Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Verdacht auf befall von Trojanern (https://www.trojaner-board.de/202456-verdacht-befall-trojanern.html)

Individuum 26.08.2021 19:11
Verdacht auf befall von Trojanern
 
allo Liebe Community,
des öfteren bin ich schon hier gelandet wenn ich mir eine Malware oder sonstiges eingefangen hatte und konnte bisher immer etwas daraus ziehen. Nun sind mir in letzter Zeit immerwieder konten von spotify, mojang, gmail, microsoft durch dubiose ip adressen oder aus komischen Ländern abhanden gekommen, die ich dann recovern musste. Ich habe nun meine E-mail konten zwei faktor gesichert, knapp 150 PW geändert, eine neue e-mail bei der ich mir sicher bin das sie clean ist angelegt und bin nun an meiner Hardware und meinen Lokalen daten angelangt, Malwarebytes scan habe ich im vorfeld schon durchgeführt, Malwarebytes hat 26 Bedrohungen gefunden und in die Quarantäne verschoben, unter anderem Trojaner usw. Hier die Log dateien auch aus FRST.exe wie in der Anleitung beschrieben. Könnt Ihr mir helfen ? bin ich nun wieder befreit von datenlecks ? Ich hatte wohl auf meiner haupt email auch einen datenbruch der schon bis 2018 zurückliegt, kann das noch etwas damit zu tun gehabt haben Um Hilfe wäre ich sehr Dankbar da doch schon eineiges an Wert auf meinem Kasten liegt...

Liebe Grüße

Individuum
Code:
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 26.08.21
Scan-Zeit: 18:51
Protokolldatei: d12be10e-068d-11ec-869c-704d7b2db4bc.json

-Softwaredaten-
Version: 4.4.5.130
Komponentenversion: 1.0.1430
Version des Aktualisierungspakets: 1.0.44396
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 19043.1165)
CPU: x64
Dateisystem: NTFS
Benutzer: MisterSun\termi

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 396398
Erkannte Bedrohungen: 26
In die Quarantäne verschobene Bedrohungen: 26
Abgelaufene Zeit: 3 Min., 2 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 3
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\Application Experience\StartupCheckLibrary, In Quarantäne, 511, 735770, , , , , ,
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C50DFF3E-8F20-4749-A24E-AA59C96107F1}, In Quarantäne, 511, 735770, , , , , ,
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{C50DFF3E-8F20-4749-A24E-AA59C96107F1}, In Quarantäne, 511, 735770, , , , , ,

Registrierungswert: 1
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C50DFF3E-8F20-4749-A24E-AA59C96107F1}|PATH, In Quarantäne, 511, 782993, 1.0.44396, , ame, , ,

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 4
PUP.Optional.PushNotifications.Generic, C:\USERS\TERMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, In Quarantäne, 201, 838845, , , , , ,
PUP.Optional.PushNotifications.Generic, C:\USERS\TERMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, In Quarantäne, 201, 838845, , , , , ,
PUP.Optional.PushNotifications.Generic, C:\USERS\TERMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, In Quarantäne, 201, 838845, , , , , ,
PUP.Optional.PushNotifications.Generic, C:\USERS\TERMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, In Quarantäne, 201, 838845, , , , , ,

Datei: 18
Trojan.Agent, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\APPLICATION EXPERIENCE\STARTUPCHECKLIBRARY, In Quarantäne, 511, 735770, 1.0.44396, , ame, , FACF73072EAFE24D954582146EBC25B6, B89F446D662E4FA1D4536684EA547705E593289BE8790B5F260FA7322444706A
Legit.MisusedLegit, C:\USERS\TERMI\APPDATA\LOCALLOW\pF2qC1gG7yH8hI1o\mozglue.dll, In Quarantäne, 3838, 965519, 1.0.44396, , ame, , EAE9273F8CDCF9321C6C37C244773139, A0C6630D4012AE0311FF40F4F06911BCF1A23F7A4762CE219B8DFFA012D188CC
Legit.MisusedLegit, C:\USERS\TERMI\APPDATA\LOCALLOW\pF2qC1gG7yH8hI1o\nss3.dll, In Quarantäne, 3838, 965520, 1.0.44396, , ame, , 02CC7B8EE30056D5912DE54F1BDFC219, 1989526553FD1E1E49B0FEA8036822CA062D3D39C4CAB4A37846173D0F1753D5
Malware.AI.1144860452, C:\WINDOWS\SYSTEM32\SERVICEINSTALLER.EXE, In Quarantäne, 1000000, 0, 1.0.44396, 79BBCFD409ED690A443D2F24, dds, 01394704, 9EB407C77C44D6D7876244CF35C0D4AA, FFED5BEA3B2367946ECCF950A55BC160477E2FECFB0D8D5093818377DDDE9D46
PUP.Optional.GameHack, C:\PROGRAM FILES\CHEAT ENGINE 7.2\STANDALONEPHASE1.DAT, In Quarantäne, 8232, 393793, 1.0.44396, , ame, , EB339EECEC8AA8C0FD3B08D39799D4D8, 88BB94C3CE727DB13B77ABDBDB75A4C878E91D651692F3618178DEC5BBB7080C
PUP.Optional.PushNotifications.Generic, C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, In Quarantäne, 201, 838845, , , , , A46D9C897799D5ED54492B0359FF945E, 42851A1D8751AB9C3D385A74B20658F878249359090CC6D2175C5FDA26C48B75
PUP.Optional.PushNotifications.Generic, C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\001137.ldb, In Quarantäne, 201, 838845, , , , , FB155396408472111190DBA065DD36E0, 927752FE4F5724B163BD1F1969302F1F26AD203EBCD3DFBF454E4BBC53CA33AE
PUP.Optional.PushNotifications.Generic, C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\001139.log, In Quarantäne, 201, 838845, , , , , D91A6C9B09A5C62F6B931336B985235A, DDF18834F1F7D3D80397FBEFB15C96853BF86FC70A1B41F33A6BEDF1469B3D73
PUP.Optional.PushNotifications.Generic, C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\001140.ldb, In Quarantäne, 201, 838845, , , , , 3E8EC8DBEA26347E7E8FCBBC58D4BAF3, 3B7260307D0FFBF694762EB9947A143E98114DCF6A767088AB7A5D635FEA8F0D
PUP.Optional.PushNotifications.Generic, C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, In Quarantäne, 201, 838845, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.PushNotifications.Generic, C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, In Quarantäne, 201, 838845, , , , , ,
PUP.Optional.PushNotifications.Generic, C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, In Quarantäne, 201, 838845, , , , , E09D468E77E3BA96B408163DA8B421A5, 904D4015142B9CF0D2B715E783E089BFD853D4B4A1A1BD43321EC49E89AA5FC2
PUP.Optional.PushNotifications.Generic, C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, In Quarantäne, 201, 838845, , , , , 419BBB23864293240D83BE9EC61AAEAC, 489B8658A820D941535F9BF367A07D9646A9F65180E9CF8FC35C93BAE9E33BC4
PUP.Optional.PushNotifications.Generic, C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, In Quarantäne, 201, 838845, , , , , BF5017FBE7ED2C4B6A789667F1E408BD, 437B11DF4FB31D1B130C24D6E9B2A959A421F12ACD8586CA15A4A94A4A2F7D2A
PUP.Optional.PushNotifications.Generic, C:\USERS\TERMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Ersetzt, 201, 838845, 1.0.44396, , ame, , BF4751B30B48DEAC1E90EC20EB51DB0B, 41A8F8BAD3B7203EFC32FFFA114A4C1F2B3400B5A98D4AC233B70919E91B559B
PUP.Optional.PushNotifications.Generic, C:\USERS\TERMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Ersetzt, 201, 838845, 1.0.44396, , ame, , BF4751B30B48DEAC1E90EC20EB51DB0B, 41A8F8BAD3B7203EFC32FFFA114A4C1F2B3400B5A98D4AC233B70919E91B559B
PUP.Optional.PushNotifications.Generic, C:\USERS\TERMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Ersetzt, 201, 838845, 1.0.44396, , ame, , BF4751B30B48DEAC1E90EC20EB51DB0B, 41A8F8BAD3B7203EFC32FFFA114A4C1F2B3400B5A98D4AC233B70919E91B559B
PUP.Optional.PushNotifications.Generic, C:\USERS\TERMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Ersetzt, 201, 838845, 1.0.44396, , ame, , BF4751B30B48DEAC1E90EC20EB51DB0B, 41A8F8BAD3B7203EFC32FFFA114A4C1F2B3400B5A98D4AC233B70919E91B559B

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)
[CODE]FRST:
FRST Logfile:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2021
durchgeführt von termi (Administrator) auf MISTERSUN (26-08-2021 19:44:58)
Gestartet von C:\Users\termi\Desktop
Geladene Profile: termi
Platform: Windows 10 Home Version 21H1 19043.1165 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Opera
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe <2>
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.UI.Application.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Comfort Software Group -> Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHeciSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5d5c294bb8d17217\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\termi\AppData\Local\Programs\Opera GX\78.0.4093.153\opera.exe <57>
(Opera Software AS -> Opera Software) C:\Users\termi\AppData\Local\Programs\Opera GX\78.0.4093.153\opera_crashreporter.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(Swift Media Entertainment, Inc. -> Blitz, Inc.) C:\Users\termi\AppData\Local\Programs\Blitz\Blitz.exe <8>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Unified Intents AB -> Unified Intents AB) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [835136 2018-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-09-14] (Adobe Inc. -> )
HKLM-x32\...\Run: [Avira Security startup helper] => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [255968 2021-07-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [330440 2021-07-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [Discord] => C:\Users\termi\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4110568 2021-07-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [408920 2021-04-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [vibranceGUI] => "C:\Users\termi\AppData\Local\Temp\Rar$EXa3644.19640\vibranceGUI.exe" -minimized <==== ACHTUNG
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1806680 2021-08-12] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\termi\AppData\Local\Microsoft\Teams\Update.exe [2455264 2021-08-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [Spotify] => C:\Users\termi\AppData\Roaming\Spotify\Spotify.exe [24731784 2021-08-24] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [Update Plus Player] => R:\VLC Plus Player\vlc.exe [157808 2021-05-26] (Aller Media e.K. -> VideoLAN) <==== ACHTUNG
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3243784 2021-02-22] (Unified Intents AB -> Unified Intents AB)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [com.blitz.app] => C:\Users\termi\AppData\Local\Programs\Blitz\Blitz.exe [122577672 2021-08-24] (Swift Media Entertainment, Inc. -> Blitz, Inc.)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\MountPoints2: {80388fa7-1736-11e7-8a88-704d7b2db4bc} - "G:\setup.exe"
HKLM\...\Windows x64\Print Processors\Canon PIXMA iP4000 Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD64.DLL [31744 2005-09-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [52568 2009-08-19] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor PIXMA iP4000: C:\WINDOWS\system32\CNMLM64.DLL [245248 2005-09-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-17] (Google LLC -> Google LLC)
AppInit_DLLs: acaptuser64.dll => C:\WINDOWS\system32\acaptuser64.dll [119160 2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
AppInit_DLLs-x32: acaptuser32.dll => C:\Windows\SysWOW64\acaptuser32.dll [114280 2013-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05A2FEC2-1C2C-4773-AA3B-286113F6B073} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2483032 2021-08-12] (Overwolf Ltd -> Overwolf LTD)
Task: {0D109579-AB28-483A-985A-579FA7C0C240} - System32\Tasks\Opera GX scheduled Autoupdate 1619790436 => C:\Users\termi\AppData\Local\Programs\Opera GX\launcher.exe [41841360 2021-08-12] (Opera Software AS -> Opera Software)
Task: {2D026C1D-5797-4C35-A441-F62D093A7024} - System32\Tasks\Avira\System Speedup\Delayed Startup\termi\1 => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [255968 2021-07-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) -> LaunchApp "C:\Users\termi\AppData\Local\Avira\Security\Delay Load for Current\ShareX.lnk" -silent
Task: {31C65895-E4B6-4C69-B3E6-E76C03651221} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [255968 2021-07-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {53B0BADD-D56A-41BE-8B48-D8D82D6CD51A} - System32\Tasks\Avira\System Speedup\Delayed Startup\termi\3 => C:\Users\termi\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
Task: {5B2EBBF5-585C-4F1D-8324-84CED127CECC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {5CBBA1E9-FE5D-46A7-839E-3E6D9FDD5F3D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114048 2021-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {5D428151-ADD0-4928-9671-B53C9F3DDE1E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {699A37EB-0B9C-49FE-B6F1-7008A4CB3959} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {6AAC3308-1706-4DE5-BD25-6F4DB5A651C5} - System32\Tasks\Avira\System Speedup\SecurityTestScheduler => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [255968 2021-07-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {6CABE442-4B11-497F-AF46-25B4B91A4022} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253888 2021-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {78772080-6D06-4E28-BDCE-184DE907ED35} - System32\Tasks\Microsoft\Windows\Maintenance\InstallWinSAT => Maintenance.vbs
Task: {790EE0F4-2DDC-4660-BEA6-68E75EF4698B} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1503840 2021-07-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {79714970-3FA9-4706-9C99-C4C9EB1AC1BD} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1621345670 => C:\Users\termi\AppData\Local\Programs\Opera GX\launcher.exe [41841360 2021-08-12] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\termi\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {8557749A-35AD-4AC9-8403-1D2ADE4B865F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {880A8237-7692-492D-A102-607F82FC5DEE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8980E3BC-3724-4DF9-968E-06A757235055} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8B3FC8C4-24FF-44B1-8ABF-BB2F6D37409F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114048 2021-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8D2A07C3-B4D3-4167-B794-CAF2E8A2DB41} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253888 2021-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E292CB0-CED4-4CBC-B18E-7A0DBF2711A5} - System32\Tasks\Avira\System Speedup\Delayed Startup\termi\2 => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [8514512 2021-03-30] (Comfort Software Group -> Comfort Software Group)
Task: {918DE258-52A7-47DD-86A1-15D2087AE07B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4282280 2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {97418155-1665-434C-8D24-16EF744E4ECF} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {97D8E99F-8F55-45E2-8E2F-7A7D059E5FF7} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {A97D8EF9-EF12-48DD-95CE-4178E0D88E07} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [330440 2021-07-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {C38D0722-274B-40EF-B450-3949F636E3BC} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\1 => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Task: {CCC9DA24-2791-42CB-BC0A-7670923CFCC7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CF31B2BF-4704-45FE-A305-D904A65A3442} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D056125D-B444-4A2D-ABBB-BBC49CC1CBC8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4282280 2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {D0624FDE-6C9E-473D-B112-4F135F7E5A85} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29868432 2021-08-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {D2E96B03-1C26-4399-84B7-8FCEE7E53263} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-23] (Google LLC -> Google LLC)
Task: {E63809FB-5626-4307-A9DA-CF3E1F3D78D9} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2651056 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {EE4E1910-DD8D-4FCF-94DE-4BDFA8441F59} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => C:\Program Files\Riot Vanguard\vgtray.exe [3180256 2021-08-17] (Riot Games, Inc. -> Riot Games, Inc.)
Task: {EFE662EC-FC81-4A6A-B78F-33D3F6D6A5D1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-23] (Google LLC -> Google LLC)
Task: {F025EBEE-545C-4AA4-953C-B464E42C7F1D} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [273784 2021-07-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {F69C8215-5B1F-44A5-ACB3-D040277B8B8D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 217.147.55.3 217.147.60.5
Tcpip\..\Interfaces\{fe70adbd-29a4-48d7-9244-369e6eea9ff0}: [DhcpNameServer] 217.147.55.3 217.147.60.5
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG

Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-26]
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
Edge Extension: (Outlook) - C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2021-04-03]
Edge Extension: (Word) - C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2021-04-03]
Edge Extension: (Excel) - C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2021-04-03]
Edge Extension: (PowerPoint) - C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2021-04-03]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-04-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-04-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @vlc.de/vlc,version=3.0.14 -> R:\VLC Plus Player\npvlc.dll [2021-05-26] (Aller Media e.K. -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default [2021-07-26]
CHR Notifications: Default -> hxxps://www6.todhamilton.pro
CHR Extension: (Präsentationen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-23]
CHR Extension: (Docs) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-23]
CHR Extension: (Google Drive) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-23]
CHR Extension: (Earth View from Google Earth) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhloflhklmhfpedakmangadcdofhnnoh [2021-03-23]
CHR Extension: (James White) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2021-03-23]
CHR Extension: (YouTube) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-23]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-20]
CHR Extension: (Adblock für Youtube™) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2021-05-20]
CHR Extension: (Tabellen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-23]
CHR Extension: (Google Docs Offline) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-03]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-07-03]
CHR Extension: (Tinder) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejiihbkifllpgdfndalmghiodgkefan [2021-03-23]
CHR Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2021-03-23]
CHR Extension: (Chrometana - Redirect Bing Somewhere Better) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaicbfmipfpfpjmlbpejaoaflfdnabnc [2021-03-23]
CHR Extension: (Fair AdBlocker) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgblnfidahcdcjddiepkckcfdhpknnjh [2021-03-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-23]
CHR Extension: (Hover Zoom+) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pccckmaobkjjboncdfnnofkonhgpceea [2021-07-26]
CHR Extension: (Google Mail) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-23]
CHR Extension: (Chrome Media Router) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-11]
CHR Profile: C:\Users\termi\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-07-26]
CHR Profile: C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-07-14]
CHR Extension: (Präsentationen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-23]
CHR Extension: (Docs) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-23]
CHR Extension: (Google Drive) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-23]
CHR Extension: (YouTube) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-23]
CHR Extension: (Tabellen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-23]
CHR Extension: (Google Docs Offline) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-23]
CHR Extension: (Google Mail) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-23]
CHR Extension: (Chrome Media Router) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-14]
CHR Profile: C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-07-14]
CHR Extension: (Präsentationen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-14]
CHR Extension: (Docs) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2021-07-14]
CHR Extension: (Google Drive) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-07-14]
CHR Extension: (YouTube) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-07-14]
CHR Extension: (Tabellen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-14]
CHR Extension: (Google Docs Offline) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-14]
CHR Extension: (Google Mail) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-07-14]
CHR Extension: (Chrome Media Router) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-14]
CHR Profile: C:\Users\termi\AppData\Local\Google\Chrome\User Data\System Profile [2021-07-26]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-3983815968-458737157-1999859390-1001) Opera GXStable - "C:\Users\termi\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1206648 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [538000 2021-06-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485048 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485048 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574672 2021-07-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2989160 2021-07-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384480 2021-08-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [271560 2021-07-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [159080 2021-04-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8895512 2021-05-11] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9142128 2021-08-05] (Microsoft Corporation -> Microsoft Corporation)
S4 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2018-02-16] (Digital Wave Ltd -> Digital Wave Ltd.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4816728 2021-04-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [805488 2021-03-06] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EQU8_19; C:\ProgramData\EQU8\Totally Accurate Battlegrounds\bin\anticheat.x64.equ8.exe [5673048 2021-04-02] (Int3 Software AB -> Int3 Software AB)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2021-04-16] (Macrovision Corporation -> Macrovision Europe Ltd.) [Datei ist nicht signiert]
S3 GoogleChromeElevationService1d77db0b98e2a40; C:\Program Files\Google\Chrome\Application\92.0.4515.159\elevation_service.exe [1460568 2021-08-13] (Google LLC -> Google LLC)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7497336 2021-08-26] (Malwarebytes Inc -> Malwarebytes)
S3 MicrosoftEdgeElevationService1d77dbb2c5be210; C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.78\elevation_service.exe [1640336 2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2483032 2021-08-12] (Overwolf Ltd -> Overwolf LTD)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14676264 2021-07-01] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10112672 2021-08-17] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-07-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-07-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 GoogleChromeElevationService; "C:\Program Files\Google\Chrome\Application\91.0.4472.124\elevation_service.exe" [X]
S3 MicrosoftEdgeElevationService; "C:\Program Files (x86)\Microsoft\Edge\Application\91.0.864.70\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5d5c294bb8d17217\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5d5c294bb8d17217\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AsusVBus; C:\WINDOWS\System32\drivers\AsusVBus.sys [39704 2017-01-09] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [84472 2017-01-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22848 2021-06-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [207864 2021-07-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-02-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BrSerIb; C:\WINDOWS\System32\drivers\BrSerIb.sys [95344 2014-10-23] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BrUsbSIb; C:\WINDOWS\System32\drivers\BrUsbSIb.sys [21872 2014-10-23] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-12-14] (Microsoft Corporation) [Datei ist nicht signiert]
S3 Bulk; C:\WINDOWS\System32\Drivers\HDJBulk.sys [354824 2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2018. All rights reserved.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\System32\drivers\Dot4.sys [146856 2015-03-10] (BoiseTest -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\System32\drivers\dot4usb.sys [43944 2015-03-10] (BoiseTest -> Microsoft Corporation)
R3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\System32\DriverStore\FileRepository\droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2021-04-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2021-04-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EQU8_HELPER_19; C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_19.sys [38032 2021-04-12] (Int3 Software AB -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HDJAsioK; C:\WINDOWS\System32\Drivers\HDJAsioK.sys [334344 2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2018. All rights reserved.)
S3 HDJCtrl; C:\WINDOWS\System32\Drivers\HDJCtrl.sys [72712 2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2017. All rights reserved.)
S3 HDJMidi; C:\WINDOWS\system32\DRIVERS\HDJMidi.sys [287240 2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2018. All rights reserved.)
R1 hideFirewall; C:\WINDOWS\System32\drivers\hideFirewall.sys [99824 2021-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [40960 2021-07-21] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 MAUSBMIDI; C:\WINDOWS\System32\drivers\MAudioUSBMIDI.sys [200200 2010-04-13] (M-Audio -> M-Audio)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2021-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-08-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-08-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [68528 2021-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 NDivert; C:\WINDOWS\System32\drivers\NDivert.sys [105184 2021-03-28] (TEFINCOM S.A. -> )
S3 niks4m2usb; C:\WINDOWS\System32\drivers\niks4m2usb.sys [104304 2015-09-04] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
S3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2021-05-13] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-12-14] (TEFINCOM S.A. -> TEFINCOM S.A.)
R3 RDID1117; C:\WINDOWS\system32\Drivers\RDWM1117.SYS [309888 2015-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Roland Corporation)
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64880 2020-11-11] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [43376 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
R3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [28128 2020-04-21] (Unified Intents AB -> Windows (R) Win 7 DDK provider)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8232160 2021-08-17] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2019-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2021-07-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [434424 2021-07-23] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-07-23] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2021-05-13] (WireGuard LLC -> WireGuard LLC)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-08-26 19:44 - 2021-08-26 19:45 - 000043795 ____C C:\Users\termi\Desktop\FRST.txt
2021-08-26 19:44 - 2021-08-26 19:45 - 000000000 ____D C:\FRST
2021-08-26 19:44 - 2021-08-26 19:44 - 002300928 _____ (Farbar) C:\Users\termi\Desktop\FRST64.exe
2021-08-26 19:27 - 2021-08-26 19:27 - 000068528 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-08-26 19:26 - 2021-08-26 19:26 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-08-26 19:26 - 2021-08-26 19:26 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-08-26 18:50 - 2021-08-26 18:50 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-08-26 18:50 - 2021-08-26 18:50 - 000210344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-08-26 18:50 - 2021-08-26 18:50 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-08-26 18:50 - 2021-08-26 18:50 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-08-26 18:50 - 2021-08-26 18:50 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-08-26 18:50 - 2021-08-26 18:50 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-08-26 18:50 - 2021-08-26 18:50 - 000000000 ____D C:\Users\termi\AppData\Local\mbam
2021-08-26 18:50 - 2021-08-26 18:50 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-08-26 18:50 - 2021-08-26 18:50 - 000000000 ____D C:\Program Files\Malwarebytes
2021-08-26 18:49 - 2021-08-26 18:49 - 002120496 _____ (Malwarebytes) C:\Users\termi\Downloads\MBSetup.exe
2021-08-26 18:35 - 2021-08-26 18:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2021-08-26 18:14 - 2021-08-26 18:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Ivanti
2021-08-26 18:10 - 2021-08-26 19:27 - 000000000 ____D C:\Users\Public\Security Sessions
2021-08-26 17:59 - 2021-08-26 17:59 - 000003374 _____ C:\WINDOWS\system32\Tasks\Avira_Antivirus_Systray
2021-08-26 17:59 - 2021-08-26 17:59 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2021-08-26 17:59 - 2021-07-30 23:17 - 000207864 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2021-08-26 17:59 - 2021-06-25 14:59 - 000022848 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avelam.sys
2021-08-26 17:59 - 2021-02-09 19:03 - 000199312 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2021-08-26 17:59 - 2019-06-07 15:09 - 000078936 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys
2021-08-26 17:59 - 2019-03-20 19:50 - 000089736 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2021-08-26 17:59 - 2019-03-20 19:50 - 000046704 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2021-08-26 17:59 - 2019-03-20 19:50 - 000045472 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2021-08-26 17:58 - 2021-08-26 19:27 - 000000000 ____D C:\Users\Public\Speedup Sessions
2021-08-26 17:58 - 2021-08-26 18:37 - 000002960 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2021-08-26 17:58 - 2021-08-26 18:10 - 000000000 ____D C:\Users\termi\AppData\Local\Avira
2021-08-26 17:58 - 2021-08-26 18:10 - 000000000 ____D C:\ProgramData\Avira
2021-08-26 17:58 - 2021-08-26 17:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-08-26 17:58 - 2021-08-26 17:59 - 000000000 ____D C:\Program Files (x86)\Avira
2021-08-26 17:58 - 2021-08-26 17:58 - 005901768 _____ (Avira Operations GmbH & Co. KG) C:\Users\termi\Downloads\avira_de_sptl1_1654573332-1629993478__adwg-spotlightprcupdate1-new2.exe
2021-08-26 17:58 - 2021-08-26 17:58 - 000003768 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupUpdate
2021-08-26 17:58 - 2021-08-26 17:58 - 000003696 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2021-08-26 17:58 - 2021-08-26 17:58 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2021-08-26 17:58 - 2021-08-26 17:58 - 000001157 _____ C:\Users\Public\Desktop\Avira.lnk
2021-08-26 00:20 - 2021-08-26 00:20 - 034499456 _____ (TeamViewer Germany GmbH) C:\Users\termi\Downloads\TeamViewer_Setup_x64.exe
2021-08-24 16:00 - 2021-08-24 16:00 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2021-08-20 18:50 - 2021-08-26 19:38 - 000000000 ____D C:\Users\termi\AppData\Roaming\Blitz
2021-08-20 18:50 - 2021-08-24 23:01 - 000000000 ____D C:\Users\termi\AppData\Local\blitz-updater
2021-08-20 18:49 - 2021-08-20 18:49 - 076770248 _____ (Blitz, Inc.) C:\Users\termi\Downloads\Blitz-1.15.32.exe
2021-08-19 17:09 - 2021-08-19 17:09 - 000000222 ____C C:\Users\termi\Desktop\The Forest.url
2021-08-18 03:00 - 2021-08-18 03:00 - 000000000 ___DC C:\Users\termi\Documents\u-he
2021-08-16 09:20 - 2021-08-16 09:20 - 000044775 _____ C:\Users\termi\Downloads\ACFrOgBSMEuoyDAfOx97hvj2vD_EvhaZTeghQaTzxERCgiyQSDH2IHCJf0eSIJX5lV3pnJPruJjZA_I4Gkyy4dQSttBm59AF1nvAUWRIMzuaKkLTju_8NDnZHsLI8EQ=.pdf
2021-08-15 20:13 - 2021-08-22 00:08 - 000000000 ___DC C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-08-15 20:13 - 2021-08-15 21:14 - 000000000 ____D C:\Users\termi\AppData\Local\Roblox
2021-08-15 20:13 - 2021-08-15 20:25 - 000000256 ____C C:\Users\termi\AppData\LocalLow\rbxcsettings.rbx
2021-08-15 20:13 - 2021-08-15 20:13 - 001666008 _____ (Roblox Corporation) C:\Users\termi\Downloads\RobloxPlayerLauncher.exe
2021-08-14 00:22 - 2021-08-14 00:22 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-14 00:22 - 2021-08-14 00:22 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-14 00:22 - 2021-08-14 00:22 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-14 00:22 - 2021-08-14 00:22 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-14 00:21 - 2021-08-14 00:21 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-14 00:21 - 2021-08-14 00:21 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-14 00:21 - 2021-08-14 00:21 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-14 00:16 - 2021-08-14 00:16 - 000000000 ___HD C:\$WinREAgent
2021-08-12 08:15 - 2021-08-12 08:26 - 000000000 ___DC C:\Users\termi\Desktop\Dokumente
2021-08-09 08:55 - 2021-08-09 08:57 - 000000000 ___DC C:\Users\termi\Desktop\Schulfremdenprüfung Leony
2021-08-05 15:37 - 2021-08-05 15:37 - 000000000 ___DC C:\Users\termi\Desktop\efi
2021-07-31 07:38 - 2021-08-14 15:20 - 000000000 ___DC C:\Users\termi\Desktop\Bilder von Mir

