| |
| |||||||
Mülltonne: Illegale SoftwareWindows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne... |
29.03.2022, 17:04
| #1 |
| |  Illegale Software MBAM (Kaufversion) meldet plötzlich "FLOXIF Virus gefunden". Nach Verschieben in Quarantäne kommt immer wieder die Meldung "symsrv.dll" mit Virus befallen. Parallel schaltet sich Windows Defender immer wieder ein mit der selben Meldung. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 28-03-2022
durchgeführt von Stardust (Administrator) auf STARDUST-PC (ASUS All Series) (29-03-2022 17:35:37)
Gestartet von C:\Users\Stardust\Desktop\Virenscanner
Geladene Profile: Stardust
Plattform: Microsoft Windows 10 Home Version 20H2 19042.1237 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Brave
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe ->) (Acronis International GmbH -> Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe <9>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(services.exe ->) (Acronis International GmbH -> Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
(svchost.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Seagate Scheduler2 Service] => C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe [401080 2016-09-09] (Acronis International GmbH -> Seagate)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8853248 2016-03-31] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1419008 2016-03-31] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3952096 2020-03-10] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe" (Keine Datei)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [293872 2014-08-25] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [DiscWizardMonitor.exe] => C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe [5626736 2016-09-09] (Acronis International GmbH -> Seagate)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [693336 2015-07-19] (Acronis International GmbH -> Acronis International GmbH)
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\Run: [Evjtion] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Stardust\AppData\Local\Ednltion\zggmavdz.dll (Keine Datei) <==== ACHTUNG
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Stardust\AppData\Local\Microsoft\Teams\Update.exe [2452664 2021-01-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-03-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\MountPoints2: {2b23946d-8395-11ea-8d07-2c56dcfb29ac} - "J:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\MountPoints2: {3708622c-9c6c-11ec-8f47-001bdc0f5e41} - "P:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\MountPoints2: {589a8aa1-416f-11ec-8ed9-001bdc0f5e41} - "P:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\MountPoints2: {f3cf51bc-0d59-11ec-8ea4-001bdc0f5e41} - "J:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon iP7200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBA.DLL [30208 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP7200 series: C:\Windows\system32\CNMLMBA.DLL [389120 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\PDF995 Monitor: C:\Windows\system32\pdf995mon64.dll [40448 2012-04-26] () [Datei ist nicht signiert]
HKLM\...\Print\Monitors\Redirected Port: C:\Windows\system32\redmon64.dll [113152 2012-06-21] () [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\99.1.36.122\Installer\chrmstp.exe [2022-03-26] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iD Autostart.lnk [2020-11-20]
ShortcutTarget: iD Autostart.lnk -> I:\Program Files\Audient\USBAudioDriver\W10_x64\iD.exe (Thesycon Software Solutions GmbH & Co. KG -> Audient)
Startup: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\clean.bat [2019-03-07] () [Datei ist nicht signiert]
GroupPolicy\User: Beschränkung ? <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {076989FD-D443-4504-83CA-64810601FBCC} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {07EBFA06-EC9D-4509-964A-DB00D4903D08} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano\TriggerKMS.exe [54784 2013-01-26] () [Datei ist nicht signiert]
Task: {0E585CE1-C419-4727-A582-9E54A1238CBF} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Keine Datei)
Task: {1258D30D-FF81-46A0-BAA5-4B0EEFE79E2E} - System32\Tasks\{F6ECDA73-02CC-4381-9024-C25B45508A36} => C:\Windows\system32\pcalua.exe -a G:\Downloads\Nikon\Camera_Control_Pro_2.4.0_MAJ+crack-FR\S-CCPRO_-240WU-___FR.exe -d G:\Downloads\Nikon\Camera_Control_Pro_2.4.0_MAJ+crack-FR
Task: {15621708-65E6-425B-9FC7-9690D986FAC0} - System32\Tasks\Red Giant Link => C:\Program [Argument = Files (x86)\Red Giant Link\Red Giant Link.exe]
Task: {18CF7782-EF51-4CF5-98FD-51618CA7C520} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Keine Datei)
Task: {1BB78BF6-674D-4DBE-B063-5D3D09C89A48} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Keine Datei)
Task: {2A123457-F6C7-4970-9697-BFB272A512EA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2ADE8A48-D80D-4364-BDC7-2867103F061D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2AE01B1E-CF36-43B3-9107-15D14A6F2E7E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Keine Datei)
Task: {2CCCFE10-565F-43E4-BA75-CB0562B433EE} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2F85F820-77B1-4B7B-8E54-1933C30E5CE0} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Keine Datei)
Task: {334B7889-5A8B-4058-9EEE-651DCCBE4E1D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-20] (Adobe Inc. -> Adobe)
Task: {342F4578-FFCA-49D9-8DC0-8E8260946CAD} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {38E1DF0C-A53D-42FC-BDCD-198954F634A1} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {3BC919F3-ACAB-471F-BF08-6362961F8C8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-25] (Google Inc -> Google Inc.)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4E5BA39D-F273-4559-A8B4-EBAF956D4278} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Keine Datei)
Task: {532150C9-B9BA-4E16-AECB-25279FD46214} - System32\Tasks\AdobeAAMUpdater-1.0-Stardust-PC-Stardust => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {53585984-A13C-46C9-9EA3-88CDCF7DE5E6} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {53F1DCE3-3F1A-413E-998B-6B419B9677B1} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Keine Datei)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5BDA07B6-DE21-4A96-8B19-8EFDA5187064} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Keine Datei)
Task: {6BA091D6-7111-4C65-A9F3-2285041539F1} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Keine Datei)
Task: {6D2A8B03-270A-45AB-90AC-1A7865121988} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-16] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {71E80772-B077-4C1B-AD9F-C38C767517E7} - System32\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync => {2AE64751-B728-4D6B-97A0-B2DA2E7D2A3B}
Task: {7EECC9C8-1EE0-4853-BBBF-1760A0BBCD38} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [880 2020-09-25] () [Datei ist nicht signiert]
Task: {83093D10-05D6-4F0D-9688-4E171B0E4677} - System32\Tasks\{25F98069-70CB-48A9-B931-BF1D94951F4F} => G:\Downloads\GoPro_Quik-WinInstaller-2.7.0.945.exe [180585880 2020-04-02] (GoPro Media, Inc. -> GoPro, Inc.)
Task: {89BD13E7-D90B-41E7-91AB-CF803A0752AE} - System32\Tasks\Microsoft\Windows\Offline Files\Logon Synchronization => {FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8}
Task: {8B5B7A14-2B5F-41C4-BA82-6923A5D92143} - System32\Tasks\{553076C7-B8AD-4770-893E-6B2BA8DDC567} => C:\Windows\system32\pcalua.exe -a G:\Windows7Platte\hijackthis.exe
Task: {8BC6E84B-2860-40C1-B5D1-579A1C8F9770} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {8D030C4D-BBD1-4892-89B2-D51D809F87C6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_453_Plugin.exe [1502776 2020-11-20] (Adobe Inc. -> Adobe)
Task: {91CC13EA-0D77-43A4-A9F6-12667D379D8E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (Keine Datei)
Task: {98521B7B-BE3C-4AD6-A104-D94A6A45C76F} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Keine Datei)
Task: {9C15659A-CAD1-4E51-8E94-40C45E0BFF83} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9ED1D52B-03A0-4A8A-89BA-34D5A3EBA20A} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {A08BB583-34C1-49E9-B2DA-4AC980F8CC59} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {A3EDD0B1-51F2-4FDD-A5CE-A8B1F8958981} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Keine Datei)
Task: {A43F1BAA-9399-4965-9C62-14B265A6D5BD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Keine Datei)
Task: {A462F529-82E3-4BE2-B0EF-B4EFA29BA5E8} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {A7AEA0F8-A9AD-4FB5-B50D-DBC6153ACCB9} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Keine Datei)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B34FEDE3-F972-46BB-AD46-7691A085E4E9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {B3CED513-A4FE-4F16-9F98-2AFCCC82D880} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {B47C6464-3B0B-4209-908A-48E1B9AB080C} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Keine Datei)
Task: {B6451DFA-7517-4D9D-8048-4C32CEAA9C49} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-16] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {BAF779DC-E992-4932-8359-7889E0FEF22F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Keine Datei)
Task: {C0B40F63-FED3-4A03-8B6D-761AA4DAAB29} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Keine Datei)
Task: {CAE05DA5-63F7-44F4-9D51-E27999E6834D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CFA9598B-1124-4A7E-8A2A-A9C697F770F6} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D2899B86-E294-4E7C-B6DF-5B1A9EBC3245} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Keine Datei)
Task: {D35CC1F7-0AAD-4869-990B-4A90B1F59805} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Keine Datei)
Task: {D42E7572-EFE4-4A43-8766-C86235BF4C57} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Keine Datei)
Task: {D68681B2-3CB0-4529-B6EB-0EC6B00236D3} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Keine Datei)
Task: {DD7815C7-5CE4-4F85-852F-1D66DB296AE0} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Keine Datei)
Task: {DE234587-B089-45B9-9FB7-9AAA6DFC52AE} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E61B1606-18F5-4B92-A3B5-17ECDE148C58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-25] (Google Inc -> Google Inc.)
Task: {F1C5573A-A641-4228-88C2-64F8E5DD7461} - System32\Tasks\Microsoft\Windows\Offline Files\Background Synchronization => {FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8}
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{905F7350-6D98-4D00-8094-332339AD59E4}: [DhcpNameServer] 192.168.2.1
Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Profile: C:\Users\Stardust\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-29]
FireFox:
========
FF DefaultProfile: bgbxpof5.default
FF ProfilePath: C:\Users\Stardust\AppData\Roaming\TomTom\HOME\Profiles\4rzg4lot.default [2019-05-05]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2019-05-05] [] [ist nicht signiert]
FF ProfilePath: C:\Users\Stardust\AppData\Roaming\Mozilla\Firefox\Profiles\bgbxpof5.default [2022-03-19]
FF DownloadDir: G:\Downloads
FF Homepage: Mozilla\Firefox\Profiles\bgbxpof5.default -> hxxp://www.google.com
FF Extension: (Facebook Container) - C:\Users\Stardust\AppData\Roaming\Mozilla\Firefox\Profiles\bgbxpof5.default\Extensions\@contain-facebook.xpi [2021-11-30]
FF Extension: (Combo) - C:\Users\Stardust\AppData\Roaming\Mozilla\Firefox\Profiles\bgbxpof5.default\Extensions\combo@yandex.ru.xpi [2016-02-09] []
FF Extension: (YouTube Video and Audio Downloader) - C:\Users\Stardust\AppData\Roaming\Mozilla\Firefox\Profiles\bgbxpof5.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2017-05-20] []
FF Extension: (ImTranslator: Translator, Dictionary, TTS) - C:\Users\Stardust\AppData\Roaming\Mozilla\Firefox\Profiles\bgbxpof5.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2021-11-30]
FF Extension: (Video DownloadHelper) - C:\Users\Stardust\AppData\Roaming\Mozilla\Firefox\Profiles\bgbxpof5.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-11]
FF Extension: (YouTube Video and Audio Downloader (Dev Edt.)) - C:\Users\Stardust\AppData\Roaming\Mozilla\Firefox\Profiles\bgbxpof5.default\Extensions\{f73df109-8fb4-453e-8373-f59e61ca4da3}.xpi [2021-07-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_453.dll [2020-11-20] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=3.0.11 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_453.dll [2020-11-20] (Adobe Inc. -> )
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> D:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
Brave:
=======
BRA Profile: C:\Users\Stardust\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-03-29]
BRA DownloadDir: G:\Downloads
BRA StartupUrls: Default -> "hxxp://www.google.com/"
BRA DefaultSearchKeyword: Default -> :g
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Stardust\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-03-29]
BRA Extension: (Brave NTP background images) - C:\Users\Stardust\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-03-10]
BRA Extension: (Wallet Data Files Updater) - C:\Users\Stardust\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2022-03-10]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Stardust\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-03-29]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\Stardust\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2021-03-17]
BRA Extension: (Brave Ad Block Updater (EasyList Germany)) - C:\Users\Stardust\AppData\Local\BraveSoftware\Brave-Browser\User Data\faknfgalcghekhfggcdikddilkpjbonh [2022-03-29]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Stardust\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-14]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Stardust\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2022-03-29]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Stardust\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-03-16]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-20] (Adobe Inc. -> Adobe)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe [1340376 2017-12-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-16] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-16] (Brave Software, Inc. -> BraveSoftware Inc.)
S4 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [0 2022-03-28] () <==== ACHTUNG [Null Byte Datei/Ordner]
S2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [249320 2016-03-31] (DTS, Inc. -> DTS, Inc)
S4 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S2 Everything; C:\Program Files (x86)\Everything\Everything.exe [1666664 2022-03-28] (David Carpenter -> )
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-12-22] (Mixbyte Inc -> Freemake)
S2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [38328 2018-08-31] (GoPro Media, Inc. -> )
S2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2021-06-03] (Huawei Technologies Co., Ltd. -> ) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8022200 2022-03-28] (Malwarebytes Inc -> Malwarebytes)
R2 SgtSch2Svc; C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [1255144 2016-09-09] (Acronis International GmbH -> Seagate)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 asComSvc; "C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe" [X]
S2 AsSysCtrlService; "C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.25\AsSysCtrlService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] (ASUSTeK Computer Inc. -> )
R3 audientusbaudio; C:\WINDOWS\System32\drivers\audientusbaudio.sys [366800 2018-09-26] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 audientusbaudioks; C:\WINDOWS\System32\drivers\audientusbaudioks.sys [53456 2018-09-26] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 CYUSB3; C:\WINDOWS\System32\Drivers\CYUSB3.sys [91952 2018-11-16] (Cypress Semiconductor Corporation -> Cypress Semiconductor)
R3 debutfilter; C:\WINDOWS\system32\DRIVERS\debutfilterx64.sys [55144 2020-12-11] (NCH Software Pty Ltd -> )
S3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [33592 2015-05-24] (DEV47 APPS -> Dev47Apps)
S3 DroidCamVideo; C:\WINDOWS\System32\drivers\droidcamvideo.sys [229432 2015-05-24] (DEV47 APPS -> Dev47Apps)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-09-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [296736 2018-07-22] (Acronis International GmbH -> Acronis International GmbH)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223688 2022-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-20] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195024 2022-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2022-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-03-29] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157816 2022-03-29] (Malwarebytes Inc -> Malwarebytes)
S3 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [74616 2020-09-25] (Insecure.Com LLC -> Insecure.Com LLC.)
R2 NPF_devolo; C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys [36496 2021-07-13] (devolo AG -> Riverbed Technology, Inc.)
R0 nvme; C:\WINDOWS\System32\drivers\nvme.sys [83784 2015-12-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd)
R0 nvmeF; C:\WINDOWS\System32\drivers\nvmeF.sys [30776 2015-12-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd)
S3 SIVDriver; C:\WINDOWS\system32\Drivers\SIVX64.sys [198144 2021-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Ray Hinchliffe)
S3 sparkocam; C:\WINDOWS\System32\DRIVERS\sparkocam.sys [36176 2015-12-21] (Sparkosoft Inc -> Sparkosoft)
R2 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1058632 2018-07-22] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\System32\DRIVERS\tib_mounter.sys [248648 2018-07-22] (Acronis International GmbH -> Acronis International GmbH)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Apple, Inc.) [Datei ist nicht signiert]
R3 USBPcap; C:\WINDOWS\System32\DRIVERS\USBPcap.sys [48960 2019-08-11] (Tomasz Moń -> USBPcap)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 WinisoCDBus; C:\WINDOWS\System32\drivers\WinisoCDBus.sys [204032 2013-12-10] (ZJMedia Digital Technology Ltd. -> WinISO.com)
S1 iaujjhli; \??\C:\WINDOWS\system32\drivers\iaujjhli.sys [X]
U3 idsvc; kein ImagePath
S1 rqzhynon; \??\C:\WINDOWS\system32\drivers\rqzhynon.sys [X]
S3 TSSKX64; System32\drivers\tsskx64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-03-29 17:31 - 2022-03-29 17:35 - 000000000 ____D C:\Users\Stardust\Desktop\Virenscanner
2022-03-29 17:26 - 2022-03-29 17:27 - 000089026 _____ C:\Users\Stardust\Desktop\Addition.txt
2022-03-29 17:25 - 2022-03-29 17:27 - 000045359 _____ C:\Users\Stardust\Desktop\FRST.txt
2022-03-29 17:20 - 2022-03-29 17:20 - 000009158 _____ C:\Users\Stardust\Desktop\RogueKiller.txt
2022-03-29 17:08 - 2022-03-29 17:20 - 000000000 ____D C:\ProgramData\RogueKiller
2022-03-29 17:06 - 2022-03-29 17:08 - 000002129 _____ C:\Users\Stardust\Desktop\mbam.txt
2022-03-29 16:56 - 2022-03-29 16:56 - 000004986 _____ C:\Users\Stardust\Documents\AdwCleaner[S00].txt
2022-03-29 16:56 - 2022-03-29 16:56 - 000004396 _____ C:\Users\Stardust\Documents\AdwCleaner[C00].txt
2022-03-29 16:52 - 2022-03-29 16:55 - 000000000 ____D C:\AdwCleaner
2022-03-29 16:38 - 2022-03-29 16:38 - 000195024 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-03-29 16:38 - 2022-03-29 16:38 - 000157816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-03-29 16:38 - 2022-03-29 16:38 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-03-28 20:29 - 2022-03-29 16:20 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-03-28 20:12 - 2022-03-29 16:25 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-03-28 20:12 - 2022-03-29 16:20 - 000223688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-03-28 16:13 - 2022-03-28 16:15 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-03-19 09:20 - 2022-03-19 09:20 - 000095933 _____ C:\Users\Stardust\Documents\rechnungbeitraghukmoped.pdf
2022-03-15 17:09 - 2022-03-15 17:09 - 001134792 _____ C:\Users\Stardust\Desktop\anwaltsrechnung.pdf
2022-03-14 16:51 - 2022-03-25 22:12 - 000000000 ____D C:\WINDOWS\Minidump
2022-03-12 15:28 - 2022-03-12 16:21 - 000000000 ____D C:\Users\Stardust\Documents\BAfög
2022-03-07 17:13 - 2022-03-07 17:13 - 000061073 _____ C:\Users\Stardust\Desktop\4769_001.pdf
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-03-29 17:35 - 2018-05-09 19:16 - 000000000 ____D C:\FRST
2022-03-29 17:34 - 2018-05-25 18:07 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-29 17:25 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-03-29 17:13 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-29 17:03 - 2016-11-26 15:02 - 000000000 ____D C:\Users\Stardust\AppData\LocalLow\Mozilla
2022-03-29 16:55 - 2016-04-21 16:01 - 000000000 ____D C:\ProgramData\NVIDIA
2022-03-29 16:55 - 2016-02-24 21:17 - 000000000 ____D C:\Users\Stardust\AppData\Roaming\Common
2022-03-29 16:52 - 2016-09-30 17:09 - 000000000 ____D C:\Users\Stardust\Documents\Outlook-Dateien
2022-03-29 16:44 - 2021-05-26 21:49 - 000780942 _____ C:\WINDOWS\system32\perfh00C.dat
2022-03-29 16:44 - 2021-05-26 21:49 - 000149608 _____ C:\WINDOWS\system32\perfc00C.dat
2022-03-29 16:44 - 2021-05-26 21:17 - 002766164 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-29 16:44 - 2019-12-07 15:50 - 000785800 _____ C:\WINDOWS\system32\perfh007.dat
2022-03-29 16:44 - 2019-12-07 15:50 - 000167914 _____ C:\WINDOWS\system32\perfc007.dat
2022-03-29 16:40 - 2018-11-03 13:07 - 000000000 ____D C:\Users\Stardust\AppData\Roaming\Everything
2022-03-29 16:38 - 2021-05-26 21:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-29 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-03-29 16:37 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-03-29 16:37 - 2018-11-03 22:34 - 000000000 ____D C:\Users\Stardust\AppData\Local\Everything
2022-03-29 16:34 - 2022-01-25 17:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-03-29 16:34 - 2016-02-06 19:31 - 000000000 ____D C:\Users\Stardust\AppData\Local\Adobe
2022-03-29 16:33 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-03-29 16:32 - 2018-05-02 18:01 - 000000000 ____D C:\ProgramData\Garmin
2022-03-29 16:32 - 2016-02-06 16:36 - 000000000 ____D C:\ProgramData\Package Cache
2022-03-28 21:13 - 2021-05-26 21:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-28 20:18 - 2018-11-03 13:07 - 000000000 ____D C:\Program Files (x86)\Everything
2022-03-28 20:00 - 2021-05-26 21:06 - 005229264 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-28 19:56 - 2016-02-06 20:49 - 000000000 ____D C:\Program Files (x86)\Adobe
2022-03-28 19:55 - 2016-02-06 19:31 - 000000000 ____D C:\ProgramData\Adobe
2022-03-28 19:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-28 19:54 - 2016-02-06 19:33 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2022-03-28 19:49 - 2016-02-14 18:20 - 000000000 ____D C:\Users\Stardust\AppData\LocalLow\Adobe
2022-03-28 16:37 - 2016-02-06 19:31 - 000000000 ____D C:\Users\Stardust\AppData\Roaming\Adobe
2022-03-28 16:25 - 2016-02-08 18:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2022-03-28 16:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-03-28 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-03-28 16:08 - 2016-03-13 12:43 - 000000000 ____D C:\Users\Stardust\AppData\Roaming\transmission
2022-03-26 21:55 - 2021-05-26 21:08 - 000000000 ____D C:\Users\Stardust
2022-03-26 21:40 - 2016-03-25 18:39 - 000000000 ____D C:\Users\Stardust\AppData\Local\CrashDumps
2022-03-26 19:30 - 2021-03-16 20:18 - 000002356 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2022-03-25 22:43 - 2017-12-08 18:56 - 000000000 ____D C:\Users\Public\Ticket
2022-03-21 17:40 - 2021-01-28 20:04 - 000000000 ____D C:\Users\Stardust\AppData\Roaming\Signal
2022-03-16 19:06 - 2017-06-25 11:08 - 000000000 ____D C:\Users\Stardust\AppData\Roaming\Arobas Music
2022-03-16 17:53 - 2016-09-04 11:04 - 000000000 ____D C:\Users\Stardust\AppData\Local\ElevatedDiagnostics
2022-03-15 17:35 - 2019-01-09 19:27 - 000000000 ____D C:\Program Files\Common Files\VST3
2022-03-12 10:04 - 2020-09-09 16:14 - 000000000 ____D C:\Users\Stardust\AppData\Roaming\vlc
2022-03-12 09:57 - 2016-10-01 12:42 - 000000000 ____D C:\Users\Stardust\AppData\Roaming\dvdcss
2022-03-08 17:57 - 2021-06-07 16:25 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-03-08 17:57 - 2020-05-03 16:39 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-03-08 17:47 - 2020-05-03 16:39 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-03-08 17:47 - 2020-05-03 15:29 - 000000000 ____D C:\Program Files\Malwarebytes
2022-03-03 18:19 - 2020-04-02 17:55 - 000000000 ____D C:\Users\Stardust\AppData\Local\Packages
2022-03-02 12:56 - 2019-09-27 20:07 - 000366360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll
2022-03-02 12:56 - 2019-09-27 20:07 - 000203544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_2.dll
2022-03-02 12:56 - 2019-09-27 20:07 - 000044312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140_1.dll
2022-03-02 12:56 - 2019-09-27 20:06 - 000333592 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll
2022-03-02 12:56 - 2019-09-27 20:06 - 000031512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_1.dll
2022-03-02 12:56 - 2019-09-27 20:06 - 000027416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_codecvt_ids.dll
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2019-03-07 18:27 - 2019-03-07 18:40 - 000000084 _____ () C:\Users\Stardust\clean.bat
2014-04-29 11:35 - 2014-04-29 11:35 - 354230360 _____ (Sony Creative Software Inc.) C:\Program Files (x86)\vegaspro13.0.310_64bit.exe
2016-01-13 22:47 - 2016-01-13 22:47 - 000000617 _____ () C:\Users\Stardust\AppData\Roaming\12.png
2018-11-10 18:26 - 2018-11-10 18:26 - 000000268 ___RH () C:\Users\Stardust\AppData\Roaming\Bubble Noise
2013-10-02 03:56 - 2013-10-02 03:56 - 000000167 _____ () C:\Users\Stardust\AppData\Roaming\bullet.png
2015-05-20 02:28 - 2015-05-20 02:28 - 000003813 _____ () C:\Users\Stardust\AppData\Roaming\circle_orange.png
2018-12-29 13:19 - 2018-12-29 13:22 - 000345950 _____ () C:\Users\Stardust\AppData\Roaming\CodecsLE_Install.log
2017-11-21 18:18 - 2017-11-21 18:18 - 041693696 _____ () C:\Users\Stardust\AppData\Roaming\ffmpeg.exe
2016-02-07 20:59 - 2016-02-07 20:59 - 000002210 _____ () C:\Users\Stardust\AppData\Roaming\FlasketAnemometry
2016-02-07 09:55 - 2016-02-07 09:55 - 000076288 _____ () C:\Users\Stardust\AppData\Roaming\hyphenizations.dll
2015-05-20 02:28 - 2015-05-20 02:28 - 000001392 _____ () C:\Users\Stardust\AppData\Roaming\inventory.png
2016-02-07 20:59 - 2016-02-07 20:59 - 000052466 _____ () C:\Users\Stardust\AppData\Roaming\La_Rioja
2013-10-02 03:54 - 2013-10-02 03:54 - 000000447 _____ () C:\Users\Stardust\AppData\Roaming\meta-index
2021-11-02 11:03 - 2021-11-02 11:03 - 000000016 _____ () C:\Users\Stardust\AppData\Roaming\obs-virtualcam.txt
2013-10-02 03:56 - 2013-10-02 03:56 - 000001826 _____ () C:\Users\Stardust\AppData\Roaming\page.margin.outer.xml
2014-05-08 05:08 - 2014-05-08 05:08 - 000001307 _____ () C:\Users\Stardust\AppData\Roaming\Steel - Matte Bronze.3PP
2017-06-25 15:08 - 2017-06-25 15:10 - 000001456 _____ () C:\Users\Stardust\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-06-05 13:37 - 2019-03-20 21:25 - 000007680 _____ () C:\Users\Stardust\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-10-17 17:48 - 2019-10-17 17:48 - 000002961 ____H () C:\Users\Stardust\AppData\Local\llbb1cscaicceo.ini
2019-11-28 17:03 - 2019-11-28 17:03 - 000002897 ____H () C:\Users\Stardust\AppData\Local\llbb1csccicceo.ini
2019-12-19 17:35 - 2019-12-19 17:35 - 000002939 ____H () C:\Users\Stardust\AppData\Local\llbb1csceicceo.ini
2019-01-17 18:12 - 2019-01-17 18:12 - 000002961 ____H () C:\Users\Stardust\AppData\Local\llbb1cscicceo.ini
2019-02-28 17:37 - 2019-02-28 17:37 - 000002854 ____H () C:\Users\Stardust\AppData\Local\llbb1cseicceo.ini
2019-03-28 18:20 - 2019-03-28 18:20 - 000002854 ____H () C:\Users\Stardust\AppData\Local\llbb1csgicceo.ini
2019-04-18 16:25 - 2019-04-18 16:26 - 000002918 ____H () C:\Users\Stardust\AppData\Local\llbb1csiicceo.ini
2019-05-16 16:16 - 2019-05-16 16:16 - 000002833 ____H () C:\Users\Stardust\AppData\Local\llbb1cskicceo.ini
2019-06-27 18:45 - 2019-06-27 18:45 - 000002897 ____H () C:\Users\Stardust\AppData\Local\llbb1csmicceo.ini
2020-01-16 18:14 - 2020-01-16 18:14 - 000002961 ____H () C:\Users\Stardust\AppData\Local\llbb1eacicceo.ini
2020-02-20 17:56 - 2020-02-20 17:56 - 000002897 ____H () C:\Users\Stardust\AppData\Local\llbb1eaeicceo.ini
2020-03-19 16:07 - 2020-03-19 16:07 - 000002982 ____H () C:\Users\Stardust\AppData\Local\llbb1eagicceo.ini
2021-12-04 19:24 - 2021-12-04 19:24 - 000007605 _____ () C:\Users\Stardust\AppData\Local\Resmon.ResmonCfg
2020-12-12 20:13 - 2020-12-12 20:13 - 000000000 _____ () C:\Users\Stardust\AppData\Local\zenmap.exe.log
2019-01-09 19:27 - 2019-01-09 19:27 - 000000514 _____ () C:\Users\Stardust\AppData\Local\{BBF71A64-BCF1-4DCD-AD17-6730881BF01C}
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
testsigning: ==> 'testsigning' ist aktiviert. Prüfung auf eventuelle nicht-signierte Treiber durchführen <==== ACHTUNG
==================== Ende von FRST.txt ========================
|
|
29.03.2022, 17:12
| #2 |
| | Windows 10: MBAM meldet plötzlich Virus FLOXIF addition.txt
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-03-2022
durchgeführt von Stardust (29-03-2022 17:36:25)
Gestartet von C:\Users\Stardust\Desktop\Virenscanner
Microsoft Windows 10 Home Version 20H2 19042.1237 (X64) (2021-05-26 20:14:28)
Start-Modus: Normal
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-1645521455-3686839743-3489531396-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1645521455-3686839743-3489531396-503 - Limited - Disabled)
Gast (S-1-5-21-1645521455-3686839743-3489531396-501 - Limited - Disabled)
Stardust (S-1-5-21-1645521455-3686839743-3489531396-1000 - Administrator - Enabled) => C:\Users\Stardust
WDAGUtilityAccount (S-1-5-21-1645521455-3686839743-3489531396-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Absolute Fretboard Trainer LITE (HKLM-x32\...\Absolute Fretboard Trainer LITE_is1) (Version: - AbsoluteFretboard.com)
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.6.1 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.453 - Adobe)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.8 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Reader XI MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe SpeedGrade CC 2015 (HKLM-x32\...\{8FD7F1DB-7355-469E-A3F2-2118148D8477}) (Version: 9.0.0 - Adobe Systems Incorporated)
AG DSP Controller (HKLM-x32\...\{C0D0B3D0-87AA-47A2-91B5-FA11C7F2BAC2}) (Version: 1.1.0.0 - Yamaha Corporation)
AltServer (HKLM-x32\...\{F7B4312C-3208-43BD-8342-74E9F42006E4}) (Version: 1.4.3 - Riley Testut)
Android Studio (HKLM\...\Android Studio) (Version: 2020.3 - Google LLC)
ARIA Engine v1.9.3.3 (HKLM\...\ARIA Engine_is1) (Version: v1.9.3.3 - Plogue Art et Technologie, Inc)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 2.0.9.0001 - Asmedia Technology)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.24.0 - Asmedia Technology)
Audient USB Audio Driver v4.0.3 (HKLM-x32\...\Software_Audient_audientusbaudio_Setup) (Version: 4.0.3 - Audient)
Avid Codecs LE (HKLM-x32\...\{C8867EDE-69E9-422C-9E88-80CF5B897C4F}) (Version: 2.7.3.39175 - Avid Technology)
AW-CA100/100D (HKLM-x32\...\{0FA5C34F-7552-42EC-B684-4ACCCA72A620}) (Version: 64.9.1009.2010 - )
Band-in-a-Box 2022 (920) Update (HKLM-x32\...\BB_is1) (Version: - PG Music Inc.)
Band-in-a-Box DAW Plugin 4.5.10 (HKLM-x32\...\BIAB_Plugin_is1) (Version: - PG Music Inc.)
Band-in-a-Box Download and Install Manager 1.0.8 (HKLM-x32\...\DLINSTMAN_is1) (Version: - PG Music Inc.)
Band-in-a-Box File Associations (HKLM-x32\...\BBAssociations_is1) (Version: - PG Music Inc.)
Band-in-a-Box Notation and Chord Fonts (HKLM-x32\...\BBFonts_is1) (Version: - PG Music Inc.)
Band-in-a-Box Server (HKLM-x32\...\BBServer_is1) (Version: - PG Music Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BOSS TONE STUDIO for GT-1 (HKLM-x32\...\{657A8883-CE6D-022D-3B05-B3659506516A}) (Version: 1.0.0 - Roland Corporation) Hidden
BOSS TONE STUDIO for GT-1 (HKLM-x32\...\BOSS-TONE-STUDIO-for-GT-1) (Version: 1.0.0 - Roland Corporation)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 99.1.36.122 - Die Brave-Autoren)
Camera Control Pro 2 (HKLM-x32\...\{FE96C49B-DB90-405E-A00E-09E38372F880}) (Version: 2.13.0 - Nikon)
Canon iP7200 series On-screen Manual (HKLM-x32\...\Canon iP7200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version: - Canon Inc.)
CDex - Digital Audio CD Extractor and Converter (HKLM-x32\...\CDex) (Version: 1.81.0.2016 - Georgy Berdyshev)
Cinch Audio Recorder version 4.0.2 (HKLM-x32\...\{F145F781-A266-4A33-8F34-65561BF29B25}_is1) (Version: 4.0.2 - Cinch Solutions)
CINEMA 4D 16.011 (HKLM\...\MAXONCE2CF069) (Version: 16.011 - MAXON Computer GmbH)
Clavia USB Driver v3.02_4 (HKLM-x32\...\Clavia USB Driver v3.02_4) (Version: - )
Content Manager (HKLM-x32\...\Content Manager) (Version: 3.18.5.639191 - NNG Llc.)
CoyoteWT 1.3 (HKLM-x32\...\CoyoteWT_is1) (Version: - Coyote Electronics Inc.)
CrystalDiskInfo 8.13.3 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.13.3 - Crystal Dew World)
CrystalDiskMark 8.0.4 (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4 - Crystal Dew World)
Debut Video-Aufnahme-Programm (HKLM-x32\...\Debut) (Version: 6.52 - NCH Software)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 5.1.7.638 - devolo AG)
DVD Shrink 3.2 deutsch (HKLM-x32\...\DVD Shrink DE_is1) (Version: - DVD Shrink)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.0.2.18.20170123 - Landesfinanzdirektion Thüringen)
Epson Copy Utility 4 (HKLM-x32\...\{06A7E8AB-2856-4490-BAA9-F338ABE7695A}) (Version: 4.01.0001 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Everything 1.4.1.877 (x86) (HKLM-x32\...\Everything) (Version: 1.4.1.877 (x86) - David Carpenter)
File Shredder 2.5 (HKLM\...\File Shredder_is1) (Version: - Pow Tools)
FlacSquisher 1.3.7 (HKLM-x32\...\FlacSquisher) (Version: 1.3.7 - FlacSquisher)
fre:ac v1.1.5 (HKLM-x32\...\fre:ac v1.1.5) (Version: 1.1.5 - )
Freemake Audio Converter Version 1.1.9 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.9 - Ellora Assets Corporation)
FreeOCR v5.4 (HKLM-x32\...\freeocr_is1) (Version: - )
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Freizeitkarte_FRA (Ausgabe 20.06) (HKLM-x32\...\Freizeitkarte_FRA) (Version: (Ausgabe 20.06) - Freizeitkarte OSM)
Gitarrero Notenmeister (HKLM-x32\...\Gitarrero Notenmeister) (Version: - )
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden
GoPro Quik (HKLM\...\{AA5F7FCE-311C-46D8-B93A-ABF4DDCAB832}) (Version: 0.1.945 - GoPro, Inc.) Hidden
GoPro Quik (HKLM-x32\...\{a23df978-67ca-4fe3-a740-a7b5ae7ec82f}) (Version: 2.7.0.945 - GoPro, Inc.)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.20) (Version: 9.20 - Artifex Software Inc.)
GT-1-Treiber (HKLM\...\RolandRDID0178) (Version: - Roland Corporation)
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music)
Guitar Pro 7 - Soundbanks (HKLM-x32\...\com.arobas-music.guitarpro7-soundbanks_is1) (Version: 1.0.69 - Arobas Music)
Guitar Pro 7 (HKLM-x32\...\{BF4EDCFF-ED20-4AF6-A636-EBAC931336CD}_is1) (Version: 7.0.4.659 - Arobas Music)
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.550 - Huawei Technologies Co., Ltd.)
iCloud (HKLM\...\{A3616230-EF97-44F3-83D3-1AE29DC639D3}) (Version: 7.18.0.22 - Apple Inc.)
IK Multimedia Authorization Manager version 1.0.9 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.9 - IK Multimedia)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
Intel(R) Network Connections 20.1.1022.0 (HKLM\...\PROSetDX) (Version: 20.1.1022.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
IsoBuster 4.6 (HKLM-x32\...\IsoBuster_is1) (Version: 4.6 - Smart Projects)
iZotope Nectar 3 (HKLM\...\Nectar 3_is1) (Version: 3.0.0 - iZotope)
Khi3 - Universal Scientific Calculator (HKLM-x32\...\{C1BADEF7-946C-43CF-9332-55838CD72736}) (Version: 3.4.0.8 - Joël Ollivier - Erpmi-Br)
KMSnano 24 (HKLM\...\KMSnano 24_is1) (Version: KMSnano 24 - )
Line 6 Line 6 Updater Uninstaller (HKLM-x32\...\Line 6 Updater Uninstaller) (Version: 1.23 - Line 6)
Logitech Capture (HKLM\...\Capture) (Version: 1.10.110 - Logitech)
Malwarebytes version 4.5.6.180 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.6.180 - Malwarebytes)
Master Flatpick Guitar Solos (HKLM-x32\...\MFGS1_1_is1) (Version: - PG Music Inc.)
