlossen.
Überprüfung 34 % abgeschlossen.
Überprüfung 35 % abgeschlossen.
Überprüfung 35 % abgeschlossen.
Überprüfung 36 % abgeschlossen.
Überprüfung 36 % abgeschlossen.
Überprüfung 36 % abgeschlossen.
Überprüfung 37 % abgeschlossen.
Überprüfung 37 % abgeschlossen.
Überprüfung 38 % abgeschlossen.
Überprüfung 38 % abgeschlossen.
Überprüfung 39 % abgeschlossen.
Überprüfung 39 % abgeschlossen.
Überprüfung 40 % abgeschlossen.
Überprüfung 40 % abgeschlossen.
Überprüfung 41 % abgeschlossen.
Überprüfung 41 % abgeschlossen.
Überprüfung 42 % abgeschlossen.
Überprüfung 42 % abgeschlossen.
Überprüfung 43 % abgeschlossen.
Überprüfung 43 % abgeschlossen.
Überprüfung 44 % abgeschlossen.
Überprüfung 44 % abgeschlossen.
Überprüfung 45 % abgeschlossen.
Überprüfung 45 % abgeschlossen.
Überprüfung 45 % abgeschlossen.
Überprüfung 46 % abgeschlossen.
Überprüfung 46 % abgeschlossen.
Überprüfung 47 % abgeschlossen.
Überprüfung 47 % abgeschlossen.
Überprüfung 48 % abgeschlossen.
Überprüfung 48 % abgeschlossen.
Überprüfung 49 % abgeschlossen.
Überprüfung 49 % abgeschlossen.
Überprüfung 50 % abgeschlossen.
Überprüfung 50 % abgeschlossen.
Überprüfung 51 % abgeschlossen.
Überprüfung 51 % abgeschlossen.
Überprüfung 52 % abgeschlossen.
Überprüfung 52 % abgeschlossen.
Überprüfung 53 % abgeschlossen.
Überprüfung 53 % abgeschlossen.
Überprüfung 54 % abgeschlossen.
Überprüfung 54 % abgeschlossen.
Überprüfung 55 % abgeschlossen.
Überprüfung 55 % abgeschlossen.
Überprüfung 55 % abgeschlossen.
Überprüfung 56 % abgeschlossen.
Überprüfung 56 % abgeschlossen.
Überprüfung 57 % abgeschlossen.
Überprüfung 57 % abgeschlossen.
Überprüfung 58 % abgeschlossen.
Überprüfung 58 % abgeschlossen.
Überprüfung 59 % abgeschlossen.
Überprüfung 59 % abgeschlossen.
Überprüfung 60 % abgeschlossen.
Überprüfung 60 % abgeschlossen.
Überprüfung 61 % abgeschlossen.
Überprüfung 61 % abgeschlossen.
Überprüfung 62 % abgeschlossen.
Überprüfung 62 % abgeschlossen.
Überprüfung 63 % abgeschlossen.
Überprüfung 63 % abgeschlossen.
Überprüfung 64 % abgeschlossen.
Überprüfung 64 % abgeschlossen.
Überprüfung 64 % abgeschlossen.
Überprüfung 65 % abgeschlossen.
Überprüfung 65 % abgeschlossen.
Überprüfung 66 % abgeschlossen.
Überprüfung 66 % abgeschlossen.
Überprüfung 67 % abgeschlossen.
Überprüfung 67 % abgeschlossen.
Überprüfung 68 % abgeschlossen.
Überprüfung 68 % abgeschlossen.
Überprüfung 69 % abgeschlossen.
Überprüfung 69 % abgeschlossen.
Überprüfung 70 % abgeschlossen.
Überprüfung 70 % abgeschlossen.
Überprüfung 71 % abgeschlossen.
Überprüfung 71 % abgeschlossen.
Überprüfung 72 % abgeschlossen.
Überprüfung 72 % abgeschlossen.
Überprüfung 73 % abgeschlossen.
Überprüfung 73 % abgeschlossen.
Überprüfung 73 % abgeschlossen.
Überprüfung 74 % abgeschlossen.
Überprüfung 74 % abgeschlossen.
Überprüfung 75 % abgeschlossen.
Überprüfung 75 % abgeschlossen.
Überprüfung 76 % abgeschlossen.
Überprüfung 76 % abgeschlossen.
Überprüfung 77 % abgeschlossen.
Überprüfung 77 % abgeschlossen.
Überprüfung 78 % abgeschlossen.
Überprüfung 78 % abgeschlossen.
Überprüfung 79 % abgeschlossen.
Überprüfung 79 % abgeschlossen.
Überprüfung 80 % abgeschlossen.
Überprüfung 80 % abgeschlossen.
Überprüfung 81 % abgeschlossen.
Überprüfung 81 % abgeschlossen.
Überprüfung 82 % abgeschlossen.
Überprüfung 82 % abgeschlossen.
Überprüfung 82 % abgeschlossen.
Überprüfung 83 % abgeschlossen.
Überprüfung 83 % abgeschlossen.
Überprüfung 84 % abgeschlossen.
Überprüfung 84 % abgeschlossen.
Überprüfung 85 % abgeschlossen.
Überprüfung 85 % abgeschlossen.
Überprüfung 86 % abgeschlossen.
Überprüfung 86 % abgeschlossen.
Überprüfung 87 % abgeschlossen.
Überprüfung 87 % abgeschlossen.
Überprüfung 88 % abgeschlossen.
Überprüfung 88 % abgeschlossen.
Überprüfung 89 % abgeschlossen.
Überprüfung 89 % abgeschlossen.
Überprüfung 90 % abgeschlossen.
Überprüfung 90 % abgeschlossen.
Überprüfung 91 % abgeschlossen.
Überprüfung 91 % abgeschlossen.
Überprüfung 91 % abgeschlossen.
Überprüfung 92 % abgeschlossen.
Überprüfung 92 % abgeschlossen.
Überprüfung 93 % abgeschlossen.
Überprüfung 93 % abgeschlossen.
Überprüfung 94 % abgeschlossen.
Überprüfung 94 % abgeschlossen.
Überprüfung 95 % abgeschlossen.
Überprüfung 95 % abgeschlossen.
Überprüfung 96 % abgeschlossen.
Überprüfung 96 % abgeschlossen.
Überprüfung 97 % abgeschlossen.
Überprüfung 97 % abgeschlossen.
Überprüfung 98 % abgeschlossen.
Überprüfung 98 % abgeschlossen.
Überprüfung 99 % abgeschlossen.
Überprüfung 99 % abgeschlossen.
Überprüfung 100 % abgeschlossen.