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-08-26 19:33 - 2021-03-23 19:29 - 000000000 ____D C:\Program Files\WinRAR
2021-08-26 19:33 - 2017-03-03 03:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-08-26 19:32 - 2021-03-23 18:19 - 001722788 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-26 19:32 - 2021-03-23 17:53 - 000743546 _____ C:\WINDOWS\system32\perfh007.dat
2021-08-26 19:32 - 2021-03-23 17:53 - 000149968 _____ C:\WINDOWS\system32\perfc007.dat
2021-08-26 19:32 - 2021-03-23 17:51 - 000000000 ____D C:\WINDOWS\INF
2021-08-26 19:30 - 2021-03-23 18:03 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-26 19:29 - 2021-04-20 22:59 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-08-26 19:29 - 2021-03-23 18:29 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-26 19:29 - 2021-03-23 17:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-26 19:27 - 2021-05-18 12:51 - 000000032 _____ C:\Users\termi\AppData\Roaming\.machineId
2021-08-26 19:26 - 2021-07-07 12:34 - 000000000 ____D C:\Program Files\TeamViewer
2021-08-26 19:26 - 2021-03-23 18:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-26 19:26 - 2021-03-23 17:47 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-08-26 19:26 - 2020-12-14 14:23 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-26 19:26 - 2017-03-02 15:47 - 000000000 __SHD C:\Users\termi\IntelGraphicsProfiles
2021-08-26 19:26 - 2017-03-02 15:44 - 000000000 ___DC C:\Intel
2021-08-26 19:19 - 2021-04-14 16:33 - 000000000 ____D C:\Program Files\Cheat Engine 7.2
2021-08-26 19:19 - 2021-03-23 18:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-26 19:19 - 2021-01-06 08:40 - 000000000 ___DC C:\Users\termi\AppData\LocalLow\pF2qC1gG7yH8hI1o
2021-08-26 19:06 - 2019-03-08 10:08 - 002092776 _____ C:\UkLog.dat
2021-08-26 18:56 - 2021-03-23 17:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-26 18:56 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-26 18:50 - 2021-03-23 17:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-08-26 18:39 - 2021-03-23 18:02 - 000446632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-26 18:38 - 2021-03-23 18:49 - 000000000 ____D C:\Program Files (x86)\Steam
2021-08-26 18:37 - 2021-04-03 11:16 - 000004422 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-26 18:37 - 2021-03-25 22:56 - 000004192 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-08-26 18:37 - 2021-03-25 22:56 - 000004072 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-08-26 18:37 - 2021-03-25 22:56 - 000003740 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-08-26 18:37 - 2021-03-23 18:44 - 000000000 ____D C:\Users\termi\AppData\Roaming\discord
2021-08-26 18:37 - 2021-03-23 18:29 - 000004354 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-26 18:37 - 2020-06-13 22:10 - 000000000 ___DC C:\Users\termi\Documents\ShareX
2021-08-26 18:35 - 2021-05-12 22:34 - 000000000 ____D C:\Users\termi\AppData\Roaming\TeamViewer
2021-08-26 17:11 - 2021-06-09 14:17 - 000000000 ____D C:\Users\termi\AppData\Roaming\Spotify
2021-08-26 14:42 - 2021-03-23 18:49 - 000000000 ____D C:\ProgramData\Riot Games
2021-08-26 13:37 - 2021-06-09 14:17 - 000000000 ____D C:\Users\termi\AppData\Local\Spotify
2021-08-26 01:07 - 2021-05-27 15:05 - 000002371 ____C C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-08-26 00:16 - 2021-04-30 14:00 - 000000000 ____D C:\Users\termi\AppData\Roaming\TS3Client
2021-08-26 00:05 - 2021-04-05 13:29 - 000000000 ____D C:\Users\termi\AppData\Local\CrashDumps
2021-08-25 23:21 - 2021-05-12 00:37 - 000000000 ____D C:\ProgramData\Unified Remote
2021-08-25 14:04 - 2021-05-04 18:04 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-08-25 02:33 - 2021-03-23 18:44 - 000000000 ____D C:\Users\termi\AppData\Local\Discord
2021-08-23 06:25 - 2021-03-23 18:26 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3983815968-458737157-1999859390-1001
2021-08-23 06:25 - 2021-03-23 18:10 - 000002402 ____C C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-21 20:44 - 2021-03-23 18:03 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-08-21 20:42 - 2021-05-06 11:14 - 000000000 ____D C:\Users\termi\AppData\Local\ElevatedDiagnostics
2021-08-21 09:11 - 2020-06-28 11:22 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-20 22:41 - 2021-04-17 21:26 - 000000000 ____D C:\Users\termi\AppData\Roaming\.minecraft
2021-08-20 21:48 - 2021-04-17 21:26 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2021-08-20 19:56 - 2021-03-23 19:25 - 000000000 ____D C:\Users\termi\AppData\Local\D3DSCache
2021-08-20 19:54 - 2021-04-20 22:55 - 000000000 ____D C:\Program Files\Riot Vanguard
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-20 19:53 - 2021-03-23 17:47 - 000000000 ____D C:\WINDOWS\servicing
2021-08-20 18:50 - 2021-05-18 12:51 - 000002244 ____C C:\Users\termi\Desktop\Blitz.lnk
2021-08-20 18:50 - 2021-03-23 18:51 - 000002252 ____C C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz.lnk
2021-08-18 03:01 - 2018-02-27 16:54 - 000000000 ____D C:\Users\Public\Documents\NI Resources
2021-08-18 03:00 - 2021-06-19 23:53 - 000000000 ____D C:\Program Files\Common Files\VST3
2021-08-17 21:58 - 2021-03-23 18:30 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-17 21:28 - 2021-04-30 15:47 - 000004204 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1619790436
2021-08-17 21:28 - 2021-04-30 15:47 - 000001441 ____C C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Opera GX.lnk
2021-08-16 00:08 - 2021-03-25 22:48 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-14 15:23 - 2021-05-01 22:14 - 000000000 ___DC C:\Users\termi\Desktop\minecraft
2021-08-14 09:14 - 2021-04-15 19:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-08-14 00:24 - 2021-03-23 17:48 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-14 00:15 - 2021-03-25 22:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-14 00:12 - 2021-03-25 22:46 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-13 08:06 - 2021-04-03 11:16 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-12 18:33 - 2021-03-23 18:24 - 000000000 ____D C:\Users\termi\AppData\Local\Packages
2021-08-09 10:06 - 2021-03-23 18:26 - 000000000 ____D C:\Users\termi\AppData\Local\PlaceholderTileLogoFolder
2021-08-09 04:37 - 2017-03-02 15:40 - 000000000 ___RD C:\Users\termi\OneDrive
2021-08-03 02:51 - 2021-03-23 18:29 - 000003632 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-01 14:59 - 2021-05-04 18:03 - 000000000 ____D C:\Users\termi\AppData\Local\Overwolf
2021-07-29 14:59 - 2021-07-16 21:33 - 000000000 ____D C:\Users\termi\AppData\Roaming\vlc
2021-07-27 02:34 - 2021-03-23 21:13 - 000000306 __RSH C:\ProgramData\ntuser.pol

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2021-01-17 16:04 - 2021-01-17 16:04 - 001408808 _____ (Microsoft Corporation) C:\Users\termi\vs_community__1087382636.1580554586.exe
2021-05-18 12:51 - 2021-08-26 19:27 - 000000032 _____ () C:\Users\termi\AppData\Roaming\.machineId
2021-04-30 16:27 - 2021-04-30 16:28 - 000002400 _____ () C:\Users\termi\AppData\Roaming\vibranceGUI.log

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
--- --- ---

Individuum 26.08.2021 19:13
Code:
Addition:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-08-2021
durchgeführt von termi (26-08-2021 19:46:49)
Gestartet von C:\Users\termi\Desktop
Windows 10 Home Version 21H1 19043.1165 (X64) (2021-03-23 16:23:58)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-3983815968-458737157-1999859390-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3983815968-458737157-1999859390-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3983815968-458737157-1999859390-1000 - Limited - Enabled) => C:\Users\defaultuser0
Gast (S-1-5-21-3983815968-458737157-1999859390-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3983815968-458737157-1999859390-1004 - Limited - Enabled)
lulus (S-1-5-21-3983815968-458737157-1999859390-1002 - Limited - Disabled)
termi (S-1-5-21-3983815968-458737157-1999859390-1001 - Administrator - Enabled) => C:\Users\termi
WDAGUtilityAccount (S-1-5-21-3983815968-458737157-1999859390-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {8A154ED8-4428-DB2D-0E3F-BD82C448FD94}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Ableton Live 11 Suite (HKLM\...\{FB6EECE6-87D2-4538-A1CE-61CCCA7C3DCE}) (Version: 11.0.0.0 - Ableton) Hidden
Ableton Live 11 Suite (HKLM-x32\...\{92d4040b-4cb4-4710-802b-a742c194a235}) (Version: 11.0.0.0 - Ableton)
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9 Pro Extended 64-bit Add-On (HKLM\...\{AC76BA86-1033-0000-0064-0003D0000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM-x32\...\{AC76BA86-1033-F400-7761-000000000004}_955) (Version:  - Adobe Systems Incorporated)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_0_1) (Version: 22.0.1.73 - Adobe Inc.)
AutoHotkey 1.1.33.09 (HKLM\...\AutoHotkey) (Version: 1.1.33.09 - Lexikos)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2108.2113 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.7.25887 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.53.21795 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version:  - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{5FFF909D-D88F-42B9-9A85-328A1290611C}) (Version: 2.0.6.48309 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.12.0.11208 - Avira Operations GmbH & Co. KG) Hidden
balenaEtcher 1.5.120 (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.120 - Balena Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blitz (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.15.33 - Blitz, Inc.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
Cheat Engine 7.2 (HKLM\...\Cheat Engine_is1) (Version:  - Cheat Engine)
CurseForge (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.178.2.1 - Overwolf app)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.14.0.1744 - Disc Soft Ltd)
Danger Scavenger (HKLM-x32\...\Danger Scavenger_is1) (Version:  - )
Dead Island Definitive Edition (HKLM-x32\...\Dead Island Definitive Edition_is1) (Version:  - )
Discord (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DroidCam Client (HKLM-x32\...\DroidCam) (Version: 6.4.3 - DEV47APPS)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
Excel (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
FabFilter Total Bundle (HKLM\...\Total Bundle_is1) (Version: 2016.11.10 - FabFilter)
FileZilla Client 3.53.1 (HKLM-x32\...\FileZilla Client) (Version: 3.53.1 - Tim Kosse)
Free Alarm Clock (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 5.1.0.0 - Comfort Software Group)
Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.1.7.215 - Digital Wave Ltd)
Frostpunk (HKLM-x32\...\Frostpunk_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.159 - Google LLC)
Harver System Checker 2.0.4 (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\57ba83c7-44cc-50c5-93e2-68092ebb1ce7) (Version: 2.0.4 - Harver)
hide.me VPN 3.8.3 (HKLM-x32\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 3.8.3 - eVenture Limited)
hide.me Wintun (HKLM\...\{6A3B09CD-8B4A-4A66-9C90-833023E463E9}) (Version: 0.8 - hide.me) Hidden
Intel(R) C++ Redistributables on IA-32 (HKLM-x32\...\{7858618B-FA45-4797-988D-4E8B793C3B88}) (Version: 17.0.109 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{A7D3C4B3-2CA8-46F3-9C34-63205AC018FF}) (Version: 17.0.109 - Intel Corporation)
IntelliJ IDEA Community Edition 2021.1 (HKLM-x32\...\IntelliJ IDEA Community Edition 2021.1) (Version: 211.6693.111 - JetBrains s.r.o.)
Java 8 Update 281 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180281F0}) (Version: 8.0.2810.9 - Oracle Corporation)
Malwarebytes version 4.4.5.130 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.5.130 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.78 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.14228.20250 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.14228.20250 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\OneDriveSetup.exe) (Version: 21.150.0725.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Teams) (Version: 1.4.00.22472 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{911FBC64-4C64-4B8F-A637-B34832638C86}) (Version: 1.0.0.0 - Mojang)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 2.5.2.503 - Native Instruments)
Native Instruments Form (HKLM-x32\...\Native Instruments Form) (Version: 1.0.1.2 - Native Instruments)
Native Instruments Kontour (HKLM-x32\...\Native Instruments Kontour) (Version: 1.0.0.4 - Native Instruments)
Native Instruments Molekular (HKLM-x32\...\Native Instruments Molekular) (Version: 1.0.0.2 - Native Instruments)
Native Instruments Monark (HKLM-x32\...\Native Instruments Monark) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Passive EQ (HKLM-x32\...\Native Instruments Passive EQ) (Version:  - Native Instruments)
Native Instruments Reaktor 6 (HKLM-x32\...\Native Instruments Reaktor 6) (Version: 6.0.4.23 - Native Instruments)
Native Instruments Rounds (HKLM-x32\...\Native Instruments Rounds) (Version: 1.2.0.1 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Native Instruments Traktor Pro 3 (HKLM-x32\...\Native Instruments Traktor Pro 3) (Version: 3.2.1.9 - Native Instruments)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.36.6.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 - NordVPN)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 471.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.41 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14228.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20222 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.14228.20222 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Opera GX Stable 78.0.4093.153 (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Opera GX 78.0.4093.153) (Version: 78.0.4093.153 - Opera Software)
Outlook (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.178.0.16 - Overwolf Ltd.)
PC-Wecker 5.00 (HKLM-x32\...\PC-Wecker_is1) (Version:  - Ben Kheder-Software)
Plitch 1.1.7 (HKLM\...\d45b2222-59a8-54dc-8e4a-f1dc396456dc) (Version: 1.1.7 - MegaDev GmbH)
PowerPoint (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
QUAD-CAPTURE Driver (HKLM\...\RolandRDID0117) (Version:  - Roland Corporation)
r2modman 3.1.15 (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\ac231ef6-6414-5f8d-b36f-3b57705721dd) (Version: 3.1.15 - ebkr)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
Roblox Player for termi (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\roblox-player) (Version:  - Roblox Corporation)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 13.5.0 - ShareX Team)
Sidify Music Converter 2.2.5 (HKLM-x32\...\Sidify Music Converter) (Version: 2.2.5 - Sidify)
Spotify (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Spotify) (Version: 1.1.66.580.gbd43cbc9 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Surviving Mars (HKLM-x32\...\Surviving Mars_is1) (Version:  - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.19.5 - TeamViewer)
Telegram Desktop Version 2.7.1 (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.7.1 - Telegram FZ-LLC)
TuneFab Spotify Music Converter 2.23.0 (HKLM-x32\...\{9ff685d9-8f1e-59e1-a273-b7c9e7cf0c17}) (Version: 2.23.0 - TuneFab)
u-he Hive (HKLM-x32\...\u-he Hive) (Version: 1.1.0.3898 - u-he)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.10.0 - Unified Intents AB)
VALORANT (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
VLC Plus Player (HKLM\...\VLC Plus Player) (Version: 3.0.14 - Aller Media e.K.) <==== ACHTUNG
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.4.12 - Black Tree Gaming Ltd.)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.6.0 - Azureus Software, Inc.)
Waves Complete (HKLM\...\Complete_is1) (Version: 2016.11.14 - Waves)
WeMod (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\WeMod) (Version: 7.0.19 - WeMod)
WhatsApp (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\WhatsApp) (Version: 2.2126.10 - WhatsApp)
WinRAR 6.02 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\ZoomUMX) (Version: 5.6.6 (961) - Zoom Video Communications, Inc.)

Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-06] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-07-24] (NVIDIA Corp.)
Word -> C:\Program Files\WindowsApps\word.office.com-CECA1A7F_1.0.0.2_neutral__jc2kecmnkxwqc [2021-06-06] (word.office.com)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3983815968-458737157-1999859390-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\termi\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21140.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-10-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-10-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-10-07] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-10-07] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2013-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-04-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-07-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-04-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-04-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-07-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5d5c294bb8d17217\nvshext.dll [2021-07-13] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-07-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-10-07] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2013-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-04-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2021-08-20 18:49 - 2021-08-24 23:01 - 000415232 _____ () [Datei ist nicht signiert] \\?\C:\Users\termi\AppData\Local\Programs\Blitz\resources\app.asar.unpacked\node_modules\leveldown\prebuilds\win32-ia32\node.napi.node
2021-05-14 19:56 - 2009-02-27 16:39 - 000019968 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.deu
2021-08-20 18:50 - 2021-08-24 23:01 - 002551808 _____ () [Datei ist nicht signiert] C:\Users\termi\AppData\Local\Programs\Blitz\ffmpeg.dll
2021-08-20 18:50 - 2021-08-24 23:01 - 000354304 _____ () [Datei ist nicht signiert] C:\Users\termi\AppData\Local\Programs\Blitz\libegl.dll
2021-08-20 18:50 - 2021-08-24 23:01 - 007073792 _____ () [Datei ist nicht signiert] C:\Users\termi\AppData\Local\Programs\Blitz\libglesv2.dll
2021-05-14 19:58 - 2009-02-27 13:04 - 000335872 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu64.deu
2021-08-21 20:50 - 2021-08-21 20:50 - 003864576 _____ (Newtonsoft) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\7b8ab54038ddb56a6cb56f93d2867a79\Newtonsoft.Json.ni.dll
2021-05-12 00:37 - 2016-10-10 06:27 - 000556544 _____ (Soft Service Company) [Datei ist nicht signiert] C:\Program Files (x86)\Unified Remote 3\wcl.dll
2021-05-12 00:37 - 2017-05-29 04:55 - 001846272 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Unified Remote 3\libcryptoMD.dll
2021-05-12 00:37 - 2017-05-29 04:55 - 000382976 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Unified Remote 3\libsslMD.dll
2021-04-13 05:33 - 2019-12-17 14:16 - 000128181 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files (x86)\FreeAlarmClock\bass.dll
2021-04-13 05:33 - 2020-12-04 14:04 - 000029452 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files (x86)\FreeAlarmClock\bassflac.dll
2021-04-13 05:33 - 2016-04-04 12:22 - 000017733 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files (x86)\FreeAlarmClock\basswma.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\termi\Cookies:YUrEA9vCOWRzE2EzPMEq59br [2336]
AlternateDataStreams: C:\Users\termi\AppData\Local\un9cVOFCI:dm5YTZWWMaWHHfeyCnbLY [2500]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_281\bin\ssv.dll [2021-04-17] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_281\bin\jp2ssv.dll [2021-04-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2021-03-23 17:52 - 2021-05-06 22:01 - 000002408 _____ C:\WINDOWS\system32\drivers\etc\hosts
109.94.209.70      fitgirlrepacks.in              # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.in          # Fake FitGirl site
109.94.209.70      fitgirl-repacks.to              # Fake FitGirl site
109.94.209.70      fitgirlrepack.games            # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.to          # Fake FitGirl site
109.94.209.70      www.fitgirlrepack.games        # Fake FitGirl site
109.94.209.70      *.fitgirl-repacks.xyz          # Fake FitGirl site
109.94.209.70      fitgirlrepacks.co              # Fake FitGirl site
109.94.209.70      fitgirl-repacks.cc              # Fake FitGirl site
109.94.209.70      fitgirl-repack.com              # Fake FitGirl site
109.94.209.70      fitgirl-repacks.website        # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.co          # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.cc          # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.com          # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.website    # Fake FitGirl site
109.94.209.70      ww9.fitgirl-repacks.xyz        # Fake FitGirl site
109.94.209.70      *.fitgirl-repacks.xyz          # Fake FitGirl site
109.94.209.70      fitgirl-repacks.xyz            # Fake FitGirl site
109.94.209.70      fitgirl-repack.net              # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.net          # Fake FitGirl site
109.94.209.70      fitgirlpack.site                # Fake FitGirl site
109.94.209.70      www.fitgirlpack.site            # Fake FitGirl site

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64_win\compiler;%INTEL_DEV_REDIST%redist\ia32_win\compiler;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3983815968-458737157-1999859390-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 217.147.55.3 - 217.147.60.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
 ist aktiviert.