Master Jazz Guitar Solos SuperPAK (HKLM-x32\...\MJGSolo_1-4_is1) (Version: - PG Music Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.68 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62615.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62615.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version: - MixMeister Technology LLC)
Mozilla Firefox (x86 de) (HKLM-x32\...\Mozilla Firefox 96.0.2 (x86 de)) (Version: 96.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.1 - Mozilla)
Mp3tag v2.84a (HKLM-x32\...\Mp3tag) (Version: 2.84a - Florian Heidenreich)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger)
Native Instruments B4 II (HKLM-x32\...\Native Instruments B4 II) (Version: - )
NI Guitar Rig (HKLM\...\{48878FDB-8FEB-4503-A444-11F6BD85114C}) (Version: 5.2.2 - Native Instruments)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nmap 7.91 (HKLM-x32\...\Nmap) (Version: 7.91 - Nmap Project)
Notion 6 (64-bit) (HKLM\...\Notion 6-64) (Version: - PreSonus Software Ltd)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.00 - Nmap Project)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 457.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.30 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.1.3 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenMapChest Central America 2018.11.30 (HKLM-x32\...\OpenMapChest Central America) (Version: - )
OSM generic routable(GRC) (HKLM-x32\...\OSM generic routable(GRC)) (Version: - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pdf995 (HKLM-x32\...\Pdf995) (Version: - )
PG Music DirectX Plugins (64-bit) 2.0.0.0 (HKLM\...\PG_DX_Plugins_64_is1) (Version: - PG Music Inc.)
PG Music DirectX Plugins 2.0.0.0 (HKLM-x32\...\PG_DX_Plugins_is1) (Version: - PG Music Inc.)
Playable RealTracks Set 01 for Sforzando (HKLM\...\__ARIA_2050___is1) (Version: - PG Music Inc)
Plogue sforzando v1.933 (HKLM\...\__ARIA_1014___is1) (Version: v1.933 - Plogue)
PreSonus Studio One 5 (HKLM\...\Studio One 5_is1) (Version: 5.0.2 - PreSonus)
PTGui Pro 9.1 (HKLM-x32\...\PTGui) (Version: - New House Internet Services B.V.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RE:Vision Effects Twixtor AE (HKLM\...\Twixtor AE 6.1.0_is1) (Version: 6.1.0 - Team V.R)
REALTEK DTV USB DEVICE (HKLM-x32\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7786 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - )
Scoretrainer 8.0 (HKLM-x32\...\Midimaster Scoretrainer_is1) (Version: - Midimaster)
Seagate DiscWizard (HKLM-x32\...\{1FB81320-A5BA-4D63-BFE3-66344A9DC059}) (Version: 18.0.6036 - Seagate)
Shark007 STANDARD Codecs (HKLM-x32\...\{898E81AD-6DB9-4750-866B-B8958C5DC7AA}) (Version: 7.2.9 - Shark007)
Shark007 STANDARD x64Components (HKLM\...\STANDARD x64Components_is1) (Version: 7.2.9 - Shark007)
Sidify Music Converter 2.1.3 (HKLM-x32\...\Sidify Music Converter) (Version: 2.1.3 - Sidify)
Signal 5.31.1 (HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 5.31.1 - Open Whisper Systems)
SilverFast 8.0.1r5 (64bit) (HKLM-x32\...\SilverFast 8 x64) (Version: 8.0.1r5 - LaserSoft Imaging AG)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellarium 0.18.3 (HKLM\...\Stellarium_is1) (Version: 0.18.3 - Stellarium team)
tiptoi® Manager 4.1.4 (HKLM\...\{833392BB-E8C0-4066-9408-3A30FA43972F}_is1) (Version: 4.1.4 - Ravensburger AG)
TomTom HOME (HKLM-x32\...\{C51F55EC-477D-4385-B951-BDEFA5DFC90B}) (Version: 2.11.6 - Ihr Firmenname)
Topaz Detail 3 (HKLM-x32\...\Topaz Detail 3) (Version: 3.3.0 - Topaz Labs, LLC)
Topo_Karte_ITA (Ausgabe 19.05) (HKLM-x32\...\Topo_Karte_ITA) (Version: (Ausgabe 19.05) - Topo_Karte)
Transcribe! 8.21 (HKLM-x32\...\Transcribe!_is1) (Version: 8.21 - Seventh String Software)
Transmission-Qt (HKLM\...\Transmission-Qt) (Version: 2.84.6 - Transmission)
Trapcode Suite (HKLM\...\Trapcode Suite v14.1.1) (Version: - Red Giant LLC)
Trapcode Suite 64-bit (HKLM\...\{5210717F-CAFD-4F21-8DF7-6ED3862725C4}) (Version: 12.1.0 - Red Giant Software) Hidden
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{5210717F-CAFD-4F21-8DF7-6ED3862725C4}) (Version: 12.1.0 - Red Giant Software)
USBPcap 1.5.3.0 (HKLM\...\USBPcap) (Version: 1.5.3.0 - Tomasz Mon)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
vegaspro13.0.310_64bit 13.0.310 (HKLM-x32\...\vegaspro13.0.310_64bit 13.0.310) (Version: 13.0.310 - vegaspro13.0.310_64bit)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vyzex Pocket POD 1.17 (HKLM-x32\...\{0E26E09B-6687-4A99-BD08-A9E705373029}_is1) (Version: Vyzex Pocket POD 1.17 - Psicraft Designs, Inc.)
WaveLab 6 (HKLM-x32\...\WaveLabPro) (Version: 6.1.1.353 - Steinberg)
Windows Driver Package - Logitech USB (03/19/2018 1.1.142.0) (HKLM\...\7665A2F14177289A395E62C8D872B2414E337C47) (Version: 03/19/2018 1.1.142.0 - Logitech)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinISO (HKLM-x32\...\WinISO) (Version: 6.4.0.5092 - WinISO Computing Inc.)
WinRAR 5.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EB}) (Version: 19.5.11475 - WinZip Computing, S.L. )
Wireshark 3.2.1 64-bit (HKLM-x32\...\Wireshark) (Version: 3.2.1 - The Wireshark developer community, hxxps://www.wireshark.org)
XMedia Recode 64bit Version 3.5.2.7 (HKLM\...\{D31E6E69-4C6A-42CC-926F-CC7B186864EB}_is1) (Version: 3.5.2.7 - XMedia Recode 64bit)
XMedia Recode Version 3.4.5.2 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.4.5.2 - XMedia Recode)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.4) (Version: 1.3.7 - Xvid Team)
Zoom (HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\ZoomUMX) (Version: 5.2.3 (45120.0906) - Zoom Video Communications, Inc.)
Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2021-05-26] (Microsoft Corporation)
Mail und Kalender -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2021-05-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-09-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-05-26] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2021-05-26] (Microsoft Studios) [MS Ad]
MSN Wetter -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2021-05-26] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2021-05-26] (NVIDIA Corp.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1645521455-3686839743-3489531396-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Stardust\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1645521455-3686839743-3489531396-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Stardust\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Seagate\DiscWizard\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Seagate\DiscWizard\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Seagate\DiscWizard\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-10] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => i:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => i:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [Datei ist nicht signiert]
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-03-22] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-05-27] (WinZip Computing LLC -> WinZip Computing, S.L.)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => i:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers3: [DeleteFiles] -> {736AF091-C361-49B4-A928-87C586130D33} => d:\Program Files\File Shredder\fsshell.dll [2012-03-31] () [Datei ist nicht signiert]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-10] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => i:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-05-27] (WinZip Computing LLC -> WinZip Computing, S.L.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\nvshext.dll [2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-10] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-05-27] (WinZip Computing LLC -> WinZip Computing, S.L.)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\system32\ac3filter.acm [2231296 2013-04-05] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\system32\xvidvfw.dll [251392 2019-12-28] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [1679360 2013-04-06] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2019-12-28] () [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2015-05-08 06:08 - 2015-05-08 06:08 - 000151552 ____N () [Datei ist nicht signiert] C:\Program Files (x86)\DroidCam\lib\DroidCam.dll
2015-05-08 06:08 - 2015-05-08 06:08 - 000081920 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\DroidCam\lib\DroidCamFilter.ax
2015-05-08 06:14 - 2015-05-08 06:14 - 000086016 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\DroidCam\lib\DroidCamFilter240p.ax
2017-12-08 18:53 - 2012-04-26 14:51 - 000040448 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\pdf995mon64.dll
2017-03-31 14:53 - 2012-06-21 06:25 - 000113152 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\redmon64.dll
2016-06-12 16:59 - 2012-03-31 23:06 - 002689536 _____ () [Datei ist nicht signiert] d:\Program Files\File Shredder\fsshell.dll
2020-12-09 14:02 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMN6PPM.DLL
2017-08-26 15:54 - 2017-08-26 15:54 - 000410112 _____ (Florian Heidenreich) [Datei ist nicht signiert] i:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
2016-08-12 13:16 - 2016-05-10 10:29 - 000077312 _____ (Igor Pavlov) [Datei ist nicht signiert] C:\Program Files\7-Zip\7-zip.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => regfile
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://api.youqian.baidu.com/v1/nav?soft=12&uid=50123297&guid=b03aef865521ad18efb1dc6ab9bf9182&vd=4152366882
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-1645521455-3686839743-3489531396-1000 -> {4AD43A14-AA87-4d4b-A345-B0BC1C61BC76} URL = hxxp://www.google.cn/search?hl=zh-CN&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1645521455-3686839743-3489531396-1000 -> {C3BBCD0B-9234-4d36-9151-EC49EE32FCE3} URL = hxxp://www.baidu.com/s?wd={searchTerms}&tn=28026190_dg&ie=utf-8
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2018-04-09 09:43 - 000001234 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;D:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;i:\Program Files (x86)\Smart Projects\IsoBuster;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\Control Panel\Desktop\\Wallpaper -> D:\cinema4dprojekte\hintergrund2021korr.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei)
ist aktiviert.
Network Binding:
=============
LAN-Verbindung 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
LAN-Verbindung: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Bluetooth-Netzwerkverbindung 3: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: asComSvc => 2
MSCONFIG\Services: DevoloNetworkService => 2
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamNetworkSvc => 3
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FAH.lnk => C:\Windows\pss\FAH.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Ednltion => C:\Users\Stardust\AppData\Local\Ednltion\Windows_Activaton.exe
MSCONFIG\startupreg: Everything => "C:\Program Files (x86)\Everything\Everything.exe" -startup
MSCONFIG\startupreg: FreePDF Assistant => "C:\Program Files (x86)\FreePDF_XP\fpassist.exe"
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: IR_SERVER => C:\PROGRA~2\Realtek\REALTE~1\IR_SERVER.exe
MSCONFIG\startupreg: LGBackAgent => C:\ProgramData\LGMOBILEAX\B2C_Client\LGbackagent.exe
MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: Steam => "D:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\StartupApproved\Run: => "iCloudServices"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{45726997-AC79-445D-B5FE-E300A4E1BDD5}] => (Allow) %USERPROFILE%\Downloads\GoogleEarthProSetup.exe => Keine Datei
FirewallRules: [{0850213F-515D-4F0D-B38B-C2FEF3AD3201}] => (Allow) %USERPROFILE%\Downloads\GoogleEarthProSetup.exe => Keine Datei
FirewallRules: [{1398EABE-D754-4572-B44F-1D9E037D6917}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{50F05036-254B-4682-A4EA-E81ECBE486B2}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{93DF9CEE-5B4E-45F1-B708-10FBCDAC67DB}] => (Allow) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe (Brave Software, Inc. -> BraveSoftware Inc.)
FirewallRules: [{EC180055-4A83-41B3-8B2A-91679FE65686}] => (Allow) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe (Brave Software, Inc. -> BraveSoftware Inc.)
FirewallRules: [UDP Query User{54ED30B0-9C49-4B89-9675-DBCA8BCEFC1D}D:\program files\notion 6\notion.exe] => (Block) D:\program files\notion 6\notion.exe (PreSonus Audio Electronics, Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{C2CD6F89-E60B-49AB-923A-67EC564BA12E}D:\program files\notion 6\notion.exe] => (Block) D:\program files\notion 6\notion.exe (PreSonus Audio Electronics, Inc.) [Datei ist nicht signiert]
FirewallRules: [{D6A787F3-AA71-4E35-96CD-BE6DAC50C2AA}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [{3A0DE83A-C728-45A7-A537-1ED4A2C8BC45}] => (Allow) C:\Users\Stardust\AppData\Local\Programs\signal-desktop\Signal.exe (Signal Messenger, LLC -> Open Whisper Systems)
FirewallRules: [{D59FA179-1243-4EB6-81A3-2BF5E14C7758}] => (Allow) C:\Users\Stardust\AppData\Local\Programs\signal-desktop\Signal.exe (Signal Messenger, LLC -> Open Whisper Systems)
FirewallRules: [{F0D80B60-0D45-4A39-BDAB-D817250ACA98}] => (Allow) C:\Users\Stardust\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{804126A9-F4F6-4D67-B0D5-64855DB05393}] => (Allow) C:\Users\Stardust\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6676375E-E76F-4EA2-A22E-A0E6976ABFB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E8BA56D3-B161-4A84-84D7-EFF90AAE5879}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EAEA0EEA-13E0-44FE-BA87-85C2518C01C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D72F44AC-332F-4E75-BC58-6DF94F7B12E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D5DEE26A-2EF5-43D2-88A4-28683D2481F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{779E82D9-25C8-4F4B-8101-85D6369BECBE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{9524D95F-EB37-4397-BA2E-B079B75F933A}D:\programme\presonus\studio one 5\pluginscanner.exe] => (Block) D:\programme\presonus\studio one 5\pluginscanner.exe (PreSonus Audio Electronics, Inc. -> PreSonus)
FirewallRules: [TCP Query User{4E68F013-B9C2-4653-AD19-1EBE18801D4F}D:\programme\presonus\studio one 5\pluginscanner.exe] => (Block) D:\programme\presonus\studio one 5\pluginscanner.exe (PreSonus Audio Electronics, Inc. -> PreSonus)
FirewallRules: [UDP Query User{5909E84C-39C7-4899-AD59-67D3FC00BE82}D:\programme\presonus\studio one 5\studio one.exe] => (Block) D:\programme\presonus\studio one 5\studio one.exe (PreSonus) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{0068E0D5-3C72-4CCB-AE42-9CA5F7367C8B}D:\programme\presonus\studio one 5\studio one.exe] => (Block) D:\programme\presonus\studio one 5\studio one.exe (PreSonus) [Datei ist nicht signiert]
FirewallRules: [{A4DE53E3-0AA7-4D85-B3B4-64E48FACED01}] => (Allow) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audient\Audient USB Audio Driver () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [{BCEA5F4A-6D92-41D9-BDF7-627C9CD465AA}] => (Allow) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audient\Audient USB Audio Driver () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [{37D232BE-7F8B-49E0-A925-5AA52BE1D94F}] => (Allow) LPort=80
FirewallRules: [{72F46ADF-1E40-4309-A607-7794DE1357D1}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe => Keine Datei
FirewallRules: [{0D6B5073-505A-41A5-A405-81CDF4A872DD}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe => Keine Datei
FirewallRules: [{ABCDEBC9-C170-4771-A962-BE77E003802F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6B8EFDBC-E8B6-44C4-BC71-4D2F1C825287}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C81811F9-445D-4AD6-95F1-BE862810064F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{19022C9B-0FB9-4B43-9AF7-9E749D97C77D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{B39059B6-DA9E-4949-B393-D658D414BB4C}C:\users\stardust\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\stardust\appdata\roaming\spotify\spotify.exe => Keine Datei
FirewallRules: [TCP Query User{3E368EA9-E1C2-4932-ACA3-E02B1E6FFC2F}C:\users\stardust\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\stardust\appdata\roaming\spotify\spotify.exe => Keine Datei
FirewallRules: [{88E3F147-C663-42B4-B39B-2D1AFFF21568}] => (Allow) %APPDATA%\Spotify\SpotifyStartupTask.exe => Keine Datei
FirewallRules: [{C50CC851-25AA-40F1-B3B1-A2FB6731B203}] => (Allow) %APPDATA%\Spotify\SpotifyStartupTask.exe => Keine Datei
FirewallRules: [{B229BCCA-AF27-461E-BF83-9EE69E60ED61}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{2C78779F-D4E2-450C-8164-4679D8CCBFC3}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{0D2928F3-EC53-4D6E-8BEB-DB39918632FD}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\CptHost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{CF13AADA-A84B-4F3B-A9F5-9FBA0EFECBE5}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{06B58B17-BC96-4C7A-9ACA-09B8E5BDFE0F}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\Zoom_launcher.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{FE3AB3A3-2070-4D78-9D07-97539D7A8ECE}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\Zoom_launcher.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{2C85DB43-E13A-45B1-8361-CB974E3FE938}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{3A015441-937C-4C2E-9496-9A327C5BC17D}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\CptHost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{793659E2-DE66-4E47-ADAC-F7343970BD6C}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{8108CEC1-030F-45A7-A31E-2FFBF4DAF833}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{2CCBD703-3A4B-42F3-B1B1-3D563E2D1983}] => (Allow) I:\Program Files (x86)\CDex\CDex.exe (The CDex Project - hxxp://cdex.mu/) [Datei ist nicht signiert]
FirewallRules: [{4D390133-375B-4398-A51C-DCA3F913613D}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro Media, Inc. -> )
FirewallRules: [{F825EE26-153C-4621-8BE2-E1B7F1A28107}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro Media, Inc. -> )
FirewallRules: [{2E98CD03-8B2E-496F-846B-3913D741DDCA}] => (Allow) G:\Downloads\MediaCreationTool1909.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A7C892B5-7C80-4960-B780-96C1810022B0}] => (Allow) G:\Downloads\MediaCreationTool1909.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9997823F-F7C7-44B1-88D0-D31F3EE26C26}] => (Allow) %ProgramFiles% (x86)\Microsoft\Skype for Desktop\Skype.exe => Keine Datei
FirewallRules: [{3E7B2C18-DCA6-49D3-BB1B-957D734DB9B3}] => (Allow) %ProgramFiles% (x86)\Microsoft\Skype for Desktop\Skype.exe => Keine Datei
FirewallRules: [{1DE4B95E-DCC9-47A6-B054-0D24EB1E2959}] => (Allow) G:\Downloads\MBSetup.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{16DF8E75-D757-4F82-8552-E5F2A3E33B5A}] => (Allow) G:\Downloads\MBSetup.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{2172627C-2456-4700-BA6A-86149383519B}] => (Allow) C:\ProgramData\Malwarebytes\MBAMService\instlrupdate\MBSetup.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{E9D4FC0A-C850-460A-ADB9-107C3B58CE11}] => (Allow) C:\ProgramData\Malwarebytes\MBAMService\instlrupdate\MBSetup.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{5BFC71F3-E4B3-464A-84CE-3C6DD958C364}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe (hxxp://www.qemu.org/) [Datei ist nicht signiert]
FirewallRules: [{0A4A1169-C4B6-43F7-B5E7-21C30B9619F8}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe (hxxp://www.qemu.org/) [Datei ist nicht signiert]
FirewallRules: [{D78FE345-E7D9-4AF1-8300-B8B59669C49C}] => (Allow) %ProgramFiles% (x86)\Microsoft\Skype for Desktop\Skype.exe => Keine Datei
FirewallRules: [{36D35FE3-E4B1-4DA7-BA26-0F88A72EAF12}] => (Allow) %ProgramFiles% (x86)\Microsoft\Skype for Desktop\Skype.exe => Keine Datei
FirewallRules: [{CA948FF9-72AF-4359-882E-E49F6A7BB207}] => (Allow) G:\Downloads\Firefox Installer.exe (Mozilla Corporation -> Mozilla)
FirewallRules: [{A83B1FDC-0679-406F-979D-52C939ED900D}] => (Allow) G:\Downloads\Firefox Installer.exe (Mozilla Corporation -> Mozilla)
FirewallRules: [{87AF8ABC-A8E9-4185-B23D-BFA928864A16}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe (DEV47 APPS -> )
FirewallRules: [{435D4D41-B9B1-459E-8381-8EDCA75E2199}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe (DEV47 APPS -> )
FirewallRules: [{07062243-569D-4FA4-A552-E89658ADE6BC}] => (Allow) C:\Program Files (x86)\devolo\dlan\frontend\plcnetui.exe () [Datei ist nicht signiert]
FirewallRules: [{9C72B629-FB44-4FF7-ABB3-32556895EE91}] => (Allow) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom International BV -> TomTom)
FirewallRules: [{EB0E6D05-8542-4F8B-A46A-ECF6B0A35DFB}] => (Allow) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom International BV -> TomTom)
FirewallRules: [{1C03871A-74A1-42C1-BAF3-CE76626345B7}] => (Allow) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom International BV -> TomTom)
FirewallRules: [{C9355F47-C98A-4CA6-BAE0-D3F332B50FB9}] => (Allow) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom International BV -> TomTom)
FirewallRules: [{80986ED8-F007-4A02-9BF8-52128EC5AC7A}] => (Allow) C:\Program Files (x86)\TomTom HOME 2\TomTomHOME.exe (TomTom International BV -> TomTom International B.V.)
FirewallRules: [{4E32ADA4-017F-4F7A-BC52-4D3B7171221A}] => (Allow) C:\Program Files (x86)\TomTom HOME 2\TomTomHOME.exe (TomTom International BV -> TomTom International B.V.)
FirewallRules: [{80C41E00-57C9-4C52-AD2C-A46ED5C8F34B}] => (Allow) %ProgramFiles% (x86)\Guitar SightReader Toolbox\Guitar SightReader Toolbox.exe => Keine Datei
FirewallRules: [{9D795015-E6A7-4CF3-A2AA-5192E72C6F87}] => (Allow) %ProgramFiles% (x86)\Guitar SightReader Toolbox\Guitar SightReader Toolbox.exe => Keine Datei
FirewallRules: [{E46CF54E-982D-439A-B832-090F9632FB4D}] => (Allow) I:\Program Files\Data\InstallManager\Band-in-a-Box Download Manager.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [{B517D6B7-8263-43A0-B06A-9419911BC28F}] => (Allow) I:\Program Files\Data\InstallManager\Band-in-a-Box Download Manager.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [UDP Query User{A293CA92-392A-4120-B138-F95A41F8CA5A}C:\program files\adobe\adobe premiere pro cc 2014\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2014\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [TCP Query User{721621AE-5AC1-46DA-9C64-FE43FF657E28}C:\program files\adobe\adobe premiere pro cc 2014\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2014\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [UDP Query User{41B49B4F-CB31-4CA0-B41A-F457264B3E19}D:\program files\adobe after effects cc 2015\support files\afterfx.exe] => (Block) D:\program files\adobe after effects cc 2015\support files\afterfx.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [TCP Query User{DE957A4A-3CEA-44F7-9DD2-76C9D6A84928}D:\program files\adobe after effects cc 2015\support files\afterfx.exe] => (Block) D:\program files\adobe after effects cc 2015\support files\afterfx.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{9FB33977-7E99-4857-BE54-C6BEDA700989}] => (Allow) c:\Users\Stardust\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe () [Datei ist nicht signiert]
FirewallRules: [{537BF543-9387-4555-A811-14CB5E825CA2}] => (Allow) c:\Users\Stardust\Desktop\Tor Browser\Browser\updater.exe (Mozilla Foundation) [Datei ist nicht signiert]
FirewallRules: [{88CEA99B-8A7B-454C-87C8-E505B60AE651}] => (Allow) c:\Users\Stardust\Desktop\Tor Browser\Browser\plugin-hang-ui.exe => Keine Datei
FirewallRules: [{A83784D9-E867-417A-B66B-3AA6A2B4741F}] => (Allow) c:\Users\Stardust\Desktop\Tor Browser\Browser\plugin-container.exe (Mozilla Corporation) [Datei ist nicht signiert]
FirewallRules: [{2E8C2229-2389-405E-91B9-75DB90900862}] => (Allow) c:\Users\Stardust\Desktop\Tor Browser\Browser\pingsender.exe => Keine Datei
FirewallRules: [{E692EBBB-881A-48DD-81FC-3B23DA688B96}] => (Block) c:\Users\Stardust\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) [Datei ist nicht signiert]
FirewallRules: [{D48F985D-CA23-49C0-ABAC-F90C79B2A706}] => (Allow) C:\Users\Stardust\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) [Datei ist nicht signiert]
FirewallRules: [{68B99EB8-CF83-4455-9D02-015B44C7BEBF}] => (Allow) C:\Program Files\Google\Google Earth Pro\client\googleearth.exe (Google LLC -> Google)
FirewallRules: [{DCF439E4-5DCD-4311-AE60-9CD3270665F3}] => (Allow) C:\Program Files\Google\Google Earth Pro\client\googleearth.exe (Google LLC -> Google)
FirewallRules: [{A9AA78A4-6578-42AA-B471-B50ABF0BBCDE}] => (Allow) %ProgramFiles% (x86)\Garmin\WebUpdater\WebUpdater.exe => Keine Datei
FirewallRules: [{409C29D0-2F92-430C-B9E0-0077DC1A5224}] => (Allow) %ProgramFiles% (x86)\Garmin\WebUpdater\WebUpdater.exe => Keine Datei
FirewallRules: [{50A94525-7B5A-4322-AF3B-2C04D461FE47}] => (Allow) G:\Downloads\BaseCamp_462.exe => Keine Datei
FirewallRules: [{E3FE2577-33A0-4FC5-8579-9F11BCDD96F1}] => (Allow) G:\Downloads\BaseCamp_462.exe => Keine Datei
FirewallRules: [{DB05C517-5ACA-499B-B182-59BA2A432DEC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Descenders\Descenders.exe () [Datei ist nicht signiert]
FirewallRules: [{20EA742D-3212-4015-9926-2FC1A12DC369}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Descenders\Descenders.exe () [Datei ist nicht signiert]
FirewallRules: [{9D67B560-418D-4EF5-A6EB-DA3254859747}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{FF720EC3-EFAD-4561-ACF5-7370EAC6FE10}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{439618FA-FE8A-464B-9D4D-67B7191558C0}] => (Allow) G:\Watteln\Watten.exe => Keine Datei
FirewallRules: [UDP Query User{2CBA51BF-556C-4512-ACB7-4577F03AF80B}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{C1D0294E-73E7-4B90-A50E-0EC630DB2D76}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{098E0E87-3A90-4333-A481-E744B500FCC7}G:\watteln\watten.exe] => (Allow) G:\watteln\watten.exe => Keine Datei
FirewallRules: [TCP Query User{70D5B643-25C7-44E4-8506-AF95712C60BA}G:\watteln\watten.exe] => (Allow) G:\watteln\watten.exe => Keine Datei
FirewallRules: [{5E1DB94E-71CA-4EB7-9672-AC178E1118C4}] => (Allow) I:\Program Files (x86)\Mp3tag\Mp3tag.exe (Florian Heidenreich -> Florian Heidenreich)
FirewallRules: [{02DD0451-BCC7-4781-A510-E8ED0CA2E612}] => (Allow) I:\Program Files (x86)\Mp3tag\Mp3tag.exe (Florian Heidenreich -> Florian Heidenreich)
FirewallRules: [{29863FEA-81AF-4EB4-9EDE-198050D7614B}] => (Allow) G:\Downloads\flashplayer32_xa_install.exe => Keine Datei
FirewallRules: [{7290091B-3DF5-4FA2-9214-F43F3E84D382}] => (Allow) G:\Downloads\flashplayer32_xa_install.exe => Keine Datei
FirewallRules: [{6B377E0D-1CA3-4552-AF40-DD6C4ED01E13}] => (Allow) I:\Program Files\bbw64.exe (PG Music Inc. -> )
FirewallRules: [{FBF42B58-1816-44D0-91E9-47991FAF1526}] => (Allow) I:\Program Files\bbw64.exe (PG Music Inc. -> )
FirewallRules: [{73A87E49-5C72-4DBD-A1E3-08B310064E47}] => (Allow) I:\Program Files\BBHelper\BandinaBoxServer.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [{2D0C2364-6981-4EA1-93C6-F379C6771D55}] => (Allow) I:\Program Files\BBHelper\BandinaBoxServer.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [{1BFF1EBB-6D7A-4D86-A172-0430912D17EE}] => (Allow) I:\Program Files\BBHelper\BandinaBoxServer.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [{67A45789-11E5-4552-8F5B-3A2E71A3FEC3}] => (Allow) I:\Program Files\BBHelper\BandinaBoxServer.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [{2DBAC8DB-C3B9-4C7C-BCE6-2C1F26A13C39}] => (Allow) I:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{959B6391-0FAB-4B1E-B4BF-CB354A0F946D}] => (Allow) I:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{484EA69E-F766-4D44-BCE3-7F4102B0275B}] => (Allow) I:\Program Files (x86)\Utherverse Digital Inc\Utherverse VWW Client\UtherversePatcher.exe => Keine Datei
FirewallRules: [{69886C76-C242-4763-9C80-587C82242B8C}] => (Allow) I:\Program Files (x86)\Utherverse Digital Inc\Utherverse VWW Client\Utherverse.exe => Keine Datei
FirewallRules: [{5B6AB93A-94EA-44E1-921F-507DB18A802A}] => (Allow) G:\Downloads\RedLightCenterSetup(1).exe => Keine Datei
FirewallRules: [{F1FC5BFF-F53C-4914-8C5F-11848715DE35}] => (Allow) G:\Downloads\Chathouse 3D RouletteInstaller.exe => Keine Datei
FirewallRules: [{3EF9FAAC-0393-4F21-A5F9-C1A5BBF2D3C0}] => (Allow) G:\Downloads\Chathouse 3D RouletteInstaller.exe => Keine Datei
FirewallRules: [{1F613038-E5ED-4D40-8C14-298CCC79FC3A}] => (Allow) I:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{BD8FCE35-A7C2-4AF8-8A88-40582CDDEF50}] => (Allow) I:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [UDP Query User{F8367F88-1CFA-471B-987D-D1635E7D09E5}I:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) I:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [TCP Query User{29FA741A-D1D8-499A-B79F-93BA4E83DB20}I:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) I:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{A1B64CE2-A069-4A8A-A855-FDEC276590EC}] => (Allow) c:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{A86E9587-AF44-46E9-832B-097A3314EAA6}] => (Allow) c:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{9838D397-FC5A-424C-A274-E1E8391F2027}] => (Allow) G:\Downloads\MBSetup(1).exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{3801F7E3-0F7B-476E-A70B-C4BF390F041A}] => (Allow) G:\Downloads\MBSetup(1).exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{BD209C8E-8234-439C-8D4A-AAEF4043E9F3}] => (Allow) G:\Downloads\spamfighter_web_7.6.131.exe => Keine Datei
FirewallRules: [{D5E2543D-6BD3-41DE-AAE2-0FEAA1BD2FDD}] => (Allow) G:\Downloads\spamfighter_web_7.6.131.exe => Keine Datei
FirewallRules: [{D3768099-B18C-47F3-9467-0AC563488714}] => (Allow) %SystemDrive%\gt1_wind_v100(1)\gt1_wind_v100\Files\Win7\Setup.exe => Keine Datei
FirewallRules: [{11D8D12A-61A4-4914-B0E4-329E6B55F0A1}] => (Allow) %SystemDrive%\gt1_wind_v100(1)\gt1_wind_v100\Files\Win7\Setup.exe => Keine Datei
FirewallRules: [{2397A65E-E37F-48A3-9B3A-1CB831B3B241}] => (Allow) C:\Program Files (x86)\devolo\dlan\frontend\plcnetui.exe () [Datei ist nicht signiert]
FirewallRules: [{27607790-9CDD-4536-B3B7-2A7B80B5BAC3}] => (Allow) I:\Program Files (x86)\CDex\CDex.exe (The CDex Project - hxxp://cdex.mu/) [Datei ist nicht signiert]
FirewallRules: [{B1E69D70-1998-4226-B4B0-07B5A1725CE1}] => (Allow) I:\Program Files (x86)\CDex\CDex.exe (The CDex Project - hxxp://cdex.mu/) [Datei ist nicht signiert]
FirewallRules: [{3A11DEBE-1109-48AC-B10D-C565B80A06D0}] => (Allow) %USERPROFILE%\Desktop\streamwriter.exe => Keine Datei
FirewallRules: [{AD06DBEB-806C-44D9-A612-EFDF13DA7954}] => (Allow) %USERPROFILE%\Desktop\streamwriter.exe => Keine Datei
FirewallRules: [{9FB622EE-322E-4200-987C-6CD1BF0DCCB1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{589D78D9-8EA9-46D3-8F6A-32DFBCBCFB7E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{474757EE-1A98-4C5A-8A25-F2BB048AE83C}] => (Allow) G:\Guitar Pro 6\GPUpdater.exe () [Datei ist nicht signiert]
FirewallRules: [{D7F48C40-9DAE-4A75-A8EA-7D33A5F3B432}] => (Allow) G:\Guitar Pro 6\GPUpdater.exe () [Datei ist nicht signiert]
FirewallRules: [{C38280D3-D34A-42BE-B4C4-C0D90F91B9FE}] => (Allow) G:\Guitar Pro 6\GuitarPro.exe () [Datei ist nicht signiert]
FirewallRules: [{48D892BE-3702-4C0C-8CFD-AD89AFECC780}] => (Allow) G:\Downloads\flashplayer25_xa_install.exe => Keine Datei
FirewallRules: [{08325C81-EFFA-40E9-9B54-60B9ECA1366B}] => (Allow) G:\Downloads\flashplayer25_xa_install.exe => Keine Datei
FirewallRules: [{DAC656A2-3E13-4054-9C64-4B0795F86DA4}] => (Allow) I:\Program Files (x86)\vegas.pro.13.0.(64-bit)-patch.exe => Keine Datei
FirewallRules: [{C0BF5D09-9E78-4CA5-9D5D-65F2D4A1E0AF}] => (Allow) I:\Program Files (x86)\vegas.pro.13.0.(64-bit)-patch.exe => Keine Datei
FirewallRules: [{F472FEC6-CC1F-4060-86F0-2513310E4295}] => (Allow) I:\Program Files (x86)\SaalDesignSoftware\SaalDesignSoftware.exe () [Datei ist nicht signiert]
FirewallRules: [{5D6A42F4-C739-4014-B10A-39CBACBB2AD3}] => (Allow) I:\Program Files (x86)\SaalDesignSoftware\SaalDesignSoftware.exe () [Datei ist nicht signiert]
FirewallRules: [{B3D569F4-AC44-4DEC-875F-A7910009A4D5}] => (Allow) C:\Users\Stardust\AppData\Local\WhatsApp\Update.exe (WhatsApp, Inc. -> GitHub) [Datei ist nicht signiert]
FirewallRules: [{9521914E-6602-4FA8-B144-7B9B06842600}] => (Allow) D:\Program Files (x86)\UNAV\Content Manager\ContentManager.exe (NNG Software Developing and Commercial LLC -> NNG Kft.) [Datei ist nicht signiert]
FirewallRules: [{F1998BBE-9EF1-4593-A161-CB1A8E91B738}] => (Allow) D:\Program Files (x86)\UNAV\Content Manager\ContentManager.exe (NNG Software Developing and Commercial LLC -> NNG Kft.) [Datei ist nicht signiert]
FirewallRules: [{D462A761-B321-4E2A-BD12-001864632900}] => (Allow) D:\Program Files\SilverFast Application\SilverFast 8\SilverFast 8.exe (LaserSoft Imaging AG) [Datei ist nicht signiert]
FirewallRules: [{4E7AF7D4-C5C4-450E-97FF-97C6F27D87C0}] => (Allow) D:\Program Files\SilverFast Application\SilverFast 8\SilverFast 8.exe (LaserSoft Imaging AG) [Datei ist nicht signiert]
FirewallRules: [{2C1BADFA-F32B-4365-9BDC-97BE5BE171B9}] => (Allow) D:\Program Files\Transmission\transmission-qt.exe (Open Source Developer, René Berber -> Transmission Project) [Datei ist nicht signiert]
FirewallRules: [{8D85DF7D-333B-4D71-A773-44248C40AA70}] => (Allow) D:\program files\transmission\transmission-qt.exe (Open Source Developer, René Berber -> Transmission Project) [Datei ist nicht signiert]
FirewallRules: [{E109743F-CD4D-4827-B754-4BF9EF0075C0}] => (Allow) D:\program files\transmission\transmission-qt.exe (Open Source Developer, René Berber -> Transmission Project) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{4EFADCFF-AE03-46C2-8004-C7CF360956B8}D:\program files\transmission\transmission-qt.exe] => (Allow) D:\program files\transmission\transmission-qt.exe (Open Source Developer, René Berber -> Transmission Project) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{C674454B-CC28-43B0-8504-0DB9CC3091A7}D:\program files\transmission\transmission-qt.exe] => (Allow) D:\program files\transmission\transmission-qt.exe (Open Source Developer, René Berber -> Transmission Project) [Datei ist nicht signiert]
FirewallRules: [{AFC448B2-C4F0-4358-BB8A-F0A15935122B}] => (Allow) I:\SteamLibrary\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (WARNER BROS. ENTERTAINMENT INC. -> Rocksteady Studios Ltd.) [Datei ist nicht signiert]
FirewallRules: [{276511F9-0472-4126-89E1-63497DA081D4}] => (Allow) I:\SteamLibrary\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (WARNER BROS. ENTERTAINMENT INC. -> Rocksteady Studios Ltd.) [Datei ist nicht signiert]
FirewallRules: [{9900E80C-4B1E-4A27-B2FB-E15F21860EB2}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe => Keine Datei
FirewallRules: [{A1AA72CC-96B2-41CD-9C65-AAA33643B064}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe => Keine Datei
FirewallRules: [{3C3203F2-4102-4CF2-8477-AE1E65C7CDA0}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9A91AFD4-B5A7-44D6-96AA-EADFABF16A32}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{57950E74-13CD-472E-A2C2-51BE18958F78}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FC30D880-8992-4EAD-902A-0C790BA10BCB}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{875A0A34-0270-4A7D-93B0-253CDC747C4E}] => (Allow) G:\Downloads\score-trainer-8.0.11-setup.exe => Keine Datei
FirewallRules: [{3C106228-B866-46FF-854A-61C579D6CFAF}] => (Allow) G:\Downloads\score-trainer-8.0.11-setup.exe => Keine Datei
FirewallRules: [{61328F64-C446-4DF7-B881-A36FF7B1C894}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3D79E6A0-FBC5-4213-9A47-D8058B082768}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CD408F9C-CC8E-435D-ADE3-9555B20DF81D}] => (Allow) G:\Guitar Pro 6\GuitarPro.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{D73D545D-DAB5-4636-BF5D-5D31A7E08987}D:\programme\presonus\studio one 3\studio one.exe] => (Block) D:\programme\presonus\studio one 3\studio one.exe => Keine Datei
FirewallRules: [TCP Query User{DD778855-4A1A-4C62-BE58-0771259C4381}D:\programme\presonus\studio one 3\studio one.exe] => (Block) D:\programme\presonus\studio one 3\studio one.exe => Keine Datei
FirewallRules: [{B1B8B461-B377-4B45-AFA2-E53916AA50C4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F8EB6B7A-E838-465D-A855-285C143EF185}] => (Allow) G:\Downloads\GoPro_Quik-WinInstaller-2.7.0.945.exe (GoPro Media, Inc. -> GoPro, Inc.)