Der Windows-Ressourcenschutz hat beschädigte Dateien gefunden und erfolgreich repariert.

Bei Onlinereparaturen finden Sie Details in der CBS-Protokolldatei unter 

windir\Logs\CBS\CBS.log. Beispiel C:\Windows\Logs\CBS\CBS.log. Bei Offlinereparaturen

finden Sie Details in der durch das /OFFLOGFILE-Kennzeichen angegebenen Protokolldatei.


========= Ende von CMD: =========

"C:\FRST\Quarantine" => erfolgreich entfernt
"C:\FRST" => wurde entsperrt


Das System musste neu gestartet werden.

==== Ende von Fixlog 10:14:27 ====
         

Alt 14.11.2021, 10:32   #11
M-K-D-B
/// TB-Ausbilder
 
Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender - Standard

Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender



Vielen Dank für die Spende. Sie dient zur Erhaltung des Forums.



Wir sind froh, dass wir helfen konnten

Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema.

Jeder andere bitte hier klicken und ein eigenes Thema erstellen.

Thema geschlossen

Themen zu Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender
audacity, bräuchte, defender, entferne, entfernen, falsche, falschen, falsches, gefunde, hilfe, installation, installier, installiert, version, win, win 10



Ähnliche Themen: Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender


  1. Windows 10: Audacity von falscher Seite installiert
    Log-Analyse und Auswertung - 15.03.2021 (6)
  2. Windows 10: Audacity von falscher Seite installiert - Presnoker WindowsDefender Meldung
    Log-Analyse und Auswertung - 15.03.2021 (7)
  3. Windows 10: Schadsoftware durch Download von audacity.de
    Log-Analyse und Auswertung - 13.03.2021 (8)
  4. Presenoker Bedrohung durch Fake Audacity Seite
    Plagegeister aller Art und deren Bekämpfung - 06.03.2021 (11)
  5. Windows 10: Malwarebefall durch audacity.de, ziemlich hatnäckig
    Log-Analyse und Auswertung - 18.02.2021 (8)
  6. Win32/Presnoker - Prozess Explorer.exe
    Log-Analyse und Auswertung - 17.02.2021 (5)
  7. Windows 10: Presenoker Bedrohung durch Audacity Download
    Log-Analyse und Auswertung - 13.02.2021 (8)
  8. Windows 10: node.js von audacity.de installiert
    Log-Analyse und Auswertung - 30.01.2021 (11)
  9. Win10 64bit: Adware durch Audacity.de
    Log-Analyse und Auswertung - 19.01.2021 (13)
  10. Trojaner node.js blockiert durch Malwarebytes nach Audacity Installation.
    Log-Analyse und Auswertung - 02.12.2020 (22)
  11. Trojaner node.js blockiert durch Malwarebytes nach Audacity Installation
    Log-Analyse und Auswertung - 02.11.2020 (17)
  12. durch unternehmensrichtlinie installiert, addon installiert sich ständig unter anderem Namen neu
    Log-Analyse und Auswertung - 10.02.2019 (8)
  13. Windows Defender wird durch Gruppenrichtlinien blockiert + Adware gefunden (Win10 Home 64bit)
    Plagegeister aller Art und deren Bekämpfung - 09.03.2017 (13)
  14. Ausversehen falsches Programm installiert! Ein Virus?
    Plagegeister aller Art und deren Bekämpfung - 28.11.2012 (1)
  15. Mehrere Trojaner durch Malwarebytes Anti Malware gefunden und ein Virus durch Avira gefunden (TR/Gendal.81920.6)
    Log-Analyse und Auswertung - 10.11.2012 (1)
  16. Ruhemodus->defekte Treiber->Neustart->falsches Datum, AVG Update unmöglich, Tracking Cookies gefunden
    Plagegeister aller Art und deren Bekämpfung - 11.10.2012 (23)
  17. Falsches AV bzw. Defender meldete sich, aktuelle Infizierung?
    Plagegeister aller Art und deren Bekämpfung - 22.12.2010 (7)

Zum Thema Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender - Hallo! Ich bräuchte bitte eure Hilfe beim Entfernen von "Presnoker" nach Installation der falschen Version von Audacity... Danke! B. Code: Alles auswählen Aufklappen ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool - Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender...
Archiv
Du betrachtest: Win 10: Falsches Audacity installiert -> Presnoker gefunden durch Win Defender auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.