Network Binding:
=============
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

MSCONFIG\Services: DigitalWave.Update.Service => 2
MSCONFIG\Services: NIHardwareService => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "Update Plus Player"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "vibranceGUI"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{2069B03B-7FF1-4A96-982C-21C221A580A1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5D97FCB8-CB3B-479A-B27C-EA8EF9359DF5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A98D41C0-2014-45BA-9221-2A49A4382785}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{21E80ADB-9D1B-4B0A-B9C6-61E1B6BA4188}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{9DEEDE42-5CD0-4E9B-8CB0-AAEB3D8CC95B}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{16CD6494-5C1B-4E3B-A747-5C46B089E736}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{076F1949-7E19-4D8D-B428-EAB391B29D8F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A1D989F5-3F2B-4A62-ABC4-B0428FD26B56}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{83B785E6-1CD9-4417-AFFA-1C700E24B470}] => (Allow) R:\SteamLibrary\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{9516645E-D8FE-494E-A247-29CD342BE83D}] => (Allow) R:\SteamLibrary\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{22523582-58A1-48BB-BC3D-1ECABE7CD1E4}] => (Allow) R:\SteamLibrary\steamapps\common\Ironsight_wpg\launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{6308D54A-CD1E-4F1F-95DB-C6EFE1857EDB}] => (Allow) R:\SteamLibrary\steamapps\common\Ironsight_wpg\launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{F68FFDE7-8A85-4FE5-BE24-7BF78727B86D}C:\users\termi\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\termi\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [UDP Query User{EEDB1F01-849D-4129-8C99-99C386CE3766}C:\users\termi\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\termi\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [{73AD105F-4A24-4201-9ADB-02361390FDCB}] => (Allow) R:\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> )
FirewallRules: [{C3843D3A-929D-49AD-86DF-5ACDBBE744AA}] => (Allow) R:\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> )
FirewallRules: [{36D4A14A-BC1B-45E3-85EA-FF38013797FC}] => (Allow) R:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{109DCB20-2449-4F55-B3FB-DDC29B0E18EE}] => (Allow) R:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{2DFCA3C1-59CB-4A21-81E4-A1B5C576966C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TotallyAccurateBattlegrounds\TABG_Launcher.exe (Int3 Software AB -> Int3 Software AB)
FirewallRules: [{8BABF5A3-533B-4027-B335-D2B6908102BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TotallyAccurateBattlegrounds\TABG_Launcher.exe (Int3 Software AB -> Int3 Software AB)
FirewallRules: [{B8E9048E-3CF7-4338-BC74-B145C49F9DA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TotallyAccurateBattlegrounds\TotallyAccurateBattlegrounds.exe () [Datei ist nicht signiert]
FirewallRules: [{8A7AC861-C5BF-443D-AD2F-2A3D86866958}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TotallyAccurateBattlegrounds\TotallyAccurateBattlegrounds.exe () [Datei ist nicht signiert]
FirewallRules: [{F55011BC-B80D-4894-95A0-6A28575E62BA}] => (Allow) R:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{531EFBB1-5771-46F3-B3C2-7B99934B8DCB}] => (Allow) R:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{7CFC6846-2938-497E-B824-51056B9FC2CD}] => (Allow) R:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{AE5C0D22-F432-4BFE-A2DA-B53EB78BF693}] => (Allow) R:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{4D992528-308E-4FE8-8722-63D04A2DCDC4}] => (Allow) R:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{77DD4B0D-629A-480D-8ACC-5D8136A45202}] => (Allow) R:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{F3C63D17-2A76-40A6-8541-219B1E3001C5}] => (Allow) R:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{939105BC-94BB-4DEB-BA85-DC6AC58F2BA6}] => (Allow) R:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{26979859-D796-4469-9EFA-65EB3CDCE0AB}] => (Allow) R:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe (Valve -> )
FirewallRules: [{11003613-C716-4162-AF7F-71B778C56DD5}] => (Allow) R:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe (Valve -> )
FirewallRules: [TCP Query User{2863382C-B5AE-4AB7-A14A-443D8B2B548D}C:\program files\plitch\plitch.exe] => (Allow) C:\program files\plitch\plitch.exe (MegaDev GmbH -> MegaDev GmbH)
FirewallRules: [UDP Query User{04C7D106-916E-4020-B96D-0D2F1BFD12DA}C:\program files\plitch\plitch.exe] => (Allow) C:\program files\plitch\plitch.exe (MegaDev GmbH -> MegaDev GmbH)
FirewallRules: [{C1B581CD-81EA-48D7-8992-DF98DE98B076}] => (Allow) R:\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{E151ED52-2C2B-4479-9BEB-F3AB1D2F2C30}] => (Allow) R:\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{C1E52C12-5909-469D-B071-2153D6F19466}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4A5B4C25-C43B-4DAF-9F5C-B17F6FED46D0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C6909221-4126-42E0-81CA-0489B4452320}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{F459FD49-1899-43ED-AF1C-F8F5E13833CB}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{0D3E8B49-202D-4E46-BE0E-2B759E5247B9}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [UDP Query User{4007462C-52AE-4FF5-BBA8-99DB8E36C68F}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{262A6334-4501-4033-A5A7-D5EC4B48FCA1}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{544E1B7C-87C9-4BEB-8066-09A1D5E7B252}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{0AE71AFB-42AC-48D6-8A02-1DF367929AAE}R:\games\dead island definitive edition\deadislandgame.exe] => (Block) R:\games\dead island definitive edition\deadislandgame.exe (Techland) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{F81B7FF9-D624-47F9-BAA7-572B01E631E7}R:\games\dead island definitive edition\deadislandgame.exe] => (Block) R:\games\dead island definitive edition\deadislandgame.exe (Techland) [Datei ist nicht signiert]
FirewallRules: [{036D7647-F7D4-4A24-8F57-8A21E05EB2D6}] => (Allow) R:\SteamLibrary\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{0710C979-9553-4147-84E4-9F1D3D3FE93A}] => (Allow) R:\SteamLibrary\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{5EA217E9-65E8-4CD1-A054-F65130A2F549}] => (Allow) R:\SteamLibrary\steamapps\common\Spellbreak\Launch_Spellbreak.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{67B460F0-B740-4DEA-B09B-5A7B562D5E46}] => (Allow) R:\SteamLibrary\steamapps\common\Spellbreak\Launch_Spellbreak.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{1B6517DA-C476-44D9-A8C1-14234E3FE4DC}C:\users\termi\appdata\local\jetbrains\codewithmeclientdist\jbr_jcef-11_0_10-b1341.35-wlauncher\jbr\bin\jcef_helper.exe] => (Allow) C:\users\termi\appdata\local\jetbrains\codewithmeclientdist\jbr_jcef-11_0_10-b1341.35-wlauncher\jbr\bin\jcef_helper.exe (JetBrains s.r.o. -> )
FirewallRules: [UDP Query User{361723C2-0109-4B42-91C0-B2C38EAEA0CD}C:\users\termi\appdata\local\jetbrains\codewithmeclientdist\jbr_jcef-11_0_10-b1341.35-wlauncher\jbr\bin\jcef_helper.exe] => (Allow) C:\users\termi\appdata\local\jetbrains\codewithmeclientdist\jbr_jcef-11_0_10-b1341.35-wlauncher\jbr\bin\jcef_helper.exe (JetBrains s.r.o. -> )
FirewallRules: [TCP Query User{EDAC31D8-CF7C-4EED-B03E-48B29F3137E0}R:\call of duty modern warfare\modernwarfare.exe] => (Allow) R:\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{F7CEE603-8720-4EBD-897D-D3611C1085E0}R:\call of duty modern warfare\modernwarfare.exe] => (Allow) R:\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{D81C936C-2E14-4C24-8319-9932D6A4124B}C:\users\termi\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\termi\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{BF893C84-62E8-491C-8CF9-0E051E865A62}C:\users\termi\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\termi\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{94C92A4F-3190-48B9-B96E-1091EDD2F84A}R:\hardspace shipbreaker\shipbreaker.exe] => (Block) R:\hardspace shipbreaker\shipbreaker.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{434FBAB9-86D1-4F9F-B2AB-B08FD2E6AEDC}R:\hardspace shipbreaker\shipbreaker.exe] => (Block) R:\hardspace shipbreaker\shipbreaker.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{7C584A75-1011-4AAF-9B9B-20CED606E645}R:\games\dayz\dayzlaunch.exe] => (Allow) R:\games\dayz\dayzlaunch.exe (ZombieManiya) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{F8C42BF4-83CA-433D-A87C-55AC0366D21C}R:\games\dayz\dayzlaunch.exe] => (Allow) R:\games\dayz\dayzlaunch.exe (ZombieManiya) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{DBCE5FF8-4F82-4616-9483-FCA64012442B}R:\games\dayz\dayz_x64.exe] => (Allow) R:\games\dayz\dayz_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [UDP Query User{4FD5ED33-F1A5-4F1F-A82C-88B392055C51}R:\games\dayz\dayz_x64.exe] => (Allow) R:\games\dayz\dayz_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{FF15260E-48DF-4EA6-AA8B-D1E1B01111B9}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{2AA59EA6-21EA-41F9-84A4-A381CB0B61FB}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{C7DB2040-EA34-4448-97B3-128961C33CC6}] => (Allow) R:\SteamLibrary\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [{1087E516-71FD-4F98-A478-0B9D7923FC2E}] => (Allow) R:\SteamLibrary\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [{F018BEE7-7D71-4B3A-90C6-83BCBD791235}] => (Allow) C:\Users\termi\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{FC96FEDE-48D4-4B05-ADCE-7A51DE55D108}C:\users\termi\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\termi\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{9783B719-203C-491E-A44B-6E8189B9FE8C}C:\users\termi\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\termi\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9B06BF6F-B558-4D2D-946E-FDC4E0F00931}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CEFE696E-431E-4BDD-8F4F-DF361FB24697}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9AF4F121-77A7-4116-A390-69775B085D95}] => (Block) R:\PRODUCING\ABLETON\AhABELETTON\Program\Ableton Live 11 Suite.exe (Ableton) [Datei ist nicht signiert]
FirewallRules: [{0396CA1F-4EB4-458D-84F2-B05B285E87B4}] => (Block) R:\PRODUCING\ABLETON\AhABELETTON\Program\Ableton Live 11 Suite.exe (Ableton) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{F6D32813-C4BC-4D74-BB10-63E976919D67}C:\users\termi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\termi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{5D23A78F-4030-4E4D-A667-AE77F797D802}C:\users\termi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\termi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{E4569016-1242-4869-AB55-3BCB6FCC4123}C:\users\termi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\termi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{C03E3819-1137-4B08-9F27-DA0721BD9B1B}C:\users\termi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\termi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D2F47DE4-A68B-4887-A4D0-8D0A3E11DDD0}] => (Allow) R:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [Datei ist nicht signiert]
FirewallRules: [{00637B8A-1556-414D-835C-CAB1D29B7FCF}] => (Allow) R:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [Datei ist nicht signiert]
FirewallRules: [{7A5AF2FD-76C2-45C0-8C1E-C17CA99FA6D7}] => (Allow) R:\SteamLibrary\steamapps\common\Dig or Die\DigOrDie.exe () [Datei ist nicht signiert]
FirewallRules: [{833415B8-229D-470E-9A12-D9E9AB722EAA}] => (Allow) R:\SteamLibrary\steamapps\common\Dig or Die\DigOrDie.exe () [Datei ist nicht signiert]
FirewallRules: [{0DD2C45C-B6D3-495F-A18C-0E8A18256DA2}] => (Allow) R:\SteamLibrary\steamapps\common\sandstorm\InsurgencyEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{9083BAE3-A2C1-4C57-A8B5-3208785E59E4}] => (Allow) R:\SteamLibrary\steamapps\common\sandstorm\InsurgencyEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{B707AFF9-7B29-4D8C-BD33-DA0BA6248076}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{251B6695-3AC3-41F1-87C9-180E27DBBEAD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F78F8286-347A-4C72-A8D5-F9564964EACB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{48F3855A-8189-4BD1-AAB2-92DE5A982C8C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9DCB7068-7307-4B17-8F99-15908A3643DB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{D6E9F4B7-60B6-44E1-90DA-F06724639359}C:\users\termi\desktop\mini motorways\mini motorways.exe] => (Allow) C:\users\termi\desktop\mini motorways\mini motorways.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{5CBC935F-3319-4E75-8B28-CF87FC2ADAF4}C:\users\termi\desktop\mini motorways\mini motorways.exe] => (Allow) C:\users\termi\desktop\mini motorways\mini motorways.exe () [Datei ist nicht signiert]
FirewallRules: [{617955B4-F905-497B-83DE-9FFA02776413}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{21432F54-68DB-4B8C-84B7-0FB9FA207CCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C8911B7B-5DFB-43C1-B54C-FBF30A06782F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F9ADAB58-6FA4-4173-8EB9-EB3C61D41534}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{BF0E2EBF-59E4-4C75-BE99-11BFD843CA73}R:\riot games\riot client\riotclientservices.exe] => (Allow) R:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{A63940AB-49C2-45E3-B471-ECD1F06FFA07}R:\riot games\riot client\riotclientservices.exe] => (Allow) R:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{3A115758-A411-4EA2-B7DF-53DEF70E2F40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [Datei ist nicht signiert]
FirewallRules: [{73F00344-16FB-44F9-9EF9-73100841688C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [Datei ist nicht signiert]
FirewallRules: [{39B19084-BC27-4E7E-8FC9-5B48A30A8F96}] => (Allow) R:\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> )
FirewallRules: [{17B4BD42-FEFA-4312-A939-C6A7EF7CD9AC}] => (Allow) R:\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> )
FirewallRules: [{1F497FA9-B7F9-4965-BE6A-19A45E9A9425}] => (Allow) R:\SteamLibrary\steamapps\common\Dig or Die\DigOrDie.exe () [Datei ist nicht signiert]
FirewallRules: [{3BE11350-3FDE-4299-92A6-908FEEDCA29E}] => (Allow) R:\SteamLibrary\steamapps\common\Dig or Die\DigOrDie.exe () [Datei ist nicht signiert]
FirewallRules: [{58E5419B-3C45-495E-B75F-18216D91D537}] => (Allow) R:\SteamLibrary\steamapps\common\Ironsight_wpg\launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{B52D0AB7-E479-4CDB-8DAA-C16DD341BEFE}] => (Allow) R:\SteamLibrary\steamapps\common\Ironsight_wpg\launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{2446425D-EBB5-44BC-B78E-FEF66C12CAF5}] => (Allow) R:\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{A603BE56-E7B2-4CFE-AB47-FA8149CD632C}] => (Allow) R:\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{59E1806C-0DE5-4A7C-BD28-25D6CD02DFEF}] => (Block) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [TCP Query User{24C02AD2-5918-4068-8908-2EE61C113CDE}C:\users\termi\appdata\local\programs\opera gx\77.0.4054.298\opera.exe] => (Allow) C:\users\termi\appdata\local\programs\opera gx\77.0.4054.298\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{9860210B-0F17-416E-B02A-E973D62089AE}C:\users\termi\appdata\local\programs\opera gx\77.0.4054.298\opera.exe] => (Allow) C:\users\termi\appdata\local\programs\opera gx\77.0.4054.298\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{8F28DACC-B327-4B25-A6D4-08756328630F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{95AB9B25-C18C-4363-AB1F-8C1134E5AC95}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FF3D0E96-0A40-4EB6-8D2D-EBC720BB39FC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{502F6868-15F0-4371-B325-CAFF24B80714}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{42FF698F-551A-410E-9BCA-EFCFEBAC18DC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{627D7FC1-31AB-4CDD-91E7-421D8E7F3F9C}] => (Allow) R:\SteamLibrary\steamapps\common\The Forest\TheForest.exe () [Datei ist nicht signiert]
FirewallRules: [{31DDDCAB-A8F4-4F4A-B3C9-61CDBABA5A19}] => (Allow) R:\SteamLibrary\steamapps\common\The Forest\TheForest.exe () [Datei ist nicht signiert]
FirewallRules: [{2C7A953A-876A-43AF-B370-8FF6D0EA99D8}] => (Allow) R:\SteamLibrary\steamapps\common\The Forest\TheForestVR.exe () [Datei ist nicht signiert]
FirewallRules: [{E7851C69-D198-4417-B50A-99091FC85EF1}] => (Allow) R:\SteamLibrary\steamapps\common\The Forest\TheForestVR.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{86FC4086-6663-4D4B-BB2D-AAF855E6C02F}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{5BA2789B-7E35-4D88-B23B-4A35A0C2E9BC}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{FDAC41D7-F1F6-4876-9125-5389D8A3EF39}] => (Allow) R:\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe (Chucklefish LTD) [Datei ist nicht signiert]
FirewallRules: [{E169D981-7CD4-4503-ADFF-9A7F729A3504}] => (Allow) R:\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe (Chucklefish LTD) [Datei ist nicht signiert]
FirewallRules: [{5B9561C7-8B35-41FE-94E2-362E946CC04E}] => (Allow) R:\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe () [Datei ist nicht signiert]
FirewallRules: [{49D95CE2-F042-4D84-9084-6909F74B1966}] => (Allow) R:\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe () [Datei ist nicht signiert]
FirewallRules: [{A78D3A6B-D0D5-4F64-975E-4FEECE234483}] => (Allow) R:\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe () [Datei ist nicht signiert]
FirewallRules: [{08B5B3A5-35D2-431C-8BF4-C34D698962C2}] => (Allow) R:\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe () [Datei ist nicht signiert]
FirewallRules: [{25F12664-9FE7-4991-A167-DA3BA1CFFDB5}] => (Allow) R:\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe (Chucklefish LTD) [Datei ist nicht signiert]
FirewallRules: [{5B8E4D2F-A891-4AF8-A54F-B357990C1CC0}] => (Allow) R:\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe (Chucklefish LTD) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{460C26BF-06D7-489F-9B15-93AB91C30EA3}C:\users\termi\appdata\local\programs\opera gx\78.0.4093.153\opera.exe] => (Allow) C:\users\termi\appdata\local\programs\opera gx\78.0.4093.153\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{7EA17992-29D1-4E45-88E7-E0AECA0DCB1E}C:\users\termi\appdata\local\programs\opera gx\78.0.4093.153\opera.exe] => (Allow) C:\users\termi\appdata\local\programs\opera gx\78.0.4093.153\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{E71FDC67-E5A5-4C73-80E6-9EE37C60F310}] => (Block) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{DFCC5B23-D1A9-4706-831C-C4DD50BB3C21}] => (Allow) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{99420762-59AA-4893-80F9-1F5C9708D893}] => (Block) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{9FB7F7C2-5F23-4BAF-8F9E-891CA1E53963}] => (Allow) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{AD7BD40A-429C-4625-81D8-E26B3B4DEB2E}] => (Block) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{2ED1BC5C-E327-4636-85FD-E528B55474D9}] => (Block) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{F11E50C2-5CFC-4E0C-906D-68243683D65E}] => (Block) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{CD53D11E-70F1-4941-8EEF-76DEB6B49EE8}] => (Block) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{A5831ED2-08D0-4C94-9830-CE43C21D601D}] => (Block) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{859ED231-E126-476D-A564-237DCB0C37BE}] => (Block) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{88A013B7-7A15-4205-A184-0D848CCB8D59}] => (Block) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{CF19A340-7C55-4726-B578-FA734349A90E}] => (Block) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{5AAE9512-73FB-42FF-92ED-74FA1CD62B52}] => (Block) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{CB348152-441E-46A7-9E48-DE933103162E}] => (Block) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{A549FF6B-DD48-4BE4-B04E-929AC293B789}] => (Allow) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{F19BD356-A456-4FBC-AB15-45C39E5FB790}] => (Allow) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{BB508600-4D44-47E8-A08E-71084CEE17E3}] => (Block) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{2B7FB5D8-C0D3-4128-90B6-956D2E2AE188}] => (Block) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{3C519049-5953-4EF5-89F1-DBB6793AD1BF}] => (Block) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{8DAC4B14-68F9-4860-BA9A-FEC252FAD882}] => (Block) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{0FFBB512-0136-429A-AB0B-EF596AB1D6B8}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{38EC10A5-5384-4F70-888B-85ABA5F17639}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{CA69EDC7-3CE6-4097-9D2F-52F21C7A03CE}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

==================== Wiederherstellungspunkte =========================

03-04-2021 04:06:35 Windows Modules Installer
21-08-2021 21:32:41 Geplanter Prüfpunkt
26-08-2021 18:26:43 Driver Update
26-08-2021 18:26:52 Windows Update
26-08-2021 18:37:08 Avira System Speedup Optimierung

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (08/26/2021 06:46:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte Startoptimierung auf WIN10_1 (C:) nicht abschließen. Grund: Die Startoptimierung konnte nicht ausgeführt werden, da die Datei für das Vorababruflayout nicht vorhanden oder ungültig ist. (0x8900001B)

Error: (08/26/2021 06:44:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (08/26/2021 06:44:34 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (08/26/2021 06:44:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (08/26/2021 06:44:34 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (08/26/2021 06:44:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte Startoptimierung auf WIN10_1 (C:) nicht abschließen. Grund: Die Startoptimierung konnte nicht ausgeführt werden, da die Datei für das Vorababruflayout nicht vorhanden oder ungültig ist. (0x8900001B)

Error: (08/26/2021 06:42:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (08/26/2021 06:42:34 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]


Systemfehler:
=============
Error: (08/26/2021 07:25:55 PM) (Source: DCOM) (EventID: 10010) (User: MISTERSUN)
Description: Der Server "Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (08/26/2021 06:42:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "AntiVirWebService" ist vom Dienst "AntiVirService" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der Vorgang wurde erfolgreich beendet.

Error: (08/26/2021 06:42:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "AntiVirMailService" ist vom Dienst "AntiVirService" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der Vorgang wurde erfolgreich beendet.

Error: (08/26/2021 06:37:57 PM) (Source: DCOM) (EventID: 10005) (User: MISTERSUN)
Description: Fehler "1053" in DCOM, als der Dienst "BcastDVRUserService_18391a" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
Windows.Media.Capture.Internal.AppCaptureShell

Error: (08/26/2021 06:37:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Benutzerdienst für GameDVR und Übertragungen_18391a" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/26/2021 06:37:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdienst für GameDVR und Übertragungen_18391a erreicht.