FirewallRules: [{98E29DE6-8E05-4D38-88C2-11E7D9208049}] => (Allow) G:\Downloads\GoPro_Quik-WinInstaller-2.7.0.945.exe (GoPro Media, Inc. -> GoPro, Inc.)
FirewallRules: [{22DC4A98-3B30-49CA-B8E1-8DCE59AB81C8}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe (GoPro Media, Inc. -> )
FirewallRules: [{665D202F-7724-4E32-8D82-DE6DFBEA6604}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe (GoPro Media, Inc. -> )
FirewallRules: [{E5B4D37F-F401-404B-AFAD-1ACDB8C9B283}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro Media, Inc. -> )
FirewallRules: [{139FF9AD-9CCB-4376-9177-70B9C4D2C572}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro Media, Inc. -> )
FirewallRules: [{4A40FDD7-3938-4228-AD69-AEC75932D636}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe (GoPro Media, Inc. -> )
FirewallRules: [TCP Query User{640182BD-A9CC-46E8-AD76-FB7868077E37}D:\programme\presonus\studio one 5\studio one.exe] => (Block) D:\programme\presonus\studio one 5\studio one.exe (PreSonus) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{D335435A-B625-43A1-B758-74D1B4B28FAC}D:\programme\presonus\studio one 5\studio one.exe] => (Block) D:\programme\presonus\studio one 5\studio one.exe (PreSonus) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{FAE70BA7-8D77-4BFC-B6E5-F230112A79B4}D:\programme\presonus\studio one 5\pluginscanner.exe] => (Block) D:\programme\presonus\studio one 5\pluginscanner.exe (PreSonus Audio Electronics, Inc. -> PreSonus)
FirewallRules: [UDP Query User{D2511389-7324-4B46-8CCB-DBF3551A3815}D:\programme\presonus\studio one 5\pluginscanner.exe] => (Block) D:\programme\presonus\studio one 5\pluginscanner.exe (PreSonus Audio Electronics, Inc. -> PreSonus)
FirewallRules: [{5390FEF0-39EB-4B09-BFCD-BA4B89044E4E}] => (Allow) C:\Program Files (x86)\Line6\Line 6 Updater\Line 6 Updater.exe (Line 6) [Datei ist nicht signiert]
FirewallRules: [{3E270FBC-CD38-4B70-ABB9-8D28787A2068}] => (Allow) C:\Program Files (x86)\Line6\Line 6 Updater\Line 6 Updater.exe (Line 6) [Datei ist nicht signiert]
FirewallRules: [{F0F3E2D1-6FF9-41DF-AEE6-78672CA2E9CE}] => (Allow) C:\Program Files (x86)\AltServer\AltServer.exe (AltStore LLC) [Datei ist nicht signiert]
FirewallRules: [{29769EBA-6940-42F5-BAE8-B3234056FF8E}] => (Allow) C:\Program Files (x86)\AltServer\AltServer.exe (AltStore LLC) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{BCE50A3E-7FBC-4852-9CE8-4AB60C57F8A7}C:\program files (x86)\altserver\altserver.exe] => (Allow) C:\program files (x86)\altserver\altserver.exe (AltStore LLC) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{2D0729EB-13D2-4C5B-8B9D-7A433DA96909}C:\program files (x86)\altserver\altserver.exe] => (Allow) C:\program files (x86)\altserver\altserver.exe (AltStore LLC) [Datei ist nicht signiert]
FirewallRules: [{04316EEA-9C06-4303-B6A5-CDB89BACE1C0}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AA4D3211-D71A-4F37-B5C2-53C4DDBB87FB}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AF72C975-5100-48DB-AF13-F00A6BC62DDE}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [{14B2C166-8CB5-4270-B3FF-F5ECDA6AC65F}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [{00394055-BB00-4256-8108-FF35EAD1B100}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [{3878188A-C25F-43B7-8EE2-4D895197FC74}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [{92A59CFD-5BD1-4AF6-96BA-A1DC29C25E7B}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{04DF408F-60F0-4570-B72B-9CB5B0B0098F}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{886F7962-47BC-4DB1-8712-349CAC7E2F24}C:\program files\adobe\common\plug-ins\7.0\mediacore\braw studio\braw_studio.exe] => (Block) C:\program files\adobe\common\plug-ins\7.0\mediacore\braw studio\braw_studio.exe (AESCRIPTS INC -> Autokroma)
FirewallRules: [UDP Query User{BF616C7B-735C-49AB-A67C-B3097819F35F}C:\program files\adobe\common\plug-ins\7.0\mediacore\braw studio\braw_studio.exe] => (Block) C:\program files\adobe\common\plug-ins\7.0\mediacore\braw studio\braw_studio.exe (AESCRIPTS INC -> Autokroma)
FirewallRules: [TCP Query User{C92D11F7-41A7-4F60-A658-244EBD4DAE37}C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [UDP Query User{71B87FE6-A2F3-4E4A-A40E-C19A91A85B2B}C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [TCP Query User{C6A9D091-80B7-44E7-8462-FBE6EB453983}C:\program files\adobe\adobe lightroom\helpers\dynamiclinkmediaserver\dynamiclinkmediaserver\1.0\dynamiclinkmediaserver.exe] => (Block) C:\program files\adobe\adobe lightroom\helpers\dynamiclinkmediaserver\dynamiclinkmediaserver\1.0\dynamiclinkmediaserver.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
FirewallRules: [UDP Query User{8D326412-9D0C-4043-89C0-B776E07C051D}C:\program files\adobe\adobe lightroom\helpers\dynamiclinkmediaserver\dynamiclinkmediaserver\1.0\dynamiclinkmediaserver.exe] => (Block) C:\program files\adobe\adobe lightroom\helpers\dynamiclinkmediaserver\dynamiclinkmediaserver\1.0\dynamiclinkmediaserver.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
FirewallRules: [{EC718A8E-D7BF-4918-ADED-26CC41CB0195}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C8E0C654-2D74-4EA3-98C8-7B6DC98929A8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CDE7DA5A-2DE1-4E5E-8DD9-A1F79395D0CF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4FAC0C01-715B-46A9-8A7C-79C2C9652D79}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1D7AA829-B031-4929-90F6-CEB5F65DF062}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:87.43 GB) (Free:7.14 GB) (8%)
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: Bluetooth USB module
Description: Bluetooth USB module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Netzwerkcontroller
Description: Netzwerkcontroller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (03/29/2022 04:37:17 PM) (Source: WAS-LA) (EventID: 7005) (User: )
Description: Das Listeneradapterprotokoll "msmq.formatname" hat versucht, mit dem Windows-Prozessaktivierungsdienst zu kommunizieren und dabei einen Fehler verursacht. Der Listeneradapter befindet sich nun in einem ungültigen Zustand. Ursache: Dies kann auftreten, wenn zwischen dem Windows-Prozessaktivierungsdienst und dem Listeneradapter nicht ausreichend Speicherplatz vorhanden ist oder Fehler aufgetreten sind. Korrektur: Um diesen Fehler zu korrigieren, beenden Sie den Listeneradapter und anschließend den Windows-Prozessaktivierungsdienst, starten Sie den Windows-Prozessaktivierungsdienst neu, und starten Sie schließlich den Listeneradapter neu.
Error: (03/28/2022 08:07:45 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (03/28/2022 08:07:45 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (03/28/2022 08:07:45 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (03/28/2022 08:07:45 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (03/28/2022 08:07:45 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (03/28/2022 06:14:45 PM) (Source: Firefox Default Browser Agent) (EventID: 12029) (User: )
Description: Event-ID 12029
Error: (03/28/2022 06:14:45 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
Systemfehler:
=============
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TomTomHOMEService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "GoPro Device Detection Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Freemake Improver" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HuaweiHiSuiteService64.exe" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DTSAudioSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Seagate Scheduler2 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bluetooth Driver Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Windows Defender:
================
Date: 2022-03-29 16:26:29
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Floxif.E&threatid=2147706431&enterprise=0
Name: Trojan:Win32/Floxif.E
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Program Files\Common Files\System\symsrv.dll
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: Unknown
Sicherheitsversion: AV: 1.327.1243.0, AS: 1.327.1243.0, NIS: 1.327.1243.0
Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5
Date: 2022-03-29 16:26:11
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Floxif.E&threatid=2147706431&enterprise=0
Name: Trojan:Win32/Floxif.E
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Program Files\Common Files\System\symsrv.dll
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: Unknown
Sicherheitsversion: AV: 1.327.1243.0, AS: 1.327.1243.0, NIS: 1.327.1243.0
Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5
Date: 2022-03-28 20:53:59
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Floxif.E&threatid=2147706431&enterprise=0
Name: Trojan:Win32/Floxif.E
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Program Files\Common Files\System\symsrv.dll
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: Stardust-PC\Stardust
Prozessname: C:\Windows\SysWOW64\dllhost.exe
Sicherheitsversion: AV: 1.327.1243.0, AS: 1.327.1243.0, NIS: 1.327.1243.0
Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5
Date: 2022-03-28 20:53:52
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Floxif.E&threatid=2147706431&enterprise=0
Name: Trojan:Win32/Floxif.E
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Program Files\Common Files\System\symsrv.dll
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: Stardust-PC\Stardust
Prozessname: C:\Program Files (x86)\Everything\Everything.exe
Sicherheitsversion: AV: 1.327.1243.0, AS: 1.327.1243.0, NIS: 1.327.1243.0
Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5
Date: 2022-03-28 20:53:48
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Floxif.E&threatid=2147706431&enterprise=0
Name: Trojan:Win32/Floxif.E
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Program Files\Common Files\System\symsrv.dll
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: Stardust-PC\Stardust
Prozessname: C:\Program Files (x86)\Everything\Everything.exe
Sicherheitsversion: AV: 1.327.1243.0, AS: 1.327.1243.0, NIS: 1.327.1243.0
Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5
Event[0]:
Date: 2022-03-29 16:38:07
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.327.1243.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
Date: 2022-03-29 16:38:07
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.327.1243.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
Date: 2022-03-29 16:38:07
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.327.1243.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
Date: 2022-03-29 16:38:07
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.327.1243.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
Date: 2022-03-29 16:38:07
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.327.1243.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
CodeIntegrity:
===============
Date: 2022-02-25 15:30:50
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. 2001 09/30/2015
Hauptplatine: ASUSTeK COMPUTER INC. X99-DELUXE
Prozessor: Intel(R) Core(TM) i7-5820K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 7%
Installierter physikalischer RAM: 65437.52 MB
Verfügbarer physikalischer RAM: 60245.2 MB
Summe virtueller Speicher: 130973.52 MB
Verfügbarer virtueller Speicher: 125471.15 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:87.43 GB) (Free:7.13 GB) NTFS
Drive d: (Volume) (Fixed) (Total:150.39 GB) (Free:99.08 GB) NTFS
Drive e: () (Fixed) (Total:196.23 GB) (Free:71.64 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: () (Fixed) (Total:269.53 GB) (Free:162.51 GB) NTFS
Drive g: (Transcend) (Fixed) (Total:2794.39 GB) (Free:619.38 GB) NTFS
Drive i: (Volume) (Fixed) (Total:183.33 GB) (Free:15.59 GB) NTFS
Drive j: (Volume) (Fixed) (Total:465.76 GB) (Free:386.37 GB) NTFS
Drive o: (Volume) (Fixed) (Total:465.75 GB) (Free:465.6 GB) NTFS
\\?\Volume{29bc2ce2-cce4-11e5-b999-806e6f6e6963}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{c2f07f0c-0000-0000-0000-c0e115000000}\ () (Fixed) (Total:0.56 GB) (Free:0.11 GB) NTFS
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 2794.5 GB) (Disk ID: 809702A0)
Partition: GPT.
==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 00091F2C)
Partition 1: (Not Active) - (Size=39.2 GB) - (Type=83)
Partition 2: (Not Active) - (Size=183.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16 GB) - (Type=05)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 00088602)
Partition 1: (Active) - (Size=196.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=269.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: BC2D691A)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: C2F07F0C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=87.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=569 MB) - (Type=27)
Partition 4: (Not Active) - (Size=150.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt =======================
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 29.03.22
Scan-Zeit: 17:03
Protokolldatei: c8707fe4-af79-11ec-a4a7-2c56dcfb29ac.json
-Softwaredaten-
Version: 4.5.6.180
Komponentenversion: 1.0.1634
Version des Aktualisierungspakets: 1.0.53002
Lizenz: Premium
-Systemdaten-
Betriebssystem: Windows 10 (Build 19042.1237)
CPU: x64
Dateisystem: NTFS
Benutzer: Stardust-PC\Stardust
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 327417
Erkannte Bedrohungen: 5
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 2 Min., 17 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 5
Floxif.Virus.FileInfector.DDS, C:\$RECYCLE.BIN\S-1-5-21-1645521455-3686839743-3489531396-1000\$RD084E3.DLL, Keine Aktion durch Benutzer, 1000002, 0, 1.0.53002, 93739E7FE8887A6E0B5F4464, dds, 01704306, 7574CF2C64F35161AB1292E2F532AABF, DE055A89DE246E629A8694BDE18AF2B1605E4B9B493C7E4AEF669DD67ACF5085
Malware.AI.2193170993, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\Freemake Audio Converter.lnk, Keine Aktion durch Benutzer, 1000000, 0, , , , , ,
Malware.AI.2193170993, J:\PROGRAM FILES (X86)\FREEMAKE\FREEMAKE AUDIO CONVERTER\FREEMAKEAUDIOCONVERTER.EXE, Keine Aktion durch Benutzer, 1000000, 0, 1.0.53002, A513EE36EF4A21A482B92231, dds, 01704306, D6408188C5493841218D1D31EB691052, 1BE628EB240C83C0EECB07B3714C857FE81FE54F743631CCD270AEE79E0C082C
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-11-18.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-29-2022
# Duration: 00:00:12
# OS: Windows 10 Home
# Scanned: 31965
# Detected: 43
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.Legacy C:\Program Files (x86)\Common Files\Tencent
PUP.Optional.Legacy C:\Program Files (x86)\QuickSearch
PUP.Optional.Legacy C:\Program Files (x86)\Tencent
PUP.Optional.Legacy C:\Program Files\Common Files\Tencent
PUP.Optional.Legacy C:\ProgramData\7b24ec7cc000461ebe26d116b88142c8
PUP.Optional.Legacy C:\ProgramData\TXQMPC
PUP.Optional.Legacy C:\ProgramData\Tencent
PUP.Optional.Legacy C:\Users\Stardust\AppData\Local\DriverToolkit
PUP.Optional.Legacy C:\Users\Stardust\AppData\Local\VirtualStore\ProgramData\Tencent
PUP.Optional.Legacy C:\Users\Stardust\AppData\Roaming\Common\LuaRT
PUP.Optional.Legacy C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????
PUP.Optional.Legacy C:\uninst
PUP.Optional.StartFenster C:\Program Files (x86)\Startfenster
***** [ Files ] *****
PUP.Optional.Legacy C:\END
PUP.Optional.Legacy C:\Users\Stardust\AppData\Roaming\Installer.dat
PUP.Optional.Legacy C:\Windows\System32\drivers\TFsFltX64.sys
PUP.Optional.Legacy C:\Windows\System32\drivers\TSSKX64.sys
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.DailyPCClean HKCU\Software\DAILYPCCLEAN
PUP.Optional.FreeMakeConverter HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
PUP.Optional.FreeMakeConverter HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater
PUP.Optional.Legacy HKCU\Software\CoinisRevShare
PUP.Optional.Legacy HKCU\Software\FFUPD
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cmptch.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\DOMStorage\qq.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Tinstalls
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
PUP.Optional.Legacy HKLM\Software\Classes\METNSD
PUP.Optional.Legacy HKLM\Software\Classes\qmgcfiles
PUP.Optional.Legacy HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\ QQPCTray
PUP.Optional.Legacy HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\MTview
PUP.Optional.Legacy HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\lsas
PUP.Optional.Legacy HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\tsiVideo
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{63332668-8CE1-445D-A5EE-25929176714E}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\DownloadProxy.EXE
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
PUP.Optional.ShopGenius HKCU\Software\Genius
PUP.Optional.SlimCleanerPlus HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
PUP.Optional.StartFenster HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Startfenster
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
|
|
29.03.2022, 17:14
| #3 |
| | Windows 10: MBAM meldet plötzlich Virus FLOXIF shortcut.txt
__________________Code:
ATTFilter Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 28-03-2022
durchgeführt von Stardust (29-03-2022 17:37:44)
Gestartet von C:\Users\Stardust\Desktop\Virenscanner
Start-Modus: Normal
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software995\Software995.com.lnk -> hxxp://www.software995.com
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTGui\Frequently Asked Questions.lnk -> hxxp://www.ptgui.com/support.htm
Shortcut: C:\Users\Stardust\Favorites\Downloadseite von NCH Software.lnk -> [LFt-hSBi+00^ahttps://www.nchsoftware.com/de/index.html%Debut Video-Aufnahme-Programm starten]
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk -> C:\Program Files\WinZip\WINZIP64.EXE (WinZip Computing, S.L.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AG DSP Controller.lnk -> C:\Program Files (x86)\YAMAHA\AG DSP Controller\ag_dsp_controller.exe (Yamaha Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BOSS TONE STUDIO for GT-1.lnk -> C:\Program Files (x86)\BOSS TONE STUDIO for GT-1\BOSS TONE STUDIO for GT-1.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debut Video-Aufnahme-Programm.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk -> C:\Program Files\Google\Google Earth Pro\client\googleearth.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\WINDOWS\ehome\ehshell.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notion 6.lnk -> D:\Program Files\Notion 6\Notion.exe (PreSonus Audio Electronics, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate DiscWizard.lnk -> C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardLauncher.exe (Seagate)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager.lnk -> C:\Program Files\tiptoi® Manager\tiptoi® Manager.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk -> C:\Program Files\Wireshark\Wireshark.exe (The Wireshark developer community, hxxps://www.wireshark.org/)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Check for Updates.lnk -> C:\Program Files (x86)\Xvid\autoupdate-windows.exe (Xvid Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Xvid MiniConvert.lnk -> C:\Program Files (x86)\Xvid\MiniConvert.exe (Xvid Solutions)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode 64bit\Uninstall XMedia Recode 64bit.lnk -> C:\Program Files\XMedia Recode 64bit\unins000.exe (XMedia Recode 64bit )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode 64bit\XMedia Recode 64bit.lnk -> C:\Program Files\XMedia Recode 64bit\XMedia Recode.exe (XMedia Recode)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode\Uninstall XMedia Recode.lnk -> I:\Program Files (x86)\XMedia Recode\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode\XMedia Recode.lnk -> I:\Program Files (x86)\XMedia Recode\XMedia Recode.exe (XMedia Recode)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip\WinZip 19.5.lnk -> C:\Program Files\WinZip\WINZIP64.EXE (WinZip Computing, S.L.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files (x86)\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files (x86)\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaveLab 6\Addendum.lnk -> D:\Program Files (x86)\Steinberg\WaveLab 6\Help\Addendum.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaveLab 6\Deinstallieren.lnk -> D:\Program Files (x86)\Steinberg\WaveLab 6\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaveLab 6\Handbuch.lnk -> D:\Program Files (x86)\Steinberg\WaveLab 6\Help\Deutsch\WaveLab.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaveLab 6\Readme.lnk -> D:\Program Files (x86)\Steinberg\WaveLab 6\ReadMe.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaveLab 6\WaveLab 6.lnk -> D:\Program Files (x86)\Steinberg\WaveLab 6\WaveLab.exe (Steinberg Media Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> D:\Program Files\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> D:\Program Files\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> D:\Program Files\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> D:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission-Qt\Uninstall Transmission-Qt.lnk -> D:\Program Files\Transmission\uninstall.exe (Transmission)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transcribe!\Transcribe! Help.lnk -> D:\Program Files (x86)\Transcribe!\xschelp.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transcribe!\Transcribe!.lnk -> D:\Program Files (x86)\Transcribe!\Transcribe.exe (Seventh String Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom\TomTom HOME 2.lnk -> C:\Windows\Installer\{C51F55EC-477D-4385-B951-BDEFA5DFC90B}\NewShortcut1_BB5D96B1D05B428EBAD4A437B7244768.exe (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium\Ausgabe-Datei.lnk -> C:\Users\Stardust\AppData\Roaming\Stellarium\output.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium\Change log (Änderungsprotokoll).lnk -> I:\Program Files\Stellarium\ChangeLog.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium\config.ini.lnk -> C:\Users\Stardust\AppData\Roaming\Stellarium\config.ini ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium\Logfile des letzten Durchlaufs.lnk -> C:\Users\Stardust\AppData\Roaming\Stellarium\log.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium\Stellarium entfernen.lnk -> I:\Program Files\Stellarium\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium\Stellarium Entwickler-Dokumentation am Web.lnk -> I:\Program Files\Stellarium\stellarium-devdocs.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium\Stellarium im Internet.lnk -> I:\Program Files\Stellarium\stellarium.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium\Stellarium User Guide (englisch).lnk -> I:\Program Files\Stellarium\guide\guide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium\Stellarium.lnk -> I:\Program Files\Stellarium\stellarium.exe (Stellarium team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> D:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software995\Pdf995 Readme.lnk -> C:\pdf995\readme.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs\64bit Settings Application.lnk -> C:\Program Files\Shark007\Tools\Settings64.exe (Shark007)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs\Settings Application 32bit.lnk -> C:\Program Files (x86)\Shark007\Standard\Tools\Settings32.exe (Shark007)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\Seagate DiscWizard\Seagate DiscWizard.lnk -> C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardLauncher.exe (Seagate)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\Seagate DiscWizard\Extras und Werkzeuge\Bootable Rescue Media Builder.lnk -> C:\Program Files (x86)\Seagate\DiscWizard\MediaBuilder.exe (Seagate)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\Seagate DiscWizard\Extras und Werkzeuge\Seagate System Report.lnk -> C:\Program Files (x86)\Seagate\DiscWizard\SystemReport.exe (Seagate)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REVisionEffects\Twixtor 6, After Effects-compatible plugin set\Remove Twixtor 6, After Effects-compatible plugin set.lnk -> C:\ProgramData\REVisionEffects\Twixtor\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REVisionEffects\Twixtor 6, After Effects-compatible plugin set\Twixtor Pro Manual.lnk -> C:\ProgramData\REVisionEffects\Twixtor\TwixtorProUsersManual.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK DTV USB DEVICE\Uninstall.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}\setup.exe (Macrovision Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime - Bitte lesen.lnk -> C:\Windows\Installer\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}\RichText.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTGui\Batch Stitcher.lnk -> I:\Program Files\PTGui\RunStitcher.exe (New House Internet Services B.V.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTGui\PTGui.lnk -> I:\Program Files\PTGui\PTGui.exe (New House Internet Services BV, Rotterdam, The Netherlands)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTGui\Uninstall.lnk -> I:\Program Files\PTGui\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Psicraft\Line 6\Vyzex Pocket POD\Pilot's Guide PDF.lnk -> I:\Program Files (x86)\Psicraft\Line 6\Vyzex Pocket POD\Vyzex Pocket POD Pilot's Guide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Psicraft\Line 6\Vyzex Pocket POD\Preferences PDF.lnk -> I:\Program Files (x86)\Psicraft\Line 6\Vyzex Pocket POD\Vyzex Pocket POD Preferences.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Psicraft\Line 6\Vyzex Pocket POD\ReadMe.lnk -> I:\Program Files (x86)\Psicraft\Line 6\Vyzex Pocket POD\ReadMe.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Psicraft\Line 6\Vyzex Pocket POD\Troubleshooting PDF.lnk -> I:\Program Files (x86)\Psicraft\Line 6\Vyzex Pocket POD\Vyzex Pocket POD Troubleshooting.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Psicraft\Line 6\Vyzex Pocket POD\Uninstall Vyzex Pocket POD.lnk -> I:\Program Files (x86)\Psicraft\Line 6\Vyzex Pocket POD\Win32\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Psicraft\Line 6\Vyzex Pocket POD\Vyzex Pocket POD.lnk -> I:\Program Files (x86)\Psicraft\Line 6\Vyzex Pocket POD\Win32\Vyzex Pocket POD.exe (Sound Quest Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PreSonus\Studio One 5\Studio One 5.lnk -> D:\Programme\PreSonus\Studio One 5\Studio One.exe (PreSonus)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PreSonus\Studio One 5\Uninstall.lnk -> D:\Programme\PreSonus\Studio One 5\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plogue\sforzando\Online Support.lnk -> C:\Program Files\Plogue\sforzando\PlogueOnlineSupport.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plogue\sforzando\sforzando x64.lnk -> C:\Program Files\Plogue\sforzando\sforzando x64.exe (Plogue Art et Technologie, Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plogue\sforzando\sforzando.lnk -> C:\Program Files\Plogue\sforzando\sforzando.exe (Plogue Art et Technologie, Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plogue\sforzando\Uninstall.lnk -> C:\Program Files\Plogue\sforzando\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (64bit).lnk -> I:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\Uninstall.lnk -> I:\Program Files\obs-studio\uninstall.exe (obsproject.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Message Center 2\Nikon Message Center 2-Hilfe.lnk -> C:\Program Files (x86)\Nikon\Nikon Message Center 2\Localization\DE\NikonMessageCenter2_DE.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Message Center 2\Nikon Message Center 2.lnk -> C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\B4 II\B4 II.lnk -> I:\Program Files (x86)\Native Instruments\B4 II\B4 II.exe (Native Instruments GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\B4 II\Documentation\B4 II English.pdf.lnk -> I:\Program Files (x86)\Native Instruments\B4 II\Documentation\B4 II English.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\B4 II\Documentation\B4 II French.pdf.lnk -> I:\Program Files (x86)\Native Instruments\B4 II\Documentation\B4 II French.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\B4 II\Documentation\B4 II German.pdf.lnk -> I:\Program Files (x86)\Native Instruments\B4 II\Documentation\B4 II German.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\B4 II\Documentation\B4 II Spanish.pdf.lnk -> I:\Program Files (x86)\Native Instruments\B4 II\Documentation\B4 II Spanish.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\B4 II\Documentation\Readme.txt.lnk -> I:\Program Files (x86)\Native Instruments\B4 II\Documentation\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\B4 II\Documentation\Welcome.pdf.lnk -> I:\Program Files (x86)\Native Instruments\B4 II\Documentation\Welcome.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer\MyPhoneExplorer.lnk -> I:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe (F.J. Wechselberger)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer\Uninstall.lnk -> I:\Program Files (x86)\MyPhoneExplorer\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Mp3tag Hilfe.lnk -> I:\Program Files (x86)\Mp3tag\help\index.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Mp3tag.lnk -> I:\Program Files (x86)\Mp3tag\Mp3tag.exe (Florian Heidenreich)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Neu in dieser Version.lnk -> I:\Program Files (x86)\Mp3tag\Mp3tagVersion.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixMeister\MixMeister BPM Analyzer.lnk -> C:\Program Files (x86)\MixMeister BPM Analyzer\BpmAnalyzer.exe (MixMeister Technology LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Midimaster\Anleitung Score-Trainer.lnk -> D:\Program Files (x86)\Midimaster\Scoretrainer\Anleitung\index.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Midimaster\Midimaster Homepage.lnk -> D:\Program Files (x86)\Midimaster\Scoretrainer\scoretrainer.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Midimaster\Score-Trainer starten.lnk -> D:\Program Files (x86)\Midimaster\Scoretrainer\scoretrainer.exe (Midimaster)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013-Tools\Database Compare 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\dbcicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013-Tools\Office 2013 Upload Center.lnk -> C:\Windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\msouc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013-Tools\Spreadsheet Compare 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\sscicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON\CINEMA 4D TeamRender Client.lnk -> D:\Program Files\MAXON\CINEMA 4D R16\CINEMA 4D TeamRender Client.exe (MAXON Computer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON\CINEMA 4D TeamRender Server.lnk -> D:\Program Files\MAXON\CINEMA 4D R16\CINEMA 4D TeamRender Server.exe (MAXON Computer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON\CINEMA 4D.lnk -> D:\Program Files\MAXON\CINEMA 4D R16\CINEMA 4D.exe (MAXON Computer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON\Commandline.lnk -> D:\Program Files\MAXON\CINEMA 4D R16\Commandline.exe (MAXON Computer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Master Jazz Guitar Solos\Master Jazz Guitar Solos 1-4.lnk -> C:\Program Files (x86)\Jazz_Guitar_Solos_Vol_1-4\MJazSolo.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Master Jazz Guitar Solos\Uninstall Master Jazz Guitar Solos 1-4.lnk -> C:\Program Files (x86)\Jazz_Guitar_Solos_Vol_1-4\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Master Flatpick Guitar Solos\Master Flatpick Guitar Solos.lnk -> C:\Program Files (x86)\flatpick_guitar_solos\Flatpick.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Master Flatpick Guitar Solos\Uninstall Master Flatpick Guitar Solos .lnk -> C:\Program Files (x86)\flatpick_guitar_solos\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Capture.lnk -> C:\Program Files\Logitech\LogiCapture\bin\LogiCapture.exe (Logitech)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Line 6\Line 6 Updater\Line 6 Updater Uninstaller.lnk -> C:\Program Files (x86)\Line6\Line 6 Updater\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Line 6\Line 6 Updater\Line 6 Updater.lnk -> C:\Program Files (x86)\Line6\Line 6 Updater\Line 6 Updater.exe (Line 6)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZotope\Nectar 3\Uninstall.lnk -> C:\Program Files (x86)\iZotope\Nectar 3\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster\Hilfe.lnk -> I:\Program Files (x86)\Smart Projects\IsoBuster\Help\IsoBuster.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster\IsoBuster entfernen.lnk -> I:\Program Files (x86)\Smart Projects\IsoBuster\Uninst\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster\IsoBuster Online.lnk -> I:\Program Files (x86)\Smart Projects\IsoBuster\Online\IsoBuster Online.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster\IsoBuster.lnk -> I:\Program Files (x86)\Smart Projects\IsoBuster\IsoBuster.exe (Smart Projects)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster\Jetzt bestellen.lnk -> I:\Program Files (x86)\Smart Projects\IsoBuster\Online\Order Now.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia\Authorization Manager.lnk -> C:\Program Files (x86)\IK Multimedia\Authorization Manager\Authorization Manager.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia\Authorization Manager\Installation and Authorization Manual.lnk -> C:\Program Files (x86)\IK Multimedia\Authorization Manager\Installation and Authorization Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia\Authorization Manager\Uninstall IK Multimedia Authorization Manager.lnk -> C:\Program Files (x86)\IK Multimedia\Authorization Manager\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud-Fotos.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreamsShortcut.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 7\Guitar Pro 7.lnk -> G:\Guitar Pro 7\GuitarPro7.exe (Arobas Music)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 7\Uninstall.lnk -> G:\Guitar Pro 7\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 6\Guitar Pro 6 entfernen.lnk -> G:\Guitar Pro 6\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 6\Guitar Pro 6.lnk -> G:\Guitar Pro 6\GuitarPro.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 6\Hilfe.lnk -> G:\Guitar Pro 6\Data\Help\GP6 User's Manual 2010.06 DE.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 6\Software aktualisieren.lnk -> G:\Guitar Pro 6\GPUpdater.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro\GoPro Quik.lnk -> C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gitarrero Notenmeister\Gitarrero Notenmeister.lnk -> D:\Programme\Gitarrero Software\Gitarrero Notenmeister\notenmeister_demo.exe (Macromedia, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gitarrero Notenmeister\Hilfe.lnk -> D:\Programme\Gitarrero Software\Gitarrero Notenmeister\hilfe\hilfe.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gitarrero Notenmeister\Uninstall.lnk -> D:\Programme\Gitarrero Software\Gitarrero Notenmeister\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript\Ghostscript Readme 9.20.LNK -> C:\Program Files (x86)\gs\gs9.20\doc\Readme.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript\Uninstall Ghostscript 9.20.LNK -> C:\Program Files (x86)\gs\gs9.20\uninstgs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreePDF\FreePDF Assistant.lnk -> C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreePDF\FreePDF Config.lnk -> C:\Program Files (x86)\FreePDF_XP\fpucnfg.exe (.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreePDF\FreePDF Handbuch (de).lnk -> C:\Program Files (x86)\FreePDF_XP\FreePDFde.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreePDF\FreePDF Join.lnk -> C:\Program Files (x86)\FreePDF_XP\fpjoin.exe (shbox.de)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreePDF\FreePDF Manual (en).lnk -> C:\Program Files (x86)\FreePDF_XP\FreePDFen.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreePDF\FreePDF.lnk -> C:\Program Files (x86)\FreePDF_XP\freepdf.exe (shbox)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR\FreeOCR.lnk -> C:\FreeOCR\FreeOCR.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR\Uninstall FreeOCR.lnk -> C:\FreeOCR\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake\Freemake Audio Converter.lnk -> J:\Program Files (x86)\Freemake\Freemake Audio Converter\FreemakeAudioConverter.exe (Freemake)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freac - free audio converter\freac - free audio converter.lnk -> C:\Program Files (x86)\freac\freac.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freac - free audio converter\freac Benutzerhandbuch.lnk -> C:\Program Files (x86)\freac\manual\index.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freac - free audio converter\freac Deinstallieren.lnk -> C:\Program Files (x86)\freac\uninstall.exe (chapter.0)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Shredder\File Shredder on the Web.lnk -> D:\Program Files\File Shredder\Shredder.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Shredder\File Shredder.lnk -> D:\Program Files\File Shredder\Shredder.exe (Pow Tools)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Shredder\Uninstall File Shredder.lnk -> D:\Program Files\File Shredder\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software\Copy Utility.lnk -> C:\Program Files (x86)\Epson Software\Copy Utility\ECopy.exe (SEIKO EPSON CORPORATION)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Scan\EPSON Scan-Einstellungen.lnk -> C:\Windows\twain_32\escndv\escfg.exe (SEIKO EPSON CORP.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Scan\EPSON Scan.lnk -> C:\Windows\twain_32\escndv\escndv.exe (SEIKO EPSON CORP.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\ElsterFormular.lnk -> C:\Program Files (x86)\ElsterFormular\bin\pica.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Infodatei - Support.lnk -> C:\Program Files (x86)\ElsterFormular\bin\hotlinetool.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Lizenzvertrag.lnk -> C:\Program Files (x86)\ElsterFormular\lizenzvertrag.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Shrink deutsch\DVD Shrink 3.2 deutsch.lnk -> C:\Program Files (x86)\DVD Shrink DE\DVD Shrink 3.2 DE.exe (DVD Shrink)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Shrink deutsch\DVD Shrink deinstallieren.lnk -> C:\Program Files (x86)\DVD Shrink DE\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Shrink deutsch\DVD Shrink Hilfe.lnk -> C:\Program Files (x86)\DVD Shrink DE\Web\DVD Shrink.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Shrink deutsch\Im Netz\Das Kopieren auf Knopfdruck-Forum von Doom9.lnk -> C:\Program Files (x86)\DVD Shrink DE\Web\url\Doom9 DE.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Shrink deutsch\Im Netz\MultiShrink - Stapelverarbeitung mit DVD Shrink.lnk -> C:\Program Files (x86)\DVD Shrink DE\Web\url\MultiShrink.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Shrink deutsch\Im Netz\Official DVD Shrink Forums (englisch).lnk -> C:\Program Files (x86)\DVD Shrink DE\Web\url\Digital Video Forums.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Shrink deutsch\Im Netz\www.dvdshrink.info (englisch).lnk -> C:\Program Files (x86)\DVD Shrink DE\Web\url\dvdshrink.info.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Shrink deutsch\Im Netz\www.dvdshrink.org (englisch).lnk -> C:\Program Files (x86)\DVD Shrink DE\Web\url\dvdshrink.org.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\devolo\devolo Cockpit.lnk -> C:\Program Files (x86)\devolo\dlan\frontend\plcnetui.exe ( )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskMark8\CrystalDiskMark 8 (32bit).lnk -> I:\Program Files\CrystalDiskMark8\DiskMark32.exe (Crystal Dew World)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskMark8\CrystalDiskMark 8 (64bit).lnk -> I:\Program Files\CrystalDiskMark8\DiskMark64.exe (Crystal Dew World)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo\CrystalDiskInfo (32bit).lnk -> I:\Program Files\CrystalDiskInfo\DiskInfo32.exe (Crystal Dew World)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo\CrystalDiskInfo (64bit).lnk -> I:\Program Files\CrystalDiskInfo\DiskInfo64.exe (Crystal Dew World)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CoyoteWT\CoyoteWT Help.lnk -> C:\Program Files (x86)\Coyote\CoyoteWT\CoyoteWT.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cinch Audio Recorder\Cinch Audio Recorder.lnk -> C:\Program Files (x86)\Cinch Audio Recorder\Cinch Audio Recorder.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDex\CDex.lnk -> I:\Program Files (x86)\CDex\CDex.exe (The CDex Project - hxxp://cdex.mu/)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDex\Uninstall.lnk -> I:\Program Files (x86)\CDex\uninstall.exe (Georgy Berdyshev)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\capella-software\capella-scan 9.lnk -> J:\Program Files (x86)\capella-software\capella-scan 9\bin\capscan.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\capella-software\Handbuch capella-scan 9.lnk -> J:\Program Files (x86)\capella-software\capella-scan 9\bin\help\capscan-de.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP7200 series\Liesmich.lnk -> C:\Program Files\CanonBJ\IJPrinter\Canon iP7200 series\readme_German.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera Control Pro 2\Camera Control Pro 2-Hilfe.lnk -> C:\Program Files (x86)\Nikon\Camera Control Pro 2\CCPHelp.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera Control Pro 2\Camera Control Pro 2.lnk -> C:\Program Files (x86)\Nikon\Camera Control Pro 2\NControlPro.exe (Nikon Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera Control Pro 2\eueste Info zu Camera Control Pro 2.lnk -> C:\Program Files (x86)\Nikon\Camera Control Pro 2\Readme.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BOSS\GT-1 Driver\GT-1 Readme.LNK -> C:\Program Files\RdDrv001\RDID0178\Readme.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BOSS\GT-1 Driver\GT-1.LNK -> C:\Program Files\RdDrv001\RDID0178\Files\RDDP1178.EXE (Roland Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\Band-in-a-Box (32-bit).lnk -> I:\Program Files\bbw.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\Band-in-a-Box (64-bit).lnk -> I:\Program Files\bbw64.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\Band-in-a-Box 2019 New Features Guide.lnk -> I:\Program Files\Documentation\Band-in-a-Box 2019 Upgrade Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\Band-in-a-Box 2022 New Features Guide.lnk -> I:\Program Files\Documentation\Band-in-a-Box 2022 Upgrade Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\Band-in-a-Box User's Guide.lnk -> I:\Program Files\Documentation\Band-in-a-Box 2022 Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\Band-in-a-Box.lnk -> I:\Program Files\bbw.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\Download Manager.lnk -> I:\Program Files\Data\InstallManager\Band-in-a-Box Download Manager.exe (PG Music Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\Master Blues Piano Solos Vol 1.lnk -> I:\Program Files\Songs and Lessons\Blues Piano Solos\data\BzPiano.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealBand (64-bit).lnk -> F:\RealBand64.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealBand 2017 New Features Guide.lnk -> F:\RealBand 2017 New Features Guide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealBand 2019 New Features Guide.lnk -> F:\RealBand 2019 New Features Guide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealBand 2022 New Features Guide.lnk -> F:\RealBand 2022 New Features Guide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealBand User's Guide.lnk -> F:\RealBand 2022 Manual.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealBand.lnk -> F:\RealBand.exe (PG Music Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\Uninstall Band-in-a-Box and RealBand.lnk -> I:\Program Files\uninstall\data\unins004.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall Loops Set 2.lnk -> I:\Program Files\uninstall\unins050.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall Mega RealCombos 1.lnk -> I:\Program Files\uninstall\unins006.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall Mega RealCombos 2.lnk -> I:\Program Files\uninstall\unins007.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall Mega RealCombos 3.lnk -> I:\Program Files\uninstall\unins008.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall Mega RealCombos 4.lnk -> I:\Program Files\uninstall\unins009.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall Mega RealCombos 5.lnk -> I:\Program Files\uninstall\unins010.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall Mega RealCombos 6.lnk -> I:\Program Files\uninstall\unins011.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall Pro RealCombos 1.lnk -> I:\Program Files\uninstall\unins002.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall Pro RealCombos 2.lnk -> I:\Program Files\uninstall\unins003.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall Pro RealCombos 3.lnk -> I:\Program Files\uninstall\unins004.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall Pro RealCombos 4.lnk -> I:\Program Files\uninstall\unins005.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Loops, Shots, and Holds 1-242.lnk -> I:\Program Files\uninstall\unins020.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Set 090.lnk -> I:\Program Files\uninstall\unins014.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 001-006.lnk -> I:\Program Files\uninstall\unins025.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 007-010.lnk -> I:\Program Files\uninstall\unins026.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 011-012.lnk -> I:\Program Files\uninstall\unins027.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 013-015.lnk -> I:\Program Files\uninstall\unins028.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 016-019.lnk -> I:\Program Files\uninstall\unins029.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 020-023.lnk -> I:\Program Files\uninstall\unins030.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 024-027.lnk -> I:\Program Files\uninstall\unins031.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 028-029.lnk -> I:\Program Files\uninstall\unins032.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 030-032.lnk -> I:\Program Files\uninstall\unins033.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 033-034.lnk -> I:\Program Files\uninstall\unins034.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 035-039.lnk -> I:\Program Files\uninstall\unins035.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 040-043.lnk -> I:\Program Files\uninstall\unins037.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 044-049.lnk -> I:\Program Files\uninstall\unins036.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 050-053.lnk -> I:\Program Files\uninstall\unins038.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 054-058.lnk -> I:\Program Files\uninstall\unins039.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 059-062.lnk -> I:\Program Files\uninstall\unins040.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 063-066.lnk -> I:\Program Files\uninstall\unins041.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 067-069.lnk -> I:\Program Files\uninstall\unins043.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 070-071.lnk -> I:\Program Files\uninstall\unins042.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 072-074.lnk -> I:\Program Files\uninstall\unins044.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 075-077.lnk -> I:\Program Files\uninstall\unins045.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 078-082.lnk -> I:\Program Files\uninstall\unins046.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 083-089.lnk -> I:\Program Files\uninstall\unins048.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 090-092.lnk -> I:\Program Files\uninstall\unins047.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 093-095.lnk -> I:\Program Files\uninstall\unins049.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 096-101.lnk -> I:\Program Files\uninstall\unins051.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 102-108.lnk -> I:\Program Files\uninstall\unins052.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 109-113.lnk -> I:\Program Files\uninstall\unins053.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 114-115.lnk -> I:\Program Files\uninstall\unins054.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 116-121.lnk -> I:\Program Files\uninstall\unins055.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 122-126.lnk -> I:\Program Files\uninstall\unins056.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 127-129.lnk -> I:\Program Files\uninstall\unins057.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 130-131.lnk -> I:\Program Files\uninstall\unins058.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 132-136.lnk -> I:\Program Files\uninstall\unins059.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 137-142.lnk -> I:\Program Files\uninstall\unins060.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 143-148.lnk -> I:\Program Files\uninstall\unins061.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 149-154.lnk -> I:\Program Files\uninstall\unins062.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 155-159.lnk -> I:\Program Files\uninstall\unins063.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 160-164.lnk -> I:\Program Files\uninstall\unins064.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 165-169.lnk -> I:\Program Files\uninstall\unins065.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 170-175.lnk -> I:\Program Files\uninstall\unins066.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 176-181.lnk -> I:\Program Files\uninstall\unins067.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 182-187.lnk -> I:\Program Files\uninstall\unins068.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 188-191.lnk -> I:\Program Files\uninstall\unins069.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 192-193.lnk -> I:\Program Files\uninstall\unins070.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 194-197.lnk -> I:\Program Files\uninstall\unins071.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 198-199.lnk -> I:\Program Files\uninstall\unins072.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 200-205.lnk -> I:\Program Files\uninstall\unins073.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 206-213.lnk -> I:\Program Files\uninstall\unins074.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 214-220.lnk -> I:\Program Files\uninstall\unins075.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 221-227.lnk -> I:\Program Files\uninstall\unins076.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 228-232.lnk -> I:\Program Files\uninstall\unins077.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 233-235.lnk -> I:\Program Files\uninstall\unins078.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 236-240.lnk -> I:\Program Files\uninstall\unins079.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 241-244.lnk -> I:\Program Files\uninstall\unins080.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 245-253.lnk -> I:\Program Files\uninstall\unins081.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 254-263.lnk -> I:\Program Files\uninstall\unins082.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 264-266.lnk -> I:\Program Files\uninstall\unins083.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 267-269.lnk -> I:\Program Files\uninstall\unins084.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 270-277.lnk -> I:\Program Files\uninstall\unins085.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 278-280.lnk -> I:\Program Files\uninstall\unins086.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 281-285.lnk -> I:\Program Files\uninstall\unins087.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 286-293.lnk -> I:\Program Files\uninstall\unins088.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Sets 294-300.lnk -> I:\Program Files\uninstall\unins089.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Shots and Holds 246-294.lnk -> I:\Program Files\uninstall\unins021.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealTracks\Uninstall RealTracks Shots and Holds 350-440.lnk -> I:\Program Files\uninstall\unins090.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealDrums\Uninstall RealDrums Sets 01-10.lnk -> I:\Program Files\uninstall\unins022.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealDrums\Uninstall RealDrums Sets 11-20.lnk -> I:\Program Files\uninstall\unins023.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box\RealDrums\Uninstall RealDrums Sets 21-29.lnk -> I:\Program Files\uninstall\unins024.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audient\Audient USB Audio Driver\iD.lnk -> I:\Program Files\Audient\USBAudioDriver\W10_x64\iD.exe (Audient)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio\Android Studio.lnk -> I:\Program Files\Android\Android Studio\bin\studio64.exe (JetBrains s.r.o.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AFT Software\Absolute Fretboard Trainer LITE.lnk -> I:\Program Files (x86)\AFT Software\AftLite.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Bluetooth File Transfer Wizard.lnk -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files\7-Zip\7zFM.exe (Igor Pavlov)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files\7-Zip\7-zip.chm ()
Shortcut: C:\ProgramData\Baidu\BaiduAn\SWManager\百度卫士-软件管理.lnk -> C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.8029\BDASoftMgr.exe (Keine Datei)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Stardust\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\freac - free audio converter.lnk -> C:\Program Files (x86)\freac\freac.exe ()
Shortcut: C:\Users\Public\Desktop\Freemake Audio Converter.lnk -> J:\Program Files (x86)\Freemake\Freemake Audio Converter\FreemakeAudioConverter.exe (Freemake)
Shortcut: C:\Users\Public\Desktop\Google Earth Pro.lnk -> C:\Program Files\Google\Google Earth Pro\client\googleearth.exe (Google)
Shortcut: C:\Users\Public\Desktop\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\Users\Public\Desktop\Notion 6.lnk -> D:\Program Files\Notion 6\Notion.exe (PreSonus Audio Electronics, Inc.)
Shortcut: C:\Users\Public\Desktop\OBS Studio.lnk -> I:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS)
Shortcut: C:\Users\Public\Desktop\Plogue sforzando x64.lnk -> C:\Program Files\Plogue\sforzando\sforzando x64.exe (Plogue Art et Technologie, Inc)
Shortcut: C:\Users\Stardust\OneDrive\Schnellzugriff - Verknüpfung.lnk -> [LF¬g @U@z1SPS0%G`1-Schnellzugriff-¬Systemordner1SPSjc(=Oe¬)::{679F85CB-0220-4080-B29B-5540CC05AAB6}]
Shortcut: C:\Users\Stardust\Links\Desktop.lnk -> C:\Users\Stardust\Desktop ()
Shortcut: C:\Users\Stardust\Links\Downloads.lnk -> C:\Users\Stardust\Downloads ()
Shortcut: C:\Users\Stardust\Links\RecentPlaces.lnk -> [::{22877A6D-37A1-461A-91B0-DBDA5AAEBC99}]
Shortcut: C:\Users\Stardust\Documents\Bilder - Verknüpfung.lnk -> C:\Users\Stardust\Pictures ()
Shortcut: C:\Users\Stardust\Documents\Adobe\After Effects CC 2015\User Presets\(Adobe).lnk -> D:\Program Files\Adobe After Effects CC 2015\Support Files\Presets ()
Shortcut: C:\Users\Stardust\Desktop\CrystalDiskInfo.lnk -> I:\Program Files\CrystalDiskInfo\DiskInfo64.exe (Crystal Dew World)
Shortcut: C:\Users\Stardust\Desktop\CrystalDiskMark 8.lnk -> I:\Program Files\CrystalDiskMark8\DiskMark64.exe (Crystal Dew World)
Shortcut: C:\Users\Stardust\Desktop\FreeOCR.lnk -> C:\FreeOCR\FreeOCR.exe ()
Shortcut: C:\Users\Stardust\Desktop\HandBrake.lnk -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team)
Shortcut: C:\Users\Stardust\Desktop\HiSuite.lnk -> C:\Program Files (x86)\HiSuite\HiSuite.exe (华为技术有限公司 版权所有)
Shortcut: C:\Users\Stardust\Desktop\Line 6 Updater.lnk -> C:\Program Files (x86)\Line6\Line 6 Updater\Line 6 Updater.exe (Line 6)
Shortcut: C:\Users\Stardust\Desktop\MASTERNX.PDF - Verknüpfung.lnk -> G:\band\Realbooks\MASTERNX.PDF ()
Shortcut: C:\Users\Stardust\Desktop\Start Tor Browser.lnk -> C:\Users\Stardust\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Stardust\Desktop\Suche Everything.lnk -> C:\Program Files (x86)\Everything\Everything.exe ()
Shortcut: C:\Users\Stardust\Desktop\Tor Browser\Start Tor Browser.lnk -> C:\Users\Stardust\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AltServer.lnk -> C:\Users\Stardust\AppData\Roaming\Microsoft\Installer\{F7B4312C-3208-43BD-8342-74E9F42006E4}\_7FB7327402AC7E28D9415B.exe ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Stardust\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Signal.lnk -> C:\Users\Stardust\AppData\Local\Programs\signal-desktop\Signal.exe (Open Whisper Systems)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk -> C:\Users\Stardust\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Zoom.lnk -> C:\Users\Stardust\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files (x86)\WinRAR\Rar.txt ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files (x86)\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISO\WinISO Web Site.lnk -> C:\Program Files (x86)\WinISO Computing\WinISO\website.url ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISO\WinISO.lnk -> C:\Program Files (x86)\WinISO Computing\WinISO\bin\winiso.exe (WinISO Computing Inc.)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UNAV\Content Manager.lnk -> D:\Program Files (x86)\UNAV\Content Manager\ContentManager.exe (NNG Kft.)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UNAV\Uninstall Content Manager.lnk -> D:\Program Files (x86)\UNAV\Content Manager\uninst.exe (NNG Llc.)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> D:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sidify\Sidify Music Converter\Sidify Music Converter.lnk -> C:\Program Files (x86)\Sidify\Sidify Music Converter\Sidify Music Converter.exe (Sidify)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaalDesignSoftware\Saal Design Software.lnk -> I:\Program Files (x86)\SaalDesignSoftware\SaalDesignSoftware.exe ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaalDesignSoftware\Uninstall Saal Design Software.lnk -> I:\Program Files (x86)\SaalDesignSoftware\Uninstall.exe ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nmap\Nmap - Zenmap GUI.lnk -> C:\Program Files (x86)\Nmap\zenmap.exe ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Midimaster\Entferne Score-Trainer.lnk -> D:\Program Files (x86)\Midimaster\Scoretrainer\unins000.exe ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LaserSoft Imaging\SilverFast 8\Read Me.lnk -> D:\Program Files\SilverFast Application\SilverFast 8\ReadMe.rtf ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LaserSoft Imaging\SilverFast 8\SilverFast (64bit).lnk -> D:\Program Files\SilverFast Application\SilverFast 8\SilverFast 8.exe (LaserSoft Imaging AG)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LaserSoft Imaging\SilverFast 8\Uninstall (64bit).lnk -> D:\Program Files\SilverFast Application\SilverFast 8\uninst.exe (LaserSoft Imaging AG)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView 64 4.41.lnk -> D:\Program Files\IrfanView\i_view64.exe (Irfan Skiljan)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView deinstallieren.lnk -> D:\Program Files\IrfanView\iv_uninstall.exe (Irfan Skiljan, IrfanView)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView Hilfe.lnk -> D:\Program Files\IrfanView\Help\i_view32_deutsch.chm ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Kommandozeilen-Optionen.lnk -> D:\Program Files\IrfanView\i_options.txt ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Verfügbare PlugIns.lnk -> D:\Program Files\IrfanView\i_plugins.txt ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Verfügbare Sprachen.lnk -> D:\Program Files\IrfanView\i_languages.txt ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Was ist neu.lnk -> D:\Program Files\IrfanView\i_changes.txt ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Über IrfanView.lnk -> D:\Program Files\IrfanView\i_about.txt ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiSuite\HiSuite.lnk -> C:\Program Files (x86)\HiSuite\HiSuite.exe (华为技术有限公司 版权所有)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiSuite\Uninstall.lnk -> C:\Program Files (x86)\HiSuite\uninst.exe ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake\HandBrake.lnk -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake\Uninstall.lnk -> C:\Program Files\HandBrake\uninst.exe ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gitarrero Notenmeister\Gitarrero Notenmeister.lnk -> D:\Programme\Gitarrero Software\Gitarrero Notenmeister\notenmeister.exe ( )
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gitarrero Notenmeister\Hilfe.lnk -> D:\Programme\Gitarrero Software\Gitarrero Notenmeister\hilfe\hilfe.html ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gitarrero Notenmeister\Uninstall.lnk -> D:\Programme\Gitarrero Software\Gitarrero Notenmeister\uninstall.exe ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake\Uninstall\Uninstall Freemake Audio Converter.lnk -> J:\Program Files (x86)\Freemake\Freemake Audio Converter\Uninstall\unins000.exe ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlacSquisher\FlacSquisher.lnk -> I:\Program Files (x86)\FlacSquisher\FlacSquisher.exe ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlacSquisher\Uninstall.lnk -> I:\Program Files (x86)\FlacSquisher\uninst.exe ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlacSquisher\Website.lnk -> I:\Program Files (x86)\FlacSquisher\FlacSquisher.url ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything\Everything deinstallieren.lnk -> C:\Program Files (x86)\Everything\Uninstall.exe ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything\Suche Everything.lnk -> C:\Program Files (x86)\Everything\Everything.exe ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam\DroidCam Client.lnk -> C:\Program Files (x86)\DroidCam\DroidCamApp.exe ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam\Uninstall.lnk -> C:\Program Files (x86)\DroidCam\Uninstall.exe ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autokroma\Autokroma Facebook.lnk -> C:\Users\Stardust\AppData\Roaming\Autokroma\Autokroma.ico ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autokroma\Autokroma.com.lnk -> C:\Users\Stardust\AppData\Roaming\Autokroma\Autokroma.ico ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autokroma\BRAW Studio.lnk -> C:\Program Files\Adobe\Common\Plug-ins\7.0\MediaCore\BRAW Studio\BRAW_Studio.exe (Autokroma)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\SendTo\IsoBuster.lnk -> I:\Program Files (x86)\Smart Projects\IsoBuster\IsoBuster.exe (Smart Projects)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Brave.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Guitar Pro 6.lnk -> G:\Guitar Pro 6\GuitarPro.exe ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IsoBuster.lnk -> I:\Program Files (x86)\Smart Projects\IsoBuster\IsoBuster.exe (Smart Projects)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Plogue sforzando.lnk -> C:\Program Files\Plogue\sforzando\sforzando.exe (Plogue Art et Technologie, Inc)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Wireshark.lnk -> C:\Program Files\Wireshark\Wireshark.exe (The Wireshark developer community, hxxps://www.wireshark.org/)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe After Effects CC 2015.lnk -> D:\Program Files\Adobe After Effects CC 2015\Support Files\AfterFX.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Lightroom.lnk -> C:\Program Files\Adobe\Adobe Lightroom\lightroom.exe (Adobe Systems)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Photoshop CC 2014.lnk -> D:\Programme\Adobe\Adobe Photoshop CC 2014\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Premiere Pro CC 2014.lnk -> C:\Program Files\Adobe\Adobe Premiere Pro CC 2014\Adobe Premiere Pro.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Band-in-a-Box (64-bit).lnk -> I:\Program Files\bbw64.exe ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Brave.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Guitar Pro 7.lnk -> G:\Guitar Pro 7\GuitarPro7.exe (Arobas Music)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\IrfanView 64.lnk -> D:\Program Files\IrfanView\i_view64.exe (Irfan Skiljan)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Outlook 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\SilverFast (64bit).lnk -> D:\Program Files\SilverFast Application\SilverFast 8\SilverFast 8.exe (LaserSoft Imaging AG)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Studio One 5.lnk -> D:\Programme\PreSonus\Studio One 5\Studio One.exe (PreSonus)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Suche Everything.lnk -> C:\Program Files (x86)\Everything\Everything.exe ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Transcribe!.lnk -> D:\Program Files (x86)\Transcribe!\Transcribe.exe (Seventh String Software)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\transmission-qt.exe - Verknüpfung.lnk -> D:\Program Files\Transmission\transmission-qt.exe (Transmission Project)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Word 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Tombstones\Adobe Acrobat DC (2).lnk -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Keine Datei)
Shortcut: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Suche Everything.lnk -> C:\Program Files (x86)\Everything\Everything.exe ()
Shortcut: C:\Users\Stardust\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Stardust\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Stardust\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Stardust\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe (Adobe Systems Incorporated) -> --appletID=CCM_UI --appletVersion=1.0 --workflow=CCM_workflow_launch
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Produktpalette.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extsuite
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Decoder Config.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> xvid.ax,Configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Encoder Config.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> xvidvfw.dll,Configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Uninstall Xvid Video Codec.lnk -> C:\Program Files (x86)\Xvid\uninstall.exe (Xvid Team) -> --debuglevel 3
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\xvid_encraw.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k ""C:\Program Files (x86)\Xvid\xvid_encraw.exe"" -h
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> D:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> D:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom\NewShortcut3.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {C51F55EC-477D-4385-B951-BDEFA5DFC90B}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium\Stellarium (ANGLE-Modus).lnk -> I:\Program Files\Stellarium\stellarium.exe (Stellarium team) -> --angle-d3d9
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium\Stellarium (MESA-Modus).lnk -> I:\Program Files\Stellarium\stellarium.exe (Stellarium team) -> --mesa-mode
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium\Stellarium (mit OpenGL Diagnostik).lnk -> I:\Program Files\Stellarium\stellarium.exe (Stellarium team) -> --dump-opengl-details
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium\Stellarium (mit Spout-Sender).lnk -> I:\Program Files\Stellarium\stellarium.exe (Stellarium team) -> --spout=sky
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\iD Autostart.lnk -> I:\Program Files\Audient\USBAudioDriver\W10_x64\iD.exe (Audient) -> -hide
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs\Uninstall 32bit Standard.lnk -> C:\Program Files (x86)\Shark007\Standard\Tools\Settings32.exe (Shark007) -> uninstall
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs\Uninstall x64Components.lnk -> C:\Program Files\Shark007\Tools\Settings64.exe (Shark007) -> uninstall
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\Seagate DiscWizard\Extras und Werkzeuge\Acronis Secure Zone verwalten.lnk -> C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardTools.exe (Seagate) -> /manage_asz
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\Seagate DiscWizard\Extras und Werkzeuge\Acronis Startup Recovery Manager aktivieren.lnk -> C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardTools.exe (Seagate) -> /asz_recovery_manager
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\Seagate DiscWizard\Extras und Werkzeuge\DriveCleanser.lnk -> C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardTools.exe (Seagate) -> /drive_cleanser
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\Seagate DiscWizard\Extras und Werkzeuge\Image mounten.lnk -> C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardTools.exe (Seagate) -> /mount_image
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\Seagate DiscWizard\Extras und Werkzeuge\Image trennen (unmount).lnk -> C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardTools.exe (Seagate) -> /unmount_image
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\Seagate DiscWizard\Extras und Werkzeuge\Laufwerk klonen.lnk -> C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardTools.exe (Seagate) -> /clone_disk
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\Seagate DiscWizard\Extras und Werkzeuge\Neues Laufwerk hinzufügen.lnk -> C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardTools.exe (Seagate) -> /add_new_disk
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\Seagate DiscWizard\Extras und Werkzeuge\Systembereinigung.lnk -> C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardTools.exe (Seagate) -> /system_cleanup
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime deinstallieren.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} /qf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTGui\Help for PTGui.lnk -> I:\Program Files\PTGui\PTGui.exe (New House Internet Services BV, Rotterdam, The Netherlands) -> /help
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plogue\sforzando\Generate logs.lnk -> C:\Program Files\Plogue\Aria\AriaReporter.exe () -> sforzando.support@plogue.com
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSnano\Check.lnk -> C:\Program Files\KMSnano\TriggerKMS.exe () -> /pause
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\E-Mails.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> mail
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Erinnerungen.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> reminders
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iPhone suchen.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> find
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Kalender.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> calendar
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Keynote.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> keynote
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Kontakte.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> contacts
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Notizen.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> notes
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Numbers.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> numbers
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Pages.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> pages
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript\Ghostscript 9.20.LNK -> C:\Program Files (x86)\gs\gs9.20\bin\gswin32.exe () -> "-IC:\Program Files (x86)\gs\gs9.20\lib;C:\Program Files (x86)\gs\gs9.20\..\fonts"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Deinstallation.lnk -> C:\ProgramData\elsterformular\uninstall.exe (Landesfinanzdirektion Thüringen) -> --prefix "C:/Program Files (x86)/ElsterFormular"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Hilfe.lnk -> C:\Program Files (x86)\ElsterFormular\bin\hilfepica.exe (Digia Plc and/or its subsidiary(-ies)) -> -collectionFile "C:/Program Files (x86)/ElsterFormular/hilfe/elfo.bedienung.qhc" -showUrl "qthelp://elfo.bedienung/hilfe/bed_kap01/910000.html"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Installationsverwaltung.lnk -> C:\Program Files (x86)\ElsterFormular\bin\installationsverwaltung.exe () -> --zeigeDlg
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Integritätsprüfer.lnk -> C:\Program Files (x86)\ElsterFormular\bin\integritaetspruefer.exe () -> -path "C:/Program Files (x86)/ElsterFormular"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\Screenreadermodus.lnk -> C:\Program Files (x86)\ElsterFormular\bin\pica.exe () -> --sehbehindertenmodus
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP7200 series Manual\Canon iP7200 series Online-Handbuch.lnk -> C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe (CANON INC.) -> "C:\PROGRAM FILES (X86)\Canon\IJ Manual\CANON IP7200 SERIES\German\Info.egv"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera Control Pro 2\Camera Control Pro 2 deinstallieren.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {FE96C49B-DB90-405E-A00E-09E38372F880}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Anrufrecorder.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind VRS
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Audio-Converter.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind Switch
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Audio-Editor.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind WavePad
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Bestandssoftware.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind Inventoria
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Bildkonverter.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind Pixillion
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Brennprogramm.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind ExpressBurn
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Buchhaltungssoftware.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind ExpressAccounts
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\CD-Ripper.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind Rip
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Classic FTP Software.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind ClassicFTP
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Diashow-Programm.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind PhotoStage
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Diktiersoftware.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind Express
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Disc-Beschriftungssoftware.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind Disketch
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Doxillion Dokumentkonverter.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind Doxillion
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Flussdiagramm-Software.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind ClickCharts
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Foto-Editor.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind PhotoPad
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Hausplaner.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind DreamPlan
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Musikstudio-Software.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind MixPad
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Point-of-Sale-Software.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind Copper
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Private Finanzsoftware.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind MoneyLine
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Rechnungsprogramm.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind ExpressInvoice
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Streaming-Audio-Recorder.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind SoundTap
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Textbaustein-Programm.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind FastFox
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Tipptrainer.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind KeyBlaze
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Transkriptionssoftware.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind Scribe
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\VHS-Konverter.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind GoldenVideos
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Video-Converter.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind Prism
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\Video-Editor.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind VideoPad
ShortcutWithArgument: C:\Users\Stardust\NCH Software Produktpalette\ZIP-Programm.lnk -> C:\Program Files (x86)\NCH Software\Debut\debut.exe (NCH Software) -> -extfind ExpressZip
ShortcutWithArgument: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk -> C:\Users\Stardust\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe"
ShortcutWithArgument: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\Stardust\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Video Communications, Inc.) -> /uninstall
ShortcutWithArgument: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView - Thumbnails.lnk -> D:\Program Files\IrfanView\i_view64.exe (Irfan Skiljan) -> /thumbs
ShortcutWithArgument: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Stardust\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE (Microsoft Corporation) -> /recycle
ShortcutWithArgument: C:\Users\Stardust\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Stardust\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Stardust\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Stardust\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Stardust\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Stardust\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Stardust\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Stardust\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Stardust\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Stardust\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Xvid Homepage.url -> URL: hxxps://www.xvid.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode 64bit\XMedia Recode 64bit im Internet.url -> URL: hxxp://www.xmedia-recode.de/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode\XMedia Recode im Internet.url -> URL: hxxp://www.xmedia-recode.de/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission-Qt\Support (General).url -> URL: hxxp://forum.transmissionbt.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission-Qt\Support (Windows).url -> URL: hxxp://sourceforge.net/p/trqtw/discussion/1315797/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission-Qt\Transmission Project.url -> URL: hxxp://www.transmissionbt.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\Seagate DiscWizard\Benutzeranleitung.url -> URL: hxxp://www.seagate.com/support/discwizard/dw_ug.de.pdf
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\B4 II\Native Instruments Homepage.url -> URL: hxxp://www.native-instruments.net/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Mp3tag Website.url -> URL: hxxp://www.mp3tag.de
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDex\Donate to support CDex.url -> URL: hxxp://cdex.mu/donate
InternetURL: C:\Users\Stardust\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Stardust\Favorites\Windows Live\Windows Live Gallery.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\Stardust\Favorites\Windows Live\Windows Live Ideas.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72700
InternetURL: C:\Users\Stardust\Favorites\Windows Live\Windows Live Mail.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72681
InternetURL: C:\Users\Stardust\Favorites\Windows Live\Windows Live Spaces.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72682
InternetURL: C:\Users\Stardust\Favorites\MSN-Websites\MSN Auto.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72680
InternetURL: C:\Users\Stardust\Favorites\MSN-Websites\MSN Fernsehen.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72659
InternetURL: C:\Users\Stardust\Favorites\MSN-Websites\MSN Money.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72640
InternetURL: C:\Users\Stardust\Favorites\MSN-Websites\MSN Nachrichten.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72636
InternetURL: C:\Users\Stardust\Favorites\MSN-Websites\MSN Sport.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72635
InternetURL: C:\Users\Stardust\Favorites\MSN-Websites\MSN.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72630
InternetURL: C:\Users\Stardust\Favorites\Microsoft-Websites\IE-Site auf Microsoft.com.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72186
InternetURL: C:\Users\Stardust\Favorites\Microsoft-Websites\Microsoft Deutschland GmbH.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72520
InternetURL: C:\Users\Stardust\Favorites\Microsoft-Websites\Microsoft Store.url -> URL: hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\Stardust\Favorites\Microsoft-Websites\Microsoft Windows - Start.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72629
InternetURL: C:\Users\Stardust\Favorites\Microsoft-Websites\Microsoft zu Hause.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72406
InternetURL: C:\Users\Stardust\Favorites\Microsoft-Websites\Microsoft.com durchsuchen.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72893
InternetURL: C:\Users\Stardust\Favorites\Microsoft-Websites\Site für IE Add-Ons.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Stardust\Favorites\Links\Vorgeschlagene Sites.url -> URL: hxxps://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\Stardust\Favorites\Links\Web Slice-Katalog.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Batman Arkham Knight.url -> URL: steam://rungameid/208650
InternetURL: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LaserSoft Imaging\SilverFast 8\LaserSoft Imaging's Home Page.url -> URL: hxxp://www.silverfast.de/
==================== Ende vom Shortcut.txt =============================
|
|
29.03.2022, 17:22
| #4 |
| /// TB-Ausbilder   | Illegale Software Mein Name ist Matthias und ich werde dir bei der Analyse und der eventuell notwendigen Bereinigung deines Computers helfen. Ich analysiere gerade dein System und melde mich in Kürze mit weiteren Anweisungen. |
|
29.03.2022, 17:32
| #5 | |
| /// TB-Ausbilder | Illegale Software Hast du die Funde von MBAM und AdwCleaner auch entfernen lassen? Du hast nämlich nur die Logdateien der Suchläufe gepostet... nicht, dass etwas entfernt wurde... Leider können wir vorerst gar nicht loslegen: Zitat:
 Cracks, Keygens und andere illegale Software - so kommt Malware (Schadsoftware) auf den PCBitte lesen => Cracks, Keygens und andere illegale Software Es geht weiter wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems. |
|
29.03.2022, 18:09
| #6 |
| | MBAM Sorry Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-03-2022
durchgeführt von Stardust (29-03-2022 19:00:30)
Gestartet von C:\Users\Stardust\Desktop\Virenscanner
Microsoft Windows 10 Home Version 20H2 19042.1237 (X64) (2021-05-26 20:14:28)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-1645521455-3686839743-3489531396-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1645521455-3686839743-3489531396-503 - Limited - Disabled)
Gast (S-1-5-21-1645521455-3686839743-3489531396-501 - Limited - Disabled)
Stardust (S-1-5-21-1645521455-3686839743-3489531396-1000 - Administrator - Enabled) => C:\Users\Stardust
WDAGUtilityAccount (S-1-5-21-1645521455-3686839743-3489531396-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Absolute Fretboard Trainer LITE (HKLM-x32\...\Absolute Fretboard Trainer LITE_is1) (Version: - AbsoluteFretboard.com)
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.6.1 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.453 - Adobe)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.8 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Reader XI MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe SpeedGrade CC 2015 (HKLM-x32\...\{8FD7F1DB-7355-469E-A3F2-2118148D8477}) (Version: 9.0.0 - Adobe Systems Incorporated)
AG DSP Controller (HKLM-x32\...\{C0D0B3D0-87AA-47A2-91B5-FA11C7F2BAC2}) (Version: 1.1.0.0 - Yamaha Corporation)
AltServer (HKLM-x32\...\{F7B4312C-3208-43BD-8342-74E9F42006E4}) (Version: 1.4.3 - Riley Testut)
Android Studio (HKLM\...\Android Studio) (Version: 2020.3 - Google LLC)
ARIA Engine v1.9.3.3 (HKLM\...\ARIA Engine_is1) (Version: v1.9.3.3 - Plogue Art et Technologie, Inc)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 2.0.9.0001 - Asmedia Technology)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.24.0 - Asmedia Technology)
Audient USB Audio Driver v4.0.3 (HKLM-x32\...\Software_Audient_audientusbaudio_Setup) (Version: 4.0.3 - Audient)
Avid Codecs LE (HKLM-x32\...\{C8867EDE-69E9-422C-9E88-80CF5B897C4F}) (Version: 2.7.3.39175 - Avid Technology)
AW-CA100/100D (HKLM-x32\...\{0FA5C34F-7552-42EC-B684-4ACCCA72A620}) (Version: 64.9.1009.2010 - )
Band-in-a-Box 2022 (920) Update (HKLM-x32\...\BB_is1) (Version: - PG Music Inc.)