Error: (08/21/2021 09:25:15 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (08/20/2021 07:53:18 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "UsoSvc" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{9C695035-48D2-4229-8B73-4C70E756E519}


Windows Defender:
================
Date: 2021-08-25 22:45:30
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {EBBDE743-DE5C-4201-9551-B66CE4A18AB1}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-08-24 21:52:00
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {FB54C865-41AB-4B45-BA94-1F57F96FE025}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-08-23 23:17:31
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {F9D4C809-9B1E-4262-8E59-BCD8B3EC1523}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-08-22 22:11:10
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {4CF2E328-B873-45C9-91C9-4F738685E51D}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-08-21 21:55:19
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {09437ADC-A6A2-4470-A0F0-5CF6B7377833}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

CodeIntegrity:
===============
Date: 2021-08-26 18:51:18
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Users\termi\AppData\Local\Programs\Opera GX\78.0.4093.153\opera.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-08-26 01:54:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\WaaSMedicAgent.exe) attempted to load \Device\HarddiskVolume7\Windows\System32\acaptuser64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-08-03 18:05:18
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-07-13 13:19:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Users\termi\AppData\Local\WhatsApp\app-2.2126.10\WhatsApp.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Overwolf\0.173.0.16\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2021-07-12 20:31:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Users\termi\AppData\Local\WhatsApp\app-2.2123.8\WhatsApp.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Overwolf\0.173.0.16\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2021-07-12 17:35:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Users\termi\AppData\Local\Microsoft\Teams\current\Teams.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Overwolf\0.173.0.16\OWExplorer.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen ===========================

BIOS: American Megatrends Inc. 3016 12/27/2016
Hauptplatine: ASUSTeK COMPUTER INC. H110M-A/M.2
Prozessor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 16255.11 MB
Verfügbarer physikalischer RAM: 8379.68 MB
Summe virtueller Speicher: 28031.11 MB
Verfügbarer virtueller Speicher: 17395.88 MB

==================== Laufwerke ================================

Drive c: (WIN10_1) (Fixed) (Total:231.77 GB) (Free:54.78 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:869.32 GB) NTFS
Drive f: () (Fixed) (Total:100 GB) (Free:98.05 GB) NTFS
Drive r: (Volume) (Fixed) (Total:1763.01 GB) (Free:74.15 GB) NTFS

\\?\Volume{78269f4c-e660-11e7-8ac3-704d7b2db4bc}\ (Wiederherstellung) (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
\\?\Volume{dfb2431d-ec2f-4309-968a-fd41448ddd5a}\ () (Fixed) (Total:0.57 GB) (Free:0.07 GB) NTFS
\\?\Volume{c0dc1d43-3a10-4b0a-b850-705cab2dc9c8}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 9B424CEE)
Partition 1: (Not Active) - (Size=1763 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: CE219331)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================

Individuum 26.08.2021 19:15
Code:
shortcut:

Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 21-08-2021
durchgeführt von termi (26-08-2021 19:48:37)
Gestartet von C:\Users\termi\Desktop
Start-Modus: Normal

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\SoundToys\Uninstall SoundToys 5.lnk -> C:\ProgramData\AudioUTOPiA\Uninstall64.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 9.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7761-000000000004}\_SC_Distiller.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe 3D Reviewer.lnk -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\plug_ins3d\prc\A3DReviewer.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 9 Pro Extended.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7761-000000000004}\_SC_Acrobat_3D.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk -> C:\WINDOWS\Installer\{AC76BA86-1033-FFFF-7760-0C0F074E4100}\_SC_Acrobat.ico (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrodist.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle Designer ES 8.2.lnk -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk -> C:\Program Files\Adobe\Adobe Photoshop 2021\Photoshop.exe (Adobe)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk -> C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Breitbandmessung.lnk -> C:\Program Files\Breitbandmessung\Breitbandmessung.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock.lnk -> C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe (Comfort Software Group)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ninja.lnk -> C:\Program Files (x86)\Ninja\Ninja\Ninja.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk -> C:\Program Files\Notepad++\notepad++.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optolith.lnk -> C:\Program Files\Optolith\Optolith.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plitch.lnk -> C:\Program Files\Plitch\Plitch.exe (MegaDev GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneFab Spotify Music Converter.lnk -> C:\Program Files (x86)\TuneFab Spotify Music Converter\TuneFab Spotify Music Converter.exe (TuneFab)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltData for Android.lnk -> C:\Program Files (x86)\Tenorshare\UltData - Android Data Recovery\NetFrameCheck.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019.lnk -> C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\Common7\IDE\devenv.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk -> C:\Program Files (x86)\Microsoft Visual Studio\Installer\vs_installer.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk -> C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk -> C:\Program Files (x86)\WinSCP\WinSCP.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip.lnk -> C:\Program Files\WinZip\winzip64.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yendis Entertainment Pty Ltd\Official Krunker.io Client.lnk -> C:\Program Files\Yendis Entertainment Pty Ltd\Official Krunker.io Client\Official Krunker.io Client.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare\Video Converter Ultimate\Wondershare Video Converter Ultimate.lnk -> C:\Program Files (x86)\Wondershare\Video Converter Ultimate\VideoConverterUltimate.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare\Recoverit\Wondershare Recoverit.lnk -> C:\Program Files\Wondershare\Wondershare Recoverit Pro (Deutsch)\recoverit.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner\Wise Registry Cleaner.lnk -> C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip\WinZip.lnk -> C:\Program Files\WinZip\winzip64.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windscribe\Windscribe entfernen.lnk -> C:\Program Files (x86)\Windscribe\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windscribe\Windscribe.lnk -> C:\Program Files (x86)\Windscribe\WindscribeLauncher.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows Software Development Kit\Documentation for Desktop Apps.lnk -> C:\Program Files (x86)\Windows Kits\10\Shortcuts\DesktopDevCenterLearn.url (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows Software Development Kit\Documentation for Windows Store Apps.lnk -> C:\Program Files (x86)\Windows Kits\10\Shortcuts\WindowsStoreAppDevCenterLearn.url (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows Software Development Kit\Samples for Desktop Apps.lnk -> C:\Program Files (x86)\Windows Kits\10\Shortcuts\DesktopDevCenterSamples.url (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows Software Development Kit\Samples for Windows Store Apps.lnk -> C:\Program Files (x86)\Windows Kits\10\Shortcuts\WindowsStoreAppDevCenterSamples.url (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows Software Development Kit\Tools for Desktop Apps.lnk -> C:\Program Files (x86)\Windows Kits\10\Shortcuts\DesktopDevCenterToolsDocumentation.url (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows Software Development Kit\Tools for Windows Store Apps.lnk -> C:\Program Files (x86)\Windows Kits\10\Shortcuts\WindowsStoreAppDevCenterToolsDocumentation.url (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows App Certification Kit\Windows App Cert Kit.lnk -> C:\Program Files (x86)\Windows Kits\10\App Certification Kit\appcertui.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Application Verifier (X86)\Application Verifier (WOW).lnk -> C:\Windows\SysWOW64\appverif.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Application Verifier (X64)\Application Verifier (X64).lnk -> C:\Windows\System32\appverif.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Application Verifier (X64)\Application Verifier Help.lnk -> C:\Windows\System32\appverif.chm (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves\CODEX.lnk -> R:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Waves\Waves\Applications\CODEX App.exe (Waves Audio Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves\Electric88.lnk -> R:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Waves\Waves\Applications\Electric88 App.exe (Waves Audio Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves\Element.lnk -> R:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Waves\Waves\Applications\Element App.exe (Waves Audio Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves\eMotion LV1.lnk -> R:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Waves\Waves\eMotion LV1\eMotion LV1.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves\GTR 3.5.lnk -> R:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Waves\Waves\Applications\GTR 3.5.exe (Waves Audio Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves\GTRSolo 3.5.lnk -> R:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Waves\Waves\Applications\GTRSolo 3.5.exe (Waves Audio Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves\MultiRack SoundGrid.lnk -> R:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Waves\Waves\MultiRack\MultiRack SoundGrid.exe (Waves Audio Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves\MultiRack.lnk -> R:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Waves\Waves\MultiRack\MultiRack.exe (Waves Audio Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves\SoundGrid Studio.lnk -> R:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Waves\Waves\SoundGrid Studio\SoundGrid Studio.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves\Uninstall.lnk -> R:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Waves\Waves\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves\SoundGrid\SoundGrid Driver Control Panel.lnk -> C:\Program Files (x86)\Waves\SoundGrid\Driver Control Panel\SoundGrid Driver Control Panel.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves\SoundGrid\Uninstall  Waves SoundGrid Drivers.lnk -> C:\Program Files (x86)\Waves\SoundGrid\Driver Control Panel\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Plus Player\Release Notes.lnk -> R:\VLC Plus Player\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Plus Player\VLC Plus Player.lnk -> R:\VLC Plus Player\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visage [GOG.com]\Deinstallieren Visage.lnk -> R:\Visage\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visage [GOG.com]\Visage.lnk -> R:\Visage\Visage.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable\Audio Repeater (KS).lnk -> C:\Program Files\Virtual Audio Cable\audiorepeater_ks.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable\Audio Repeater (MME).lnk -> C:\Program Files\Virtual Audio Cable\audiorepeater.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable\Control panel.lnk -> C:\Program Files\Virtual Audio Cable\vcctlpan.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable\Homepage.lnk -> C:\Program Files\Virtual Audio Cable\homepage.url (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable\License Agreement.lnk -> C:\Program Files\Virtual Audio Cable\license.txt (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable\Readme.lnk -> C:\Program Files\Virtual Audio Cable\readme.txt (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable\Uninstall Virtual Audio Cable.lnk -> C:\Program Files\Virtual Audio Cable\setup64.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable\User manual.lnk -> C:\Program Files\Virtual Audio Cable\vac.chm (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files\VideoLAN\VLC\Documentation.url (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files\VideoLAN\VLC\NEWS.txt (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files\VideoLAN\VLC\VideoLAN Website.url (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio\Voicemeeter\15 Bands Graphic EQ.LNK -> C:\Program Files (x86)\VB\Voicemeeter\VoicemeeterBUSGEQ15.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio\Voicemeeter\8x8 Output Matrix.LNK -> C:\Program Files (x86)\VB\Voicemeeter\VoicemeeterBUSMatrix8.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio\Voicemeeter\Macro Buttons.LNK -> C:\Program Files (x86)\VB\Voicemeeter\VoicemeeterMacroButtons.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio\Voicemeeter\Readme.LNK -> C:\Program Files (x86)\VB\Voicemeeter\readme.txt (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio\Voicemeeter\VBAN-2-MIDI.LNK -> C:\Program Files (x86)\VB\Voicemeeter\VBAN2MIDI.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio\Voicemeeter\Virtual IO Control Panel.LNK -> C:\Program Files (x86)\VB\Voicemeeter\VBCABLE_ControlPanel.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio\Voicemeeter\Voicemeeter.LNK -> C:\Program Files (x86)\VB\Voicemeeter\voicemeeter.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unified Remote 3\Unified Remote.lnk -> C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unified Remote 3\Uninstall Unified Remote.lnk -> C:\Program Files (x86)\Unified Remote 3\unins000.exe (Unified Intents AB                                          )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltData for Android\UltData for Android entfernen.lnk -> C:\Program Files (x86)\Tenorshare\UltData - Android Data Recovery\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt\TrueCrypt.lnk -> C:\Program Files\TrueCrypt\TrueCrypt.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt\Uninstall TrueCrypt.lnk -> C:\Program Files\TrueCrypt\TrueCrypt Setup.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Camtasia 9.lnk -> C:\WINDOWS\Installer\{1D09B594-C8B5-4CF1-B927-41D9A487799C}\CamtasiaIcons.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Camtasia Recorder 9.lnk -> C:\WINDOWS\Installer\{1D09B594-C8B5-4CF1-B927-41D9A487799C}\CamtasiaIcons.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T7 Wired Gaming Mouse\  entfernen.lnk -> C:\Windows\unins001.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T7 Wired Gaming Mouse\T7 Wired Gaming Mouse.lnk -> C:\Program Files (x86)\T7 Wired Gaming Mouse\T7 Wired Gaming Mouse.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1\Manual.lnk -> R:\PRODUCING\VST\64 X\VSTPlugins\Sylenth1\Manual-English.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1\Uninstall Sylenth1.lnk -> R:\PRODUCING\VST\64 X\VSTPlugins\Sylenth1\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1\Visit LennarDigital.lnk -> R:\PRODUCING\VST\64 X\VSTPlugins\Sylenth1\LennarDigital.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sy Disk Cleaner\Sy Disk Cleaner.lnk -> C:\Program Files (x86)\Sy\Sy Disk Cleaner\WiseDiskCleaner.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSD Tweaker\SSD Tweaker.lnk -> C:\Program Files (x86)\SSD Tweaker\SSD Tweaker.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSD Tweaker\Uninstall SSD Tweaker.lnk -> C:\Program Files (x86)\SSD Tweaker\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos\Sonos.lnk -> C:\Program Files (x86)\Sonos\Sonos.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIW\ SIW.lnk -> C:\Program Files (x86)\SIW 2013 Home Edition\siw.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIW\SIW - EULA.lnk -> C:\Program Files (x86)\SIW 2013 Home Edition\eula.txt (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIW\Uninstall SIW.lnk -> C:\Program Files (x86)\SIW 2013 Home Edition\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShareX\ShareX entfernen.lnk -> C:\Program Files\ShareX\unins000.exe (ShareX Team                                                )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShareX\ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShareX\Uninstall ShareX.lnk -> C:\Program Files\ShareX\unins000.exe (ShareX Team                                                )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\SeaTools for Windows\SeaTools for Windows.lnk -> C:\Program Files (x86)\Seagate\SeaTools for Windows\SeaToolsforWindows.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\SeaTools for Windows\Uninstall.lnk -> C:\Program Files (x86)\Seagate\SeaTools for Windows\uninst.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician\Samsung Magician entfernen.lnk -> C:\Program Files (x86)\Samsung\Samsung Magician\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician\Samsung Magician.lnk -> C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Smart Switch.lnk -> C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Uninstall Smart Switch.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}\setup.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Data Migration\Data Migration.lnk -> C:\Program Files (x86)\Samsung\Samsung Data Migration\Data Migration.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roland\QUAD-CAPTURE Driver\QUAD-CAPTURE Readme.lnk -> C:\Program Files\Roland\QUAD-CAPTURE Driver\README.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roland\QUAD-CAPTURE Driver\QUAD-CAPTURE.lnk -> C:\Program Files\Roland\QUAD-CAPTURE Driver\Files\RDDP1117.EXE (Roland Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics\Human - Fall Flat\Uninstall Human - Fall Flat.lnk -> C:\Users\termi\AppData\Roaming\Human - Fall Flat_Uninstall\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics\Alien Isolation\Play Alien Isolation.lnk -> R:\Program Files (x86)\R.G. Mechanics\Alien Isolation\AI.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics\Alien Isolation\Uninstall Alien Isolation.lnk -> C:\Users\termi\AppData\Roaming\Alien Isolation\Uninstall\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quantum Break\Play Quantum Break.lnk -> R:\Quantum Break\QuantumBreakLauncher.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quantum Break\Uninstall.lnk -> R:\Quantum Break\Uninstall\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pioneer\rekordbox 5.8.1\Connection Guide For Performance Mode.lnk -> C:\Program Files\Pioneer\rekordbox 5.8.1\manual\rekordbox5.3.0_connection_guide_for_performance_mode_EN.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pioneer\rekordbox 5.8.1\Default Keyboard Shortcut Reference.lnk -> C:\Program Files\Pioneer\rekordbox 5.8.1\manual\rekordbox_5.0.0_default_keyboard_shortcut_reference_EN.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pioneer\rekordbox 5.8.1\DVS Setup Guide.lnk -> C:\Program Files\Pioneer\rekordbox 5.8.1\manual\rekordbox5.3.0_dvs_setup_guide_EN.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pioneer\rekordbox 5.8.1\Lighting Operation Guide.lnk -> C:\Program Files\Pioneer\rekordbox 5.8.1\manual\rekordbox5.5.0_lighting_operation_guide_EN.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pioneer\rekordbox 5.8.1\Lyric Operation Guide.lnk -> C:\Program Files\Pioneer\rekordbox 5.8.1\manual\rekordbox5.3.0_lyric_operation_guide_EN.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pioneer\rekordbox 5.8.1\Midi Learn Operation Guide.lnk -> C:\Program Files\Pioneer\rekordbox 5.8.1\manual\rekordbox5.3.0_midi_learn_operation_guide_EN.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pioneer\rekordbox 5.8.1\Pad Editor Operation Guide.lnk -> C:\Program Files\Pioneer\rekordbox 5.8.1\manual\rekordbox5.2.3_pad_editor_operation_guide_EN.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pioneer\rekordbox 5.8.1\Phrase Edit Operation Guide.lnk -> C:\Program Files\Pioneer\rekordbox 5.8.1\manual\rekordbox5.1.0_Phrase_Edit_operation_guide_EN.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pioneer\rekordbox 5.8.1\Prodjlink Setupguide.lnk -> C:\Program Files\Pioneer\rekordbox 5.8.1\manual\PRODJLINK_SetupGuide_ver1.01_en.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pioneer\rekordbox 5.8.1\rekordbox Manual.lnk -> C:\Program Files\Pioneer\rekordbox 5.8.1\manual\rekordbox5.5.0_manual_EN.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pioneer\rekordbox 5.8.1\rekordbox.lnk -> C:\Program Files\Pioneer\rekordbox 5.8.1\rekordbox.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pioneer\rekordbox 5.8.1\Video Operation Guide.lnk -> C:\Program Files\Pioneer\rekordbox 5.8.1\manual\rekordbox5.4.0_video_operation_guide_EN.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PingPlotter 5\PingPlotter 5.lnk -> C:\Program Files (x86)\PingPlotter 5\PingPlotter.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PingPlotter 5\Printable Manual (offline).lnk -> C:\Program Files (x86)\PingPlotter 5\PingPlotter_v5_manual.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhonerLite\PhonerLite entfernen.lnk -> C:\Program Files (x86)\PhonerLite\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhonerLite\PhonerLite im Internet.lnk -> C:\Program Files (x86)\PhonerLite\PhonerLite.url (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhonerLite\PhonerLite.lnk -> C:\Program Files (x86)\PhonerLite\PhonerLite.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Per Aspera [GOG.com]\Deinstallieren Per Aspera.lnk -> R:\Per Aspera\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Per Aspera [GOG.com]\Per Aspera.lnk -> R:\Per Aspera\Per Aspera.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PenTabletDriver\PenTabletDriver entfernen.lnk -> C:\PenTabletDriver\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PenTabletDriver\PenTabletDriver.lnk -> C:\PenTabletDriver\TabletDriver.exe (Graphic Tablet Company Shenzhen)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24\PDF24.lnk -> C:\Program Files (x86)\PDF24\pdf24-Launcher.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC-Wecker\PC-Wecker.lnk -> C:\Anwendungen\Ben Kheder-Software\PC-Wecker\PC-Wecker.exe (Ben Kheder-Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin deinstallieren.lnk -> C:\Program Files (x86)\Origin\OriginUninstall.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin Fehlermeldungs-Hilfe.lnk -> C:\Program Files (x86)\Origin\OriginER.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (32bit).lnk -> C:\Program Files (x86)\obs-studio\bin\32bit\obs32.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (64bit).lnk -> C:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\Uninstall.lnk -> C:\Program Files (x86)\obs-studio\uninstall.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec\NordVPN Diagnostics.lnk -> C:\Program Files\NordVPN\6.36.6.0\Diagnostics.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec\NordVPN.lnk -> C:\Program Files\NordVPN\NordVPN.exe (TEFINCOM S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ninja\Ninja Shortcut Editor.lnk -> C:\Program Files (x86)\Ninja\Ninja\ShortcutEditor.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ninja\Ninja.lnk -> C:\Program Files (x86)\Ninja\Ninja\Ninja.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NBTExplorer\NBTExplorer.lnk -> C:\Program Files (x86)\NBTExplorer\NBTExplorer.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Traktor Pro 3\Traktor Pro 3.lnk -> C:\Program Files\Native Instruments\Traktor Pro 3\Traktor.exe (Native Instruments GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Traktor Kontrol S4 MK2\Traktor Kontrol S4 MK2 Control Panel.lnk -> C:\Program Files\Native Instruments\Traktor Kontrol S4 MK2 Driver\niks4m2cpl.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Traktor 2\Traktor 2.lnk -> C:\Program Files\Native Instruments\Traktor 2\Traktor.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Service Center\Native Instruments Homepage.lnk -> C:\WINDOWS\Installer\{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}\et20Explorer5ciexplore.exe0.ico (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Service Center\Service Center.lnk -> C:\Program Files\Native Instruments\Service Center\ServiceCenter.exe (Native Instruments GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Service Center\Documentation\More Documentation.lnk -> C:\Program Files\Native Instruments\Service Center\Documentation ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Service Center\Documentation\Readme.txt.lnk -> C:\Program Files\Native Instruments\Service Center\Documentation\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Service Center\Documentation\Service Center Manual English.pdf.lnk -> C:\Program Files\Native Instruments\Service Center\Documentation\Service Center Manual English.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Service Center\Documentation\Service Center Manual French.pdf.lnk -> C:\Program Files\Native Instruments\Service Center\Documentation\Service Center Manual French.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Service Center\Documentation\Service Center Manual German.pdf.lnk -> C:\Program Files\Native Instruments\Service Center\Documentation\Service Center Manual German.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Service Center\Documentation\Service Center Manual Japanese.pdf.lnk -> C:\Program Files\Native Instruments\Service Center\Documentation\Service Center Manual Japanese.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Service Center\Documentation\Service Center Manual Spanish.pdf.lnk -> C:\Program Files\Native Instruments\Service Center\Documentation\Service Center Manual Spanish.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Reaktor 6\Reaktor 6.lnk -> R:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\NI Reaktor 6\Reaktor 6\Reaktor 6.exe (Native Instruments GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Massive\Massive.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Massive\Massive.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Massive\Native Instruments Homepage.lnk -> C:\Windows\Installer\{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}\et20Explorer5ciexplore.exe0.ico (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Massive\Documentation\Massive Getting Started English.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Massive\Documentation\Massive Getting Started English.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Massive\Documentation\Massive Getting Started French.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Massive\Documentation\Massive Getting Started French.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Massive\Documentation\Massive Getting Started German.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Massive\Documentation\Massive Getting Started German.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Massive\Documentation\Massive Getting Started Japanese.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Massive\Documentation\Massive Getting Started Japanese.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Massive\Documentation\Massive Getting Started Spanish.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Massive\Documentation\Massive Getting Started Spanish.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Massive\Documentation\Massive Manual Addendum English.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Massive\Documentation\Massive Manual Addendum English.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Massive\Documentation\Massive Manual Addendum French.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Massive\Documentation\Massive Manual Addendum French.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Massive\Documentation\Massive Manual Addendum German.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Massive\Documentation\Massive Manual Addendum German.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Massive\Documentation\Massive Manual Addendum Japanese.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Massive\Documentation\Massive Manual Addendum Japanese.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Massive\Documentation\Massive Manual Addendum Spanish.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Massive\Documentation\Massive Manual Addendum Spanish.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Massive\Documentation\Massive Manual English.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Massive\Documentation\Massive Manual English.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Massive\Documentation\Massive Manual French.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Massive\Documentation\Massive Manual French.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Massive\Documentation\Massive Manual German.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Massive\Documentation\Massive Manual German.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Massive\Documentation\Massive Manual Japanese.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Massive\Documentation\Massive Manual Japanese.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Massive\Documentation\Massive Manual Spanish.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Massive\Documentation\Massive Manual Spanish.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Massive\Documentation\More Documentation.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Massive\Documentation (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Massive\Documentation\Readme.txt.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Massive\Documentation\Readme.txt (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Kontakt 5\Kontakt 5.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Kontakt 5\Kontakt 5.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Kontakt 5\Native Instruments Homepage.lnk -> C:\Windows\Installer\{5552453B-BB76-45E3-973D-F95E458ED780}\et20Explorer5ciexplore.exe0.ico (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Kontakt 5\Documentation\Kontakt 5 Getting Started English.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Kontakt 5\Documentation\Kontakt 5 Getting Started English.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Kontakt 5\Documentation\Kontakt 5 Getting Started French.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Kontakt 5\Documentation\Kontakt 5 Getting Started French.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Kontakt 5\Documentation\Kontakt 5 Getting Started German.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Kontakt 5\Documentation\Kontakt 5 Getting Started German.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Kontakt 5\Documentation\Kontakt 5 Getting Started Japanese.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Kontakt 5\Documentation\Kontakt 5 Getting Started Japanese.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Kontakt 5\Documentation\Kontakt 5 Getting Started Spanish.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Kontakt 5\Documentation\Kontakt 5 Getting Started Spanish.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Kontakt 5\Documentation\More Documentation.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Kontakt 5\Documentation (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Kontakt 5\Documentation\Readme.txt.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Kontakt 5\Documentation\Readme.txt (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Guitar Rig 5\Guitar Rig 5.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Guitar Rig 5\Guitar Rig 5.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Guitar Rig 5\Native Instruments Homepage.lnk -> C:\Windows\Installer\{01D57CF6-B5BC-4D03-AFF5-7960CFBD05A9}\et20Explorer5ciexplore.exe0.ico (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Guitar Rig 5\Documentation\More Documentation.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Guitar Rig 5\Documentation (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Guitar Rig 5\Documentation\Readme.txt.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Guitar Rig 5\Documentation\Readme.txt (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\FM8\FM8.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\FM8\FM8.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\FM8\Native Instruments Homepage.lnk -> C:\Windows\Installer\{B2552FA6-86E3-410D-84AD-265C2242D410}\et20Explorer5ciexplore.exe0.ico (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\FM8\Documentation\FM8 Getting Started English.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\FM8\Documentation\FM8 Getting Started English.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\FM8\Documentation\FM8 Getting Started French.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\FM8\Documentation\FM8 Getting Started French.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\FM8\Documentation\FM8 Getting Started German.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\FM8\Documentation\FM8 Getting Started German.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\FM8\Documentation\FM8 Getting Started Japanese.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\FM8\Documentation\FM8 Getting Started Japanese.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\FM8\Documentation\FM8 Getting Started Spanish.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\FM8\Documentation\FM8 Getting Started Spanish.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\FM8\Documentation\FM8 Manual Addendum English.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\FM8\Documentation\FM8 Manual Addendum English.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\FM8\Documentation\FM8 Manual Addendum French.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\FM8\Documentation\FM8 Manual Addendum French.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\FM8\Documentation\FM8 Manual Addendum German.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\FM8\Documentation\FM8 Manual Addendum German.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\FM8\Documentation\FM8 Manual Addendum Japanese.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\FM8\Documentation\FM8 Manual Addendum Japanese.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\FM8\Documentation\FM8 Manual Addendum Spanish.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\FM8\Documentation\FM8 Manual Addendum Spanish.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\FM8\Documentation\FM8 Manual English.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\FM8\Documentation\FM8 Manual English.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\FM8\Documentation\FM8 Manual French.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\FM8\Documentation\FM8 Manual French.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\FM8\Documentation\FM8 Manual German.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\FM8\Documentation\FM8 Manual German.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\FM8\Documentation\FM8 Manual Japanese.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\FM8\Documentation\FM8 Manual Japanese.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\FM8\Documentation\FM8 Manual Spanish.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\FM8\Documentation\FM8 Manual Spanish.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\FM8\Documentation\More Documentation.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\FM8\Documentation (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\FM8\Documentation\Readme.txt.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\FM8\Documentation\Readme.txt (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Controller Editor\Controller Editor.lnk -> C:\Program Files\Native Instruments\Controller Editor\Controller Editor.exe (Native Instruments GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Battery 3\Battery 3.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Battery 3\Battery 3.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Battery 3\Native Instruments Homepage.lnk -> C:\Windows\Installer\{6BED4DFE-C527-463E-B93A-6F6848B74DD0}\et20Explorer5ciexplore.exe0.ico (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Battery 3\Documentation\Battery 3 Getting Started English.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Battery 3\Documentation\Battery 3 Getting Started English.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Battery 3\Documentation\Battery 3 Getting Started French.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Battery 3\Documentation\Battery 3 Getting Started French.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Battery 3\Documentation\Battery 3 Getting Started German.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Battery 3\Documentation\Battery 3 Getting Started German.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Battery 3\Documentation\Battery 3 Getting Started Japanese.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Battery 3\Documentation\Battery 3 Getting Started Japanese.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Battery 3\Documentation\Battery 3 Getting Started Spanish.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Battery 3\Documentation\Battery 3 Getting Started Spanish.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Battery 3\Documentation\Battery 3 Library Manual English.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Battery 3\Documentation\Battery 3 Library Manual English.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Battery 3\Documentation\Battery 3 Manual Addendum English.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Battery 3\Documentation\Battery 3 Manual Addendum English.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Battery 3\Documentation\Battery 3 Manual Addendum French.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Battery 3\Documentation\Battery 3 Manual Addendum French.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Battery 3\Documentation\Battery 3 Manual Addendum German.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Battery 3\Documentation\Battery 3 Manual Addendum German.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Battery 3\Documentation\Battery 3 Manual Addendum Japanese.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Battery 3\Documentation\Battery 3 Manual Addendum Japanese.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Battery 3\Documentation\Battery 3 Manual Addendum Spanish.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Battery 3\Documentation\Battery 3 Manual Addendum Spanish.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Battery 3\Documentation\Battery 3 Manual English.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Battery 3\Documentation\Battery 3 Manual English.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Battery 3\Documentation\Battery 3 Manual French.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Battery 3\Documentation\Battery 3 Manual French.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Battery 3\Documentation\Battery 3 Manual German.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Battery 3\Documentation\Battery 3 Manual German.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Battery 3\Documentation\Battery 3 Manual Japanese.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Battery 3\Documentation\Battery 3 Manual Japanese.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Battery 3\Documentation\Battery 3 Manual Spanish.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Battery 3\Documentation\Battery 3 Manual Spanish.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Battery 3\Documentation\More Documentation.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Battery 3\Documentation (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Battery 3\Documentation\Readme.txt.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Battery 3\Documentation\Readme.txt (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Absynth 5\Absynth 5.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Absynth 5\Absynth 5.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Absynth 5\Native Instruments Homepage.lnk -> C:\Windows\Installer\{371B17C3-9624-4583-A497-DF980313D851}\et20Explorer5ciexplore.exe0.ico (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Absynth 5\Documentation\Absynth 5 Getting Started English.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Absynth 5\Documentation\Absynth 5 Getting Started English.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Absynth 5\Documentation\Absynth 5 Getting Started French.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Absynth 5\Documentation\Absynth 5 Getting Started French.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Absynth 5\Documentation\Absynth 5 Getting Started German.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Absynth 5\Documentation\Absynth 5 Getting Started German.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Absynth 5\Documentation\Absynth 5 Getting Started Japanese.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Absynth 5\Documentation\Absynth 5 Getting Started Japanese.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Absynth 5\Documentation\Absynth 5 Getting Started Spanish.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Absynth 5\Documentation\Absynth 5 Getting Started Spanish.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Absynth 5\Documentation\Absynth 5 Manual Addendum English.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Absynth 5\Documentation\Absynth 5 Manual Addendum English.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Absynth 5\Documentation\Absynth 5 Manual Addendum French.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Absynth 5\Documentation\Absynth 5 Manual Addendum French.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Absynth 5\Documentation\Absynth 5 Manual Addendum German.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Absynth 5\Documentation\Absynth 5 Manual Addendum German.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Absynth 5\Documentation\Absynth 5 Manual Addendum Japanese.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Absynth 5\Documentation\Absynth 5 Manual Addendum Japanese.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Absynth 5\Documentation\Absynth 5 Manual Addendum Spanish.pdf.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Absynth 5\Documentation\Absynth 5 Manual Addendum Spanish.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Absynth 5\Documentation\More Documentation.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Absynth 5\Documentation (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Absynth 5\Documentation\Readme.txt.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Komplete 8\Absynth 5\Documentation\Readme.txt (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAPS2\NAPS2.lnk -> C:\Program Files (x86)\NAPS2\NAPS2.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy\DS3 Tool.lnk -> C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy\Uninstall.lnk -> C:\Program Files\MotioninJoy\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minimal ADB and Fastboot\Minimal ADB and Fastboot.lnk -> C:\Program Files (x86)\Minimal ADB and Fastboot\cmd-here.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minimal ADB and Fastboot\Uninstall Minimal ADB and Fastboot.lnk -> C:\Program Files (x86)\Minimal ADB and Fastboot\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher\Minecraft Launcher.lnk -> C:\Program Files (x86)\Minecraft Launcher\MinecraftLauncher.exe (Mojang)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft.lnk -> C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Aufzeichnungs-Manager von Skype for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OcPubMgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office-Spracheinstellungen.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetriedashboard für Office.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\msotd.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetrieprotokoll für Office.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\msoev.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016\Excel 2016.lnk -> C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\Icon.57D52F1E.F0D3.4F58.8F76.E727437CB7A9.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016\PowerPoint 2016.lnk -> C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\Icon.8D34AD9F.DDB0.4D70.9623.57654F34F816.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016\Word 2016.lnk -> C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\Icon.40BB677D.0A7A.4D43.9F72.5AE6F0E97EE2.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016\Tools\Database Compare 2016.lnk -> C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\Icon.A5AEEF5F.4B00.496A.BD92.039B20A17EDA.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016\Tools\Office 2016 Language Preferences.lnk -> C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\Icon.4DC581BB.4DF6.4376.8C18.AC7690CBEE7B.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016\Tools\Office 2016 Upload Center.lnk -> C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\Icon.6AFF5016.E571.4E7C.AE8E.B1EB13D36EE2.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016\Tools\Spreadsheet Compare 2016.lnk -> C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\Icon.B9FB7347.CAE7.494C.A15D.5C1DB5D01BEC.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medibang\MediBang Paint Pro\MediBang Paint Pro.lnk -> C:\Program Files\Medibang\MediBang Paint Pro\MediBangPaintPro.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio\USB MIDI Series\ReadMe.txt.lnk -> C:\Program Files\M-Audio\USB MIDI Series\ReadMe.txt (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\loopMIDI\loopMIDI.lnk -> C:\WINDOWS\Installer\{0D891A82-DAE7-4D23-84E2-BFE0B10388CB}\loopMIDI.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk -> C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends\Uninstall League of Legends.lnk -> R:\Riot Games\League of Legends\Uninstall League of Legends.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters\Uninstall LAV Filters.lnk -> C:\Program Files (x86)\LAV Filters\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KoshyJohn.com\Memory Cleaner\Clear System Cache.lnk -> C:\Users\termi\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KoshyJohn.com\Memory Cleaner\Memory Cleaner.lnk -> C:\Users\termi\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KoshyJohn.com\Memory Cleaner\Trim Processes' Working Set.lnk -> C:\Users\termi\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KoshyJohn.com\Memory Cleaner\Uninstall Memory Cleaner.lnk -> C:\Users\termi\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains\IntelliJ IDEA Community Edition 2021.1.lnk -> C:\Program Files\JetBrains\IntelliJ IDEA Community Edition 2021.1\bin\idea64.exe (JetBrains s.r.o.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains\JetBrains PyCharm Community Edition 2018.2.4.lnk -> C:\Program Files\JetBrains\PyCharm Community Edition 2018.2.4\bin\pycharm64.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Java konfigurieren.lnk -> C:\Program Files\Java\jre1.8.0_281\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JamTaba 2\JamTaba 2.lnk -> R:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\JamTaba 2\Jamtaba2.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JamTaba 2\Uninstall JamTaba 2.lnk -> R:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\JamTaba 2\unins000.exe (Jamtaba                                                    )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZotope\Alloy 2\Internetseite iZotope.com.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Alloy 2\izotope.url (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZotope\Alloy 2\iZotope Alloy 2 entfernen.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Alloy 2\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZotope\Alloy 2\Lies mich.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Alloy 2\Readme_de.rtf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IP Camera Adapter\Configure IP Camera Adapter.lnk -> C:\WINDOWS\Installer\{4BDCAE75-A7F5-467E-B387-879C4205DCE0}\icon.ico (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IP Camera Adapter\IP Camera Adapter Documentation.lnk -> [LFucOH@1@p`=-u5BZ(Rv=qProductFeature>'D!RtRx+1?RW~EbP^{j&ucOH@1@p`=-u5BZ(Rv=qProductFeature>'D!RtRx+1?RW~EbP^{j&]
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Processor Diagnostic Tool 64bit\Intel Processor Diagnostic Tool 64bit.lnk -> C:\Program Files\Intel Corporation\Intel Processor Diagnostic Tool 64bit\Win-IPDT64.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility\Intel(R) Driver Update Utility 2.7.lnk -> C:\Program Files (x86)\Intel Driver Update Utility\DSADesktopUI.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Imaginando\UBRIDGE.lnk -> C:\Program Files\Imaginando\UBRIDGE\UBRIDGE.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Imaginando\Uninstall UBRIDGE.lnk -> C:\Program Files\Imaginando\UBRIDGE\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite\HiSuite.lnk -> C:\Program Files (x86)\HiSuite\HiSuite.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite\Uninstall.lnk -> C:\Program Files (x86)\HiSuite\uninst.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hide.me VPN\hide.me VPN.lnk -> C:\Program Files (x86)\hide.me VPN\Hide.me.exe (eVenture Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git\Git Bash.lnk -> C:\Program Files\Git\git-bash.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git\Git CMD.lnk -> C:\Program Files\Git\git-cmd.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git\Git GUI.lnk -> C:\Program Files\Git\cmd\git-gui.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git\Git Release Notes.lnk -> C:\Program Files\Git\ReleaseNotes.html (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock\Free Alarm Clock entfernen.lnk -> C:\Program Files (x86)\FreeAlarmClock\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock\Free Alarm Clock im Internet.lnk -> C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock\Free Alarm Clock.lnk -> C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe (Comfort Software Group)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\FileZilla.lnk -> C:\Program Files\FileZilla FTP Client\filezilla.exe (FileZilla Project)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\Uninstall.lnk -> C:\Program Files\FileZilla FTP Client\uninstall.exe (Tim Kosse)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FabFilter\Uninstall.lnk -> R:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\FabFilter\FabFilter\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software\Event Manager.lnk -> C:\Program Files (x86)\Epson Software\Event Manager\EProjManager.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Scan\EPSON Scan.lnk -> C:\Windows\twain_32\ESCNDV\escndv.exe (SEIKO EPSON CORP.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ebola 2\Ebola 2.lnk -> R:\Games\Ebola 2\EBOLA 2.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ebola 2\Uninstall Ebola 2.lnk -> R:\Games\Ebola 2\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup 11.5\EaseUS Todo Backup Free 11.5 entfernen.lnk -> C:\Program Files (x86)\EaseUS\Todo Backup\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup 11.5\EaseUS Todo Backup Free 11.5.lnk -> C:\Program Files (x86)\EaseUS\Todo Backup\bin\Loader.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\DVDVideoSoft Free Studio.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\FreeStudioManager.exe (Digital Wave Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free Audio Converter.lnk -> C:\Program Files (x86)\DVDVideoSoft\Free Audio Converter\FreeAudioConverter.exe (Digital Wave Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Log Report.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVSSysReport.exe (DVDVideoSoft Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Premium Membership.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\PremiumMembershipOffer.exe (DVDVideoSoft Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Uninstall.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download Studio\Download Studio.lnk -> C:\Program Files (x86)\Download Studio\dstudio-gui.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74-3\DOSBox 0.74-3 Manual.lnk -> C:\Program Files (x86)\DOSBox-0.74-3\Documentation\README.txt (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74-3\DOSBox 0.74-3.lnk -> C:\Program Files (x86)\DOSBox-0.74-3\DOSBox.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74-3\Options\DOSBox 0.74-3 Options.lnk -> C:\Program Files (x86)\DOSBox-0.74-3\DOSBox.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74-3\Options\Reset KeyMapper.lnk -> C:\Program Files (x86)\DOSBox-0.74-3\DOSBox.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74-3\Options\Reset Options.lnk -> C:\Program Files (x86)\DOSBox-0.74-3\DOSBox.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74-3\Extras\DOSBox 0.74-3 (noconsole).lnk -> C:\Program Files (x86)\DOSBox-0.74-3\DOSBox.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74-3\Extras\Screenshots & Recordings.lnk -> C:\Program Files (x86)\DOSBox-0.74-3\DOSBox.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74-3\Extras\Uninstall.lnk -> C:\Program Files (x86)\DOSBox-0.74-3\uninstall.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74-3\Extras\Video\Video instructions.lnk -> C:\Program Files (x86)\DOSBox-0.74-3\Video Codec\Video Instructions.txt (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Diablo III.lnk -> R:\Diablo III\Diablo III Launcher.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Island Definitive Edition\Dead Island Definitive Edition.lnk -> R:\Games\Dead Island Definitive Edition\DeadIslandGame.exe (Techland)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Island Definitive Edition\Uninstall Dead Island Definitive Edition.lnk -> R:\Games\Dead Island Definitive Edition\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DayZ\DayZ.lnk -> R:\DayZ\DayzLaunch.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DayZ\Uninstall DayZ.lnk -> R:\DayZ\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Danger Scavenger\Danger Scavenger.lnk -> D:\Games\Danger Scavenger\Danger Scavenger.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Danger Scavenger\Uninstall Danger Scavenger.lnk -> D:\Games\Danger Scavenger\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DAEMON Tools Lite.lnk -> C:\Program Files\DAEMON Tools Lite\DTLauncher.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cycling '74\Max 8\Max 8 (64-bit).lnk -> C:\WINDOWS\Installer\{EDE8367B-F8E6-40E3-8BCB-4CB1A0B2B3CC}\StartMenuIcon.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cycling '74\Max 7\Max 7 (64-bit).lnk -> C:\Windows\Installer\{10E288A4-1631-4D23-98D7-952B30B6F6AC}\StartMenuIcon.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberpunk 2077\Cyberpunk 2077.lnk -> R:\Games\Cyberpunk 2077\bin\x64\Cyberpunk2077.exe (CD PROJEKT S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberpunk 2077\Uninstall Cyberpunk 2077.lnk -> R:\Games\Cyberpunk 2077\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo\CrystalDiskInfo.lnk -> C:\Program Files (x86)\CrystalDiskInfo\DiskInfo32.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Edit CPU-Z Config File.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.ini (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Uninstall CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2\Cheat Engine (32-bit).lnk -> C:\Program Files\Cheat Engine 7.2\cheatengine-i386.exe (Cheat Engine)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2\Cheat Engine (64-bit SSE4-AVX2).lnk -> C:\Program Files\Cheat Engine 7.2\cheatengine-x86_64-SSE4-AVX2.exe (Cheat Engine)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2\Cheat Engine (64-bit).lnk -> C:\Program Files\Cheat Engine 7.2\cheatengine-x86_64.exe (Cheat Engine)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2\Cheat Engine help.lnk -> C:\Program Files\Cheat Engine 7.2\CheatEngine.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2\Cheat Engine tutorial (64-bit).lnk -> C:\Program Files\Cheat Engine 7.2\Tutorial-x86_64.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2\Cheat Engine tutorial.lnk -> C:\Program Files\Cheat Engine 7.2\Tutorial-i386.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2\Cheat Engine.lnk -> C:\Program Files\Cheat Engine 7.2\Cheat Engine.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2\Reset settings.lnk -> C:\Program Files\Cheat Engine 7.2\ceregreset.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2\Uninstall Cheat Engine.lnk -> C:\Program Files\Cheat Engine 7.2\unins000.exe (Cheat Engine                                                )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2\Kernel stuff\Unload kernel module.lnk -> C:\Program Files\Cheat Engine 7.2\Kernelmoduleunloader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.8.1\Cheat Engine 6.8.1 (32-bit).lnk -> C:\Program Files (x86)\Cheat Engine 6.8.1\cheatengine-i386.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.8.1\Cheat Engine 6.8.1 (64-bit).lnk -> C:\Program Files (x86)\Cheat Engine 6.8.1\cheatengine-x86_64.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.8.1\Cheat Engine 6.8.1.lnk -> C:\Program Files (x86)\Cheat Engine 6.8.1\Cheat Engine.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.8.1\Cheat Engine help.lnk -> C:\Program Files (x86)\Cheat Engine 6.8.1\CheatEngine.chm (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.8.1\Cheat Engine tutorial (64-bit).lnk -> C:\Program Files (x86)\Cheat Engine 6.8.1\Tutorial-x86_64.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.8.1\Cheat Engine tutorial.lnk -> C:\Program Files (x86)\Cheat Engine 6.8.1\Tutorial-i386.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.8.1\Reset settings.lnk -> C:\Program Files (x86)\Cheat Engine 6.8.1\ceregreset.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.8.1\Uninstall Cheat Engine.lnk -> C:\Program Files (x86)\Cheat Engine 6.8.1\unins000.exe (Keine Datei)