Band-in-a-Box DAW Plugin 4.5.10 (HKLM-x32\...\BIAB_Plugin_is1) (Version: - PG Music Inc.)
Band-in-a-Box Download and Install Manager 1.0.8 (HKLM-x32\...\DLINSTMAN_is1) (Version: - PG Music Inc.)
Band-in-a-Box File Associations (HKLM-x32\...\BBAssociations_is1) (Version: - PG Music Inc.)
Band-in-a-Box Notation and Chord Fonts (HKLM-x32\...\BBFonts_is1) (Version: - PG Music Inc.)
Band-in-a-Box Server (HKLM-x32\...\BBServer_is1) (Version: - PG Music Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BOSS TONE STUDIO for GT-1 (HKLM-x32\...\{657A8883-CE6D-022D-3B05-B3659506516A}) (Version: 1.0.0 - Roland Corporation) Hidden
BOSS TONE STUDIO for GT-1 (HKLM-x32\...\BOSS-TONE-STUDIO-for-GT-1) (Version: 1.0.0 - Roland Corporation)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 99.1.36.122 - Die Brave-Autoren)
Camera Control Pro 2 (HKLM-x32\...\{FE96C49B-DB90-405E-A00E-09E38372F880}) (Version: 2.13.0 - Nikon)
Canon iP7200 series On-screen Manual (HKLM-x32\...\Canon iP7200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version: - Canon Inc.)
CDex - Digital Audio CD Extractor and Converter (HKLM-x32\...\CDex) (Version: 1.81.0.2016 - Georgy Berdyshev)
Cinch Audio Recorder version 4.0.2 (HKLM-x32\...\{F145F781-A266-4A33-8F34-65561BF29B25}_is1) (Version: 4.0.2 - Cinch Solutions)
CINEMA 4D 16.011 (HKLM\...\MAXONCE2CF069) (Version: 16.011 - MAXON Computer GmbH)
Clavia USB Driver v3.02_4 (HKLM-x32\...\Clavia USB Driver v3.02_4) (Version: - )
Content Manager (HKLM-x32\...\Content Manager) (Version: 3.18.5.639191 - NNG Llc.)
CoyoteWT 1.3 (HKLM-x32\...\CoyoteWT_is1) (Version: - Coyote Electronics Inc.)
CrystalDiskInfo 8.13.3 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.13.3 - Crystal Dew World)
CrystalDiskMark 8.0.4 (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4 - Crystal Dew World)
Debut Video-Aufnahme-Programm (HKLM-x32\...\Debut) (Version: 6.52 - NCH Software)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 5.1.7.638 - devolo AG)
DVD Shrink 3.2 deutsch (HKLM-x32\...\DVD Shrink DE_is1) (Version: - DVD Shrink)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.0.2.18.20170123 - Landesfinanzdirektion Thüringen)
Epson Copy Utility 4 (HKLM-x32\...\{06A7E8AB-2856-4490-BAA9-F338ABE7695A}) (Version: 4.01.0001 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Everything 1.4.1.877 (x86) (HKLM-x32\...\Everything) (Version: 1.4.1.877 (x86) - David Carpenter)
File Shredder 2.5 (HKLM\...\File Shredder_is1) (Version: - Pow Tools)
FlacSquisher 1.3.7 (HKLM-x32\...\FlacSquisher) (Version: 1.3.7 - FlacSquisher)
fre:ac v1.1.5 (HKLM-x32\...\fre:ac v1.1.5) (Version: 1.1.5 - )
Freemake Audio Converter Version 1.1.9 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.9 - Ellora Assets Corporation)
FreeOCR v5.4 (HKLM-x32\...\freeocr_is1) (Version: - )
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Freizeitkarte_FRA (Ausgabe 20.06) (HKLM-x32\...\Freizeitkarte_FRA) (Version: (Ausgabe 20.06) - Freizeitkarte OSM)
Gitarrero Notenmeister (HKLM-x32\...\Gitarrero Notenmeister) (Version: - )
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden
GoPro Quik (HKLM\...\{AA5F7FCE-311C-46D8-B93A-ABF4DDCAB832}) (Version: 0.1.945 - GoPro, Inc.) Hidden
GoPro Quik (HKLM-x32\...\{a23df978-67ca-4fe3-a740-a7b5ae7ec82f}) (Version: 2.7.0.945 - GoPro, Inc.)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.20) (Version: 9.20 - Artifex Software Inc.)
GT-1-Treiber (HKLM\...\RolandRDID0178) (Version: - Roland Corporation)
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music)
Guitar Pro 7 - Soundbanks (HKLM-x32\...\com.arobas-music.guitarpro7-soundbanks_is1) (Version: 1.0.69 - Arobas Music)
Guitar Pro 7 (HKLM-x32\...\{BF4EDCFF-ED20-4AF6-A636-EBAC931336CD}_is1) (Version: 7.0.4.659 - Arobas Music)
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.550 - Huawei Technologies Co., Ltd.)
iCloud (HKLM\...\{A3616230-EF97-44F3-83D3-1AE29DC639D3}) (Version: 7.18.0.22 - Apple Inc.)
IK Multimedia Authorization Manager version 1.0.9 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.9 - IK Multimedia)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
Intel(R) Network Connections 20.1.1022.0 (HKLM\...\PROSetDX) (Version: 20.1.1022.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
IsoBuster 4.6 (HKLM-x32\...\IsoBuster_is1) (Version: 4.6 - Smart Projects)
iZotope Nectar 3 (HKLM\...\Nectar 3_is1) (Version: 3.0.0 - iZotope)
Khi3 - Universal Scientific Calculator (HKLM-x32\...\{C1BADEF7-946C-43CF-9332-55838CD72736}) (Version: 3.4.0.8 - Joël Ollivier - Erpmi-Br)
KMSnano 24 (HKLM\...\KMSnano 24_is1) (Version: KMSnano 24 - )
Line 6 Line 6 Updater Uninstaller (HKLM-x32\...\Line 6 Updater Uninstaller) (Version: 1.23 - Line 6)
Logitech Capture (HKLM\...\Capture) (Version: 1.10.110 - Logitech)
Malwarebytes version 4.5.6.180 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.6.180 - Malwarebytes)
Master Flatpick Guitar Solos (HKLM-x32\...\MFGS1_1_is1) (Version: - PG Music Inc.)
Master Jazz Guitar Solos SuperPAK (HKLM-x32\...\MJGSolo_1-4_is1) (Version: - PG Music Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.68 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62615.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62615.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version: - MixMeister Technology LLC)
Mozilla Firefox (x86 de) (HKLM-x32\...\Mozilla Firefox 96.0.2 (x86 de)) (Version: 96.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.1 - Mozilla)
Mp3tag v2.84a (HKLM-x32\...\Mp3tag) (Version: 2.84a - Florian Heidenreich)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger)
Native Instruments B4 II (HKLM-x32\...\Native Instruments B4 II) (Version: - )
NI Guitar Rig (HKLM\...\{48878FDB-8FEB-4503-A444-11F6BD85114C}) (Version: 5.2.2 - Native Instruments)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nmap 7.91 (HKLM-x32\...\Nmap) (Version: 7.91 - Nmap Project)
Notion 6 (64-bit) (HKLM\...\Notion 6-64) (Version: - PreSonus Software Ltd)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.00 - Nmap Project)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 457.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.30 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.1.3 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenMapChest Central America 2018.11.30 (HKLM-x32\...\OpenMapChest Central America) (Version: - )
OSM generic routable(GRC) (HKLM-x32\...\OSM generic routable(GRC)) (Version: - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pdf995 (HKLM-x32\...\Pdf995) (Version: - )
PG Music DirectX Plugins (64-bit) 2.0.0.0 (HKLM\...\PG_DX_Plugins_64_is1) (Version: - PG Music Inc.)
PG Music DirectX Plugins 2.0.0.0 (HKLM-x32\...\PG_DX_Plugins_is1) (Version: - PG Music Inc.)
Playable RealTracks Set 01 for Sforzando (HKLM\...\__ARIA_2050___is1) (Version: - PG Music Inc)
Plogue sforzando v1.933 (HKLM\...\__ARIA_1014___is1) (Version: v1.933 - Plogue)
PreSonus Studio One 5 (HKLM\...\Studio One 5_is1) (Version: 5.0.2 - PreSonus)
PTGui Pro 9.1 (HKLM-x32\...\PTGui) (Version: - New House Internet Services B.V.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RE:Vision Effects Twixtor AE (HKLM\...\Twixtor AE 6.1.0_is1) (Version: 6.1.0 - Team V.R)
REALTEK DTV USB DEVICE (HKLM-x32\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7786 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - )
Scoretrainer 8.0 (HKLM-x32\...\Midimaster Scoretrainer_is1) (Version: - Midimaster)
Seagate DiscWizard (HKLM-x32\...\{1FB81320-A5BA-4D63-BFE3-66344A9DC059}) (Version: 18.0.6036 - Seagate)
Shark007 STANDARD Codecs (HKLM-x32\...\{898E81AD-6DB9-4750-866B-B8958C5DC7AA}) (Version: 7.2.9 - Shark007)
Shark007 STANDARD x64Components (HKLM\...\STANDARD x64Components_is1) (Version: 7.2.9 - Shark007)
Sidify Music Converter 2.1.3 (HKLM-x32\...\Sidify Music Converter) (Version: 2.1.3 - Sidify)
Signal 5.31.1 (HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 5.31.1 - Open Whisper Systems)
SilverFast 8.0.1r5 (64bit) (HKLM-x32\...\SilverFast 8 x64) (Version: 8.0.1r5 - LaserSoft Imaging AG)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellarium 0.18.3 (HKLM\...\Stellarium_is1) (Version: 0.18.3 - Stellarium team)
tiptoi® Manager 4.1.4 (HKLM\...\{833392BB-E8C0-4066-9408-3A30FA43972F}_is1) (Version: 4.1.4 - Ravensburger AG)
TomTom HOME (HKLM-x32\...\{C51F55EC-477D-4385-B951-BDEFA5DFC90B}) (Version: 2.11.6 - Ihr Firmenname)
Topaz Detail 3 (HKLM-x32\...\Topaz Detail 3) (Version: 3.3.0 - Topaz Labs, LLC)
Topo_Karte_ITA (Ausgabe 19.05) (HKLM-x32\...\Topo_Karte_ITA) (Version: (Ausgabe 19.05) - Topo_Karte)
Transcribe! 8.21 (HKLM-x32\...\Transcribe!_is1) (Version: 8.21 - Seventh String Software)
Transmission-Qt (HKLM\...\Transmission-Qt) (Version: 2.84.6 - Transmission)
Trapcode Suite (HKLM\...\Trapcode Suite v14.1.1) (Version: - Red Giant LLC)
Trapcode Suite 64-bit (HKLM\...\{5210717F-CAFD-4F21-8DF7-6ED3862725C4}) (Version: 12.1.0 - Red Giant Software) Hidden
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{5210717F-CAFD-4F21-8DF7-6ED3862725C4}) (Version: 12.1.0 - Red Giant Software)
USBPcap 1.5.3.0 (HKLM\...\USBPcap) (Version: 1.5.3.0 - Tomasz Mon)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
vegaspro13.0.310_64bit 13.0.310 (HKLM-x32\...\vegaspro13.0.310_64bit 13.0.310) (Version: 13.0.310 - vegaspro13.0.310_64bit)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vyzex Pocket POD 1.17 (HKLM-x32\...\{0E26E09B-6687-4A99-BD08-A9E705373029}_is1) (Version: Vyzex Pocket POD 1.17 - Psicraft Designs, Inc.)
WaveLab 6 (HKLM-x32\...\WaveLabPro) (Version: 6.1.1.353 - Steinberg)
Windows Driver Package - Logitech USB (03/19/2018 1.1.142.0) (HKLM\...\7665A2F14177289A395E62C8D872B2414E337C47) (Version: 03/19/2018 1.1.142.0 - Logitech)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinISO (HKLM-x32\...\WinISO) (Version: 6.4.0.5092 - WinISO Computing Inc.)
WinRAR 5.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EB}) (Version: 19.5.11475 - WinZip Computing, S.L. )
Wireshark 3.2.1 64-bit (HKLM-x32\...\Wireshark) (Version: 3.2.1 - The Wireshark developer community, hxxps://www.wireshark.org)
XMedia Recode 64bit Version 3.5.2.7 (HKLM\...\{D31E6E69-4C6A-42CC-926F-CC7B186864EB}_is1) (Version: 3.5.2.7 - XMedia Recode 64bit)
XMedia Recode Version 3.4.5.2 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.4.5.2 - XMedia Recode)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.4) (Version: 1.3.7 - Xvid Team)
Zoom (HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\ZoomUMX) (Version: 5.2.3 (45120.0906) - Zoom Video Communications, Inc.)
Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2021-05-26] (Microsoft Corporation)
Mail und Kalender -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2021-05-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-09-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-05-26] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2021-05-26] (Microsoft Studios) [MS Ad]
MSN Wetter -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2021-05-26] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2021-05-26] (NVIDIA Corp.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1645521455-3686839743-3489531396-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Stardust\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1645521455-3686839743-3489531396-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Stardust\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Seagate\DiscWizard\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Seagate\DiscWizard\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Seagate\DiscWizard\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-10] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => i:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => i:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [Datei ist nicht signiert]
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-03-22] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-05-27] (WinZip Computing LLC -> WinZip Computing, S.L.)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => i:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers3: [DeleteFiles] -> {736AF091-C361-49B4-A928-87C586130D33} => d:\Program Files\File Shredder\fsshell.dll [2012-03-31] () [Datei ist nicht signiert]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-10] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => i:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-05-27] (WinZip Computing LLC -> WinZip Computing, S.L.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\nvshext.dll [2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-10] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-05-27] (WinZip Computing LLC -> WinZip Computing, S.L.)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\system32\ac3filter.acm [2231296 2013-04-05] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\system32\xvidvfw.dll [251392 2019-12-28] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [1679360 2013-04-06] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2019-12-28] () [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2015-05-08 06:08 - 2015-05-08 06:08 - 000151552 ____N () [Datei ist nicht signiert] C:\Program Files (x86)\DroidCam\lib\DroidCam.dll
2015-05-08 06:08 - 2015-05-08 06:08 - 000081920 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\DroidCam\lib\DroidCamFilter.ax
2015-05-08 06:14 - 2015-05-08 06:14 - 000086016 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\DroidCam\lib\DroidCamFilter240p.ax
2017-12-08 18:53 - 2012-04-26 14:51 - 000040448 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\pdf995mon64.dll
2017-03-31 14:53 - 2012-06-21 06:25 - 000113152 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\redmon64.dll
2016-06-12 16:59 - 2012-03-31 23:06 - 002689536 _____ () [Datei ist nicht signiert] d:\Program Files\File Shredder\fsshell.dll
2020-12-09 14:02 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMN6PPM.DLL
2017-08-26 15:54 - 2017-08-26 15:54 - 000410112 _____ (Florian Heidenreich) [Datei ist nicht signiert] i:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
2016-08-12 13:16 - 2016-05-10 10:29 - 000077312 _____ (Igor Pavlov) [Datei ist nicht signiert] C:\Program Files\7-Zip\7-zip.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => regfile
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://api.youqian.baidu.com/v1/nav?soft=12&uid=50123297&guid=b03aef865521ad18efb1dc6ab9bf9182&vd=4152366882
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-1645521455-3686839743-3489531396-1000 -> {4AD43A14-AA87-4d4b-A345-B0BC1C61BC76} URL = hxxp://www.google.cn/search?hl=zh-CN&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1645521455-3686839743-3489531396-1000 -> {C3BBCD0B-9234-4d36-9151-EC49EE32FCE3} URL = hxxp://www.baidu.com/s?wd={searchTerms}&tn=28026190_dg&ie=utf-8
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2018-04-09 09:43 - 000001234 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;D:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;i:\Program Files (x86)\Smart Projects\IsoBuster;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\Control Panel\Desktop\\Wallpaper -> D:\cinema4dprojekte\hintergrund2021korr.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei)
ist aktiviert.
Network Binding:
=============
LAN-Verbindung 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
LAN-Verbindung: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Bluetooth-Netzwerkverbindung 3: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: asComSvc => 2
MSCONFIG\Services: DevoloNetworkService => 2
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamNetworkSvc => 3
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FAH.lnk => C:\Windows\pss\FAH.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Ednltion => C:\Users\Stardust\AppData\Local\Ednltion\Windows_Activaton.exe
MSCONFIG\startupreg: Everything => "C:\Program Files (x86)\Everything\Everything.exe" -startup
MSCONFIG\startupreg: FreePDF Assistant => "C:\Program Files (x86)\FreePDF_XP\fpassist.exe"
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: IR_SERVER => C:\PROGRA~2\Realtek\REALTE~1\IR_SERVER.exe
MSCONFIG\startupreg: LGBackAgent => C:\ProgramData\LGMOBILEAX\B2C_Client\LGbackagent.exe
MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: Steam => "D:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\StartupApproved\Run: => "iCloudServices"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{45726997-AC79-445D-B5FE-E300A4E1BDD5}] => (Allow) %USERPROFILE%\Downloads\GoogleEarthProSetup.exe => Keine Datei
FirewallRules: [{0850213F-515D-4F0D-B38B-C2FEF3AD3201}] => (Allow) %USERPROFILE%\Downloads\GoogleEarthProSetup.exe => Keine Datei
FirewallRules: [{1398EABE-D754-4572-B44F-1D9E037D6917}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{50F05036-254B-4682-A4EA-E81ECBE486B2}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{93DF9CEE-5B4E-45F1-B708-10FBCDAC67DB}] => (Allow) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe (Brave Software, Inc. -> BraveSoftware Inc.)
FirewallRules: [{EC180055-4A83-41B3-8B2A-91679FE65686}] => (Allow) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe (Brave Software, Inc. -> BraveSoftware Inc.)
FirewallRules: [UDP Query User{54ED30B0-9C49-4B89-9675-DBCA8BCEFC1D}D:\program files\notion 6\notion.exe] => (Block) D:\program files\notion 6\notion.exe (PreSonus Audio Electronics, Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{C2CD6F89-E60B-49AB-923A-67EC564BA12E}D:\program files\notion 6\notion.exe] => (Block) D:\program files\notion 6\notion.exe (PreSonus Audio Electronics, Inc.) [Datei ist nicht signiert]
FirewallRules: [{D6A787F3-AA71-4E35-96CD-BE6DAC50C2AA}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [{3A0DE83A-C728-45A7-A537-1ED4A2C8BC45}] => (Allow) C:\Users\Stardust\AppData\Local\Programs\signal-desktop\Signal.exe (Signal Messenger, LLC -> Open Whisper Systems)
FirewallRules: [{D59FA179-1243-4EB6-81A3-2BF5E14C7758}] => (Allow) C:\Users\Stardust\AppData\Local\Programs\signal-desktop\Signal.exe (Signal Messenger, LLC -> Open Whisper Systems)
FirewallRules: [{F0D80B60-0D45-4A39-BDAB-D817250ACA98}] => (Allow) C:\Users\Stardust\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{804126A9-F4F6-4D67-B0D5-64855DB05393}] => (Allow) C:\Users\Stardust\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6676375E-E76F-4EA2-A22E-A0E6976ABFB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E8BA56D3-B161-4A84-84D7-EFF90AAE5879}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EAEA0EEA-13E0-44FE-BA87-85C2518C01C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D72F44AC-332F-4E75-BC58-6DF94F7B12E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D5DEE26A-2EF5-43D2-88A4-28683D2481F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{779E82D9-25C8-4F4B-8101-85D6369BECBE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{9524D95F-EB37-4397-BA2E-B079B75F933A}D:\programme\presonus\studio one 5\pluginscanner.exe] => (Block) D:\programme\presonus\studio one 5\pluginscanner.exe (PreSonus Audio Electronics, Inc. -> PreSonus)
FirewallRules: [TCP Query User{4E68F013-B9C2-4653-AD19-1EBE18801D4F}D:\programme\presonus\studio one 5\pluginscanner.exe] => (Block) D:\programme\presonus\studio one 5\pluginscanner.exe (PreSonus Audio Electronics, Inc. -> PreSonus)
FirewallRules: [UDP Query User{5909E84C-39C7-4899-AD59-67D3FC00BE82}D:\programme\presonus\studio one 5\studio one.exe] => (Block) D:\programme\presonus\studio one 5\studio one.exe (PreSonus) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{0068E0D5-3C72-4CCB-AE42-9CA5F7367C8B}D:\programme\presonus\studio one 5\studio one.exe] => (Block) D:\programme\presonus\studio one 5\studio one.exe (PreSonus) [Datei ist nicht signiert]
FirewallRules: [{A4DE53E3-0AA7-4D85-B3B4-64E48FACED01}] => (Allow) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audient\Audient USB Audio Driver () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [{BCEA5F4A-6D92-41D9-BDF7-627C9CD465AA}] => (Allow) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audient\Audient USB Audio Driver () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [{37D232BE-7F8B-49E0-A925-5AA52BE1D94F}] => (Allow) LPort=80
FirewallRules: [{72F46ADF-1E40-4309-A607-7794DE1357D1}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe => Keine Datei
FirewallRules: [{0D6B5073-505A-41A5-A405-81CDF4A872DD}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe => Keine Datei
FirewallRules: [{ABCDEBC9-C170-4771-A962-BE77E003802F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6B8EFDBC-E8B6-44C4-BC71-4D2F1C825287}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C81811F9-445D-4AD6-95F1-BE862810064F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{19022C9B-0FB9-4B43-9AF7-9E749D97C77D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{B39059B6-DA9E-4949-B393-D658D414BB4C}C:\users\stardust\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\stardust\appdata\roaming\spotify\spotify.exe => Keine Datei
FirewallRules: [TCP Query User{3E368EA9-E1C2-4932-ACA3-E02B1E6FFC2F}C:\users\stardust\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\stardust\appdata\roaming\spotify\spotify.exe => Keine Datei
FirewallRules: [{88E3F147-C663-42B4-B39B-2D1AFFF21568}] => (Allow) %APPDATA%\Spotify\SpotifyStartupTask.exe => Keine Datei
FirewallRules: [{C50CC851-25AA-40F1-B3B1-A2FB6731B203}] => (Allow) %APPDATA%\Spotify\SpotifyStartupTask.exe => Keine Datei
FirewallRules: [{B229BCCA-AF27-461E-BF83-9EE69E60ED61}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{2C78779F-D4E2-450C-8164-4679D8CCBFC3}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{0D2928F3-EC53-4D6E-8BEB-DB39918632FD}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\CptHost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{CF13AADA-A84B-4F3B-A9F5-9FBA0EFECBE5}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{06B58B17-BC96-4C7A-9ACA-09B8E5BDFE0F}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\Zoom_launcher.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{FE3AB3A3-2070-4D78-9D07-97539D7A8ECE}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\Zoom_launcher.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{2C85DB43-E13A-45B1-8361-CB974E3FE938}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{3A015441-937C-4C2E-9496-9A327C5BC17D}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\CptHost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{793659E2-DE66-4E47-ADAC-F7343970BD6C}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{8108CEC1-030F-45A7-A31E-2FFBF4DAF833}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{2CCBD703-3A4B-42F3-B1B1-3D563E2D1983}] => (Allow) I:\Program Files (x86)\CDex\CDex.exe (The CDex Project - hxxp://cdex.mu/) [Datei ist nicht signiert]
FirewallRules: [{4D390133-375B-4398-A51C-DCA3F913613D}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro Media, Inc. -> )
FirewallRules: [{F825EE26-153C-4621-8BE2-E1B7F1A28107}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro Media, Inc. -> )
FirewallRules: [{2E98CD03-8B2E-496F-846B-3913D741DDCA}] => (Allow) G:\Downloads\MediaCreationTool1909.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A7C892B5-7C80-4960-B780-96C1810022B0}] => (Allow) G:\Downloads\MediaCreationTool1909.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9997823F-F7C7-44B1-88D0-D31F3EE26C26}] => (Allow) %ProgramFiles% (x86)\Microsoft\Skype for Desktop\Skype.exe => Keine Datei
FirewallRules: [{3E7B2C18-DCA6-49D3-BB1B-957D734DB9B3}] => (Allow) %ProgramFiles% (x86)\Microsoft\Skype for Desktop\Skype.exe => Keine Datei
FirewallRules: [{1DE4B95E-DCC9-47A6-B054-0D24EB1E2959}] => (Allow) G:\Downloads\MBSetup.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{16DF8E75-D757-4F82-8552-E5F2A3E33B5A}] => (Allow) G:\Downloads\MBSetup.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{2172627C-2456-4700-BA6A-86149383519B}] => (Allow) C:\ProgramData\Malwarebytes\MBAMService\instlrupdate\MBSetup.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{E9D4FC0A-C850-460A-ADB9-107C3B58CE11}] => (Allow) C:\ProgramData\Malwarebytes\MBAMService\instlrupdate\MBSetup.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{5BFC71F3-E4B3-464A-84CE-3C6DD958C364}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe (hxxp://www.qemu.org/) [Datei ist nicht signiert]
FirewallRules: [{0A4A1169-C4B6-43F7-B5E7-21C30B9619F8}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe (hxxp://www.qemu.org/) [Datei ist nicht signiert]
FirewallRules: [{D78FE345-E7D9-4AF1-8300-B8B59669C49C}] => (Allow) %ProgramFiles% (x86)\Microsoft\Skype for Desktop\Skype.exe => Keine Datei
FirewallRules: [{36D35FE3-E4B1-4DA7-BA26-0F88A72EAF12}] => (Allow) %ProgramFiles% (x86)\Microsoft\Skype for Desktop\Skype.exe => Keine Datei
FirewallRules: [{CA948FF9-72AF-4359-882E-E49F6A7BB207}] => (Allow) G:\Downloads\Firefox Installer.exe (Mozilla Corporation -> Mozilla)
FirewallRules: [{A83B1FDC-0679-406F-979D-52C939ED900D}] => (Allow) G:\Downloads\Firefox Installer.exe (Mozilla Corporation -> Mozilla)
FirewallRules: [{87AF8ABC-A8E9-4185-B23D-BFA928864A16}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe (DEV47 APPS -> )
FirewallRules: [{435D4D41-B9B1-459E-8381-8EDCA75E2199}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe (DEV47 APPS -> )
FirewallRules: [{07062243-569D-4FA4-A552-E89658ADE6BC}] => (Allow) C:\Program Files (x86)\devolo\dlan\frontend\plcnetui.exe () [Datei ist nicht signiert]
FirewallRules: [{9C72B629-FB44-4FF7-ABB3-32556895EE91}] => (Allow) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom International BV -> TomTom)
FirewallRules: [{EB0E6D05-8542-4F8B-A46A-ECF6B0A35DFB}] => (Allow) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom International BV -> TomTom)
FirewallRules: [{1C03871A-74A1-42C1-BAF3-CE76626345B7}] => (Allow) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom International BV -> TomTom)
FirewallRules: [{C9355F47-C98A-4CA6-BAE0-D3F332B50FB9}] => (Allow) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom International BV -> TomTom)
FirewallRules: [{80986ED8-F007-4A02-9BF8-52128EC5AC7A}] => (Allow) C:\Program Files (x86)\TomTom HOME 2\TomTomHOME.exe (TomTom International BV -> TomTom International B.V.)
FirewallRules: [{4E32ADA4-017F-4F7A-BC52-4D3B7171221A}] => (Allow) C:\Program Files (x86)\TomTom HOME 2\TomTomHOME.exe (TomTom International BV -> TomTom International B.V.)
FirewallRules: [{80C41E00-57C9-4C52-AD2C-A46ED5C8F34B}] => (Allow) %ProgramFiles% (x86)\Guitar SightReader Toolbox\Guitar SightReader Toolbox.exe => Keine Datei
FirewallRules: [{9D795015-E6A7-4CF3-A2AA-5192E72C6F87}] => (Allow) %ProgramFiles% (x86)\Guitar SightReader Toolbox\Guitar SightReader Toolbox.exe => Keine Datei
FirewallRules: [{E46CF54E-982D-439A-B832-090F9632FB4D}] => (Allow) I:\Program Files\Data\InstallManager\Band-in-a-Box Download Manager.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [{B517D6B7-8263-43A0-B06A-9419911BC28F}] => (Allow) I:\Program Files\Data\InstallManager\Band-in-a-Box Download Manager.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [UDP Query User{A293CA92-392A-4120-B138-F95A41F8CA5A}C:\program files\adobe\adobe premiere pro cc 2014\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2014\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [TCP Query User{721621AE-5AC1-46DA-9C64-FE43FF657E28}C:\program files\adobe\adobe premiere pro cc 2014\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2014\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [UDP Query User{41B49B4F-CB31-4CA0-B41A-F457264B3E19}D:\program files\adobe after effects cc 2015\support files\afterfx.exe] => (Block) D:\program files\adobe after effects cc 2015\support files\afterfx.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [TCP Query User{DE957A4A-3CEA-44F7-9DD2-76C9D6A84928}D:\program files\adobe after effects cc 2015\support files\afterfx.exe] => (Block) D:\program files\adobe after effects cc 2015\support files\afterfx.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{9FB33977-7E99-4857-BE54-C6BEDA700989}] => (Allow) c:\Users\Stardust\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe () [Datei ist nicht signiert]
FirewallRules: [{537BF543-9387-4555-A811-14CB5E825CA2}] => (Allow) c:\Users\Stardust\Desktop\Tor Browser\Browser\updater.exe (Mozilla Foundation) [Datei ist nicht signiert]
FirewallRules: [{88CEA99B-8A7B-454C-87C8-E505B60AE651}] => (Allow) c:\Users\Stardust\Desktop\Tor Browser\Browser\plugin-hang-ui.exe => Keine Datei
FirewallRules: [{A83784D9-E867-417A-B66B-3AA6A2B4741F}] => (Allow) c:\Users\Stardust\Desktop\Tor Browser\Browser\plugin-container.exe (Mozilla Corporation) [Datei ist nicht signiert]
FirewallRules: [{2E8C2229-2389-405E-91B9-75DB90900862}] => (Allow) c:\Users\Stardust\Desktop\Tor Browser\Browser\pingsender.exe => Keine Datei
FirewallRules: [{E692EBBB-881A-48DD-81FC-3B23DA688B96}] => (Block) c:\Users\Stardust\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) [Datei ist nicht signiert]
FirewallRules: [{D48F985D-CA23-49C0-ABAC-F90C79B2A706}] => (Allow) C:\Users\Stardust\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) [Datei ist nicht signiert]
FirewallRules: [{68B99EB8-CF83-4455-9D02-015B44C7BEBF}] => (Allow) C:\Program Files\Google\Google Earth Pro\client\googleearth.exe (Google LLC -> Google)
FirewallRules: [{DCF439E4-5DCD-4311-AE60-9CD3270665F3}] => (Allow) C:\Program Files\Google\Google Earth Pro\client\googleearth.exe (Google LLC -> Google)
FirewallRules: [{A9AA78A4-6578-42AA-B471-B50ABF0BBCDE}] => (Allow) %ProgramFiles% (x86)\Garmin\WebUpdater\WebUpdater.exe => Keine Datei
FirewallRules: [{409C29D0-2F92-430C-B9E0-0077DC1A5224}] => (Allow) %ProgramFiles% (x86)\Garmin\WebUpdater\WebUpdater.exe => Keine Datei
FirewallRules: [{50A94525-7B5A-4322-AF3B-2C04D461FE47}] => (Allow) G:\Downloads\BaseCamp_462.exe => Keine Datei
FirewallRules: [{E3FE2577-33A0-4FC5-8579-9F11BCDD96F1}] => (Allow) G:\Downloads\BaseCamp_462.exe => Keine Datei
FirewallRules: [{DB05C517-5ACA-499B-B182-59BA2A432DEC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Descenders\Descenders.exe () [Datei ist nicht signiert]
FirewallRules: [{20EA742D-3212-4015-9926-2FC1A12DC369}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Descenders\Descenders.exe () [Datei ist nicht signiert]
FirewallRules: [{9D67B560-418D-4EF5-A6EB-DA3254859747}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{FF720EC3-EFAD-4561-ACF5-7370EAC6FE10}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{439618FA-FE8A-464B-9D4D-67B7191558C0}] => (Allow) G:\Watteln\Watten.exe => Keine Datei
FirewallRules: [UDP Query User{2CBA51BF-556C-4512-ACB7-4577F03AF80B}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{C1D0294E-73E7-4B90-A50E-0EC630DB2D76}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{098E0E87-3A90-4333-A481-E744B500FCC7}G:\watteln\watten.exe] => (Allow) G:\watteln\watten.exe => Keine Datei
FirewallRules: [TCP Query User{70D5B643-25C7-44E4-8506-AF95712C60BA}G:\watteln\watten.exe] => (Allow) G:\watteln\watten.exe => Keine Datei
FirewallRules: [{5E1DB94E-71CA-4EB7-9672-AC178E1118C4}] => (Allow) I:\Program Files (x86)\Mp3tag\Mp3tag.exe (Florian Heidenreich -> Florian Heidenreich)
FirewallRules: [{02DD0451-BCC7-4781-A510-E8ED0CA2E612}] => (Allow) I:\Program Files (x86)\Mp3tag\Mp3tag.exe (Florian Heidenreich -> Florian Heidenreich)
FirewallRules: [{29863FEA-81AF-4EB4-9EDE-198050D7614B}] => (Allow) G:\Downloads\flashplayer32_xa_install.exe => Keine Datei
FirewallRules: [{7290091B-3DF5-4FA2-9214-F43F3E84D382}] => (Allow) G:\Downloads\flashplayer32_xa_install.exe => Keine Datei
FirewallRules: [{6B377E0D-1CA3-4552-AF40-DD6C4ED01E13}] => (Allow) I:\Program Files\bbw64.exe (PG Music Inc. -> )
FirewallRules: [{FBF42B58-1816-44D0-91E9-47991FAF1526}] => (Allow) I:\Program Files\bbw64.exe (PG Music Inc. -> )
FirewallRules: [{73A87E49-5C72-4DBD-A1E3-08B310064E47}] => (Allow) I:\Program Files\BBHelper\BandinaBoxServer.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [{2D0C2364-6981-4EA1-93C6-F379C6771D55}] => (Allow) I:\Program Files\BBHelper\BandinaBoxServer.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [{1BFF1EBB-6D7A-4D86-A172-0430912D17EE}] => (Allow) I:\Program Files\BBHelper\BandinaBoxServer.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [{67A45789-11E5-4552-8F5B-3A2E71A3FEC3}] => (Allow) I:\Program Files\BBHelper\BandinaBoxServer.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [{2DBAC8DB-C3B9-4C7C-BCE6-2C1F26A13C39}] => (Allow) I:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{959B6391-0FAB-4B1E-B4BF-CB354A0F946D}] => (Allow) I:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{484EA69E-F766-4D44-BCE3-7F4102B0275B}] => (Allow) I:\Program Files (x86)\Utherverse Digital Inc\Utherverse VWW Client\UtherversePatcher.exe => Keine Datei
FirewallRules: [{69886C76-C242-4763-9C80-587C82242B8C}] => (Allow) I:\Program Files (x86)\Utherverse Digital Inc\Utherverse VWW Client\Utherverse.exe => Keine Datei
FirewallRules: [{5B6AB93A-94EA-44E1-921F-507DB18A802A}] => (Allow) G:\Downloads\RedLightCenterSetup(1).exe => Keine Datei
FirewallRules: [{F1FC5BFF-F53C-4914-8C5F-11848715DE35}] => (Allow) G:\Downloads\Chathouse 3D RouletteInstaller.exe => Keine Datei
FirewallRules: [{3EF9FAAC-0393-4F21-A5F9-C1A5BBF2D3C0}] => (Allow) G:\Downloads\Chathouse 3D RouletteInstaller.exe => Keine Datei
FirewallRules: [{1F613038-E5ED-4D40-8C14-298CCC79FC3A}] => (Allow) I:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{BD8FCE35-A7C2-4AF8-8A88-40582CDDEF50}] => (Allow) I:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [UDP Query User{F8367F88-1CFA-471B-987D-D1635E7D09E5}I:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) I:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [TCP Query User{29FA741A-D1D8-499A-B79F-93BA4E83DB20}I:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) I:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{A1B64CE2-A069-4A8A-A855-FDEC276590EC}] => (Allow) c:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{A86E9587-AF44-46E9-832B-097A3314EAA6}] => (Allow) c:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{9838D397-FC5A-424C-A274-E1E8391F2027}] => (Allow) G:\Downloads\MBSetup(1).exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{3801F7E3-0F7B-476E-A70B-C4BF390F041A}] => (Allow) G:\Downloads\MBSetup(1).exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{BD209C8E-8234-439C-8D4A-AAEF4043E9F3}] => (Allow) G:\Downloads\spamfighter_web_7.6.131.exe => Keine Datei
FirewallRules: [{D5E2543D-6BD3-41DE-AAE2-0FEAA1BD2FDD}] => (Allow) G:\Downloads\spamfighter_web_7.6.131.exe => Keine Datei
FirewallRules: [{D3768099-B18C-47F3-9467-0AC563488714}] => (Allow) %SystemDrive%\gt1_wind_v100(1)\gt1_wind_v100\Files\Win7\Setup.exe => Keine Datei
FirewallRules: [{11D8D12A-61A4-4914-B0E4-329E6B55F0A1}] => (Allow) %SystemDrive%\gt1_wind_v100(1)\gt1_wind_v100\Files\Win7\Setup.exe => Keine Datei
FirewallRules: [{2397A65E-E37F-48A3-9B3A-1CB831B3B241}] => (Allow) C:\Program Files (x86)\devolo\dlan\frontend\plcnetui.exe () [Datei ist nicht signiert]
FirewallRules: [{27607790-9CDD-4536-B3B7-2A7B80B5BAC3}] => (Allow) I:\Program Files (x86)\CDex\CDex.exe (The CDex Project - hxxp://cdex.mu/) [Datei ist nicht signiert]
FirewallRules: [{B1E69D70-1998-4226-B4B0-07B5A1725CE1}] => (Allow) I:\Program Files (x86)\CDex\CDex.exe (The CDex Project - hxxp://cdex.mu/) [Datei ist nicht signiert]
FirewallRules: [{3A11DEBE-1109-48AC-B10D-C565B80A06D0}] => (Allow) %USERPROFILE%\Desktop\streamwriter.exe => Keine Datei
FirewallRules: [{AD06DBEB-806C-44D9-A612-EFDF13DA7954}] => (Allow) %USERPROFILE%\Desktop\streamwriter.exe => Keine Datei
FirewallRules: [{9FB622EE-322E-4200-987C-6CD1BF0DCCB1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{589D78D9-8EA9-46D3-8F6A-32DFBCBCFB7E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{474757EE-1A98-4C5A-8A25-F2BB048AE83C}] => (Allow) G:\Guitar Pro 6\GPUpdater.exe () [Datei ist nicht signiert]
FirewallRules: [{D7F48C40-9DAE-4A75-A8EA-7D33A5F3B432}] => (Allow) G:\Guitar Pro 6\GPUpdater.exe () [Datei ist nicht signiert]
FirewallRules: [{C38280D3-D34A-42BE-B4C4-C0D90F91B9FE}] => (Allow) G:\Guitar Pro 6\GuitarPro.exe () [Datei ist nicht signiert]
FirewallRules: [{48D892BE-3702-4C0C-8CFD-AD89AFECC780}] => (Allow) G:\Downloads\flashplayer25_xa_install.exe => Keine Datei
FirewallRules: [{08325C81-EFFA-40E9-9B54-60B9ECA1366B}] => (Allow) G:\Downloads\flashplayer25_xa_install.exe => Keine Datei
FirewallRules: [{DAC656A2-3E13-4054-9C64-4B0795F86DA4}] => (Allow) I:\Program Files (x86)\vegas.pro.13.0.(64-bit)-patch.exe => Keine Datei
FirewallRules: [{C0BF5D09-9E78-4CA5-9D5D-65F2D4A1E0AF}] => (Allow) I:\Program Files (x86)\vegas.pro.13.0.(64-bit)-patch.exe => Keine Datei
FirewallRules: [{F472FEC6-CC1F-4060-86F0-2513310E4295}] => (Allow) I:\Program Files (x86)\SaalDesignSoftware\SaalDesignSoftware.exe () [Datei ist nicht signiert]
FirewallRules: [{5D6A42F4-C739-4014-B10A-39CBACBB2AD3}] => (Allow) I:\Program Files (x86)\SaalDesignSoftware\SaalDesignSoftware.exe () [Datei ist nicht signiert]
FirewallRules: [{B3D569F4-AC44-4DEC-875F-A7910009A4D5}] => (Allow) C:\Users\Stardust\AppData\Local\WhatsApp\Update.exe (WhatsApp, Inc. -> GitHub) [Datei ist nicht signiert]
FirewallRules: [{9521914E-6602-4FA8-B144-7B9B06842600}] => (Allow) D:\Program Files (x86)\UNAV\Content Manager\ContentManager.exe (NNG Software Developing and Commercial LLC -> NNG Kft.) [Datei ist nicht signiert]
FirewallRules: [{F1998BBE-9EF1-4593-A161-CB1A8E91B738}] => (Allow) D:\Program Files (x86)\UNAV\Content Manager\ContentManager.exe (NNG Software Developing and Commercial LLC -> NNG Kft.) [Datei ist nicht signiert]
FirewallRules: [{D462A761-B321-4E2A-BD12-001864632900}] => (Allow) D:\Program Files\SilverFast Application\SilverFast 8\SilverFast 8.exe (LaserSoft Imaging AG) [Datei ist nicht signiert]
FirewallRules: [{4E7AF7D4-C5C4-450E-97FF-97C6F27D87C0}] => (Allow) D:\Program Files\SilverFast Application\SilverFast 8\SilverFast 8.exe (LaserSoft Imaging AG) [Datei ist nicht signiert]
FirewallRules: [{2C1BADFA-F32B-4365-9BDC-97BE5BE171B9}] => (Allow) D:\Program Files\Transmission\transmission-qt.exe (Open Source Developer, René Berber -> Transmission Project) [Datei ist nicht signiert]
FirewallRules: [{8D85DF7D-333B-4D71-A773-44248C40AA70}] => (Allow) D:\program files\transmission\transmission-qt.exe (Open Source Developer, René Berber -> Transmission Project) [Datei ist nicht signiert]
FirewallRules: [{E109743F-CD4D-4827-B754-4BF9EF0075C0}] => (Allow) D:\program files\transmission\transmission-qt.exe (Open Source Developer, René Berber -> Transmission Project) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{4EFADCFF-AE03-46C2-8004-C7CF360956B8}D:\program files\transmission\transmission-qt.exe] => (Allow) D:\program files\transmission\transmission-qt.exe (Open Source Developer, René Berber -> Transmission Project) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{C674454B-CC28-43B0-8504-0DB9CC3091A7}D:\program files\transmission\transmission-qt.exe] => (Allow) D:\program files\transmission\transmission-qt.exe (Open Source Developer, René Berber -> Transmission Project) [Datei ist nicht signiert]
FirewallRules: [{AFC448B2-C4F0-4358-BB8A-F0A15935122B}] => (Allow) I:\SteamLibrary\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (WARNER BROS. ENTERTAINMENT INC. -> Rocksteady Studios Ltd.) [Datei ist nicht signiert]
FirewallRules: [{276511F9-0472-4126-89E1-63497DA081D4}] => (Allow) I:\SteamLibrary\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (WARNER BROS. ENTERTAINMENT INC. -> Rocksteady Studios Ltd.) [Datei ist nicht signiert]
FirewallRules: [{9900E80C-4B1E-4A27-B2FB-E15F21860EB2}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe => Keine Datei
FirewallRules: [{A1AA72CC-96B2-41CD-9C65-AAA33643B064}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe => Keine Datei
FirewallRules: [{3C3203F2-4102-4CF2-8477-AE1E65C7CDA0}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9A91AFD4-B5A7-44D6-96AA-EADFABF16A32}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{57950E74-13CD-472E-A2C2-51BE18958F78}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FC30D880-8992-4EAD-902A-0C790BA10BCB}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{875A0A34-0270-4A7D-93B0-253CDC747C4E}] => (Allow) G:\Downloads\score-trainer-8.0.11-setup.exe => Keine Datei
FirewallRules: [{3C106228-B866-46FF-854A-61C579D6CFAF}] => (Allow) G:\Downloads\score-trainer-8.0.11-setup.exe => Keine Datei
FirewallRules: [{61328F64-C446-4DF7-B881-A36FF7B1C894}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3D79E6A0-FBC5-4213-9A47-D8058B082768}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CD408F9C-CC8E-435D-ADE3-9555B20DF81D}] => (Allow) G:\Guitar Pro 6\GuitarPro.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{D73D545D-DAB5-4636-BF5D-5D31A7E08987}D:\programme\presonus\studio one 3\studio one.exe] => (Block) D:\programme\presonus\studio one 3\studio one.exe => Keine Datei
FirewallRules: [TCP Query User{DD778855-4A1A-4C62-BE58-0771259C4381}D:\programme\presonus\studio one 3\studio one.exe] => (Block) D:\programme\presonus\studio one 3\studio one.exe => Keine Datei
FirewallRules: [{B1B8B461-B377-4B45-AFA2-E53916AA50C4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F8EB6B7A-E838-465D-A855-285C143EF185}] => (Allow) G:\Downloads\GoPro_Quik-WinInstaller-2.7.0.945.exe (GoPro Media, Inc. -> GoPro, Inc.)