Individuum 26.08.2021 19:15
Code:
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.8.1\Kernel stuff\Unload kernel module.lnk -> C:\Program Files (x86)\Cheat Engine 6.8.1\Kernelmoduleunloader.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carcassonne - Tiles & Tactics [GOG.com]\Carcassonne - Tiles & Tactics.lnk -> C:\GOG Games\Carcassonne - Tiles & Tactics\Carcassonne.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carcassonne - Tiles & Tactics [GOG.com]\Deinstallieren Carcassonne - Tiles & Tactics.lnk -> C:\GOG Games\Carcassonne - Tiles & Tactics\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon PIXMA iP4000\Readme.lnk -> C:\ProgramData\CanonBJ\IJPrinter\CNMWINDOWS\Canon PIXMA iP4000 Installer\Inst2\Readme_English.txt (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon PIXMA iP4000\Uninstall.lnk -> C:\Windows\System32\CNMCP64.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP2700 series\Liesmich.lnk -> C:\Program Files\CanonBJ\IJPrinter\Canon iP2700 series\readme_German.txt (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Modern Warfare\Call of Duty Modern Warfare.lnk -> R:\Call of Duty Modern Warfare\Modern Warfare Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\Brother Utilities.lnk -> C:\Program Files (x86)\Brother\BrLauncher\BrLauncher.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Tree Gaming Ltd\Vortex.lnk -> C:\Program Files\Black Tree Gaming Ltd\Vortex\Vortex.exe (Black Tree Gaming Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher\Bethesda.net Launcher.lnk -> H:\Bethesda.net Launcher\BethesdaNetUpdater.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher\Uninstall Bethesda.net Launcher.lnk -> H:\Bethesda.net Launcher\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlestate Games\Battlestate Games Launcher.lnk -> C:\Battlestate Games\BsgLauncher\BsgLauncher.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield™ V\Battlefield™ V.lnk -> R:\Origin\Battlefield V\bfv.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield™ V\Electronic Arts-Nutzervereinbarung.lnk -> R:\Origin\Battlefield V\Support\User Agreement\de_DE.html (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield™ V\Kundendienst.lnk -> R:\Origin\Battlefield V\Support\EA Help\Kundendienst.rtf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 1\Battlefield 1 Endbenutzer-Lizenzvertrag.lnk -> R:\Origin\Battlefield 1\Support\eula\de_DE_eula.rtf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 1\Battlefield 1.lnk -> R:\Origin\Battlefield 1\bf1.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 1\Kundendienst.lnk -> R:\Origin\Battlefield 1\Support\EA Help\Kundendienst.rtf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk -> R:\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira.lnk -> C:\Program Files (x86)\Avira\Security\Avira.Spotlight.UI.Application.exe (Avira Operations GmbH & Co. KG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\AutoHotkey Help File.lnk -> C:\Program Files\AutoHotkey\AutoHotkey.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\AutoHotkey Setup.lnk -> C:\Program Files\AutoHotkey\Installer.ahk ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\AutoHotkey.lnk -> C:\Program Files\AutoHotkey\AutoHotkey.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\Convert .ahk to .exe.lnk -> C:\Program Files\AutoHotkey\Compiler\Ahk2Exe.exe (AutoHotkey)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\Website.lnk -> C:\Program Files\AutoHotkey\AutoHotkey Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\Window Spy.lnk -> C:\Program Files\AutoHotkey\WindowSpy.ahk ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk SketchBook\SketchBook.lnk -> C:\Program Files\Autodesk\SketchBook\SketchBook.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Keyboard by MurGee.com\Auto Keyboard by MurGee.com.lnk -> C:\Program Files (x86)\Auto Keyboard by MurGee.com\AutoKeyboard.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioRealism\ADM\Manual.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\ADM\ADM_Manual.pdf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioRealism\ADM\Uninstall.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\ADM\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atomix\VirtualDJ\Uninstall.lnk -> C:\Program Files\Atomix\VirtualDJ\unins000.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atomix\VirtualDJ\VirtualDJ.lnk -> C:\Program Files\Atomix\VirtualDJ\virtualdj8.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Smart Gesture.lnk -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPConfigure64.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anthem™\Anthem™.lnk -> R:\Origin\Anthem\Anthem.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anthem™\Kundendienst.lnk -> R:\Origin\Anthem\Support\EA Help\Kundendienst.rtf (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anthem™\Nutzervereinbarung.lnk -> R:\Origin\Anthem\Support\Nutzervereinbarung\de_DE.html (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite\DAEMON Tools Lite.lnk -> C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\termi\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\defaultuser0\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Keine Datei)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (1).lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86) (1).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer (1).lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel (1).lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer (1).lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run (1).lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop (1).lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher (1).lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Avira.lnk -> C:\Program Files (x86)\Avira\Security\Avira.Spotlight.UI.Application.exe (Avira Operations GmbH & Co. KG)
Shortcut: C:\Users\Public\Desktop\EPSON Scan.lnk -> C:\Windows\twain_32\ESCNDV\escndv.exe (SEIKO EPSON CORP.)
Shortcut: C:\Users\Public\Desktop\Free Alarm Clock.lnk -> C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe (Comfort Software Group)
Shortcut: C:\Users\Public\Desktop\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\Users\Public\Desktop\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\Users\Public\Desktop\Traktor Pro 3.lnk -> C:\Program Files\Native Instruments\Traktor Pro 3\Traktor.exe (Native Instruments GmbH)
Shortcut: C:\Users\termi\Links\Desktop.lnk -> C:\Users\termi\Desktop ()
Shortcut: C:\Users\termi\Links\Downloads.lnk -> C:\Users\termi\Downloads ()
Shortcut: C:\Users\termi\Desktop\Blitz.lnk -> C:\Users\termi\AppData\Local\Programs\Blitz\Blitz.exe (Blitz, Inc.)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk -> C:\Users\termi\AppData\Roaming\ICQ\bin\icq.exe (Keine Datei)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 10 Suite.lnk -> R:\PRODUCING\ABLETON\ableton\Program\Ableton Live 10 Suite.exe (Keine Datei)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 11 Suite.lnk -> R:\PRODUCING\ABLETON\AhABELETTON\Program\Ableton Live 11 Suite.exe (Ableton)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\balenaEtcher.lnk -> C:\Users\termi\AppData\Local\Programs\balena-etcher\balenaEtcher.exe (Balena Inc.)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz.lnk -> C:\Users\termi\AppData\Local\Programs\Blitz\Blitz.exe (Blitz, Inc.)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Opera GX.lnk -> C:\Users\termi\AppData\Local\Programs\Opera GX\launcher.exe (Opera Software)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Harver System Checker.lnk -> C:\Users\termi\AppData\Local\Programs\@harversaas-diagnostic-app\Harver System Checker.exe (Harver)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\termi\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk -> C:\Windows\System32\fodhelper.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\r2modman.lnk -> C:\Users\termi\AppData\Local\Programs\r2modman\r2modman.exe (ebkr)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Users\termi\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\trash.lnk -> [LFx@_dP/N1SPSU(Ly9K-e)::{645FF040-5081-101B-9F08-00AA002F954E}]
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk -> C:\Users\termi\AppData\Roaming\Twitch\Bin\Twitch.exe (Keine Datei)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Start Zoom.lnk -> C:\Users\termi\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Zoom.lnk -> C:\Users\termi\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (1).lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86) (1).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WiiU_USB_Helper\WiiU_USB_Helper.lnk -> C:\Users\termi\Desktop\cemu_1.9.0\WIIUupdater\Updater.exe (Keine Datei)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp\WhatsApp.lnk -> C:\Users\termi\AppData\Local\WhatsApp\WhatsApp.exe (WhatsApp)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod\WeMod.lnk -> C:\Users\termi\AppData\Local\WeMod\WeMod.exe (WeMod)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\u-he\Hive\Manual.lnk -> R:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Hive\Hive user guide.pdf ()
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\u-he\Hive\Uninstall.lnk -> R:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Hive\uninstall.exe ()
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Telegram entfernen.lnk -> C:\Users\termi\AppData\Roaming\Telegram Desktop\unins000.exe (Telegram FZ-LLC                                            )
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Telegram.lnk -> C:\Users\termi\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer (1).lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel (1).lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer (1).lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run (1).lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 6 64bit\ASIO DirectX Full Duplex Setup.lnk -> C:\Users\termi\AppData\Roaming\Microsoft\Installer\{C6651CD0-4892-4465-96AC-C9864A695FF9}\dssetup.ico (Keine Datei)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 6 64bit\ASIO Generic Lower Latency Driver Setup.lnk -> C:\Users\termi\AppData\Roaming\Microsoft\Installer\{C6651CD0-4892-4465-96AC-C9864A695FF9}\asioglldsetup.ico (Keine Datei)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 6 64bit\Cubase 6.lnk -> H:\PRODUCING\CUBASE\Cubase6.exe (Keine Datei)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 6 64bit\Dateiordner der Cubase-Anwendung.lnk -> C:\Users\termi\AppData\Roaming\Steinberg\Cubase 6_64 (Keine Datei)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sidify\Sidify Music Converter\Sidify Music Converter.lnk -> C:\Program Files (x86)\Sidify\Sidify Music Converter\Sidify Music Converter.exe (Sidify)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plane9\Plane9 User Data.lnk -> C:\Users\termi\AppData\Roaming\Plane9 (Keine Datei)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Native Instruments\Reaktor Spark R2\Manual.lnk -> R:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Reaktor Spark Manual English.pdf ()
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Native Instruments\Reaktor Spark R2\Uninstall.lnk -> R:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\uninstall.exe ()
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator\LiLi USB Creator.lnk -> R:\ubuntu\LinuxLive USB Creator\LiLi USB Creator.exe ()
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator\Uninstall LinuxLive USB Creator.lnk -> R:\ubuntu\LinuxLive USB Creator\Uninstall.exe (LinuxLive USB Creator)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk -> C:\Users\termi\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (Keine Datei)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Uninstall.lnk -> C:\Users\termi\AppData\Roaming\IMVUClient\Uninstall.exe (Keine Datei)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\ICQ.lnk -> C:\Users\termi\AppData\Roaming\ICQ\bin\icq.exe (Keine Datei)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\Uninstall ICQ.lnk -> C:\Users\termi\AppData\Roaming\ICQ\bin\icqsetup.exe (Keine Datei)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTBApp\FTBApp.lnk -> C:\Users\termi\AppData\Roaming\FTBA\FTBApp.exe (Keine Datei)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam\DroidCam Client.lnk -> C:\Program Files (x86)\DroidCam\DroidCamApp.exe ()
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam\Uninstall.lnk -> C:\Program Files (x86)\DroidCam\Uninstall.exe ()
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dada Life\Sausage Fattener\Uninstall.lnk -> H:\PRODUCING\PROGRAMS - ARCHIVES - PLUGINS\Sausage Fattener\Vstplugins\uninstall.exe (Keine Datei)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Windows\SendTo\ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ICQ.lnk -> C:\Users\termi\AppData\Roaming\ICQ\bin\icq.exe (Keine Datei)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop (1).lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk -> C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher (1).lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Browser Opera GX.lnk -> C:\Users\termi\AppData\Local\Programs\Opera GX\launcher.exe (Opera Software)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f7ce4a1029b43d11\League of Legends.lnk -> R:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc.)
Shortcut: C:\Users\termi\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\termi\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\termi\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\termi\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019\Visual Studio Tools\Developer Command Prompt for VS 2019.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\Common7\Tools\VsDevCmd.bat"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019\Visual Studio Tools\VC\x64 Native Tools Command Prompt for VS 2019.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Auxiliary\Build\vcvars64.bat"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019\Visual Studio Tools\VC\x64_x86 Cross Tools Command Prompt for VS 2019.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Auxiliary\Build\vcvarsamd64_x86.bat"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019\Visual Studio Tools\VC\x86 Native Tools Command Prompt for VS 2019.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Auxiliary\Build\vcvars32.bat"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019\Visual Studio Tools\VC\x86_x64 Cross Tools Command Prompt for VS 2019.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Auxiliary\Build\vcvarsx86_amd64.bat"


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows Software Development Kit\Windows Software Development Kit.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Windows Kits\10\"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Plus Player\VLC Plus Player - reset preferences and cache files.lnk -> R:\VLC Plus Player\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Plus Player\VLC Plus Player skinned.lnk -> R:\VLC Plus Player\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019\Visual Studio Tools\Debuggable Package Manager.lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -Command "& { Import-Module Appx; Import-Module .\AppxDebug.dll; Show-AppxDebug}"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019\Visual Studio Tools\Developer PowerShell for VS 2019.lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -noe -c "&{Import-Module """C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"""; Enter-VsDevShell 617029cc}"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games\VALORANT.lnk -> R:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=valorant --launch-patchline=live
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PingPlotter 5\Uninstall or Modify Installation.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {89624148-1FDD-4B8D-9537-3D9E60ABB6B6}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ninja\Register Outlook AddIn.lnk -> C:\Windows\System32\regsvr32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Ninja\Ninja\SPOA.dll"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ninja\Unregister Outlook AddIn.lnk -> C:\Windows\System32\regsvr32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Ninja\Ninja\SPOA.dll" -u
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NBTExplorer\Uninstall NBTExplorer.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {DC1E9E1A-86BE-491B-8DF9-A86045902F48}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Database Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\DATABASECOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Spreadsheet Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\SPREADSHEETCOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio\USB MIDI Series\Uninstall M-Audio USB MIDI Series Driver.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {32ED2629-C9B1-4C29-A32A-F3E04A5EE303}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends\League of Legends.lnk -> R:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=league_of_legends --launch-patchline=live
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters\LAV Audio Configuration.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\LAV Filters\x86\LAVAudio.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters\LAV Splitter Configuration.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\LAV Filters\x86\LAVSplitter.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters\LAV Video Configuration.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\LAV Filters\x86\LAVVideo.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Auf Updates prüfen.lnk -> C:\Program Files\Java\jre1.8.0_281\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Info zu Java.lnk -> C:\Program Files\Java\jre1.8.0_281\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74-3\Extras\Video\Install movie codec.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> setupapi,InstallHinfSection DefaultInstall 128 C:\Program Files (x86)\DOSBox-0.74-3\Video Codec\zmbv.inf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2\Lua documentation.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) -> C:\Program Files\Cheat Engine 7.2\celua.txt
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Public\Desktop\League of Legends.lnk -> R:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=league_of_legends --launch-patchline=live
ShortcutWithArgument: C:\Users\Public\Desktop\VALORANT.lnk -> R:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=valorant --launch-patchline=live
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk -> C:\Users\termi\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe"
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\termi\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Video Communications, Inc.) -> /uninstall
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 6 64bit\Deinstallieren.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {C6651CD0-4892-4465-96AC-C9864A695FF9}
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox\Roblox Player.lnk -> C:\Users\termi\AppData\Local\Roblox\Versions\version-2d6ba4f076494afd\RobloxPlayerLauncher.exe (Roblox Corporation) -> -app
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox\Roblox Studio.lnk -> C:\Users\termi\AppData\Local\Roblox\Versions\RobloxStudioLauncherBeta.exe (Roblox Corporation) -> -ide
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf\CurseForge.lnk -> C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe (Overwolf Ltd.) -> -launchapp cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf\Overwolf.lnk -> C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe (Overwolf Ltd.) -> -from-desktop
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ninja\Register Outlook AddIn.lnk -> C:\Windows\System32\regsvr32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Ninja\Ninja\SPOA.dll"
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ninja\Unregister Outlook AddIn.lnk -> C:\Windows\System32\regsvr32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Ninja\Ninja\SPOA.dll" -u
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam\HD Mode.lnk -> C:\Program Files (x86)\DroidCam\DroidCamApp.exe () -> -hd
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord.lnk -> C:\Users\termi\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5728b1cde7c10ef0\Microsoft Teams.lnk -> C:\Users\termi\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe" --process-start-args "--profile=MSA"
ShortcutWithArgument: C:\Users\termi\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\termi\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\termi\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\termi\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\termi\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\termi\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\termi\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\termi\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\termi\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\termi\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\termi\AppData\Local\Avira\Security\Delay Load for Current\ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) -> -silent
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worms Armageddon [GOG.com]\Dokumente\Support.url -> URL: hxxp://www.gog.com/support/worms_armageddon
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unified Remote 3\Unified Remote Client.url -> URL: hxxp://localhost:9510/client
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unified Remote 3\Unified Remote Manager.url -> URL: hxxp://localhost:9510/web
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unified Remote 3\Unified Remote on the Web.url -> URL: hxxps://www.unifiedremote.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt\TrueCrypt Website.url -> URL: hxxp://www.truecrypt.org/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\This War of Mine [GOG.com]\Dokumente\Support.url -> URL: hxxp://www.gog.com/support/this_war_of_mine
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Settlers IV GOLD [GOG.com]\Documents\Support.url -> URL: hxxp://www.gog.com/support/the_settlers_4_gold_edition
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Settlers 3 - Ultimate Collection [GOG.com]\Documents\Support.url -> URL: hxxp://www.gog.com/support/the_settlers_3_ultimate_collection
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIW\Donate.url -> URL: hxxp://www.gtopala.com/scripts/jump.php?src=inno
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIW\SIW Forum.url -> URL: hxxp://www.gtopala.com/forum/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIW\Visit My Web Site.url -> URL: hxxp://www.gtopala.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prey\Prey on the Web.url -> URL: hxxp://store.steampowered.com/app/480490/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ninja\Ninja Online-Manual.url -> URL: hxxp://manual.globaliptel.com/ninja/de/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy\HomePage.url -> URL: hxxp://www.motioninjoy.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy\MotioninJoy Help.url -> URL: hxxp://www.motioninjoy.com/wiki
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters\Visit LAV Filters Home Page.url -> URL: hxxps://1f0.de/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters\Visit LAV Filters on Doom9.url -> URL: hxxps://forum.doom9.org/showthread.php?t=156191
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingdoms and Castles [GOG.com]\Dokumente\Support.url -> URL: hxxps://support.gog.com/hc/categories/201400969?game=2067763543
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Besuchen Sie Java.com.url -> URL: hxxps://java.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Hilfe aufrufen.url -> URL: hxxps://java.com/help
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JamTaba 2\JamTaba 2 on the Web.url -> URL: hxxp://www.jamtaba.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git\Git FAQs (Frequently Asked Questions).url -> URL: hxxps://github.com/git-for-windows/git/wiki/FAQ
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry Primal\Far Cry Primal on the Web.url -> URL: hxxps://www.ubisoft.com/en-US/game/far-cry-primal
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup 11.5\Besuchen  EaseUS im Internet.url -> URL: hxxps://www.easeus.de/backup-software/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup 11.5\EaseUS Todo Backup Free 11.5 Hilfe.url -> URL: hxxps://www.easeus.de/support.html
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download Studio\Download Studio on the Web.url -> URL: hxxps://downloadstudio.net
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Keyboard by MurGee.com\Auto Keyboard by MurGee.com on the Web.url -> URL: hxxp://www.murgee.com/
InternetURL: C:\Users\termi\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\termi\Desktop\The Forest.url -> URL: steam://rungameid/242760
InternetURL: C:\Users\termi\AppData\Roaming\TS3Client\gfx\DarkenTS\Feedback\1 - TeamSpeak Forum Thread.url -> URL: hxxp://forum.teamspeak.com/newreply.php?p=426148&noquote=1
InternetURL: C:\Users\termi\AppData\Roaming\TS3Client\gfx\DarkenTS\Feedback\2 - TeamSpeak Forum Personal Message.url -> URL: hxxp://forum.teamspeak.com/private.php?do=newpm&u=254361
InternetURL: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tom Clancy's Rainbow Six Siege.url -> URL: uplay://launch/635/0
InternetURL: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Apex Legends.url -> URL: steam://rungameid/1172470
InternetURL: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Deep Rock Galactic.url -> URL: steam://rungameid/548430
InternetURL: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Insurgency Sandstorm Community Test Environment.url -> URL: steam://rungameid/887860
InternetURL: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Insurgency Sandstorm.url -> URL: steam://rungameid/581320
InternetURL: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Ironsight.url -> URL: steam://rungameid/783770
InternetURL: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Kerbal Space Program.url -> URL: steam://rungameid/220200
InternetURL: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Nioh 2 – The Complete Edition.url -> URL: steam://rungameid/1325200
InternetURL: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\PLAYERUNKNOWN'S BATTLEGROUNDS.url -> URL: steam://rungameid/578080
InternetURL: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Stronghold Crusader Extreme HD.url -> URL: steam://rungameid/16700
InternetURL: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Stronghold Crusader HD.url -> URL: steam://rungameid/40970
InternetURL: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Super Hexagon.url -> URL: steam://rungameid/221640
InternetURL: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Totally Accurate Battlegrounds.url -> URL: steam://rungameid/823130
InternetURL: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ninja\Ninja Online-Manual.url -> URL: hxxp://manual.globaliptel.com/ninja/de/
InternetURL: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\About IMVU.url -> URL: hxxp://www.imvu.com/client.php?page=about
InternetURL: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Forgot my password.url -> URL: hxxp://www.imvu.com/client.php?page=forgot_password
InternetURL: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Help.url -> URL: hxxp://www.imvu.com/client.php?page=help
InternetURL: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box\FRITZ!Box USB-Fernanschluss Onlineunterstützung.url -> BASEURL: hxxps://avm.de/ URL: hxxps://avm.de/
InternetURL: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher\Fallout 76.url -> URL: bethesdanet://run/20

==================== Ende vom Shortcut.txt =============================

cosinus 26.08.2021 19:19
Störende, veraltete oder unnötige Programme deinstallieren

Bitte über Programme und Features (appwiz.cpl) deinstallieren:
  • Adobe Acrobat 9 Pro Extended
  • Adobe Acrobat 9.5.5 - CPSID_83708
  • alles von Avira
  • DAEMON Tools Lite
  • Google Chrome (durch Mozilla Firefox ersetzen)
  • Java 8 Update 281 (64-bit)
  • VLC Plus Player

Individuum 26.08.2021 19:38
Erledigt

nachdem ich Malwarebytes durchlaufen hab lassen und jetzt neugestartet habe nach der deinstallation der programme bekomme ich ejtzt beim neustart die meldung : die skiptdatei "C:\windows\system32\Maintenance.vbs" wurde nicht gefunden

cosinus 26.08.2021 20:05
Bitte ALLE Logs posten und nicht irgendwelche Nacherzählungen!

M-K-D-B 28.08.2021 16:47
Thread wieder geöffnet


//edit cosinus

Individuum 31.08.2021 08:13
Hi, sorry muss aber nochmal fragen, muss ich jetzt nach der deinstallation nochmals FRST durchlaufen lassen ? Grüße

cosinus 31.08.2021 08:28
Warum machst du nicht erstmal das was hier schon steht bzw gehst auf meine letzte Antwort ein?
Wenn ich neue Logs brauche werde ich das schon rechtzeitig mitteilen.

Individuum 31.08.2021 08:32
na meines erachtens hab ich Dir ALLE Logs gepostet, was fehlt noch dann werd ich schauen das ich es nachreiche :)

cosinus 31.08.2021 08:40
Hast du meinen Beitrag richtig gelesen?
Es ging um deinen nachgeschobenen Post, in dem es um Malwarebytes ging. Allerdings nur als Nacherzählung. Davon will ich das Log sehen.

Individuum 31.08.2021 09:20
den log hab ich im ersten post geliefert, das war nur nach dem neustart das die meldung aufgeploppt ist nochmal falls es relevant war

seither hatte ich keine meldungen mehr in malwarebytes

jemand hat wohl anscheinend gestern oder vorgestern passwörter von meinem pc aus eingesehen dazu habe ich eine benachrichtigung von google erhalten, was aber nicht sein kann also denke ich das noch immer jemand zugriff dazu hat

würde eine saubere neuinstallation helfen ?

cosinus 31.08.2021 10:15
Zitat:
seither hatte ich keine meldungen mehr in malwarebytes
Du schreibst aber, dass was entfernt wurde und seitdem eine Meldung kommt. Diese Entfernung steht nicht im von dir geposteten Protokoll drin. Deswegen nochmal: sieht bitte richtig nach und poste dann auch alle Logs mit Funden.

Individuum 31.08.2021 10:41
ich hatte davor avira premium das ich auf deinen post hin gelöscht hatte durchlaufen lassen, evtl ist da was gemacht worden, ich hab wie gesagt keine anderen logs sorry. Was meinst hilft eine neuinstallation ? oder lieber clean mit einer neuen Festplatte starten ?

cosinus 31.08.2021 11:53
Warum reitest du so auf die Neuinstallation herum? Warum machst du hier überhaupt einen Thread auf, wenn du die Neuinstallation willst?

Individuum 31.08.2021 12:01
weil wir uns schon den ganzen Morgen über logs unterhalten die ich nicht habe bzw schon alle geliefert habe... ich bin kein geek wenns um infizierungen geht und sehr umgänglich bist Du ehrlich gesagt auch nicht (kein angriff), ich wollte dir nur mitteilen das ich die Skriptdateimeldung nach deinen änderungen und dem ersten Neustart nach mehreren Tagen erhalten habe und war mir unsicher und bevor wir uns hier lange über logs unterhalten die ich nicht habe reite ich halt einer schnelleren lösung entgegen.

also, wie verfahren wir weiter nach deinem plan oder mal angenommen ich mache eine neuinstallation, scanne im vorfeld alle datenträger mit einem virenscanner, bin ich dann auf der sicheren seite ? hab ja eben keine ahnung und bin am überlegen ob es viren gibt die sich da trotzdem halten

cosinus 31.08.2021 12:14
Zitat:
weil wir uns schon den ganzen Morgen über logs unterhalten die ich nicht habe bzw schon alle geliefert habe...
Weil du nach den Logs Nacherzählungen brachtest und ich wissen wollte was es damit auf sich hat. Wenn du unpräzise beschreibst, musst du nunmal damit rechnen, dass nachgefragt wird. Und es klang so, als hättest du nur ein Log nacherzählt. Dann die eine Woche Sendepause war auch nicht gerade optimal.


adwCleaner

Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags.

adwcleaner bitte wiederholen falls es Funde gab.

Individuum 31.08.2021 12:25
Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build:    06-29-2021
# Database: 2021-06-29.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    08-31-2021
# Duration: 00:00:00
# OS:      Windows 10 Home
# Cleaned:  2
# Failed:  0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted      HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Update Plus Player

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted      Preinstalled.SamsungSmartSwitch  Folder  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG\SMART SWITCH PC


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1585 octets] - [31/08/2021 13:16:20]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
sorry in dem fall für die verwirrung

cosinus 31.08.2021 12:57
Was sollst du machen wenn adwCleaner fündig wurde?