FirewallRules: [{98E29DE6-8E05-4D38-88C2-11E7D9208049}] => (Allow) G:\Downloads\GoPro_Quik-WinInstaller-2.7.0.945.exe (GoPro Media, Inc. -> GoPro, Inc.)
FirewallRules: [{22DC4A98-3B30-49CA-B8E1-8DCE59AB81C8}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe (GoPro Media, Inc. -> )
FirewallRules: [{665D202F-7724-4E32-8D82-DE6DFBEA6604}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe (GoPro Media, Inc. -> )
FirewallRules: [{E5B4D37F-F401-404B-AFAD-1ACDB8C9B283}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro Media, Inc. -> )
FirewallRules: [{139FF9AD-9CCB-4376-9177-70B9C4D2C572}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro Media, Inc. -> )
FirewallRules: [{4A40FDD7-3938-4228-AD69-AEC75932D636}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe (GoPro Media, Inc. -> )
FirewallRules: [TCP Query User{640182BD-A9CC-46E8-AD76-FB7868077E37}D:\programme\presonus\studio one 5\studio one.exe] => (Block) D:\programme\presonus\studio one 5\studio one.exe (PreSonus) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{D335435A-B625-43A1-B758-74D1B4B28FAC}D:\programme\presonus\studio one 5\studio one.exe] => (Block) D:\programme\presonus\studio one 5\studio one.exe (PreSonus) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{FAE70BA7-8D77-4BFC-B6E5-F230112A79B4}D:\programme\presonus\studio one 5\pluginscanner.exe] => (Block) D:\programme\presonus\studio one 5\pluginscanner.exe (PreSonus Audio Electronics, Inc. -> PreSonus)
FirewallRules: [UDP Query User{D2511389-7324-4B46-8CCB-DBF3551A3815}D:\programme\presonus\studio one 5\pluginscanner.exe] => (Block) D:\programme\presonus\studio one 5\pluginscanner.exe (PreSonus Audio Electronics, Inc. -> PreSonus)
FirewallRules: [{5390FEF0-39EB-4B09-BFCD-BA4B89044E4E}] => (Allow) C:\Program Files (x86)\Line6\Line 6 Updater\Line 6 Updater.exe (Line 6) [Datei ist nicht signiert]
FirewallRules: [{3E270FBC-CD38-4B70-ABB9-8D28787A2068}] => (Allow) C:\Program Files (x86)\Line6\Line 6 Updater\Line 6 Updater.exe (Line 6) [Datei ist nicht signiert]
FirewallRules: [{F0F3E2D1-6FF9-41DF-AEE6-78672CA2E9CE}] => (Allow) C:\Program Files (x86)\AltServer\AltServer.exe (AltStore LLC) [Datei ist nicht signiert]
FirewallRules: [{29769EBA-6940-42F5-BAE8-B3234056FF8E}] => (Allow) C:\Program Files (x86)\AltServer\AltServer.exe (AltStore LLC) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{BCE50A3E-7FBC-4852-9CE8-4AB60C57F8A7}C:\program files (x86)\altserver\altserver.exe] => (Allow) C:\program files (x86)\altserver\altserver.exe (AltStore LLC) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{2D0729EB-13D2-4C5B-8B9D-7A433DA96909}C:\program files (x86)\altserver\altserver.exe] => (Allow) C:\program files (x86)\altserver\altserver.exe (AltStore LLC) [Datei ist nicht signiert]
FirewallRules: [{04316EEA-9C06-4303-B6A5-CDB89BACE1C0}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AA4D3211-D71A-4F37-B5C2-53C4DDBB87FB}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AF72C975-5100-48DB-AF13-F00A6BC62DDE}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [{14B2C166-8CB5-4270-B3FF-F5ECDA6AC65F}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [{00394055-BB00-4256-8108-FF35EAD1B100}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [{3878188A-C25F-43B7-8EE2-4D895197FC74}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [{92A59CFD-5BD1-4AF6-96BA-A1DC29C25E7B}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{04DF408F-60F0-4570-B72B-9CB5B0B0098F}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{886F7962-47BC-4DB1-8712-349CAC7E2F24}C:\program files\adobe\common\plug-ins\7.0\mediacore\braw studio\braw_studio.exe] => (Block) C:\program files\adobe\common\plug-ins\7.0\mediacore\braw studio\braw_studio.exe (AESCRIPTS INC -> Autokroma)
FirewallRules: [UDP Query User{BF616C7B-735C-49AB-A67C-B3097819F35F}C:\program files\adobe\common\plug-ins\7.0\mediacore\braw studio\braw_studio.exe] => (Block) C:\program files\adobe\common\plug-ins\7.0\mediacore\braw studio\braw_studio.exe (AESCRIPTS INC -> Autokroma)
FirewallRules: [TCP Query User{C92D11F7-41A7-4F60-A658-244EBD4DAE37}C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [UDP Query User{71B87FE6-A2F3-4E4A-A40E-C19A91A85B2B}C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [TCP Query User{C6A9D091-80B7-44E7-8462-FBE6EB453983}C:\program files\adobe\adobe lightroom\helpers\dynamiclinkmediaserver\dynamiclinkmediaserver\1.0\dynamiclinkmediaserver.exe] => (Block) C:\program files\adobe\adobe lightroom\helpers\dynamiclinkmediaserver\dynamiclinkmediaserver\1.0\dynamiclinkmediaserver.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
FirewallRules: [UDP Query User{8D326412-9D0C-4043-89C0-B776E07C051D}C:\program files\adobe\adobe lightroom\helpers\dynamiclinkmediaserver\dynamiclinkmediaserver\1.0\dynamiclinkmediaserver.exe] => (Block) C:\program files\adobe\adobe lightroom\helpers\dynamiclinkmediaserver\dynamiclinkmediaserver\1.0\dynamiclinkmediaserver.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
FirewallRules: [{EC718A8E-D7BF-4918-ADED-26CC41CB0195}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C8E0C654-2D74-4EA3-98C8-7B6DC98929A8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CDE7DA5A-2DE1-4E5E-8DD9-A1F79395D0CF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4FAC0C01-715B-46A9-8A7C-79C2C9652D79}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1D7AA829-B031-4929-90F6-CEB5F65DF062}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:87.43 GB) (Free:7.1 GB) (8%)
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: Bluetooth USB module
Description: Bluetooth USB module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Netzwerkcontroller
Description: Netzwerkcontroller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (03/29/2022 06:14:46 PM) (Source: Firefox Default Browser Agent) (EventID: 12029) (User: )
Description: Event-ID 12029
Error: (03/29/2022 06:14:46 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/29/2022 04:37:17 PM) (Source: WAS-LA) (EventID: 7005) (User: )
Description: Das Listeneradapterprotokoll "msmq.formatname" hat versucht, mit dem Windows-Prozessaktivierungsdienst zu kommunizieren und dabei einen Fehler verursacht. Der Listeneradapter befindet sich nun in einem ungültigen Zustand. Ursache: Dies kann auftreten, wenn zwischen dem Windows-Prozessaktivierungsdienst und dem Listeneradapter nicht ausreichend Speicherplatz vorhanden ist oder Fehler aufgetreten sind. Korrektur: Um diesen Fehler zu korrigieren, beenden Sie den Listeneradapter und anschließend den Windows-Prozessaktivierungsdienst, starten Sie den Windows-Prozessaktivierungsdienst neu, und starten Sie schließlich den Listeneradapter neu.
Error: (03/28/2022 08:07:45 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (03/28/2022 08:07:45 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (03/28/2022 08:07:45 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (03/28/2022 08:07:45 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (03/28/2022 08:07:45 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Systemfehler:
=============
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TomTomHOMEService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "GoPro Device Detection Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Freemake Improver" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HuaweiHiSuiteService64.exe" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DTSAudioSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Seagate Scheduler2 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bluetooth Driver Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Windows Defender:
================
Date: 2022-03-29 16:26:29
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Floxif.E&threatid=2147706431&enterprise=0
Name: Trojan:Win32/Floxif.E
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Program Files\Common Files\System\symsrv.dll
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: Unknown
Sicherheitsversion: AV: 1.327.1243.0, AS: 1.327.1243.0, NIS: 1.327.1243.0
Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5
Date: 2022-03-29 16:26:11
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Floxif.E&threatid=2147706431&enterprise=0
Name: Trojan:Win32/Floxif.E
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Program Files\Common Files\System\symsrv.dll
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: Unknown
Sicherheitsversion: AV: 1.327.1243.0, AS: 1.327.1243.0, NIS: 1.327.1243.0
Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5
Date: 2022-03-28 20:53:59
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Floxif.E&threatid=2147706431&enterprise=0
Name: Trojan:Win32/Floxif.E
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Program Files\Common Files\System\symsrv.dll
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: Stardust-PC\Stardust
Prozessname: C:\Windows\SysWOW64\dllhost.exe
Sicherheitsversion: AV: 1.327.1243.0, AS: 1.327.1243.0, NIS: 1.327.1243.0
Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5
Date: 2022-03-28 20:53:52
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Floxif.E&threatid=2147706431&enterprise=0
Name: Trojan:Win32/Floxif.E
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Program Files\Common Files\System\symsrv.dll
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: Stardust-PC\Stardust
Prozessname: C:\Program Files (x86)\Everything\Everything.exe
Sicherheitsversion: AV: 1.327.1243.0, AS: 1.327.1243.0, NIS: 1.327.1243.0
Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5
Date: 2022-03-28 20:53:48
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Floxif.E&threatid=2147706431&enterprise=0
Name: Trojan:Win32/Floxif.E
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Program Files\Common Files\System\symsrv.dll
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: Stardust-PC\Stardust
Prozessname: C:\Program Files (x86)\Everything\Everything.exe
Sicherheitsversion: AV: 1.327.1243.0, AS: 1.327.1243.0, NIS: 1.327.1243.0
Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5
Event[0]:
Date: 2022-03-29 16:38:07
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.327.1243.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
Date: 2022-03-29 16:38:07
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.327.1243.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
Date: 2022-03-29 16:38:07
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.327.1243.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
Date: 2022-03-29 16:38:07
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.327.1243.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
Date: 2022-03-29 16:38:07
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.327.1243.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
CodeIntegrity:
===============
Date: 2022-02-25 15:30:50
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. 2001 09/30/2015
Hauptplatine: ASUSTeK COMPUTER INC. X99-DELUXE
Prozessor: Intel(R) Core(TM) i7-5820K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 8%
Installierter physikalischer RAM: 65437.52 MB
Verfügbarer physikalischer RAM: 59779.09 MB
Summe virtueller Speicher: 130973.52 MB
Verfügbarer virtueller Speicher: 124678.38 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:87.43 GB) (Free:7.1 GB) NTFS
Drive d: (Volume) (Fixed) (Total:150.39 GB) (Free:99.08 GB) NTFS
Drive e: () (Fixed) (Total:196.23 GB) (Free:71.64 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: () (Fixed) (Total:269.53 GB) (Free:162.51 GB) NTFS
Drive g: (Transcend) (Fixed) (Total:2794.39 GB) (Free:619.38 GB) NTFS
Drive i: (Volume) (Fixed) (Total:183.33 GB) (Free:15.59 GB) NTFS
Drive j: (Volume) (Fixed) (Total:465.76 GB) (Free:386.37 GB) NTFS
Drive o: (Volume) (Fixed) (Total:465.75 GB) (Free:465.6 GB) NTFS
\\?\Volume{29bc2ce2-cce4-11e5-b999-806e6f6e6963}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{c2f07f0c-0000-0000-0000-c0e115000000}\ () (Fixed) (Total:0.56 GB) (Free:0.11 GB) NTFS
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 2794.5 GB) (Disk ID: 809702A0)
Partition: GPT.
==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 00091F2C)
Partition 1: (Not Active) - (Size=39.2 GB) - (Type=83)
Partition 2: (Not Active) - (Size=183.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16 GB) - (Type=05)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 00088602)
Partition 1: (Active) - (Size=196.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=269.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: BC2D691A)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: C2F07F0C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=87.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=569 MB) - (Type=27)
Partition 4: (Not Active) - (Size=150.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt =======================Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-03-2022
durchgeführt von Stardust (29-03-2022 19:00:30)
Gestartet von C:\Users\Stardust\Desktop\Virenscanner
Microsoft Windows 10 Home Version 20H2 19042.1237 (X64) (2021-05-26 20:14:28)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-1645521455-3686839743-3489531396-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1645521455-3686839743-3489531396-503 - Limited - Disabled)
Gast (S-1-5-21-1645521455-3686839743-3489531396-501 - Limited - Disabled)
Stardust (S-1-5-21-1645521455-3686839743-3489531396-1000 - Administrator - Enabled) => C:\Users\Stardust
WDAGUtilityAccount (S-1-5-21-1645521455-3686839743-3489531396-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Absolute Fretboard Trainer LITE (HKLM-x32\...\Absolute Fretboard Trainer LITE_is1) (Version: - AbsoluteFretboard.com)
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.6.1 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.453 - Adobe)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.8 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Reader XI MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe SpeedGrade CC 2015 (HKLM-x32\...\{8FD7F1DB-7355-469E-A3F2-2118148D8477}) (Version: 9.0.0 - Adobe Systems Incorporated)
AG DSP Controller (HKLM-x32\...\{C0D0B3D0-87AA-47A2-91B5-FA11C7F2BAC2}) (Version: 1.1.0.0 - Yamaha Corporation)
AltServer (HKLM-x32\...\{F7B4312C-3208-43BD-8342-74E9F42006E4}) (Version: 1.4.3 - Riley Testut)
Android Studio (HKLM\...\Android Studio) (Version: 2020.3 - Google LLC)
ARIA Engine v1.9.3.3 (HKLM\...\ARIA Engine_is1) (Version: v1.9.3.3 - Plogue Art et Technologie, Inc)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 2.0.9.0001 - Asmedia Technology)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.24.0 - Asmedia Technology)
Audient USB Audio Driver v4.0.3 (HKLM-x32\...\Software_Audient_audientusbaudio_Setup) (Version: 4.0.3 - Audient)
Avid Codecs LE (HKLM-x32\...\{C8867EDE-69E9-422C-9E88-80CF5B897C4F}) (Version: 2.7.3.39175 - Avid Technology)
AW-CA100/100D (HKLM-x32\...\{0FA5C34F-7552-42EC-B684-4ACCCA72A620}) (Version: 64.9.1009.2010 - )
Band-in-a-Box 2022 (920) Update (HKLM-x32\...\BB_is1) (Version: - PG Music Inc.)
Band-in-a-Box DAW Plugin 4.5.10 (HKLM-x32\...\BIAB_Plugin_is1) (Version: - PG Music Inc.)
Band-in-a-Box Download and Install Manager 1.0.8 (HKLM-x32\...\DLINSTMAN_is1) (Version: - PG Music Inc.)
Band-in-a-Box File Associations (HKLM-x32\...\BBAssociations_is1) (Version: - PG Music Inc.)
Band-in-a-Box Notation and Chord Fonts (HKLM-x32\...\BBFonts_is1) (Version: - PG Music Inc.)
Band-in-a-Box Server (HKLM-x32\...\BBServer_is1) (Version: - PG Music Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BOSS TONE STUDIO for GT-1 (HKLM-x32\...\{657A8883-CE6D-022D-3B05-B3659506516A}) (Version: 1.0.0 - Roland Corporation) Hidden
BOSS TONE STUDIO for GT-1 (HKLM-x32\...\BOSS-TONE-STUDIO-for-GT-1) (Version: 1.0.0 - Roland Corporation)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 99.1.36.122 - Die Brave-Autoren)
Camera Control Pro 2 (HKLM-x32\...\{FE96C49B-DB90-405E-A00E-09E38372F880}) (Version: 2.13.0 - Nikon)
Canon iP7200 series On-screen Manual (HKLM-x32\...\Canon iP7200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version: - Canon Inc.)
CDex - Digital Audio CD Extractor and Converter (HKLM-x32\...\CDex) (Version: 1.81.0.2016 - Georgy Berdyshev)
Cinch Audio Recorder version 4.0.2 (HKLM-x32\...\{F145F781-A266-4A33-8F34-65561BF29B25}_is1) (Version: 4.0.2 - Cinch Solutions)
CINEMA 4D 16.011 (HKLM\...\MAXONCE2CF069) (Version: 16.011 - MAXON Computer GmbH)
Clavia USB Driver v3.02_4 (HKLM-x32\...\Clavia USB Driver v3.02_4) (Version: - )
Content Manager (HKLM-x32\...\Content Manager) (Version: 3.18.5.639191 - NNG Llc.)
CoyoteWT 1.3 (HKLM-x32\...\CoyoteWT_is1) (Version: - Coyote Electronics Inc.)
CrystalDiskInfo 8.13.3 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.13.3 - Crystal Dew World)
CrystalDiskMark 8.0.4 (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4 - Crystal Dew World)
Debut Video-Aufnahme-Programm (HKLM-x32\...\Debut) (Version: 6.52 - NCH Software)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 5.1.7.638 - devolo AG)
DVD Shrink 3.2 deutsch (HKLM-x32\...\DVD Shrink DE_is1) (Version: - DVD Shrink)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.0.2.18.20170123 - Landesfinanzdirektion Thüringen)
Epson Copy Utility 4 (HKLM-x32\...\{06A7E8AB-2856-4490-BAA9-F338ABE7695A}) (Version: 4.01.0001 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Everything 1.4.1.877 (x86) (HKLM-x32\...\Everything) (Version: 1.4.1.877 (x86) - David Carpenter)
File Shredder 2.5 (HKLM\...\File Shredder_is1) (Version: - Pow Tools)
FlacSquisher 1.3.7 (HKLM-x32\...\FlacSquisher) (Version: 1.3.7 - FlacSquisher)
fre:ac v1.1.5 (HKLM-x32\...\fre:ac v1.1.5) (Version: 1.1.5 - )
Freemake Audio Converter Version 1.1.9 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.9 - Ellora Assets Corporation)
FreeOCR v5.4 (HKLM-x32\...\freeocr_is1) (Version: - )
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Freizeitkarte_FRA (Ausgabe 20.06) (HKLM-x32\...\Freizeitkarte_FRA) (Version: (Ausgabe 20.06) - Freizeitkarte OSM)
Gitarrero Notenmeister (HKLM-x32\...\Gitarrero Notenmeister) (Version: - )
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden
GoPro Quik (HKLM\...\{AA5F7FCE-311C-46D8-B93A-ABF4DDCAB832}) (Version: 0.1.945 - GoPro, Inc.) Hidden
GoPro Quik (HKLM-x32\...\{a23df978-67ca-4fe3-a740-a7b5ae7ec82f}) (Version: 2.7.0.945 - GoPro, Inc.)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.20) (Version: 9.20 - Artifex Software Inc.)
GT-1-Treiber (HKLM\...\RolandRDID0178) (Version: - Roland Corporation)
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music)
Guitar Pro 7 - Soundbanks (HKLM-x32\...\com.arobas-music.guitarpro7-soundbanks_is1) (Version: 1.0.69 - Arobas Music)
Guitar Pro 7 (HKLM-x32\...\{BF4EDCFF-ED20-4AF6-A636-EBAC931336CD}_is1) (Version: 7.0.4.659 - Arobas Music)
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.550 - Huawei Technologies Co., Ltd.)
iCloud (HKLM\...\{A3616230-EF97-44F3-83D3-1AE29DC639D3}) (Version: 7.18.0.22 - Apple Inc.)
IK Multimedia Authorization Manager version 1.0.9 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.9 - IK Multimedia)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
Intel(R) Network Connections 20.1.1022.0 (HKLM\...\PROSetDX) (Version: 20.1.1022.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
IsoBuster 4.6 (HKLM-x32\...\IsoBuster_is1) (Version: 4.6 - Smart Projects)
iZotope Nectar 3 (HKLM\...\Nectar 3_is1) (Version: 3.0.0 - iZotope)
Khi3 - Universal Scientific Calculator (HKLM-x32\...\{C1BADEF7-946C-43CF-9332-55838CD72736}) (Version: 3.4.0.8 - Joël Ollivier - Erpmi-Br)
KMSnano 24 (HKLM\...\KMSnano 24_is1) (Version: KMSnano 24 - )
Line 6 Line 6 Updater Uninstaller (HKLM-x32\...\Line 6 Updater Uninstaller) (Version: 1.23 - Line 6)
Logitech Capture (HKLM\...\Capture) (Version: 1.10.110 - Logitech)
Malwarebytes version 4.5.6.180 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.6.180 - Malwarebytes)
Master Flatpick Guitar Solos (HKLM-x32\...\MFGS1_1_is1) (Version: - PG Music Inc.)
Master Jazz Guitar Solos SuperPAK (HKLM-x32\...\MJGSolo_1-4_is1) (Version: - PG Music Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.68 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62615.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62615.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version: - MixMeister Technology LLC)
Mozilla Firefox (x86 de) (HKLM-x32\...\Mozilla Firefox 96.0.2 (x86 de)) (Version: 96.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.1 - Mozilla)
Mp3tag v2.84a (HKLM-x32\...\Mp3tag) (Version: 2.84a - Florian Heidenreich)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger)
Native Instruments B4 II (HKLM-x32\...\Native Instruments B4 II) (Version: - )
NI Guitar Rig (HKLM\...\{48878FDB-8FEB-4503-A444-11F6BD85114C}) (Version: 5.2.2 - Native Instruments)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nmap 7.91 (HKLM-x32\...\Nmap) (Version: 7.91 - Nmap Project)
Notion 6 (64-bit) (HKLM\...\Notion 6-64) (Version: - PreSonus Software Ltd)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.00 - Nmap Project)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 457.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.30 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.1.3 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenMapChest Central America 2018.11.30 (HKLM-x32\...\OpenMapChest Central America) (Version: - )
OSM generic routable(GRC) (HKLM-x32\...\OSM generic routable(GRC)) (Version: - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pdf995 (HKLM-x32\...\Pdf995) (Version: - )
PG Music DirectX Plugins (64-bit) 2.0.0.0 (HKLM\...\PG_DX_Plugins_64_is1) (Version: - PG Music Inc.)
PG Music DirectX Plugins 2.0.0.0 (HKLM-x32\...\PG_DX_Plugins_is1) (Version: - PG Music Inc.)
Playable RealTracks Set 01 for Sforzando (HKLM\...\__ARIA_2050___is1) (Version: - PG Music Inc)
Plogue sforzando v1.933 (HKLM\...\__ARIA_1014___is1) (Version: v1.933 - Plogue)
PreSonus Studio One 5 (HKLM\...\Studio One 5_is1) (Version: 5.0.2 - PreSonus)
PTGui Pro 9.1 (HKLM-x32\...\PTGui) (Version: - New House Internet Services B.V.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RE:Vision Effects Twixtor AE (HKLM\...\Twixtor AE 6.1.0_is1) (Version: 6.1.0 - Team V.R)
REALTEK DTV USB DEVICE (HKLM-x32\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7786 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - )
Scoretrainer 8.0 (HKLM-x32\...\Midimaster Scoretrainer_is1) (Version: - Midimaster)
Seagate DiscWizard (HKLM-x32\...\{1FB81320-A5BA-4D63-BFE3-66344A9DC059}) (Version: 18.0.6036 - Seagate)
Shark007 STANDARD Codecs (HKLM-x32\...\{898E81AD-6DB9-4750-866B-B8958C5DC7AA}) (Version: 7.2.9 - Shark007)
Shark007 STANDARD x64Components (HKLM\...\STANDARD x64Components_is1) (Version: 7.2.9 - Shark007)
Sidify Music Converter 2.1.3 (HKLM-x32\...\Sidify Music Converter) (Version: 2.1.3 - Sidify)
Signal 5.31.1 (HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 5.31.1 - Open Whisper Systems)
SilverFast 8.0.1r5 (64bit) (HKLM-x32\...\SilverFast 8 x64) (Version: 8.0.1r5 - LaserSoft Imaging AG)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellarium 0.18.3 (HKLM\...\Stellarium_is1) (Version: 0.18.3 - Stellarium team)
tiptoi® Manager 4.1.4 (HKLM\...\{833392BB-E8C0-4066-9408-3A30FA43972F}_is1) (Version: 4.1.4 - Ravensburger AG)
TomTom HOME (HKLM-x32\...\{C51F55EC-477D-4385-B951-BDEFA5DFC90B}) (Version: 2.11.6 - Ihr Firmenname)
Topaz Detail 3 (HKLM-x32\...\Topaz Detail 3) (Version: 3.3.0 - Topaz Labs, LLC)
Topo_Karte_ITA (Ausgabe 19.05) (HKLM-x32\...\Topo_Karte_ITA) (Version: (Ausgabe 19.05) - Topo_Karte)
Transcribe! 8.21 (HKLM-x32\...\Transcribe!_is1) (Version: 8.21 - Seventh String Software)
Transmission-Qt (HKLM\...\Transmission-Qt) (Version: 2.84.6 - Transmission)
Trapcode Suite (HKLM\...\Trapcode Suite v14.1.1) (Version: - Red Giant LLC)
Trapcode Suite 64-bit (HKLM\...\{5210717F-CAFD-4F21-8DF7-6ED3862725C4}) (Version: 12.1.0 - Red Giant Software) Hidden
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{5210717F-CAFD-4F21-8DF7-6ED3862725C4}) (Version: 12.1.0 - Red Giant Software)
USBPcap 1.5.3.0 (HKLM\...\USBPcap) (Version: 1.5.3.0 - Tomasz Mon)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
vegaspro13.0.310_64bit 13.0.310 (HKLM-x32\...\vegaspro13.0.310_64bit 13.0.310) (Version: 13.0.310 - vegaspro13.0.310_64bit)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vyzex Pocket POD 1.17 (HKLM-x32\...\{0E26E09B-6687-4A99-BD08-A9E705373029}_is1) (Version: Vyzex Pocket POD 1.17 - Psicraft Designs, Inc.)
WaveLab 6 (HKLM-x32\...\WaveLabPro) (Version: 6.1.1.353 - Steinberg)
Windows Driver Package - Logitech USB (03/19/2018 1.1.142.0) (HKLM\...\7665A2F14177289A395E62C8D872B2414E337C47) (Version: 03/19/2018 1.1.142.0 - Logitech)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinISO (HKLM-x32\...\WinISO) (Version: 6.4.0.5092 - WinISO Computing Inc.)
WinRAR 5.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EB}) (Version: 19.5.11475 - WinZip Computing, S.L. )
Wireshark 3.2.1 64-bit (HKLM-x32\...\Wireshark) (Version: 3.2.1 - The Wireshark developer community, hxxps://www.wireshark.org)
XMedia Recode 64bit Version 3.5.2.7 (HKLM\...\{D31E6E69-4C6A-42CC-926F-CC7B186864EB}_is1) (Version: 3.5.2.7 - XMedia Recode 64bit)
XMedia Recode Version 3.4.5.2 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.4.5.2 - XMedia Recode)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.4) (Version: 1.3.7 - Xvid Team)
Zoom (HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\ZoomUMX) (Version: 5.2.3 (45120.0906) - Zoom Video Communications, Inc.)
Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2021-05-26] (Microsoft Corporation)
Mail und Kalender -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2021-05-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-09-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-05-26] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2021-05-26] (Microsoft Studios) [MS Ad]
MSN Wetter -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2021-05-26] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2021-05-26] (NVIDIA Corp.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1645521455-3686839743-3489531396-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Stardust\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1645521455-3686839743-3489531396-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Stardust\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Seagate\DiscWizard\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Seagate\DiscWizard\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Seagate\DiscWizard\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-10] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => i:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => i:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [Datei ist nicht signiert]
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-03-22] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-05-27] (WinZip Computing LLC -> WinZip Computing, S.L.)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => i:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers3: [DeleteFiles] -> {736AF091-C361-49B4-A928-87C586130D33} => d:\Program Files\File Shredder\fsshell.dll [2012-03-31] () [Datei ist nicht signiert]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-10] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => i:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-05-27] (WinZip Computing LLC -> WinZip Computing, S.L.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\nvshext.dll [2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-10] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-05-27] (WinZip Computing LLC -> WinZip Computing, S.L.)
|
|
29.03.2022, 18:23
| #7 |
| | Illegale SoftwareCode:
ATTFilter ==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\system32\ac3filter.acm [2231296 2013-04-05] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\system32\xvidvfw.dll [251392 2019-12-28] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [1679360 2013-04-06] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2019-12-28] () [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2015-05-08 06:08 - 2015-05-08 06:08 - 000151552 ____N () [Datei ist nicht signiert] C:\Program Files (x86)\DroidCam\lib\DroidCam.dll
2015-05-08 06:08 - 2015-05-08 06:08 - 000081920 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\DroidCam\lib\DroidCamFilter.ax
2015-05-08 06:14 - 2015-05-08 06:14 - 000086016 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\DroidCam\lib\DroidCamFilter240p.ax
2017-12-08 18:53 - 2012-04-26 14:51 - 000040448 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\pdf995mon64.dll
2017-03-31 14:53 - 2012-06-21 06:25 - 000113152 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\redmon64.dll
2016-06-12 16:59 - 2012-03-31 23:06 - 002689536 _____ () [Datei ist nicht signiert] d:\Program Files\File Shredder\fsshell.dll
2020-12-09 14:02 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMN6PPM.DLL
2017-08-26 15:54 - 2017-08-26 15:54 - 000410112 _____ (Florian Heidenreich) [Datei ist nicht signiert] i:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
2016-08-12 13:16 - 2016-05-10 10:29 - 000077312 _____ (Igor Pavlov) [Datei ist nicht signiert] C:\Program Files\7-Zip\7-zip.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => regfile
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://api.youqian.baidu.com/v1/nav?soft=12&uid=50123297&guid=b03aef865521ad18efb1dc6ab9bf9182&vd=4152366882
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-1645521455-3686839743-3489531396-1000 -> {4AD43A14-AA87-4d4b-A345-B0BC1C61BC76} URL = hxxp://www.google.cn/search?hl=zh-CN&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1645521455-3686839743-3489531396-1000 -> {C3BBCD0B-9234-4d36-9151-EC49EE32FCE3} URL = hxxp://www.baidu.com/s?wd={searchTerms}&tn=28026190_dg&ie=utf-8
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2018-04-09 09:43 - 000001234 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;D:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;i:\Program Files (x86)\Smart Projects\IsoBuster;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\Control Panel\Desktop\\Wallpaper -> D:\cinema4dprojekte\hintergrund2021korr.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei)
ist aktiviert.
Network Binding:
=============
LAN-Verbindung 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
LAN-Verbindung: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Bluetooth-Netzwerkverbindung 3: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: asComSvc => 2
MSCONFIG\Services: DevoloNetworkService => 2
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamNetworkSvc => 3
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FAH.lnk => C:\Windows\pss\FAH.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Ednltion => C:\Users\Stardust\AppData\Local\Ednltion\Windows_Activaton.exe
MSCONFIG\startupreg: Everything => "C:\Program Files (x86)\Everything\Everything.exe" -startup
MSCONFIG\startupreg: FreePDF Assistant => "C:\Program Files (x86)\FreePDF_XP\fpassist.exe"
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: IR_SERVER => C:\PROGRA~2\Realtek\REALTE~1\IR_SERVER.exe
MSCONFIG\startupreg: LGBackAgent => C:\ProgramData\LGMOBILEAX\B2C_Client\LGbackagent.exe
MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: Steam => "D:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\StartupApproved\Run: => "iCloudServices"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{45726997-AC79-445D-B5FE-E300A4E1BDD5}] => (Allow) %USERPROFILE%\Downloads\GoogleEarthProSetup.exe => Keine Datei
FirewallRules: [{0850213F-515D-4F0D-B38B-C2FEF3AD3201}] => (Allow) %USERPROFILE%\Downloads\GoogleEarthProSetup.exe => Keine Datei
FirewallRules: [{1398EABE-D754-4572-B44F-1D9E037D6917}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{50F05036-254B-4682-A4EA-E81ECBE486B2}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{93DF9CEE-5B4E-45F1-B708-10FBCDAC67DB}] => (Allow) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe (Brave Software, Inc. -> BraveSoftware Inc.)
FirewallRules: [{EC180055-4A83-41B3-8B2A-91679FE65686}] => (Allow) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe (Brave Software, Inc. -> BraveSoftware Inc.)
FirewallRules: [UDP Query User{54ED30B0-9C49-4B89-9675-DBCA8BCEFC1D}D:\program files\notion 6\notion.exe] => (Block) D:\program files\notion 6\notion.exe (PreSonus Audio Electronics, Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{C2CD6F89-E60B-49AB-923A-67EC564BA12E}D:\program files\notion 6\notion.exe] => (Block) D:\program files\notion 6\notion.exe (PreSonus Audio Electronics, Inc.) [Datei ist nicht signiert]
FirewallRules: [{D6A787F3-AA71-4E35-96CD-BE6DAC50C2AA}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [{3A0DE83A-C728-45A7-A537-1ED4A2C8BC45}] => (Allow) C:\Users\Stardust\AppData\Local\Programs\signal-desktop\Signal.exe (Signal Messenger, LLC -> Open Whisper Systems)
FirewallRules: [{D59FA179-1243-4EB6-81A3-2BF5E14C7758}] => (Allow) C:\Users\Stardust\AppData\Local\Programs\signal-desktop\Signal.exe (Signal Messenger, LLC -> Open Whisper Systems)
FirewallRules: [{F0D80B60-0D45-4A39-BDAB-D817250ACA98}] => (Allow) C:\Users\Stardust\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{804126A9-F4F6-4D67-B0D5-64855DB05393}] => (Allow) C:\Users\Stardust\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6676375E-E76F-4EA2-A22E-A0E6976ABFB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E8BA56D3-B161-4A84-84D7-EFF90AAE5879}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EAEA0EEA-13E0-44FE-BA87-85C2518C01C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D72F44AC-332F-4E75-BC58-6DF94F7B12E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D5DEE26A-2EF5-43D2-88A4-28683D2481F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{779E82D9-25C8-4F4B-8101-85D6369BECBE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{9524D95F-EB37-4397-BA2E-B079B75F933A}D:\programme\presonus\studio one 5\pluginscanner.exe] => (Block) D:\programme\presonus\studio one 5\pluginscanner.exe (PreSonus Audio Electronics, Inc. -> PreSonus)
FirewallRules: [TCP Query User{4E68F013-B9C2-4653-AD19-1EBE18801D4F}D:\programme\presonus\studio one 5\pluginscanner.exe] => (Block) D:\programme\presonus\studio one 5\pluginscanner.exe (PreSonus Audio Electronics, Inc. -> PreSonus)
FirewallRules: [UDP Query User{5909E84C-39C7-4899-AD59-67D3FC00BE82}D:\programme\presonus\studio one 5\studio one.exe] => (Block) D:\programme\presonus\studio one 5\studio one.exe (PreSonus) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{0068E0D5-3C72-4CCB-AE42-9CA5F7367C8B}D:\programme\presonus\studio one 5\studio one.exe] => (Block) D:\programme\presonus\studio one 5\studio one.exe (PreSonus) [Datei ist nicht signiert]
FirewallRules: [{A4DE53E3-0AA7-4D85-B3B4-64E48FACED01}] => (Allow) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audient\Audient USB Audio Driver () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [{BCEA5F4A-6D92-41D9-BDF7-627C9CD465AA}] => (Allow) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audient\Audient USB Audio Driver () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [{37D232BE-7F8B-49E0-A925-5AA52BE1D94F}] => (Allow) LPort=80
FirewallRules: [{72F46ADF-1E40-4309-A607-7794DE1357D1}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe => Keine Datei
FirewallRules: [{0D6B5073-505A-41A5-A405-81CDF4A872DD}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe => Keine Datei
FirewallRules: [{ABCDEBC9-C170-4771-A962-BE77E003802F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6B8EFDBC-E8B6-44C4-BC71-4D2F1C825287}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C81811F9-445D-4AD6-95F1-BE862810064F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{19022C9B-0FB9-4B43-9AF7-9E749D97C77D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{B39059B6-DA9E-4949-B393-D658D414BB4C}C:\users\stardust\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\stardust\appdata\roaming\spotify\spotify.exe => Keine Datei
FirewallRules: [TCP Query User{3E368EA9-E1C2-4932-ACA3-E02B1E6FFC2F}C:\users\stardust\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\stardust\appdata\roaming\spotify\spotify.exe => Keine Datei
FirewallRules: [{88E3F147-C663-42B4-B39B-2D1AFFF21568}] => (Allow) %APPDATA%\Spotify\SpotifyStartupTask.exe => Keine Datei
FirewallRules: [{C50CC851-25AA-40F1-B3B1-A2FB6731B203}] => (Allow) %APPDATA%\Spotify\SpotifyStartupTask.exe => Keine Datei
FirewallRules: [{B229BCCA-AF27-461E-BF83-9EE69E60ED61}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{2C78779F-D4E2-450C-8164-4679D8CCBFC3}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{0D2928F3-EC53-4D6E-8BEB-DB39918632FD}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\CptHost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{CF13AADA-A84B-4F3B-A9F5-9FBA0EFECBE5}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{06B58B17-BC96-4C7A-9ACA-09B8E5BDFE0F}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\Zoom_launcher.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{FE3AB3A3-2070-4D78-9D07-97539D7A8ECE}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\Zoom_launcher.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{2C85DB43-E13A-45B1-8361-CB974E3FE938}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{3A015441-937C-4C2E-9496-9A327C5BC17D}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\CptHost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{793659E2-DE66-4E47-ADAC-F7343970BD6C}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{8108CEC1-030F-45A7-A31E-2FFBF4DAF833}] => (Allow) C:\Users\Stardust\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{2CCBD703-3A4B-42F3-B1B1-3D563E2D1983}] => (Allow) I:\Program Files (x86)\CDex\CDex.exe (The CDex Project - hxxp://cdex.mu/) [Datei ist nicht signiert]
FirewallRules: [{4D390133-375B-4398-A51C-DCA3F913613D}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro Media, Inc. -> )
FirewallRules: [{F825EE26-153C-4621-8BE2-E1B7F1A28107}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro Media, Inc. -> )
FirewallRules: [{2E98CD03-8B2E-496F-846B-3913D741DDCA}] => (Allow) G:\Downloads\MediaCreationTool1909.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A7C892B5-7C80-4960-B780-96C1810022B0}] => (Allow) G:\Downloads\MediaCreationTool1909.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9997823F-F7C7-44B1-88D0-D31F3EE26C26}] => (Allow) %ProgramFiles% (x86)\Microsoft\Skype for Desktop\Skype.exe => Keine Datei
FirewallRules: [{3E7B2C18-DCA6-49D3-BB1B-957D734DB9B3}] => (Allow) %ProgramFiles% (x86)\Microsoft\Skype for Desktop\Skype.exe => Keine Datei
FirewallRules: [{1DE4B95E-DCC9-47A6-B054-0D24EB1E2959}] => (Allow) G:\Downloads\MBSetup.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{16DF8E75-D757-4F82-8552-E5F2A3E33B5A}] => (Allow) G:\Downloads\MBSetup.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{2172627C-2456-4700-BA6A-86149383519B}] => (Allow) C:\ProgramData\Malwarebytes\MBAMService\instlrupdate\MBSetup.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{E9D4FC0A-C850-460A-ADB9-107C3B58CE11}] => (Allow) C:\ProgramData\Malwarebytes\MBAMService\instlrupdate\MBSetup.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{5BFC71F3-E4B3-464A-84CE-3C6DD958C364}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe (hxxp://www.qemu.org/) [Datei ist nicht signiert]
FirewallRules: [{0A4A1169-C4B6-43F7-B5E7-21C30B9619F8}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe (hxxp://www.qemu.org/) [Datei ist nicht signiert]
FirewallRules: [{D78FE345-E7D9-4AF1-8300-B8B59669C49C}] => (Allow) %ProgramFiles% (x86)\Microsoft\Skype for Desktop\Skype.exe => Keine Datei
FirewallRules: [{36D35FE3-E4B1-4DA7-BA26-0F88A72EAF12}] => (Allow) %ProgramFiles% (x86)\Microsoft\Skype for Desktop\Skype.exe => Keine Datei
FirewallRules: [{CA948FF9-72AF-4359-882E-E49F6A7BB207}] => (Allow) G:\Downloads\Firefox Installer.exe (Mozilla Corporation -> Mozilla)
FirewallRules: [{A83B1FDC-0679-406F-979D-52C939ED900D}] => (Allow) G:\Downloads\Firefox Installer.exe (Mozilla Corporation -> Mozilla)
FirewallRules: [{87AF8ABC-A8E9-4185-B23D-BFA928864A16}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe (DEV47 APPS -> )
FirewallRules: [{435D4D41-B9B1-459E-8381-8EDCA75E2199}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe (DEV47 APPS -> )
FirewallRules: [{07062243-569D-4FA4-A552-E89658ADE6BC}] => (Allow) C:\Program Files (x86)\devolo\dlan\frontend\plcnetui.exe () [Datei ist nicht signiert]
FirewallRules: [{9C72B629-FB44-4FF7-ABB3-32556895EE91}] => (Allow) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom International BV -> TomTom)
FirewallRules: [{EB0E6D05-8542-4F8B-A46A-ECF6B0A35DFB}] => (Allow) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom International BV -> TomTom)
FirewallRules: [{1C03871A-74A1-42C1-BAF3-CE76626345B7}] => (Allow) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom International BV -> TomTom)
FirewallRules: [{C9355F47-C98A-4CA6-BAE0-D3F332B50FB9}] => (Allow) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom International BV -> TomTom)
FirewallRules: [{80986ED8-F007-4A02-9BF8-52128EC5AC7A}] => (Allow) C:\Program Files (x86)\TomTom HOME 2\TomTomHOME.exe (TomTom International BV -> TomTom International B.V.)
FirewallRules: [{4E32ADA4-017F-4F7A-BC52-4D3B7171221A}] => (Allow) C:\Program Files (x86)\TomTom HOME 2\TomTomHOME.exe (TomTom International BV -> TomTom International B.V.)
FirewallRules: [{80C41E00-57C9-4C52-AD2C-A46ED5C8F34B}] => (Allow) %ProgramFiles% (x86)\Guitar SightReader Toolbox\Guitar SightReader Toolbox.exe => Keine Datei
FirewallRules: [{9D795015-E6A7-4CF3-A2AA-5192E72C6F87}] => (Allow) %ProgramFiles% (x86)\Guitar SightReader Toolbox\Guitar SightReader Toolbox.exe => Keine Datei
FirewallRules: [{E46CF54E-982D-439A-B832-090F9632FB4D}] => (Allow) I:\Program Files\Data\InstallManager\Band-in-a-Box Download Manager.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [{B517D6B7-8263-43A0-B06A-9419911BC28F}] => (Allow) I:\Program Files\Data\InstallManager\Band-in-a-Box Download Manager.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [UDP Query User{A293CA92-392A-4120-B138-F95A41F8CA5A}C:\program files\adobe\adobe premiere pro cc 2014\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2014\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [TCP Query User{721621AE-5AC1-46DA-9C64-FE43FF657E28}C:\program files\adobe\adobe premiere pro cc 2014\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2014\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [UDP Query User{41B49B4F-CB31-4CA0-B41A-F457264B3E19}D:\program files\adobe after effects cc 2015\support files\afterfx.exe] => (Block) D:\program files\adobe after effects cc 2015\support files\afterfx.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [TCP Query User{DE957A4A-3CEA-44F7-9DD2-76C9D6A84928}D:\program files\adobe after effects cc 2015\support files\afterfx.exe] => (Block) D:\program files\adobe after effects cc 2015\support files\afterfx.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{9FB33977-7E99-4857-BE54-C6BEDA700989}] => (Allow) c:\Users\Stardust\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe () [Datei ist nicht signiert]
FirewallRules: [{537BF543-9387-4555-A811-14CB5E825CA2}] => (Allow) c:\Users\Stardust\Desktop\Tor Browser\Browser\updater.exe (Mozilla Foundation) [Datei ist nicht signiert]
FirewallRules: [{88CEA99B-8A7B-454C-87C8-E505B60AE651}] => (Allow) c:\Users\Stardust\Desktop\Tor Browser\Browser\plugin-hang-ui.exe => Keine Datei
FirewallRules: [{A83784D9-E867-417A-B66B-3AA6A2B4741F}] => (Allow) c:\Users\Stardust\Desktop\Tor Browser\Browser\plugin-container.exe (Mozilla Corporation) [Datei ist nicht signiert]
FirewallRules: [{2E8C2229-2389-405E-91B9-75DB90900862}] => (Allow) c:\Users\Stardust\Desktop\Tor Browser\Browser\pingsender.exe => Keine Datei
FirewallRules: [{E692EBBB-881A-48DD-81FC-3B23DA688B96}] => (Block) c:\Users\Stardust\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) [Datei ist nicht signiert]
FirewallRules: [{D48F985D-CA23-49C0-ABAC-F90C79B2A706}] => (Allow) C:\Users\Stardust\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) [Datei ist nicht signiert]
FirewallRules: [{68B99EB8-CF83-4455-9D02-015B44C7BEBF}] => (Allow) C:\Program Files\Google\Google Earth Pro\client\googleearth.exe (Google LLC -> Google)
FirewallRules: [{DCF439E4-5DCD-4311-AE60-9CD3270665F3}] => (Allow) C:\Program Files\Google\Google Earth Pro\client\googleearth.exe (Google LLC -> Google)
FirewallRules: [{A9AA78A4-6578-42AA-B471-B50ABF0BBCDE}] => (Allow) %ProgramFiles% (x86)\Garmin\WebUpdater\WebUpdater.exe => Keine Datei
FirewallRules: [{409C29D0-2F92-430C-B9E0-0077DC1A5224}] => (Allow) %ProgramFiles% (x86)\Garmin\WebUpdater\WebUpdater.exe => Keine Datei
FirewallRules: [{50A94525-7B5A-4322-AF3B-2C04D461FE47}] => (Allow) G:\Downloads\BaseCamp_462.exe => Keine Datei
FirewallRules: [{E3FE2577-33A0-4FC5-8579-9F11BCDD96F1}] => (Allow) G:\Downloads\BaseCamp_462.exe => Keine Datei
FirewallRules: [{DB05C517-5ACA-499B-B182-59BA2A432DEC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Descenders\Descenders.exe () [Datei ist nicht signiert]
FirewallRules: [{20EA742D-3212-4015-9926-2FC1A12DC369}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Descenders\Descenders.exe () [Datei ist nicht signiert]
FirewallRules: [{9D67B560-418D-4EF5-A6EB-DA3254859747}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{FF720EC3-EFAD-4561-ACF5-7370EAC6FE10}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{439618FA-FE8A-464B-9D4D-67B7191558C0}] => (Allow) G:\Watteln\Watten.exe => Keine Datei
FirewallRules: [UDP Query User{2CBA51BF-556C-4512-ACB7-4577F03AF80B}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{C1D0294E-73E7-4B90-A50E-0EC630DB2D76}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{098E0E87-3A90-4333-A481-E744B500FCC7}G:\watteln\watten.exe] => (Allow) G:\watteln\watten.exe => Keine Datei
FirewallRules: [TCP Query User{70D5B643-25C7-44E4-8506-AF95712C60BA}G:\watteln\watten.exe] => (Allow) G:\watteln\watten.exe => Keine Datei
FirewallRules: [{5E1DB94E-71CA-4EB7-9672-AC178E1118C4}] => (Allow) I:\Program Files (x86)\Mp3tag\Mp3tag.exe (Florian Heidenreich -> Florian Heidenreich)
FirewallRules: [{02DD0451-BCC7-4781-A510-E8ED0CA2E612}] => (Allow) I:\Program Files (x86)\Mp3tag\Mp3tag.exe (Florian Heidenreich -> Florian Heidenreich)
FirewallRules: [{29863FEA-81AF-4EB4-9EDE-198050D7614B}] => (Allow) G:\Downloads\flashplayer32_xa_install.exe => Keine Datei
FirewallRules: [{7290091B-3DF5-4FA2-9214-F43F3E84D382}] => (Allow) G:\Downloads\flashplayer32_xa_install.exe => Keine Datei
FirewallRules: [{6B377E0D-1CA3-4552-AF40-DD6C4ED01E13}] => (Allow) I:\Program Files\bbw64.exe (PG Music Inc. -> )
FirewallRules: [{FBF42B58-1816-44D0-91E9-47991FAF1526}] => (Allow) I:\Program Files\bbw64.exe (PG Music Inc. -> )
FirewallRules: [{73A87E49-5C72-4DBD-A1E3-08B310064E47}] => (Allow) I:\Program Files\BBHelper\BandinaBoxServer.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [{2D0C2364-6981-4EA1-93C6-F379C6771D55}] => (Allow) I:\Program Files\BBHelper\BandinaBoxServer.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [{1BFF1EBB-6D7A-4D86-A172-0430912D17EE}] => (Allow) I:\Program Files\BBHelper\BandinaBoxServer.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [{67A45789-11E5-4552-8F5B-3A2E71A3FEC3}] => (Allow) I:\Program Files\BBHelper\BandinaBoxServer.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [{2DBAC8DB-C3B9-4C7C-BCE6-2C1F26A13C39}] => (Allow) I:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{959B6391-0FAB-4B1E-B4BF-CB354A0F946D}] => (Allow) I:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{484EA69E-F766-4D44-BCE3-7F4102B0275B}] => (Allow) I:\Program Files (x86)\Utherverse Digital Inc\Utherverse VWW Client\UtherversePatcher.exe => Keine Datei
FirewallRules: [{69886C76-C242-4763-9C80-587C82242B8C}] => (Allow) I:\Program Files (x86)\Utherverse Digital Inc\Utherverse VWW Client\Utherverse.exe => Keine Datei
FirewallRules: [{5B6AB93A-94EA-44E1-921F-507DB18A802A}] => (Allow) G:\Downloads\RedLightCenterSetup(1).exe => Keine Datei
FirewallRules: [{F1FC5BFF-F53C-4914-8C5F-11848715DE35}] => (Allow) G:\Downloads\Chathouse 3D RouletteInstaller.exe => Keine Datei
FirewallRules: [{3EF9FAAC-0393-4F21-A5F9-C1A5BBF2D3C0}] => (Allow) G:\Downloads\Chathouse 3D RouletteInstaller.exe => Keine Datei
FirewallRules: [{1F613038-E5ED-4D40-8C14-298CCC79FC3A}] => (Allow) I:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{BD8FCE35-A7C2-4AF8-8A88-40582CDDEF50}] => (Allow) I:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [UDP Query User{F8367F88-1CFA-471B-987D-D1635E7D09E5}I:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) I:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [TCP Query User{29FA741A-D1D8-499A-B79F-93BA4E83DB20}I:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) I:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{A1B64CE2-A069-4A8A-A855-FDEC276590EC}] => (Allow) c:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{A86E9587-AF44-46E9-832B-097A3314EAA6}] => (Allow) c:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{9838D397-FC5A-424C-A274-E1E8391F2027}] => (Allow) G:\Downloads\MBSetup(1).exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{3801F7E3-0F7B-476E-A70B-C4BF390F041A}] => (Allow) G:\Downloads\MBSetup(1).exe (Malwarebytes Inc -> Malwarebytes)
FirewallRules: [{BD209C8E-8234-439C-8D4A-AAEF4043E9F3}] => (Allow) G:\Downloads\spamfighter_web_7.6.131.exe => Keine Datei
FirewallRules: [{D5E2543D-6BD3-41DE-AAE2-0FEAA1BD2FDD}] => (Allow) G:\Downloads\spamfighter_web_7.6.131.exe => Keine Datei
FirewallRules: [{D3768099-B18C-47F3-9467-0AC563488714}] => (Allow) %SystemDrive%\gt1_wind_v100(1)\gt1_wind_v100\Files\Win7\Setup.exe => Keine Datei
FirewallRules: [{11D8D12A-61A4-4914-B0E4-329E6B55F0A1}] => (Allow) %SystemDrive%\gt1_wind_v100(1)\gt1_wind_v100\Files\Win7\Setup.exe => Keine Datei
FirewallRules: [{2397A65E-E37F-48A3-9B3A-1CB831B3B241}] => (Allow) C:\Program Files (x86)\devolo\dlan\frontend\plcnetui.exe () [Datei ist nicht signiert]
FirewallRules: [{27607790-9CDD-4536-B3B7-2A7B80B5BAC3}] => (Allow) I:\Program Files (x86)\CDex\CDex.exe (The CDex Project - hxxp://cdex.mu/) [Datei ist nicht signiert]
FirewallRules: [{B1E69D70-1998-4226-B4B0-07B5A1725CE1}] => (Allow) I:\Program Files (x86)\CDex\CDex.exe (The CDex Project - hxxp://cdex.mu/) [Datei ist nicht signiert]
FirewallRules: [{3A11DEBE-1109-48AC-B10D-C565B80A06D0}] => (Allow) %USERPROFILE%\Desktop\streamwriter.exe => Keine Datei
FirewallRules: [{AD06DBEB-806C-44D9-A612-EFDF13DA7954}] => (Allow) %USERPROFILE%\Desktop\streamwriter.exe => Keine Datei
FirewallRules: [{9FB622EE-322E-4200-987C-6CD1BF0DCCB1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{589D78D9-8EA9-46D3-8F6A-32DFBCBCFB7E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{474757EE-1A98-4C5A-8A25-F2BB048AE83C}] => (Allow) G:\Guitar Pro 6\GPUpdater.exe () [Datei ist nicht signiert]
FirewallRules: [{D7F48C40-9DAE-4A75-A8EA-7D33A5F3B432}] => (Allow) G:\Guitar Pro 6\GPUpdater.exe () [Datei ist nicht signiert]
FirewallRules: [{C38280D3-D34A-42BE-B4C4-C0D90F91B9FE}] => (Allow) G:\Guitar Pro 6\GuitarPro.exe () [Datei ist nicht signiert]
FirewallRules: [{48D892BE-3702-4C0C-8CFD-AD89AFECC780}] => (Allow) G:\Downloads\flashplayer25_xa_install.exe => Keine Datei
FirewallRules: [{08325C81-EFFA-40E9-9B54-60B9ECA1366B}] => (Allow) G:\Downloads\flashplayer25_xa_install.exe => Keine Datei
FirewallRules: [{DAC656A2-3E13-4054-9C64-4B0795F86DA4}] => (Allow) I:\Program Files (x86)\vegas.pro.13.0.(64-bit)-patch.exe => Keine Datei
FirewallRules: [{C0BF5D09-9E78-4CA5-9D5D-65F2D4A1E0AF}] => (Allow) I:\Program Files (x86)\vegas.pro.13.0.(64-bit)-patch.exe => Keine Datei
FirewallRules: [{F472FEC6-CC1F-4060-86F0-2513310E4295}] => (Allow) I:\Program Files (x86)\SaalDesignSoftware\SaalDesignSoftware.exe () [Datei ist nicht signiert]
FirewallRules: [{5D6A42F4-C739-4014-B10A-39CBACBB2AD3}] => (Allow) I:\Program Files (x86)\SaalDesignSoftware\SaalDesignSoftware.exe () [Datei ist nicht signiert]
FirewallRules: [{B3D569F4-AC44-4DEC-875F-A7910009A4D5}] => (Allow) C:\Users\Stardust\AppData\Local\WhatsApp\Update.exe (WhatsApp, Inc. -> GitHub) [Datei ist nicht signiert]
FirewallRules: [{9521914E-6602-4FA8-B144-7B9B06842600}] => (Allow) D:\Program Files (x86)\UNAV\Content Manager\ContentManager.exe (NNG Software Developing and Commercial LLC -> NNG Kft.) [Datei ist nicht signiert]
FirewallRules: [{F1998BBE-9EF1-4593-A161-CB1A8E91B738}] => (Allow) D:\Program Files (x86)\UNAV\Content Manager\ContentManager.exe (NNG Software Developing and Commercial LLC -> NNG Kft.) [Datei ist nicht signiert]
FirewallRules: [{D462A761-B321-4E2A-BD12-001864632900}] => (Allow) D:\Program Files\SilverFast Application\SilverFast 8\SilverFast 8.exe (LaserSoft Imaging AG) [Datei ist nicht signiert]
FirewallRules: [{4E7AF7D4-C5C4-450E-97FF-97C6F27D87C0}] => (Allow) D:\Program Files\SilverFast Application\SilverFast 8\SilverFast 8.exe (LaserSoft Imaging AG) [Datei ist nicht signiert]
FirewallRules: [{2C1BADFA-F32B-4365-9BDC-97BE5BE171B9}] => (Allow) D:\Program Files\Transmission\transmission-qt.exe (Open Source Developer, René Berber -> Transmission Project) [Datei ist nicht signiert]
FirewallRules: [{8D85DF7D-333B-4D71-A773-44248C40AA70}] => (Allow) D:\program files\transmission\transmission-qt.exe (Open Source Developer, René Berber -> Transmission Project) [Datei ist nicht signiert]
FirewallRules: [{E109743F-CD4D-4827-B754-4BF9EF0075C0}] => (Allow) D:\program files\transmission\transmission-qt.exe (Open Source Developer, René Berber -> Transmission Project) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{4EFADCFF-AE03-46C2-8004-C7CF360956B8}D:\program files\transmission\transmission-qt.exe] => (Allow) D:\program files\transmission\transmission-qt.exe (Open Source Developer, René Berber -> Transmission Project) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{C674454B-CC28-43B0-8504-0DB9CC3091A7}D:\program files\transmission\transmission-qt.exe] => (Allow) D:\program files\transmission\transmission-qt.exe (Open Source Developer, René Berber -> Transmission Project) [Datei ist nicht signiert]
FirewallRules: [{AFC448B2-C4F0-4358-BB8A-F0A15935122B}] => (Allow) I:\SteamLibrary\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (WARNER BROS. ENTERTAINMENT INC. -> Rocksteady Studios Ltd.) [Datei ist nicht signiert]
FirewallRules: [{276511F9-0472-4126-89E1-63497DA081D4}] => (Allow) I:\SteamLibrary\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (WARNER BROS. ENTERTAINMENT INC. -> Rocksteady Studios Ltd.) [Datei ist nicht signiert]
FirewallRules: [{9900E80C-4B1E-4A27-B2FB-E15F21860EB2}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe => Keine Datei
FirewallRules: [{A1AA72CC-96B2-41CD-9C65-AAA33643B064}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe => Keine Datei
FirewallRules: [{3C3203F2-4102-4CF2-8477-AE1E65C7CDA0}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9A91AFD4-B5A7-44D6-96AA-EADFABF16A32}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{57950E74-13CD-472E-A2C2-51BE18958F78}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FC30D880-8992-4EAD-902A-0C790BA10BCB}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{875A0A34-0270-4A7D-93B0-253CDC747C4E}] => (Allow) G:\Downloads\score-trainer-8.0.11-setup.exe => Keine Datei
FirewallRules: [{3C106228-B866-46FF-854A-61C579D6CFAF}] => (Allow) G:\Downloads\score-trainer-8.0.11-setup.exe => Keine Datei
FirewallRules: [{61328F64-C446-4DF7-B881-A36FF7B1C894}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3D79E6A0-FBC5-4213-9A47-D8058B082768}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CD408F9C-CC8E-435D-ADE3-9555B20DF81D}] => (Allow) G:\Guitar Pro 6\GuitarPro.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{D73D545D-DAB5-4636-BF5D-5D31A7E08987}D:\programme\presonus\studio one 3\studio one.exe] => (Block) D:\programme\presonus\studio one 3\studio one.exe => Keine Datei
FirewallRules: [TCP Query User{DD778855-4A1A-4C62-BE58-0771259C4381}D:\programme\presonus\studio one 3\studio one.exe] => (Block) D:\programme\presonus\studio one 3\studio one.exe => Keine Datei
FirewallRules: [{B1B8B461-B377-4B45-AFA2-E53916AA50C4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F8EB6B7A-E838-465D-A855-285C143EF185}] => (Allow) G:\Downloads\GoPro_Quik-WinInstaller-2.7.0.945.exe (GoPro Media, Inc. -> GoPro, Inc.)
FirewallRules: [{98E29DE6-8E05-4D38-88C2-11E7D9208049}] => (Allow) G:\Downloads\GoPro_Quik-WinInstaller-2.7.0.945.exe (GoPro Media, Inc. -> GoPro, Inc.)
FirewallRules: [{22DC4A98-3B30-49CA-B8E1-8DCE59AB81C8}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe (GoPro Media, Inc. -> )
FirewallRules: [{665D202F-7724-4E32-8D82-DE6DFBEA6604}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe (GoPro Media, Inc. -> )
FirewallRules: [{E5B4D37F-F401-404B-AFAD-1ACDB8C9B283}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro Media, Inc. -> )
FirewallRules: [{139FF9AD-9CCB-4376-9177-70B9C4D2C572}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro Media, Inc. -> )
FirewallRules: [{4A40FDD7-3938-4228-AD69-AEC75932D636}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe (GoPro Media, Inc. -> )
FirewallRules: [TCP Query User{640182BD-A9CC-46E8-AD76-FB7868077E37}D:\programme\presonus\studio one 5\studio one.exe] => (Block) D:\programme\presonus\studio one 5\studio one.exe (PreSonus) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{D335435A-B625-43A1-B758-74D1B4B28FAC}D:\programme\presonus\studio one 5\studio one.exe] => (Block) D:\programme\presonus\studio one 5\studio one.exe (PreSonus) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{FAE70BA7-8D77-4BFC-B6E5-F230112A79B4}D:\programme\presonus\studio one 5\pluginscanner.exe] => (Block) D:\programme\presonus\studio one 5\pluginscanner.exe (PreSonus Audio Electronics, Inc. -> PreSonus)
FirewallRules: [UDP Query User{D2511389-7324-4B46-8CCB-DBF3551A3815}D:\programme\presonus\studio one 5\pluginscanner.exe] => (Block) D:\programme\presonus\studio one 5\pluginscanner.exe (PreSonus Audio Electronics, Inc. -> PreSonus)
FirewallRules: [{5390FEF0-39EB-4B09-BFCD-BA4B89044E4E}] => (Allow) C:\Program Files (x86)\Line6\Line 6 Updater\Line 6 Updater.exe (Line 6) [Datei ist nicht signiert]
FirewallRules: [{3E270FBC-CD38-4B70-ABB9-8D28787A2068}] => (Allow) C:\Program Files (x86)\Line6\Line 6 Updater\Line 6 Updater.exe (Line 6) [Datei ist nicht signiert]
FirewallRules: [{F0F3E2D1-6FF9-41DF-AEE6-78672CA2E9CE}] => (Allow) C:\Program Files (x86)\AltServer\AltServer.exe (AltStore LLC) [Datei ist nicht signiert]
FirewallRules: [{29769EBA-6940-42F5-BAE8-B3234056FF8E}] => (Allow) C:\Program Files (x86)\AltServer\AltServer.exe (AltStore LLC) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{BCE50A3E-7FBC-4852-9CE8-4AB60C57F8A7}C:\program files (x86)\altserver\altserver.exe] => (Allow) C:\program files (x86)\altserver\altserver.exe (AltStore LLC) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{2D0729EB-13D2-4C5B-8B9D-7A433DA96909}C:\program files (x86)\altserver\altserver.exe] => (Allow) C:\program files (x86)\altserver\altserver.exe (AltStore LLC) [Datei ist nicht signiert]
FirewallRules: [{04316EEA-9C06-4303-B6A5-CDB89BACE1C0}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AA4D3211-D71A-4F37-B5C2-53C4DDBB87FB}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AF72C975-5100-48DB-AF13-F00A6BC62DDE}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [{14B2C166-8CB5-4270-B3FF-F5ECDA6AC65F}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [{00394055-BB00-4256-8108-FF35EAD1B100}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [{3878188A-C25F-43B7-8EE2-4D895197FC74}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe () <==== ACHTUNG [Null Byte Datei/Ordner]
FirewallRules: [{92A59CFD-5BD1-4AF6-96BA-A1DC29C25E7B}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{04DF408F-60F0-4570-B72B-9CB5B0B0098F}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{886F7962-47BC-4DB1-8712-349CAC7E2F24}C:\program files\adobe\common\plug-ins\7.0\mediacore\braw studio\braw_studio.exe] => (Block) C:\program files\adobe\common\plug-ins\7.0\mediacore\braw studio\braw_studio.exe (AESCRIPTS INC -> Autokroma)
FirewallRules: [UDP Query User{BF616C7B-735C-49AB-A67C-B3097819F35F}C:\program files\adobe\common\plug-ins\7.0\mediacore\braw studio\braw_studio.exe] => (Block) C:\program files\adobe\common\plug-ins\7.0\mediacore\braw studio\braw_studio.exe (AESCRIPTS INC -> Autokroma)
FirewallRules: [TCP Query User{C92D11F7-41A7-4F60-A658-244EBD4DAE37}C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [UDP Query User{71B87FE6-A2F3-4E4A-A40E-C19A91A85B2B}C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [TCP Query User{C6A9D091-80B7-44E7-8462-FBE6EB453983}C:\program files\adobe\adobe lightroom\helpers\dynamiclinkmediaserver\dynamiclinkmediaserver\1.0\dynamiclinkmediaserver.exe] => (Block) C:\program files\adobe\adobe lightroom\helpers\dynamiclinkmediaserver\dynamiclinkmediaserver\1.0\dynamiclinkmediaserver.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
FirewallRules: [UDP Query User{8D326412-9D0C-4043-89C0-B776E07C051D}C:\program files\adobe\adobe lightroom\helpers\dynamiclinkmediaserver\dynamiclinkmediaserver\1.0\dynamiclinkmediaserver.exe] => (Block) C:\program files\adobe\adobe lightroom\helpers\dynamiclinkmediaserver\dynamiclinkmediaserver\1.0\dynamiclinkmediaserver.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
FirewallRules: [{EC718A8E-D7BF-4918-ADED-26CC41CB0195}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C8E0C654-2D74-4EA3-98C8-7B6DC98929A8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CDE7DA5A-2DE1-4E5E-8DD9-A1F79395D0CF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4FAC0C01-715B-46A9-8A7C-79C2C9652D79}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1D7AA829-B031-4929-90F6-CEB5F65DF062}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:87.43 GB) (Free:7.1 GB) (8%)
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: Bluetooth USB module
Description: Bluetooth USB module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Netzwerkcontroller
Description: Netzwerkcontroller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (03/29/2022 06:14:46 PM) (Source: Firefox Default Browser Agent) (EventID: 12029) (User: )
Description: Event-ID 12029
Error: (03/29/2022 06:14:46 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/29/2022 04:37:17 PM) (Source: WAS-LA) (EventID: 7005) (User: )
Description: Das Listeneradapterprotokoll "msmq.formatname" hat versucht, mit dem Windows-Prozessaktivierungsdienst zu kommunizieren und dabei einen Fehler verursacht. Der Listeneradapter befindet sich nun in einem ungültigen Zustand. Ursache: Dies kann auftreten, wenn zwischen dem Windows-Prozessaktivierungsdienst und dem Listeneradapter nicht ausreichend Speicherplatz vorhanden ist oder Fehler aufgetreten sind. Korrektur: Um diesen Fehler zu korrigieren, beenden Sie den Listeneradapter und anschließend den Windows-Prozessaktivierungsdienst, starten Sie den Windows-Prozessaktivierungsdienst neu, und starten Sie schließlich den Listeneradapter neu.