Individuum 31.08.2021 13:30
Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build:    06-29-2021
# Database: 2021-06-29.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    08-31-2021
# Duration: 00:00:26
# OS:      Windows 10 Home
# Scanned:  31984
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1585 octets] - [31/08/2021 13:16:20]
AdwCleaner[C00].txt - [1766 octets] - [31/08/2021 13:18:37]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
joooo sry

cosinus 31.08.2021 13:33
Dann jetzt bitte ne neue FRST.txt und Addition.txt

Individuum 31.08.2021 14:06
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 28-08-2021
durchgeführt von termi (Administrator) auf MISTERSUN (31-08-2021 14:49:58)
Gestartet von C:\Users\termi\Desktop
Geladene Profile: termi
Platform: Windows 10 Home Version 21H1 19043.1165 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Opera
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\termi\Desktop\adwcleaner_8.3.0.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe <2>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5d5c294bb8d17217\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\termi\AppData\Local\Programs\Opera GX\78.0.4093.186\opera.exe <45>
(Opera Software AS -> Opera Software) C:\Users\termi\AppData\Local\Programs\Opera GX\78.0.4093.186\opera_crashreporter.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\termi\AppData\Local\Temp\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\termi\AppData\Local\Temp\TeamViewer\TeamViewer_Desktop.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\termi\AppData\Local\Temp\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\termi\AppData\Local\Temp\TeamViewer\tv_x64.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [835136 2018-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3180256 2021-08-17] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-09-14] (Adobe Inc. -> )
HKLM-x32\...\Run: [Avira Security startup helper] => "C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe" DelayedStartup
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
HKLM\...\Policies\Explorer: [HideSCAMeetNow] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [Discord] => C:\Users\termi\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4110568 2021-07-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [vibranceGUI] => "C:\Users\termi\AppData\Local\Temp\Rar$EXa3644.19640\vibranceGUI.exe" -minimized <==== ACHTUNG
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1806680 2021-08-12] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\termi\AppData\Local\Microsoft\Teams\Update.exe [2455264 2021-08-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [Spotify] => C:\Users\termi\AppData\Roaming\Spotify\Spotify.exe [24731784 2021-08-24] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [com.blitz.app] => C:\Users\termi\AppData\Local\Programs\Blitz\Blitz.exe [122577672 2021-08-28] (Swift Media Entertainment, Inc. -> Blitz, Inc.)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [8514512 2021-03-30] (Comfort Software Group -> Comfort Software Group)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3243784 2021-02-22] (Unified Intents AB -> Unified Intents AB)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\termi\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\MountPoints2: {80388fa7-1736-11e7-8a88-704d7b2db4bc} - "G:\setup.exe"
HKLM\...\Windows x64\Print Processors\Canon PIXMA iP4000 Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD64.DLL [31744 2005-09-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor PIXMA iP4000: C:\WINDOWS\system32\CNMLM64.DLL [245248 2005-09-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
Startup: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2021-03-26]
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) [Datei ist nicht signiert]
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05A2FEC2-1C2C-4773-AA3B-286113F6B073} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2483032 2021-08-12] (Overwolf Ltd -> Overwolf LTD)
Task: {5B2EBBF5-585C-4F1D-8324-84CED127CECC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {5CBBA1E9-FE5D-46A7-839E-3E6D9FDD5F3D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114048 2021-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {5D428151-ADD0-4928-9671-B53C9F3DDE1E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {699A37EB-0B9C-49FE-B6F1-7008A4CB3959} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {6CABE442-4B11-497F-AF46-25B4B91A4022} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253888 2021-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {78772080-6D06-4E28-BDCE-184DE907ED35} - System32\Tasks\Microsoft\Windows\Maintenance\InstallWinSAT => Maintenance.vbs
Task: {79714970-3FA9-4706-9C99-C4C9EB1AC1BD} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1621345670 => C:\Users\termi\AppData\Local\Programs\Opera GX\launcher.exe [3774160 2021-08-25] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\termi\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {8557749A-35AD-4AC9-8403-1D2ADE4B865F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {880A8237-7692-492D-A102-607F82FC5DEE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8980E3BC-3724-4DF9-968E-06A757235055} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8B3FC8C4-24FF-44B1-8ABF-BB2F6D37409F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114048 2021-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8D2A07C3-B4D3-4167-B794-CAF2E8A2DB41} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253888 2021-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {918DE258-52A7-47DD-86A1-15D2087AE07B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4282280 2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {97418155-1665-434C-8D24-16EF744E4ECF} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {97D8E99F-8F55-45E2-8E2F-7A7D059E5FF7} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {A0E1A034-6886-4730-8969-FDBF867B1BD1} - System32\Tasks\Opera GX scheduled Autoupdate 1619790436 => C:\Users\termi\AppData\Local\Programs\Opera GX\launcher.exe [3774160 2021-08-25] (Opera Software AS -> Opera Software)
Task: {CCC9DA24-2791-42CB-BC0A-7670923CFCC7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CF31B2BF-4704-45FE-A305-D904A65A3442} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D056125D-B444-4A2D-ABBB-BBC49CC1CBC8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4282280 2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {F69C8215-5B1F-44A5-ACB3-D040277B8B8D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 217.147.55.3 217.147.60.5
Tcpip\..\Interfaces\{fe70adbd-29a4-48d7-9244-369e6eea9ff0}: [DhcpNameServer] 217.147.55.3 217.147.60.5
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG

Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-31]
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
Edge Extension: (Outlook) - C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2021-04-03]
Edge Extension: (Avira Safe Shopping) - C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2021-08-26]
Edge Extension: (Avira Password Manager) - C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2021-08-30]
Edge Extension: (Word) - C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2021-04-03]
Edge Extension: (Excel) - C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2021-04-03]
Edge Extension: (PowerPoint) - C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2021-04-03]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]

FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default [2021-07-26]
CHR Notifications: Default -> hxxps://www6.todhamilton.pro
CHR Extension: (Präsentationen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-23]
CHR Extension: (Docs) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-23]
CHR Extension: (Google Drive) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-23]
CHR Extension: (Earth View from Google Earth) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhloflhklmhfpedakmangadcdofhnnoh [2021-03-23]
CHR Extension: (James White) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2021-03-23]
CHR Extension: (YouTube) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-23]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-20]
CHR Extension: (Adblock für Youtube™) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2021-05-20]
CHR Extension: (Tabellen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-23]
CHR Extension: (Google Docs Offline) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-03]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-07-03]
CHR Extension: (Tinder) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejiihbkifllpgdfndalmghiodgkefan [2021-03-23]
CHR Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2021-03-23]
CHR Extension: (Chrometana - Redirect Bing Somewhere Better) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaicbfmipfpfpjmlbpejaoaflfdnabnc [2021-03-23]
CHR Extension: (Fair AdBlocker) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgblnfidahcdcjddiepkckcfdhpknnjh [2021-03-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-23]
CHR Extension: (Hover Zoom+) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pccckmaobkjjboncdfnnofkonhgpceea [2021-07-26]
CHR Extension: (Google Mail) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-23]
CHR Extension: (Chrome Media Router) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-11]
CHR Profile: C:\Users\termi\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-07-26]
CHR Profile: C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-07-14]
CHR Extension: (Präsentationen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-23]
CHR Extension: (Docs) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-23]
CHR Extension: (Google Drive) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-23]
CHR Extension: (YouTube) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-23]
CHR Extension: (Tabellen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-23]
CHR Extension: (Google Docs Offline) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-23]
CHR Extension: (Google Mail) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-23]
CHR Extension: (Chrome Media Router) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-14]
CHR Profile: C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-07-14]
CHR Extension: (Präsentationen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-14]
CHR Extension: (Docs) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2021-07-14]
CHR Extension: (Google Drive) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-07-14]
CHR Extension: (YouTube) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-07-14]
CHR Extension: (Tabellen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-14]
CHR Extension: (Google Docs Offline) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-14]
CHR Extension: (Google Mail) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-07-14]
CHR Extension: (Chrome Media Router) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-14]
CHR Profile: C:\Users\termi\AppData\Local\Google\Chrome\User Data\System Profile [2021-07-26]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-3983815968-458737157-1999859390-1001) Opera GXStable - "C:\Users\termi\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8895512 2021-05-11] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9142128 2021-08-05] (Microsoft Corporation -> Microsoft Corporation)
S2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2018-02-16] (Digital Wave Ltd -> Digital Wave Ltd.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [805488 2021-03-06] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EQU8_19; C:\ProgramData\EQU8\Totally Accurate Battlegrounds\bin\anticheat.x64.equ8.exe [5673048 2021-04-02] (Int3 Software AB -> Int3 Software AB)
S3 EQU8_36; C:\ProgramData\EQU8\Splitgate\bin\anticheat.x64.equ8.exe [6161552 2021-08-28] (Int3 Software AB -> Int3 Software AB)
S2 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [145744 2021-05-05] (eVenture Limited -> eVenture Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7497336 2021-08-26] (Malwarebytes Inc -> Malwarebytes)
S3 MicrosoftEdgeElevationService1d77dbb2c5be210; C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.84\elevation_service.exe [1640352 2021-08-26] (Microsoft Corporation -> Microsoft Corporation)
S2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [277688 2021-04-21] (TEFINCOM S.A. -> TEFINCOM S.A.)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2483032 2021-08-12] (Overwolf Ltd -> Overwolf LTD)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14676264 2021-07-01] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10112672 2021-08-17] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-07-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-07-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MicrosoftEdgeElevationService; "C:\Program Files (x86)\Microsoft\Edge\Application\91.0.864.70\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5d5c294bb8d17217\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5d5c294bb8d17217\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AsusVBus; C:\WINDOWS\System32\drivers\AsusVBus.sys [39704 2017-01-09] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [84472 2017-01-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 BrSerIb; C:\WINDOWS\System32\drivers\BrSerIb.sys [95344 2014-10-23] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BrUsbSIb; C:\WINDOWS\System32\drivers\BrUsbSIb.sys [21872 2014-10-23] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-12-14] (Microsoft Corporation) [Datei ist nicht signiert]
S3 Bulk; C:\WINDOWS\System32\Drivers\HDJBulk.sys [354824 2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2018. All rights reserved.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\System32\drivers\Dot4.sys [146856 2015-03-10] (BoiseTest -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\System32\drivers\dot4usb.sys [43944 2015-03-10] (BoiseTest -> Microsoft Corporation)
R3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\System32\DriverStore\FileRepository\droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 EQU8_HELPER_19; C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_19.sys [38032 2021-04-12] (Int3 Software AB -> )
S3 EQU8_HELPER_36; C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_36.sys [38032 2021-08-28] (Int3 Software AB -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HDJAsioK; C:\WINDOWS\System32\Drivers\HDJAsioK.sys [334344 2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2018. All rights reserved.)
S3 HDJCtrl; C:\WINDOWS\System32\Drivers\HDJCtrl.sys [72712 2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2017. All rights reserved.)
S3 HDJMidi; C:\WINDOWS\system32\DRIVERS\HDJMidi.sys [287240 2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2018. All rights reserved.)
R1 hideFirewall; C:\WINDOWS\System32\drivers\hideFirewall.sys [99824 2021-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [40960 2021-07-21] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 MAUSBMIDI; C:\WINDOWS\System32\drivers\MAudioUSBMIDI.sys [200200 2010-04-13] (M-Audio -> M-Audio)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2021-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-08-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-08-31] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [68528 2021-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 NDivert; C:\WINDOWS\System32\drivers\NDivert.sys [105184 2021-03-28] (TEFINCOM S.A. -> )
S3 niks4m2usb; C:\WINDOWS\System32\drivers\niks4m2usb.sys [104304 2015-09-04] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
R3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2021-05-13] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-12-14] (TEFINCOM S.A. -> TEFINCOM S.A.)
R3 RDID1117; C:\WINDOWS\system32\Drivers\RDWM1117.SYS [309888 2015-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Roland Corporation)
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64880 2020-11-11] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [43376 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
R3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [28128 2020-04-21] (Unified Intents AB -> Windows (R) Win 7 DDK provider)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8232160 2021-08-17] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2019-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2021-07-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [434424 2021-07-23] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-07-23] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2021-05-13] (WireGuard LLC -> WireGuard LLC)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-08-31 14:49 - 2021-08-31 14:50 - 000033724 ____C C:\Users\termi\Desktop\FRST.txt
2021-08-31 14:45 - 2021-08-31 14:45 - 000000000 ___DC C:\Users\termi\Desktop\FRST-OlderVersion
2021-08-31 13:15 - 2021-08-31 13:18 - 000000000 ____D C:\AdwCleaner
2021-08-31 13:15 - 2021-08-31 13:15 - 008553680 ____C (Malwarebytes) C:\Users\termi\Desktop\adwcleaner_8.3.0.exe
2021-08-31 09:52 - 2021-08-31 09:52 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-08-31 09:52 - 2021-08-31 09:52 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-08-31 09:52 - 2021-08-31 09:52 - 000068528 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-08-30 22:31 - 2021-08-30 22:31 - 001483120 _____ (O&O Software GmbH) C:\Users\termi\Downloads\OOSU1023.exe
2021-08-30 22:31 - 2021-08-30 22:31 - 000000000 ____D C:\Users\termi\AppData\Local\OO Software
2021-08-28 16:07 - 2021-08-28 16:57 - 000038032 _____ C:\WINDOWS\system32\Drivers\EQU8_HELPER_36.sys
2021-08-28 16:07 - 2021-08-28 16:07 - 000000000 ____D C:\Users\termi\AppData\Local\PortalWars
2021-08-28 15:24 - 2021-08-28 15:24 - 000000222 ____C C:\Users\termi\Desktop\Splitgate.url
2021-08-26 19:50 - 2021-08-26 19:50 - 000007131 ____C C:\Users\termi\Desktop\malwarebytesscan.txt
2021-08-26 19:44 - 2021-08-31 14:50 - 000000000 ____D C:\FRST
2021-08-26 19:44 - 2021-08-31 14:45 - 002301440 _____ (Farbar) C:\Users\termi\Desktop\FRST64.exe
2021-08-26 18:50 - 2021-08-26 18:50 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-08-26 18:50 - 2021-08-26 18:50 - 000210344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-08-26 18:50 - 2021-08-26 18:50 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-08-26 18:50 - 2021-08-26 18:50 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-08-26 18:50 - 2021-08-26 18:50 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-08-26 18:50 - 2021-08-26 18:50 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-08-26 18:50 - 2021-08-26 18:50 - 000000000 ____D C:\Users\termi\AppData\Local\mbam
2021-08-26 18:50 - 2021-08-26 18:50 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-08-26 18:50 - 2021-08-26 18:50 - 000000000 ____D C:\Program Files\Malwarebytes
2021-08-26 18:49 - 2021-08-26 18:49 - 002120496 _____ (Malwarebytes) C:\Users\termi\Downloads\MBSetup.exe
2021-08-26 18:35 - 2021-08-26 18:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2021-08-26 18:14 - 2021-08-26 18:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Ivanti
2021-08-26 18:10 - 2021-08-26 19:27 - 000000000 ____D C:\Users\Public\Security Sessions
2021-08-26 17:59 - 2021-08-26 17:59 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2021-08-26 17:58 - 2021-08-26 20:35 - 000000000 ____D C:\Program Files (x86)\Avira
2021-08-26 17:58 - 2021-08-26 20:28 - 000000000 ____D C:\ProgramData\Avira
2021-08-26 17:58 - 2021-08-26 18:10 - 000000000 ____D C:\Users\termi\AppData\Local\Avira
2021-08-26 17:58 - 2021-08-26 17:58 - 005901768 _____ (Avira Operations GmbH & Co. KG) C:\Users\termi\Downloads\avira_de_sptl1_1654573332-1629993478__adwg-spotlightprcupdate1-new2.exe
2021-08-26 00:20 - 2021-08-26 00:20 - 034499456 _____ (TeamViewer Germany GmbH) C:\Users\termi\Downloads\TeamViewer_Setup_x64.exe
2021-08-24 16:00 - 2021-08-24 16:00 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2021-08-20 18:50 - 2021-08-30 22:26 - 000000000 ____D C:\Users\termi\AppData\Roaming\Blitz
2021-08-20 18:50 - 2021-08-24 23:01 - 000000000 ____D C:\Users\termi\AppData\Local\blitz-updater
2021-08-20 18:49 - 2021-08-20 18:49 - 076770248 _____ (Blitz, Inc.) C:\Users\termi\Downloads\Blitz-1.15.32.exe
2021-08-19 17:09 - 2021-08-19 17:09 - 000000222 ____C C:\Users\termi\Desktop\The Forest.url
2021-08-18 03:00 - 2021-08-18 03:00 - 000000000 ___DC C:\Users\termi\Documents\u-he
2021-08-16 09:20 - 2021-08-16 09:20 - 000044775 _____ C:\Users\termi\Downloads\ACFrOgBSMEuoyDAfOx97hvj2vD_EvhaZTeghQaTzxERCgiyQSDH2IHCJf0eSIJX5lV3pnJPruJjZA_I4Gkyy4dQSttBm59AF1nvAUWRIMzuaKkLTju_8NDnZHsLI8EQ=.pdf
2021-08-15 20:13 - 2021-08-22 00:08 - 000000000 ___DC C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-08-15 20:13 - 2021-08-15 21:14 - 000000000 ____D C:\Users\termi\AppData\Local\Roblox
2021-08-15 20:13 - 2021-08-15 20:25 - 000000256 ____C C:\Users\termi\AppData\LocalLow\rbxcsettings.rbx
2021-08-15 20:13 - 2021-08-15 20:13 - 001666008 _____ (Roblox Corporation) C:\Users\termi\Downloads\RobloxPlayerLauncher.exe
2021-08-14 00:22 - 2021-08-14 00:22 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-14 00:22 - 2021-08-14 00:22 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-14 00:22 - 2021-08-14 00:22 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-14 00:22 - 2021-08-14 00:22 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-14 00:21 - 2021-08-14 00:21 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-14 00:21 - 2021-08-14 00:21 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-14 00:21 - 2021-08-14 00:21 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-14 00:16 - 2021-08-14 00:16 - 000000000 ___HD C:\$WinREAgent
2021-08-12 08:15 - 2021-08-12 08:26 - 000000000 ___DC C:\Users\termi\Desktop\Dokumente
2021-08-09 08:55 - 2021-08-09 08:57 - 000000000 ___DC C:\Users\termi\Desktop\Schulfremdenprüfung Leony
2021-08-05 15:37 - 2021-08-05 15:37 - 000000000 ___DC C:\Users\termi\Desktop\efi

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-08-31 14:46 - 2021-04-05 13:29 - 000000000 ____D C:\Users\termi\AppData\Local\CrashDumps
2021-08-31 14:29 - 2021-03-23 17:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-31 14:22 - 2021-03-23 18:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-31 13:18 - 2021-03-23 18:03 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-31 13:18 - 2017-12-21 19:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2021-08-31 09:58 - 2021-03-23 18:19 - 001722788 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-31 09:58 - 2021-03-23 17:53 - 000743546 _____ C:\WINDOWS\system32\perfh007.dat
2021-08-31 09:58 - 2021-03-23 17:53 - 000149968 _____ C:\WINDOWS\system32\perfc007.dat
2021-08-31 09:58 - 2021-03-23 17:51 - 000000000 ____D C:\WINDOWS\INF
2021-08-31 09:55 - 2021-05-12 22:34 - 000000000 ____D C:\Users\termi\AppData\Roaming\TeamViewer
2021-08-31 09:55 - 2021-04-20 22:59 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-08-31 09:52 - 2021-07-07 12:34 - 000000000 ____D C:\Program Files\TeamViewer
2021-08-31 09:52 - 2021-03-23 18:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-31 09:52 - 2020-12-14 14:23 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-31 09:52 - 2017-03-02 15:47 - 000000000 __SHD C:\Users\termi\IntelGraphicsProfiles
2021-08-31 09:52 - 2017-03-02 15:44 - 000000000 ___DC C:\Intel
2021-08-31 09:35 - 2021-03-23 17:47 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-08-31 09:34 - 2020-06-13 22:10 - 000000000 ___DC C:\Users\termi\Documents\ShareX
2021-08-31 08:51 - 2021-03-23 18:49 - 000000000 ____D C:\ProgramData\Riot Games
2021-08-30 22:28 - 2021-05-12 00:37 - 000000000 ____D C:\ProgramData\Unified Remote
2021-08-30 22:26 - 2021-03-23 18:49 - 000000000 ____D C:\Program Files (x86)\Steam
2021-08-30 22:26 - 2021-03-23 18:44 - 000000000 ____D C:\Users\termi\AppData\Roaming\discord
2021-08-30 22:16 - 2021-03-23 18:44 - 000000000 ____D C:\Users\termi\AppData\Local\Discord
2021-08-29 17:13 - 2021-05-18 12:51 - 000000032 _____ C:\Users\termi\AppData\Roaming\.machineId
2021-08-28 16:07 - 2021-04-21 08:55 - 000000000 ____D C:\Users\termi\AppData\Local\UnrealEngine
2021-08-28 16:07 - 2021-04-02 19:57 - 000000000 ____D C:\ProgramData\EQU8
2021-08-28 16:07 - 2021-03-25 22:56 - 000000000 ____D C:\Users\termi\AppData\Local\NVIDIA Corporation
2021-08-28 15:30 - 2021-06-09 14:17 - 000000000 ____D C:\Users\termi\AppData\Local\Spotify
2021-08-28 15:24 - 2017-03-02 23:56 - 000000000 ___DC C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-08-28 14:45 - 2021-06-09 14:17 - 000000000 ____D C:\Users\termi\AppData\Roaming\Spotify
2021-08-28 11:45 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-08-28 02:12 - 2021-03-23 17:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-28 02:12 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-28 02:12 - 2020-06-28 11:22 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-27 11:41 - 2021-04-30 15:47 - 000004204 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1619790436
2021-08-27 11:41 - 2021-04-30 15:47 - 000001441 ____C C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Opera GX.lnk
2021-08-26 20:34 - 2021-03-23 18:02 - 000438288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-26 20:25 - 2021-04-21 20:22 - 000000000 ____D C:\Users\termi\AppData\Roaming\Disc-Soft
2021-08-26 20:25 - 2021-04-21 20:22 - 000000000 ____D C:\ProgramData\Disc-Soft
2021-08-26 20:25 - 2021-04-03 11:16 - 000004420 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-26 20:25 - 2021-03-25 22:56 - 000004194 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-08-26 20:25 - 2021-03-25 22:56 - 000004020 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-08-26 20:25 - 2021-03-25 22:56 - 000003742 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-08-26 20:25 - 2021-03-23 18:29 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-26 20:24 - 2021-04-16 15:18 - 000000000 ____D C:\ProgramData\Adobe
2021-08-26 20:24 - 2021-03-23 17:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-08-26 20:22 - 2021-04-16 15:22 - 000000000 ____D C:\Users\termi\AppData\Local\Adobe
2021-08-26 19:33 - 2021-03-23 19:29 - 000000000 ____D C:\Program Files\WinRAR
2021-08-26 19:33 - 2017-03-03 03:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-08-26 19:19 - 2021-04-14 16:33 - 000000000 ____D C:\Program Files\Cheat Engine 7.2
2021-08-26 19:19 - 2021-01-06 08:40 - 000000000 ___DC C:\Users\termi\AppData\LocalLow\pF2qC1gG7yH8hI1o
2021-08-26 19:06 - 2019-03-08 10:08 - 002092776 _____ C:\UkLog.dat
2021-08-26 01:07 - 2021-05-27 15:05 - 000002371 ____C C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-08-26 00:16 - 2021-04-30 14:00 - 000000000 ____D C:\Users\termi\AppData\Roaming\TS3Client
2021-08-25 14:04 - 2021-05-04 18:04 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-08-23 06:25 - 2021-03-23 18:26 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3983815968-458737157-1999859390-1001
2021-08-23 06:25 - 2021-03-23 18:10 - 000002402 ____C C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-21 20:44 - 2021-03-23 18:03 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-08-21 20:42 - 2021-05-06 11:14 - 000000000 ____D C:\Users\termi\AppData\Local\ElevatedDiagnostics
2021-08-20 22:41 - 2021-04-17 21:26 - 000000000 ____D C:\Users\termi\AppData\Roaming\.minecraft
2021-08-20 21:48 - 2021-04-17 21:26 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2021-08-20 19:56 - 2021-03-23 19:25 - 000000000 ____D C:\Users\termi\AppData\Local\D3DSCache
2021-08-20 19:54 - 2021-04-20 22:55 - 000000000 ____D C:\Program Files\Riot Vanguard
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-20 19:53 - 2021-03-23 17:47 - 000000000 ____D C:\WINDOWS\servicing
2021-08-20 18:50 - 2021-05-18 12:51 - 000002244 ____C C:\Users\termi\Desktop\Blitz.lnk
2021-08-20 18:50 - 2021-03-23 18:51 - 000002252 ____C C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz.lnk
2021-08-18 03:01 - 2018-02-27 16:54 - 000000000 ____D C:\Users\Public\Documents\NI Resources
2021-08-18 03:00 - 2021-06-19 23:53 - 000000000 ____D C:\Program Files\Common Files\VST3
2021-08-16 00:08 - 2021-03-25 22:48 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-14 15:23 - 2021-05-01 22:14 - 000000000 ___DC C:\Users\termi\Desktop\minecraft
2021-08-14 15:20 - 2021-07-31 07:38 - 000000000 ___DC C:\Users\termi\Desktop\Bilder von Mir
2021-08-14 09:14 - 2021-04-15 19:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-08-14 00:24 - 2021-03-23 17:48 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-14 00:15 - 2021-03-25 22:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-14 00:12 - 2021-03-25 22:46 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-13 08:06 - 2021-04-03 11:16 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-12 18:33 - 2021-03-23 18:24 - 000000000 ____D C:\Users\termi\AppData\Local\Packages
2021-08-09 10:06 - 2021-03-23 18:26 - 000000000 ____D C:\Users\termi\AppData\Local\PlaceholderTileLogoFolder
2021-08-09 04:37 - 2017-03-02 15:40 - 000000000 ___RD C:\Users\termi\OneDrive
2021-08-01 14:59 - 2021-05-04 18:03 - 000000000 ____D C:\Users\termi\AppData\Local\Overwolf