Error: (03/28/2022 08:07:45 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (03/28/2022 08:07:45 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (03/28/2022 08:07:45 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (03/28/2022 08:07:45 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (03/28/2022 08:07:45 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Systemfehler:
=============
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TomTomHOMEService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "GoPro Device Detection Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Freemake Improver" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HuaweiHiSuiteService64.exe" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DTSAudioSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Seagate Scheduler2 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/29/2022 04:55:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bluetooth Driver Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Windows Defender:
================
Date: 2022-03-29 16:26:29
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Floxif.E&threatid=2147706431&enterprise=0
Name: Trojan:Win32/Floxif.E
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Program Files\Common Files\System\symsrv.dll
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: Unknown
Sicherheitsversion: AV: 1.327.1243.0, AS: 1.327.1243.0, NIS: 1.327.1243.0
Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5
Date: 2022-03-29 16:26:11
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Floxif.E&threatid=2147706431&enterprise=0
Name: Trojan:Win32/Floxif.E
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Program Files\Common Files\System\symsrv.dll
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: Unknown
Sicherheitsversion: AV: 1.327.1243.0, AS: 1.327.1243.0, NIS: 1.327.1243.0
Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5
Date: 2022-03-28 20:53:59
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Floxif.E&threatid=2147706431&enterprise=0
Name: Trojan:Win32/Floxif.E
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Program Files\Common Files\System\symsrv.dll
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: Stardust-PC\Stardust
Prozessname: C:\Windows\SysWOW64\dllhost.exe
Sicherheitsversion: AV: 1.327.1243.0, AS: 1.327.1243.0, NIS: 1.327.1243.0
Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5
Date: 2022-03-28 20:53:52
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Floxif.E&threatid=2147706431&enterprise=0
Name: Trojan:Win32/Floxif.E
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Program Files\Common Files\System\symsrv.dll
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: Stardust-PC\Stardust
Prozessname: C:\Program Files (x86)\Everything\Everything.exe
Sicherheitsversion: AV: 1.327.1243.0, AS: 1.327.1243.0, NIS: 1.327.1243.0
Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5
Date: 2022-03-28 20:53:48
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Floxif.E&threatid=2147706431&enterprise=0
Name: Trojan:Win32/Floxif.E
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Program Files\Common Files\System\symsrv.dll
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: Stardust-PC\Stardust
Prozessname: C:\Program Files (x86)\Everything\Everything.exe
Sicherheitsversion: AV: 1.327.1243.0, AS: 1.327.1243.0, NIS: 1.327.1243.0
Modulversion: AM: 1.1.17600.5, NIS: 1.1.17600.5
Event[0]:
Date: 2022-03-29 16:38:07
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.327.1243.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
Date: 2022-03-29 16:38:07
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.327.1243.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
Date: 2022-03-29 16:38:07
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.327.1243.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
Date: 2022-03-29 16:38:07
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.327.1243.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
Date: 2022-03-29 16:38:07
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.327.1243.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.17600.5
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
CodeIntegrity:
===============
Date: 2022-02-25 15:30:50
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. 2001 09/30/2015
Hauptplatine: ASUSTeK COMPUTER INC. X99-DELUXE
Prozessor: Intel(R) Core(TM) i7-5820K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 8%
Installierter physikalischer RAM: 65437.52 MB
Verfügbarer physikalischer RAM: 59779.09 MB
Summe virtueller Speicher: 130973.52 MB
Verfügbarer virtueller Speicher: 124678.38 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:87.43 GB) (Free:7.1 GB) NTFS
Drive d: (Volume) (Fixed) (Total:150.39 GB) (Free:99.08 GB) NTFS
Drive e: () (Fixed) (Total:196.23 GB) (Free:71.64 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: () (Fixed) (Total:269.53 GB) (Free:162.51 GB) NTFS
Drive g: (Transcend) (Fixed) (Total:2794.39 GB) (Free:619.38 GB) NTFS
Drive i: (Volume) (Fixed) (Total:183.33 GB) (Free:15.59 GB) NTFS
Drive j: (Volume) (Fixed) (Total:465.76 GB) (Free:386.37 GB) NTFS
Drive o: (Volume) (Fixed) (Total:465.75 GB) (Free:465.6 GB) NTFS
\\?\Volume{29bc2ce2-cce4-11e5-b999-806e6f6e6963}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{c2f07f0c-0000-0000-0000-c0e115000000}\ () (Fixed) (Total:0.56 GB) (Free:0.11 GB) NTFS
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 2794.5 GB) (Disk ID: 809702A0)
Partition: GPT.
==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 00091F2C)
Partition 1: (Not Active) - (Size=39.2 GB) - (Type=83)
Partition 2: (Not Active) - (Size=183.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16 GB) - (Type=05)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 00088602)
Partition 1: (Active) - (Size=196.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=269.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: BC2D691A)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: C2F07F0C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=87.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=569 MB) - (Type=27)
Partition 4: (Not Active) - (Size=150.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt =======================
FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 28-03-2022
durchgeführt von Stardust (Administrator) auf STARDUST-PC (ASUS All Series) (29-03-2022 18:59:42)
Gestartet von C:\Users\Stardust\Desktop\Virenscanner
Geladene Profile: Stardust
Plattform: Microsoft Windows 10 Home Version 20H2 19042.1237 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Brave
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe ->) (Acronis International GmbH -> Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(David Carpenter -> ) C:\Program Files (x86)\Everything\Everything.exe
(explorer.exe ->) (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe <10>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(services.exe ->) (Acronis International GmbH -> Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1906.55.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19071.19011.0_x64__8wekyb3d8bbwe\Music.UI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Seagate Scheduler2 Service] => C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe [401080 2016-09-09] (Acronis International GmbH -> Seagate)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8853248 2016-03-31] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1419008 2016-03-31] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3952096 2020-03-10] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe" (Keine Datei)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [293872 2014-08-25] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [DiscWizardMonitor.exe] => C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe [5626736 2016-09-09] (Acronis International GmbH -> Seagate)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [693336 2015-07-19] (Acronis International GmbH -> Acronis International GmbH)
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\Run: [Evjtion] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Stardust\AppData\Local\Ednltion\zggmavdz.dll (Keine Datei) <==== ACHTUNG
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Stardust\AppData\Local\Microsoft\Teams\Update.exe [2452664 2021-01-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-03-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\MountPoints2: {2b23946d-8395-11ea-8d07-2c56dcfb29ac} - "J:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\MountPoints2: {3708622c-9c6c-11ec-8f47-001bdc0f5e41} - "P:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\MountPoints2: {589a8aa1-416f-11ec-8ed9-001bdc0f5e41} - "P:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-1645521455-3686839743-3489531396-1000\...\MountPoints2: {f3cf51bc-0d59-11ec-8ea4-001bdc0f5e41} - "J:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon iP7200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBA.DLL [30208 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP7200 series: C:\Windows\system32\CNMLMBA.DLL [389120 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\PDF995 Monitor: C:\Windows\system32\pdf995mon64.dll [40448 2012-04-26] () [Datei ist nicht signiert]
HKLM\...\Print\Monitors\Redirected Port: C:\Windows\system32\redmon64.dll [113152 2012-06-21] () [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\99.1.36.122\Installer\chrmstp.exe [2022-03-26] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iD Autostart.lnk [2020-11-20]
ShortcutTarget: iD Autostart.lnk -> I:\Program Files\Audient\USBAudioDriver\W10_x64\iD.exe (Thesycon Software Solutions GmbH & Co. KG -> Audient)
Startup: C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\clean.bat [2019-03-07] () [Datei ist nicht signiert]
GroupPolicy\User: Beschränkung ? <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {076989FD-D443-4504-83CA-64810601FBCC} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-11-07] (NVIDIA
Task: {0E585CE1-C419-4727-A582-9E54A1238CBF} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Keine Datei)
Task: {15621708-65E6-425B-9FC7-9690D986FAC0} - System32\Tasks\Red Giant Link => C:\Program [Argument = Files (x86)\Red Giant Link\Red Giant Link.exe]
Task: {18CF7782-EF51-4CF5-98FD-51618CA7C520} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Keine Datei)
Task: {1BB78BF6-674D-4DBE-B063-5D3D09C89A48} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Keine Datei)
Task: {2A123457-F6C7-4970-9697-BFB272A512EA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2ADE8A48-D80D-4364-BDC7-2867103F061D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2AE01B1E-CF36-43B3-9107-15D14A6F2E7E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Keine Datei)
Task: {2CCCFE10-565F-43E4-BA75-CB0562B433EE} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2F85F820-77B1-4B7B-8E54-1933C30E5CE0} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Keine Datei)
Task: {334B7889-5A8B-4058-9EEE-651DCCBE4E1D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-20] (Adobe Inc. -> Adobe)
Task: {342F4578-FFCA-49D9-8DC0-8E8260946CAD} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {38E1DF0C-A53D-42FC-BDCD-198954F634A1} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {3BC919F3-ACAB-471F-BF08-6362961F8C8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-25] (Google Inc -> Google Inc.)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4E5BA39D-F273-4559-A8B4-EBAF956D4278} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Keine Datei)
Task: {532150C9-B9BA-4E16-AECB-25279FD46214} - System32\Tasks\AdobeAAMUpdater-1.0-Stardust-PC-Stardust => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {53585984-A13C-46C9-9EA3-88CDCF7DE5E6} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {53F1DCE3-3F1A-413E-998B-6B419B9677B1} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Keine Datei)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5BDA07B6-DE21-4A96-8B19-8EFDA5187064} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Keine Datei)
Task: {6BA091D6-7111-4C65-A9F3-2285041539F1} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Keine Datei)
Task: {6D2A8B03-270A-45AB-90AC-1A7865121988} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-16] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {71E80772-B077-4C1B-AD9F-C38C767517E7} - System32\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync => {2AE64751-B728-4D6B-97A0-B2DA2E7D2A3B}
Task: {7EECC9C8-1EE0-4853-BBBF-1760A0BBCD38} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [880 2020-09-25] () [Datei ist nicht signiert]
Task: {83093D10-05D6-4F0D-9688-4E171B0E4677} - System32\Tasks\{25F98069-70CB-48A9-B931-BF1D94951F4F} => G:\Downloads\GoPro_Quik-WinInstaller-2.7.0.945.exe [180585880 2020-04-02] (GoPro Media, Inc. -> GoPro, Inc.)
Task: {89BD13E7-D90B-41E7-91AB-CF803A0752AE} - System32\Tasks\Microsoft\Windows\Offline Files\Logon Synchronization => {FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8}
Task: {8BC6E84B-2860-40C1-B5D1-579A1C8F9770} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {8D030C4D-BBD1-4892-89B2-D51D809F87C6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_453_Plugin.exe [1502776 2020-11-20] (Adobe Inc. -> Adobe)
Task: {91CC13EA-0D77-43A4-A9F6-12667D379D8E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (Keine Datei)
Task: {98521B7B-BE3C-4AD6-A104-D94A6A45C76F} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Keine Datei)
Task: {9C15659A-CAD1-4E51-8E94-40C45E0BFF83} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9ED1D52B-03A0-4A8A-89BA-34D5A3EBA20A} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {A08BB583-34C1-49E9-B2DA-4AC980F8CC59} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {A3EDD0B1-51F2-4FDD-A5CE-A8B1F8958981} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Keine Datei)
Task: {A43F1BAA-9399-4965-9C62-14B265A6D5BD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Keine Datei)
Task: {A462F529-82E3-4BE2-B0EF-B4EFA29BA5E8} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {A7AEA0F8-A9AD-4FB5-B50D-DBC6153ACCB9} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Keine Datei)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B34FEDE3-F972-46BB-AD46-7691A085E4E9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {B3CED513-A4FE-4F16-9F98-2AFCCC82D880} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {B47C6464-3B0B-4209-908A-48E1B9AB080C} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Keine Datei)
Task: {B6451DFA-7517-4D9D-8048-4C32CEAA9C49} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-16] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {BAF779DC-E992-4932-8359-7889E0FEF22F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Keine Datei)
Task: {C0B40F63-FED3-4A03-8B6D-761AA4DAAB29} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Keine Datei)
Task: {CAE05DA5-63F7-44F4-9D51-E27999E6834D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CFA9598B-1124-4A7E-8A2A-A9C697F770F6} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D2899B86-E294-4E7C-B6DF-5B1A9EBC3245} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Keine Datei)
Task: {D35CC1F7-0AAD-4869-990B-4A90B1F59805} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Keine Datei)
Task: {D42E7572-EFE4-4A43-8766-C86235BF4C57} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Keine Datei)
Task: {D68681B2-3CB0-4529-B6EB-0EC6B00236D3} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Keine Datei)
Task: {DD7815C7-5CE4-4F85-852F-1D66DB296AE0} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Keine Datei)
Task: {DE234587-B089-45B9-9FB7-9AAA6DFC52AE} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E61B1606-18F5-4B92-A3B5-17ECDE148C58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-25] (Google Inc -> Google Inc.)
Task: {F1C5573A-A641-4228-88C2-64F8E5DD7461} - System32\Tasks\Microsoft\Windows\Offline Files\Background Synchronization => {FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8}
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{905F7350-6D98-4D00-8094-332339AD59E4}: [DhcpNameServer] 192.168.2.1
Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Profile: C:\Users\Stardust\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-29]
FireFox:
========
FF DefaultProfile: bgbxpof5.default
FF ProfilePath: C:\Users\Stardust\AppData\Roaming\TomTom\HOME\Profiles\4rzg4lot.default [2019-05-05]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2019-05-05] [] [ist nicht signiert]
FF ProfilePath: C:\Users\Stardust\AppData\Roaming\Mozilla\Firefox\Profiles\bgbxpof5.default [2022-03-19]
FF DownloadDir: G:\Downloads
FF Homepage: Mozilla\Firefox\Profiles\bgbxpof5.default -> hxxp://www.google.com
FF Extension: (Facebook Container) - C:\Users\Stardust\AppData\Roaming\Mozilla\Firefox\Profiles\bgbxpof5.default\Extensions\@contain-facebook.xpi [2021-11-30]
FF Extension: (Combo) - C:\Users\Stardust\AppData\Roaming\Mozilla\Firefox\Profiles\bgbxpof5.default\Extensions\combo@yandex.ru.xpi [2016-02-09] []
FF Extension: (YouTube Video and Audio Downloader) - C:\Users\Stardust\AppData\Roaming\Mozilla\Firefox\Profiles\bgbxpof5.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2017-05-20] []
FF Extension: (ImTranslator: Translator, Dictionary, TTS) - C:\Users\Stardust\AppData\Roaming\Mozilla\Firefox\Profiles\bgbxpof5.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2021-11-30]
FF Extension: (Video DownloadHelper) - C:\Users\Stardust\AppData\Roaming\Mozilla\Firefox\Profiles\bgbxpof5.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-11]
FF Extension: (YouTube Video and Audio Downloader (Dev Edt.)) - C:\Users\Stardust\AppData\Roaming\Mozilla\Firefox\Profiles\bgbxpof5.default\Extensions\{f73df109-8fb4-453e-8373-f59e61ca4da3}.xpi [2021-07-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_453.dll [2020-11-20] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=3.0.11 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_453.dll [2020-11-20] (Adobe Inc. -> )
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> D:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
Brave:
=======
BRA Profile: C:\Users\Stardust\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-03-29]
BRA DownloadDir: G:\Downloads
BRA StartupUrls: Default -> "hxxp://www.google.com/"
BRA DefaultSearchKeyword: Default -> :g
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Stardust\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-03-29]
BRA Extension: (Brave NTP background images) - C:\Users\Stardust\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-03-10]
BRA Extension: (Wallet Data Files Updater) - C:\Users\Stardust\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2022-03-10]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Stardust\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-03-29]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\Stardust\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2021-03-17]
BRA Extension: (Brave Ad Block Updater (EasyList Germany)) - C:\Users\Stardust\AppData\Local\BraveSoftware\Brave-Browser\User Data\faknfgalcghekhfggcdikddilkpjbonh [2022-03-29]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Stardust\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-14]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Stardust\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2022-03-29]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Stardust\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-03-16]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-20] (Adobe Inc. -> Adobe)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe [1340376 2017-12-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-16] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-16] (Brave Software, Inc. -> BraveSoftware Inc.)
S4 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [0 2022-03-28] () <==== ACHTUNG [Null Byte Datei/Ordner]
S2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [249320 2016-03-31] (DTS, Inc. -> DTS, Inc)
S4 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S2 Everything; C:\Program Files (x86)\Everything\Everything.exe [1666664 2022-03-28] (David Carpenter -> )
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-12-22] (Mixbyte Inc -> Freemake)
S2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [38328 2018-08-31] (GoPro Media, Inc. -> )
S2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2021-06-03] (Huawei Technologies Co., Ltd. -> ) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8022200 2022-03-28] (Malwarebytes Inc -> Malwarebytes)
R2 SgtSch2Svc; C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [1255144 2016-09-09] (Acronis International GmbH -> Seagate)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 asComSvc; "C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe" [X]
S2 AsSysCtrlService; "C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.25\AsSysCtrlService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] (ASUSTeK Computer Inc. -> )
R3 audientusbaudio; C:\WINDOWS\System32\drivers\audientusbaudio.sys [366800 2018-09-26] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 audientusbaudioks; C:\WINDOWS\System32\drivers\audientusbaudioks.sys [53456 2018-09-26] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 CYUSB3; C:\WINDOWS\System32\Drivers\CYUSB3.sys [91952 2018-11-16] (Cypress Semiconductor Corporation -> Cypress Semiconductor)
R3 debutfilter; C:\WINDOWS\system32\DRIVERS\debutfilterx64.sys [55144 2020-12-11] (NCH Software Pty Ltd -> )
S3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [33592 2015-05-24] (DEV47 APPS -> Dev47Apps)
S3 DroidCamVideo; C:\WINDOWS\System32\drivers\droidcamvideo.sys [229432 2015-05-24] (DEV47 APPS -> Dev47Apps)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-09-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [296736 2018-07-22] (Acronis International GmbH -> Acronis International GmbH)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223688 2022-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-20] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195024 2022-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2022-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-03-29] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157816 2022-03-29] (Malwarebytes Inc -> Malwarebytes)
S3 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [74616 2020-09-25] (Insecure.Com LLC -> Insecure.Com LLC.)
R2 NPF_devolo; C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys [36496 2021-07-13] (devolo AG -> Riverbed Technology, Inc.)
R0 nvme; C:\WINDOWS\System32\drivers\nvme.sys [83784 2015-12-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd)
R0 nvmeF; C:\WINDOWS\System32\drivers\nvmeF.sys [30776 2015-12-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd)
S3 SIVDriver; C:\WINDOWS\system32\Drivers\SIVX64.sys [198144 2021-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Ray Hinchliffe)
S3 sparkocam; C:\WINDOWS\System32\DRIVERS\sparkocam.sys [36176 2015-12-21] (Sparkosoft Inc -> Sparkosoft)
R2 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1058632 2018-07-22] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\System32\DRIVERS\tib_mounter.sys [248648 2018-07-22] (Acronis International GmbH -> Acronis International GmbH)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Apple, Inc.) [Datei ist nicht signiert]
R3 USBPcap; C:\WINDOWS\System32\DRIVERS\USBPcap.sys [48960 2019-08-11] (Tomasz Moń -> USBPcap)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 WinisoCDBus; C:\WINDOWS\System32\drivers\WinisoCDBus.sys [204032 2013-12-10] (ZJMedia Digital Technology Ltd. -> WinISO.com)
S1 iaujjhli; \??\C:\WINDOWS\system32\drivers\iaujjhli.sys [X]
U3 idsvc; kein ImagePath
S1 rqzhynon; \??\C:\WINDOWS\system32\drivers\rqzhynon.sys [X]
S3 TSSKX64; System32\drivers\tsskx64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-03-29 17:31 - 2022-03-29 18:48 - 000000000 ____D C:\Users\Stardust\Desktop\Virenscanner
2022-03-29 17:08 - 2022-03-29 17:20 - 000000000 ____D C:\ProgramData\RogueKiller
2022-03-29 16:56 - 2022-03-29 16:56 - 000004986 _____ C:\Users\Stardust\Documents\AdwCleaner[S00].txt
2022-03-29 16:56 - 2022-03-29 16:56 - 000004396 _____ C:\Users\Stardust\Documents\AdwCleaner[C00].txt
2022-03-29 16:52 - 2022-03-29 16:55 - 000000000 ____D C:\AdwCleaner
2022-03-29 16:38 - 2022-03-29 16:38 - 000195024 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-03-29 16:38 - 2022-03-29 16:38 - 000157816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-03-29 16:38 - 2022-03-29 16:38 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-03-28 20:29 - 2022-03-29 16:20 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-03-28 20:12 - 2022-03-29 16:25 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-03-28 20:12 - 2022-03-29 16:20 - 000223688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-03-28 16:13 - 2022-03-28 16:15 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-03-19 09:20 - 2022-03-19 09:20 - 000095933 _____ C:\Users\Stardust\Documents\rechnungbeitraghukmoped.pdf
2022-03-15 17:09 - 2022-03-15 17:09 - 001134792 _____ C:\Users\Stardust\Desktop\anwaltsrechnung.pdf
2022-03-14 16:51 - 2022-03-25 22:12 - 000000000 ____D C:\WINDOWS\Minidump
2022-03-12 15:28 - 2022-03-12 16:21 - 000000000 ____D C:\Users\Stardust\Documents\BAfög
2022-03-07 17:13 - 2022-03-07 17:13 - 000061073 _____ C:\Users\Stardust\Desktop\4769_001.pdf
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-03-29 19:00 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-29 18:59 - 2018-05-09 19:16 - 000000000 ____D C:\FRST
2022-03-29 18:58 - 2018-11-03 13:07 - 000000000 ____D C:\Users\Stardust\AppData\Roaming\Everything
2022-03-29 18:55 - 2018-11-03 22:34 - 000000000 ____D C:\Users\Stardust\AppData\Local\Everything
2022-03-29 18:55 - 2018-11-03 13:07 - 000000000 ____D C:\Program Files (x86)\Everything
2022-03-29 18:44 - 2018-05-25 18:07 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-29 18:39 - 2017-12-08 18:56 - 000000000 ____D C:\Users\Public\Ticket
2022-03-29 18:16 - 2016-09-30 17:09 - 000000000 ____D C:\Users\Stardust\Documents\Outlook-Dateien
2022-03-29 17:25 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-03-29 17:03 - 2016-11-26 15:02 - 000000000 ____D C:\Users\Stardust\AppData\LocalLow\Mozilla
2022-03-29 16:55 - 2016-04-21 16:01 - 000000000 ____D C:\ProgramData\NVIDIA
2022-03-29 16:55 - 2016-02-24 21:17 - 000000000 ____D C:\Users\Stardust\AppData\Roaming\Common
2022-03-29 16:44 - 2021-05-26 21:49 - 000780942 _____ C:\WINDOWS\system32\perfh00C.dat
2022-03-29 16:44 - 2021-05-26 21:49 - 000149608 _____ C:\WINDOWS\system32\perfc00C.dat
2022-03-29 16:44 - 2021-05-26 21:17 - 002766164 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-29 16:44 - 2019-12-07 15:50 - 000785800 _____ C:\WINDOWS\system32\perfh007.dat
2022-03-29 16:44 - 2019-12-07 15:50 - 000167914 _____ C:\WINDOWS\system32\perfc007.dat
2022-03-29 16:38 - 2021-05-26 21:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-29 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-03-29 16:37 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-03-29 16:34 - 2022-01-25 17:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-03-29 16:34 - 2016-02-06 19:31 - 000000000 ____D C:\Users\Stardust\AppData\Local\Adobe
2022-03-29 16:33 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-03-29 16:32 - 2018-05-02 18:01 - 000000000 ____D C:\ProgramData\Garmin
2022-03-29 16:32 - 2016-02-06 16:36 - 000000000 ____D C:\ProgramData\Package Cache
2022-03-28 21:13 - 2021-05-26 21:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-28 20:00 - 2021-05-26 21:06 - 005229264 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-28 19:56 - 2016-02-06 20:49 - 000000000 ____D C:\Program Files (x86)\Adobe
2022-03-28 19:55 - 2016-02-06 19:31 - 000000000 ____D C:\ProgramData\Adobe
2022-03-28 19:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-28 19:54 - 2016-02-06 19:33 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2022-03-28 19:49 - 2016-02-14 18:20 - 000000000 ____D C:\Users\Stardust\AppData\LocalLow\Adobe
2022-03-28 16:37 - 2016-02-06 19:31 - 000000000 ____D C:\Users\Stardust\AppData\Roaming\Adobe
2022-03-28 16:25 - 2016-02-08 18:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2022-03-28 16:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-03-28 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-03-28 16:08 - 2016-03-13 12:43 - 000000000 ____D C:\Users\Stardust\AppData\Roaming\transmission
2022-03-26 21:55 - 2021-05-26 21:08 - 000000000 ____D C:\Users\Stardust
2022-03-26 21:40 - 2016-03-25 18:39 - 000000000 ____D C:\Users\Stardust\AppData\Local\CrashDumps
2022-03-26 19:30 - 2021-03-16 20:18 - 000002356 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2022-03-21 17:40 - 2021-01-28 20:04 - 000000000 ____D C:\Users\Stardust\AppData\Roaming\Signal
2022-03-16 19:06 - 2017-06-25 11:08 - 000000000 ____D C:\Users\Stardust\AppData\Roaming\Arobas Music
2022-03-16 17:53 - 2016-09-04 11:04 - 000000000 ____D C:\Users\Stardust\AppData\Local\ElevatedDiagnostics
2022-03-15 17:35 - 2019-01-09 19:27 - 000000000 ____D C:\Program Files\Common Files\VST3
2022-03-12 10:04 - 2020-09-09 16:14 - 000000000 ____D C:\Users\Stardust\AppData\Roaming\vlc
2022-03-12 09:57 - 2016-10-01 12:42 - 000000000 ____D C:\Users\Stardust\AppData\Roaming\dvdcss
2022-03-08 17:57 - 2021-06-07 16:25 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-03-08 17:57 - 2020-05-03 16:39 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-03-08 17:47 - 2020-05-03 16:39 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-03-08 17:47 - 2020-05-03 15:29 - 000000000 ____D C:\Program Files\Malwarebytes
2022-03-03 18:19 - 2020-04-02 17:55 - 000000000 ____D C:\Users\Stardust\AppData\Local\Packages
2022-03-02 12:56 - 2019-09-27 20:07 - 000366360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll
2022-03-02 12:56 - 2019-09-27 20:07 - 000203544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_2.dll
2022-03-02 12:56 - 2019-09-27 20:07 - 000044312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140_1.dll
2022-03-02 12:56 - 2019-09-27 20:06 - 000333592 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll
2022-03-02 12:56 - 2019-09-27 20:06 - 000031512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_1.dll
2022-03-02 12:56 - 2019-09-27 20:06 - 000027416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_codecvt_ids.dll
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2019-03-07 18:27 - 2019-03-07 18:40 - 000000084 _____ () C:\Users\Stardust\clean.bat
2014-04-29 11:35 - 2014-04-29 11:35 - 354230360 _____ (Sony Creative Software Inc.) C:\Program Files (x86)\vegaspro13.0.310_64bit.exe
2016-01-13 22:47 - 2016-01-13 22:47 - 000000617 _____ () C:\Users\Stardust\AppData\Roaming\12.png
2018-11-10 18:26 - 2018-11-10 18:26 - 000000268 ___RH () C:\Users\Stardust\AppData\Roaming\Bubble Noise
2013-10-02 03:56 - 2013-10-02 03:56 - 000000167 _____ () C:\Users\Stardust\AppData\Roaming\bullet.png
2015-05-20 02:28 - 2015-05-20 02:28 - 000003813 _____ () C:\Users\Stardust\AppData\Roaming\circle_orange.png
2018-12-29 13:19 - 2018-12-29 13:22 - 000345950 _____ () C:\Users\Stardust\AppData\Roaming\CodecsLE_Install.log
2017-11-21 18:18 - 2017-11-21 18:18 - 041693696 _____ () C:\Users\Stardust\AppData\Roaming\ffmpeg.exe
2016-02-07 20:59 - 2016-02-07 20:59 - 000002210 _____ () C:\Users\Stardust\AppData\Roaming\FlasketAnemometry
2016-02-07 09:55 - 2016-02-07 09:55 - 000076288 _____ () C:\Users\Stardust\AppData\Roaming\hyphenizations.dll
2015-05-20 02:28 - 2015-05-20 02:28 - 000001392 _____ () C:\Users\Stardust\AppData\Roaming\inventory.png
2016-02-07 20:59 - 2016-02-07 20:59 - 000052466 _____ () C:\Users\Stardust\AppData\Roaming\La_Rioja
2013-10-02 03:54 - 2013-10-02 03:54 - 000000447 _____ () C:\Users\Stardust\AppData\Roaming\meta-index
2021-11-02 11:03 - 2021-11-02 11:03 - 000000016 _____ () C:\Users\Stardust\AppData\Roaming\obs-virtualcam.txt
2013-10-02 03:56 - 2013-10-02 03:56 - 000001826 _____ () C:\Users\Stardust\AppData\Roaming\page.margin.outer.xml
2014-05-08 05:08 - 2014-05-08 05:08 - 000001307 _____ () C:\Users\Stardust\AppData\Roaming\Steel - Matte Bronze.3PP
2017-06-25 15:08 - 2017-06-25 15:10 - 000001456 _____ () C:\Users\Stardust\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-06-05 13:37 - 2019-03-20 21:25 - 000007680 _____ () C:\Users\Stardust\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-10-17 17:48 - 2019-10-17 17:48 - 000002961 ____H () C:\Users\Stardust\AppData\Local\llbb1cscaicceo.ini
2019-11-28 17:03 - 2019-11-28 17:03 - 000002897 ____H () C:\Users\Stardust\AppData\Local\llbb1csccicceo.ini
2019-12-19 17:35 - 2019-12-19 17:35 - 000002939 ____H () C:\Users\Stardust\AppData\Local\llbb1csceicceo.ini
2019-01-17 18:12 - 2019-01-17 18:12 - 000002961 ____H () C:\Users\Stardust\AppData\Local\llbb1cscicceo.ini
2019-02-28 17:37 - 2019-02-28 17:37 - 000002854 ____H () C:\Users\Stardust\AppData\Local\llbb1cseicceo.ini
2019-03-28 18:20 - 2019-03-28 18:20 - 000002854 ____H () C:\Users\Stardust\AppData\Local\llbb1csgicceo.ini
2019-04-18 16:25 - 2019-04-18 16:26 - 000002918 ____H () C:\Users\Stardust\AppData\Local\llbb1csiicceo.ini
2019-05-16 16:16 - 2019-05-16 16:16 - 000002833 ____H () C:\Users\Stardust\AppData\Local\llbb1cskicceo.ini
2019-06-27 18:45 - 2019-06-27 18:45 - 000002897 ____H () C:\Users\Stardust\AppData\Local\llbb1csmicceo.ini
2020-01-16 18:14 - 2020-01-16 18:14 - 000002961 ____H () C:\Users\Stardust\AppData\Local\llbb1eacicceo.ini
2020-02-20 17:56 - 2020-02-20 17:56 - 000002897 ____H () C:\Users\Stardust\AppData\Local\llbb1eaeicceo.ini
2020-03-19 16:07 - 2020-03-19 16:07 - 000002982 ____H () C:\Users\Stardust\AppData\Local\llbb1eagicceo.ini
2021-12-04 19:24 - 2021-12-04 19:24 - 000007605 _____ () C:\Users\Stardust\AppData\Local\Resmon.ResmonCfg
2020-12-12 20:13 - 2020-12-12 20:13 - 000000000 _____ () C:\Users\Stardust\AppData\Local\zenmap.exe.log
2019-01-09 19:27 - 2019-01-09 19:27 - 000000514 _____ () C:\Users\Stardust\AppData\Local\{BBF71A64-BCF1-4DCD-AD17-6730881BF01C}
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
testsigning: ==> 'testsigning' ist aktiviert. Prüfung auf eventuelle nicht-signierte Treiber durchführen <==== ACHTUNG
==================== Ende von FRST.txt ========================
..weitere Logfiles habe ich leider nicht :-( irgendwie speichert MBAM nur die Scan Logfiles habe etliches in Quarantäne verschieben lassen Gruss Martin ...doch noch ein Protokoll gefunden Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-11-18.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-29-2022
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 43
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Common Files\Tencent
Deleted C:\Program Files (x86)\QuickSearch
Deleted C:\Program Files (x86)\Startfenster
Deleted C:\Program Files (x86)\Tencent
Deleted C:\Program Files\Common Files\Tencent
Deleted C:\ProgramData\7b24ec7cc000461ebe26d116b88142c8
Deleted C:\ProgramData\TXQMPC
Deleted C:\ProgramData\Tencent
Deleted C:\Users\Stardust\AppData\Local\DriverToolkit
Deleted C:\Users\Stardust\AppData\Local\VirtualStore\ProgramData\Tencent
Deleted C:\Users\Stardust\AppData\Roaming\Common\LuaRT
Deleted C:\Users\Stardust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????
Deleted C:\uninst
***** [ Files ] *****
Deleted C:\END
Deleted C:\Users\Stardust\AppData\Roaming\Installer.dat
Deleted C:\Windows\System32\drivers\TFsFltX64.sys
Deleted C:\Windows\System32\drivers\TSSKX64.sys
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\CoinisRevShare
Deleted HKCU\Software\DAILYPCCLEAN
Deleted HKCU\Software\FFUPD
Deleted HKCU\Software\Genius
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cmptch.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\qq.com
Deleted HKCU\Software\Microsoft\Tinstalls
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
Deleted HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Deleted HKLM\Software\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Deleted HKLM\Software\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Deleted HKLM\Software\Classes\METNSD
Deleted HKLM\Software\Classes\qmgcfiles
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\ QQPCTray
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\MTview
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\lsas
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\tsiVideo
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{63332668-8CE1-445D-A5EE-25929176714E}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\DownloadProxy.EXE
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Startfenster
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [4986 octets] - [29/03/2022 16:52:44]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
|
|
29.03.2022, 21:02
| #8 |
| /// TB-Ausbilder | Illegale Software Den 2. Teil meines Posts hast du nicht gelesen?  |
|
29.03.2022, 21:15
| #9 |
| | Illegale Software ... ich geb auf  denke die Kiste ist grösstenteils sauber Gruss Martin |
|
29.03.2022, 21:21
| #10 |
| /// TB-Ausbilder | Illegale Software Lesen ist nicht jedermanns Sache. |
| Themen zu Illegale Software |
| administrator, computer, defender, desktop, firefox, flash player, google, hijack, home, homepage, internet, mozilla, nvcontainer, nvcontainer.exe, nvidia, port, prozesse, realtek, registry, rundll, scan, services.exe, software, system, usb, virus, windows |
Linear-Darstellung