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2021-01-17 16:04 - 2021-01-17 16:04 - 001408808 _____ (Microsoft Corporation) C:\Users\termi\vs_community__1087382636.1580554586.exe
2021-05-18 12:51 - 2021-08-29 17:13 - 000000032 _____ () C:\Users\termi\AppData\Roaming\.machineId
2021-04-30 16:27 - 2021-04-30 16:28 - 000002400 _____ () C:\Users\termi\AppData\Roaming\vibranceGUI.log

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-08-2021
durchgeführt von termi (31-08-2021 14:51:17)
Gestartet von C:\Users\termi\Desktop
Windows 10 Home Version 21H1 19043.1165 (X64) (2021-03-23 16:23:58)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-3983815968-458737157-1999859390-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3983815968-458737157-1999859390-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3983815968-458737157-1999859390-1000 - Limited - Enabled) => C:\Users\defaultuser0
Gast (S-1-5-21-3983815968-458737157-1999859390-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3983815968-458737157-1999859390-1004 - Limited - Enabled)
lulus (S-1-5-21-3983815968-458737157-1999859390-1002 - Limited - Disabled)
termi (S-1-5-21-3983815968-458737157-1999859390-1001 - Administrator - Enabled) => C:\Users\termi
WDAGUtilityAccount (S-1-5-21-3983815968-458737157-1999859390-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Ableton Live 11 Suite (HKLM\...\{FB6EECE6-87D2-4538-A1CE-61CCCA7C3DCE}) (Version: 11.0.0.0 - Ableton) Hidden
Ableton Live 11 Suite (HKLM-x32\...\{92d4040b-4cb4-4710-802b-a742c194a235}) (Version: 11.0.0.0 - Ableton)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_0_1) (Version: 22.0.1.73 - Adobe Inc.)
AutoHotkey 1.1.33.09 (HKLM\...\AutoHotkey) (Version: 1.1.33.09 - Lexikos)
balenaEtcher 1.5.120 (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.120 - Balena Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blitz (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.15.34 - Blitz, Inc.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
Cheat Engine 7.2 (HKLM\...\Cheat Engine_is1) (Version:  - Cheat Engine)
CurseForge (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.178.2.1 - Overwolf app)
Danger Scavenger (HKLM-x32\...\Danger Scavenger_is1) (Version:  - )
Dead Island Definitive Edition (HKLM-x32\...\Dead Island Definitive Edition_is1) (Version:  - )
Discord (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DroidCam Client (HKLM-x32\...\DroidCam) (Version: 6.4.3 - DEV47APPS)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
Excel (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
FabFilter Total Bundle (HKLM\...\Total Bundle_is1) (Version: 2016.11.10 - FabFilter)
FileZilla Client 3.53.1 (HKLM-x32\...\FileZilla Client) (Version: 3.53.1 - Tim Kosse)
Free Alarm Clock (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 5.1.0.0 - Comfort Software Group)
Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.1.7.215 - Digital Wave Ltd)
Frostpunk (HKLM-x32\...\Frostpunk_is1) (Version:  - )
Harver System Checker 2.0.4 (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\57ba83c7-44cc-50c5-93e2-68092ebb1ce7) (Version: 2.0.4 - Harver)
hide.me VPN 3.8.3 (HKLM-x32\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 3.8.3 - eVenture Limited)
hide.me Wintun (HKLM\...\{6A3B09CD-8B4A-4A66-9C90-833023E463E9}) (Version: 0.8 - hide.me) Hidden
Intel(R) C++ Redistributables on IA-32 (HKLM-x32\...\{7858618B-FA45-4797-988D-4E8B793C3B88}) (Version: 17.0.109 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{A7D3C4B3-2CA8-46F3-9C34-63205AC018FF}) (Version: 17.0.109 - Intel Corporation)
IntelliJ IDEA Community Edition 2021.1 (HKLM-x32\...\IntelliJ IDEA Community Edition 2021.1) (Version: 211.6693.111 - JetBrains s.r.o.)
Malwarebytes version 4.4.5.130 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.5.130 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.84 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.14228.20250 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.14228.20250 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\OneDriveSetup.exe) (Version: 21.150.0725.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Teams) (Version: 1.4.00.22472 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{911FBC64-4C64-4B8F-A637-B34832638C86}) (Version: 1.0.0.0 - Mojang)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 2.5.2.503 - Native Instruments)
Native Instruments Form (HKLM-x32\...\Native Instruments Form) (Version: 1.0.1.2 - Native Instruments)
Native Instruments Kontour (HKLM-x32\...\Native Instruments Kontour) (Version: 1.0.0.4 - Native Instruments)
Native Instruments Molekular (HKLM-x32\...\Native Instruments Molekular) (Version: 1.0.0.2 - Native Instruments)
Native Instruments Monark (HKLM-x32\...\Native Instruments Monark) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Passive EQ (HKLM-x32\...\Native Instruments Passive EQ) (Version:  - Native Instruments)
Native Instruments Reaktor 6 (HKLM-x32\...\Native Instruments Reaktor 6) (Version: 6.0.4.23 - Native Instruments)
Native Instruments Rounds (HKLM-x32\...\Native Instruments Rounds) (Version: 1.2.0.1 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Native Instruments Traktor Pro 3 (HKLM-x32\...\Native Instruments Traktor Pro 3) (Version: 3.2.1.9 - Native Instruments)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.36.6.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 - NordVPN)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 471.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.41 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14228.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20222 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.14228.20222 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Opera GX Stable 78.0.4093.186 (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Opera GX 78.0.4093.186) (Version: 78.0.4093.186 - Opera Software)
Outlook (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.178.0.16 - Overwolf Ltd.)
PC-Wecker 5.00 (HKLM-x32\...\PC-Wecker_is1) (Version:  - Ben Kheder-Software)
Plitch 1.1.7 (HKLM\...\d45b2222-59a8-54dc-8e4a-f1dc396456dc) (Version: 1.1.7 - MegaDev GmbH)
PowerPoint (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
QUAD-CAPTURE Driver (HKLM\...\RolandRDID0117) (Version:  - Roland Corporation)
r2modman 3.1.15 (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\ac231ef6-6414-5f8d-b36f-3b57705721dd) (Version: 3.1.15 - ebkr)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
Roblox Player for termi (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\roblox-player) (Version:  - Roblox Corporation)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 13.5.0 - ShareX Team)
Sidify Music Converter 2.2.5 (HKLM-x32\...\Sidify Music Converter) (Version: 2.2.5 - Sidify)
Spotify (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Spotify) (Version: 1.1.66.580.gbd43cbc9 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Surviving Mars (HKLM-x32\...\Surviving Mars_is1) (Version:  - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.19.5 - TeamViewer)
Telegram Desktop Version 2.7.1 (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.7.1 - Telegram FZ-LLC)
TuneFab Spotify Music Converter 2.23.0 (HKLM-x32\...\{9ff685d9-8f1e-59e1-a273-b7c9e7cf0c17}) (Version: 2.23.0 - TuneFab)
u-he Hive (HKLM-x32\...\u-he Hive) (Version: 1.1.0.3898 - u-he)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.10.0 - Unified Intents AB)
VALORANT (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.4.12 - Black Tree Gaming Ltd.)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.6.0 - Azureus Software, Inc.)
Waves Complete (HKLM\...\Complete_is1) (Version: 2016.11.14 - Waves)
WeMod (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\WeMod) (Version: 7.0.19 - WeMod)
WhatsApp (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\WhatsApp) (Version: 2.2126.10 - WhatsApp)
WinRAR 6.02 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\ZoomUMX) (Version: 5.6.6 (961) - Zoom Video Communications, Inc.)

Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-06] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-07-24] (NVIDIA Corp.)
Word -> C:\Program Files\WindowsApps\word.office.com-CECA1A7F_1.0.0.2_neutral__jc2kecmnkxwqc [2021-06-06] (word.office.com)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3983815968-458737157-1999859390-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\termi\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21140.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-10-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-10-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-10-07] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-10-07] (Adobe Inc. -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5d5c294bb8d17217\nvshext.dll [2021-07-13] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-10-07] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\termi\Cookies:YUrEA9vCOWRzE2EzPMEq59br [2336]
AlternateDataStreams: C:\Users\termi\AppData\Local\un9cVOFCI:dm5YTZWWMaWHHfeyCnbLY [2500]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2021-03-23 17:52 - 2021-05-06 22:01 - 000002408 _____ C:\WINDOWS\system32\drivers\etc\hosts
109.94.209.70      fitgirlrepacks.in              # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.in          # Fake FitGirl site
109.94.209.70      fitgirl-repacks.to              # Fake FitGirl site
109.94.209.70      fitgirlrepack.games            # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.to          # Fake FitGirl site
109.94.209.70      www.fitgirlrepack.games        # Fake FitGirl site
109.94.209.70      *.fitgirl-repacks.xyz          # Fake FitGirl site
109.94.209.70      fitgirlrepacks.co              # Fake FitGirl site
109.94.209.70      fitgirl-repacks.cc              # Fake FitGirl site
109.94.209.70      fitgirl-repack.com              # Fake FitGirl site
109.94.209.70      fitgirl-repacks.website        # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.co          # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.cc          # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.com          # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.website    # Fake FitGirl site
109.94.209.70      ww9.fitgirl-repacks.xyz        # Fake FitGirl site
109.94.209.70      *.fitgirl-repacks.xyz          # Fake FitGirl site
109.94.209.70      fitgirl-repacks.xyz            # Fake FitGirl site
109.94.209.70      fitgirl-repack.net              # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.net          # Fake FitGirl site
109.94.209.70      fitgirlpack.site                # Fake FitGirl site
109.94.209.70      www.fitgirlpack.site            # Fake FitGirl site

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64_win\compiler;%INTEL_DEV_REDIST%redist\ia32_win\compiler;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3983815968-458737157-1999859390-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 217.147.55.3 - 217.147.60.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
 ist aktiviert.

Network Binding:
=============
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "vibranceGUI"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{2069B03B-7FF1-4A96-982C-21C221A580A1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5D97FCB8-CB3B-479A-B27C-EA8EF9359DF5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A98D41C0-2014-45BA-9221-2A49A4382785}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{21E80ADB-9D1B-4B0A-B9C6-61E1B6BA4188}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{9DEEDE42-5CD0-4E9B-8CB0-AAEB3D8CC95B}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{16CD6494-5C1B-4E3B-A747-5C46B089E736}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{076F1949-7E19-4D8D-B428-EAB391B29D8F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A1D989F5-3F2B-4A62-ABC4-B0428FD26B56}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{83B785E6-1CD9-4417-AFFA-1C700E24B470}] => (Allow) R:\SteamLibrary\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{9516645E-D8FE-494E-A247-29CD342BE83D}] => (Allow) R:\SteamLibrary\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{22523582-58A1-48BB-BC3D-1ECABE7CD1E4}] => (Allow) R:\SteamLibrary\steamapps\common\Ironsight_wpg\launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{6308D54A-CD1E-4F1F-95DB-C6EFE1857EDB}] => (Allow) R:\SteamLibrary\steamapps\common\Ironsight_wpg\launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{F68FFDE7-8A85-4FE5-BE24-7BF78727B86D}C:\users\termi\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\termi\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [UDP Query User{EEDB1F01-849D-4129-8C99-99C386CE3766}C:\users\termi\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\termi\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [{73AD105F-4A24-4201-9ADB-02361390FDCB}] => (Allow) R:\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> )
FirewallRules: [{C3843D3A-929D-49AD-86DF-5ACDBBE744AA}] => (Allow) R:\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> )
FirewallRules: [{36D4A14A-BC1B-45E3-85EA-FF38013797FC}] => (Allow) R:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{109DCB20-2449-4F55-B3FB-DDC29B0E18EE}] => (Allow) R:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{2DFCA3C1-59CB-4A21-81E4-A1B5C576966C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TotallyAccurateBattlegrounds\TABG_Launcher.exe (Int3 Software AB -> Int3 Software AB)
FirewallRules: [{8BABF5A3-533B-4027-B335-D2B6908102BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TotallyAccurateBattlegrounds\TABG_Launcher.exe (Int3 Software AB -> Int3 Software AB)
FirewallRules: [{B8E9048E-3CF7-4338-BC74-B145C49F9DA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TotallyAccurateBattlegrounds\TotallyAccurateBattlegrounds.exe () [Datei ist nicht signiert]
FirewallRules: [{8A7AC861-C5BF-443D-AD2F-2A3D86866958}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TotallyAccurateBattlegrounds\TotallyAccurateBattlegrounds.exe () [Datei ist nicht signiert]
FirewallRules: [{F55011BC-B80D-4894-95A0-6A28575E62BA}] => (Allow) R:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{531EFBB1-5771-46F3-B3C2-7B99934B8DCB}] => (Allow) R:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{7CFC6846-2938-497E-B824-51056B9FC2CD}] => (Allow) R:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{AE5C0D22-F432-4BFE-A2DA-B53EB78BF693}] => (Allow) R:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{4D992528-308E-4FE8-8722-63D04A2DCDC4}] => (Allow) R:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{77DD4B0D-629A-480D-8ACC-5D8136A45202}] => (Allow) R:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{F3C63D17-2A76-40A6-8541-219B1E3001C5}] => (Allow) R:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{939105BC-94BB-4DEB-BA85-DC6AC58F2BA6}] => (Allow) R:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{26979859-D796-4469-9EFA-65EB3CDCE0AB}] => (Allow) R:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe (Valve -> )
FirewallRules: [{11003613-C716-4162-AF7F-71B778C56DD5}] => (Allow) R:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe (Valve -> )
FirewallRules: [TCP Query User{2863382C-B5AE-4AB7-A14A-443D8B2B548D}C:\program files\plitch\plitch.exe] => (Allow) C:\program files\plitch\plitch.exe (MegaDev GmbH -> MegaDev GmbH)
FirewallRules: [UDP Query User{04C7D106-916E-4020-B96D-0D2F1BFD12DA}C:\program files\plitch\plitch.exe] => (Allow) C:\program files\plitch\plitch.exe (MegaDev GmbH -> MegaDev GmbH)
FirewallRules: [{C1B581CD-81EA-48D7-8992-DF98DE98B076}] => (Allow) R:\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{E151ED52-2C2B-4479-9BEB-F3AB1D2F2C30}] => (Allow) R:\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{C1E52C12-5909-469D-B071-2153D6F19466}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4A5B4C25-C43B-4DAF-9F5C-B17F6FED46D0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C6909221-4126-42E0-81CA-0489B4452320}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{F459FD49-1899-43ED-AF1C-F8F5E13833CB}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{0D3E8B49-202D-4E46-BE0E-2B759E5247B9}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [UDP Query User{4007462C-52AE-4FF5-BBA8-99DB8E36C68F}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [TCP Query User{0AE71AFB-42AC-48D6-8A02-1DF367929AAE}R:\games\dead island definitive edition\deadislandgame.exe] => (Block) R:\games\dead island definitive edition\deadislandgame.exe (Techland) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{F81B7FF9-D624-47F9-BAA7-572B01E631E7}R:\games\dead island definitive edition\deadislandgame.exe] => (Block) R:\games\dead island definitive edition\deadislandgame.exe (Techland) [Datei ist nicht signiert]
FirewallRules: [{036D7647-F7D4-4A24-8F57-8A21E05EB2D6}] => (Allow) R:\SteamLibrary\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{0710C979-9553-4147-84E4-9F1D3D3FE93A}] => (Allow) R:\SteamLibrary\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{5EA217E9-65E8-4CD1-A054-F65130A2F549}] => (Allow) R:\SteamLibrary\steamapps\common\Spellbreak\Launch_Spellbreak.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{67B460F0-B740-4DEA-B09B-5A7B562D5E46}] => (Allow) R:\SteamLibrary\steamapps\common\Spellbreak\Launch_Spellbreak.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{1B6517DA-C476-44D9-A8C1-14234E3FE4DC}C:\users\termi\appdata\local\jetbrains\codewithmeclientdist\jbr_jcef-11_0_10-b1341.35-wlauncher\jbr\bin\jcef_helper.exe] => (Allow) C:\users\termi\appdata\local\jetbrains\codewithmeclientdist\jbr_jcef-11_0_10-b1341.35-wlauncher\jbr\bin\jcef_helper.exe (JetBrains s.r.o. -> )
FirewallRules: [UDP Query User{361723C2-0109-4B42-91C0-B2C38EAEA0CD}C:\users\termi\appdata\local\jetbrains\codewithmeclientdist\jbr_jcef-11_0_10-b1341.35-wlauncher\jbr\bin\jcef_helper.exe] => (Allow) C:\users\termi\appdata\local\jetbrains\codewithmeclientdist\jbr_jcef-11_0_10-b1341.35-wlauncher\jbr\bin\jcef_helper.exe (JetBrains s.r.o. -> )
FirewallRules: [TCP Query User{EDAC31D8-CF7C-4EED-B03E-48B29F3137E0}R:\call of duty modern warfare\modernwarfare.exe] => (Allow) R:\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{F7CEE603-8720-4EBD-897D-D3611C1085E0}R:\call of duty modern warfare\modernwarfare.exe] => (Allow) R:\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{D81C936C-2E14-4C24-8319-9932D6A4124B}C:\users\termi\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\termi\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{BF893C84-62E8-491C-8CF9-0E051E865A62}C:\users\termi\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\termi\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{94C92A4F-3190-48B9-B96E-1091EDD2F84A}R:\hardspace shipbreaker\shipbreaker.exe] => (Block) R:\hardspace shipbreaker\shipbreaker.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{434FBAB9-86D1-4F9F-B2AB-B08FD2E6AEDC}R:\hardspace shipbreaker\shipbreaker.exe] => (Block) R:\hardspace shipbreaker\shipbreaker.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{7C584A75-1011-4AAF-9B9B-20CED606E645}R:\games\dayz\dayzlaunch.exe] => (Allow) R:\games\dayz\dayzlaunch.exe (ZombieManiya) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{F8C42BF4-83CA-433D-A87C-55AC0366D21C}R:\games\dayz\dayzlaunch.exe] => (Allow) R:\games\dayz\dayzlaunch.exe (ZombieManiya) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{DBCE5FF8-4F82-4616-9483-FCA64012442B}R:\games\dayz\dayz_x64.exe] => (Allow) R:\games\dayz\dayz_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [UDP Query User{4FD5ED33-F1A5-4F1F-A82C-88B392055C51}R:\games\dayz\dayz_x64.exe] => (Allow) R:\games\dayz\dayz_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{FF15260E-48DF-4EA6-AA8B-D1E1B01111B9}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{2AA59EA6-21EA-41F9-84A4-A381CB0B61FB}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{C7DB2040-EA34-4448-97B3-128961C33CC6}] => (Allow) R:\SteamLibrary\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [{1087E516-71FD-4F98-A478-0B9D7923FC2E}] => (Allow) R:\SteamLibrary\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [{F018BEE7-7D71-4B3A-90C6-83BCBD791235}] => (Allow) C:\Users\termi\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{FC96FEDE-48D4-4B05-ADCE-7A51DE55D108}C:\users\termi\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\termi\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{9783B719-203C-491E-A44B-6E8189B9FE8C}C:\users\termi\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\termi\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9B06BF6F-B558-4D2D-946E-FDC4E0F00931}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CEFE696E-431E-4BDD-8F4F-DF361FB24697}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9AF4F121-77A7-4116-A390-69775B085D95}] => (Block) R:\PRODUCING\ABLETON\AhABELETTON\Program\Ableton Live 11 Suite.exe (Ableton) [Datei ist nicht signiert]
FirewallRules: [{0396CA1F-4EB4-458D-84F2-B05B285E87B4}] => (Block) R:\PRODUCING\ABLETON\AhABELETTON\Program\Ableton Live 11 Suite.exe (Ableton) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{F6D32813-C4BC-4D74-BB10-63E976919D67}C:\users\termi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\termi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{5D23A78F-4030-4E4D-A667-AE77F797D802}C:\users\termi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\termi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{E4569016-1242-4869-AB55-3BCB6FCC4123}C:\users\termi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\termi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{C03E3819-1137-4B08-9F27-DA0721BD9B1B}C:\users\termi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\termi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D2F47DE4-A68B-4887-A4D0-8D0A3E11DDD0}] => (Allow) R:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [Datei ist nicht signiert]
FirewallRules: [{00637B8A-1556-414D-835C-CAB1D29B7FCF}] => (Allow) R:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [Datei ist nicht signiert]
FirewallRules: [{7A5AF2FD-76C2-45C0-8C1E-C17CA99FA6D7}] => (Allow) R:\SteamLibrary\steamapps\common\Dig or Die\DigOrDie.exe () [Datei ist nicht signiert]
FirewallRules: [{833415B8-229D-470E-9A12-D9E9AB722EAA}] => (Allow) R:\SteamLibrary\steamapps\common\Dig or Die\DigOrDie.exe () [Datei ist nicht signiert]
FirewallRules: [{0DD2C45C-B6D3-495F-A18C-0E8A18256DA2}] => (Allow) R:\SteamLibrary\steamapps\common\sandstorm\InsurgencyEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{9083BAE3-A2C1-4C57-A8B5-3208785E59E4}] => (Allow) R:\SteamLibrary\steamapps\common\sandstorm\InsurgencyEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{B707AFF9-7B29-4D8C-BD33-DA0BA6248076}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{251B6695-3AC3-41F1-87C9-180E27DBBEAD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F78F8286-347A-4C72-A8D5-F9564964EACB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{48F3855A-8189-4BD1-AAB2-92DE5A982C8C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9DCB7068-7307-4B17-8F99-15908A3643DB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{D6E9F4B7-60B6-44E1-90DA-F06724639359}C:\users\termi\desktop\mini motorways\mini motorways.exe] => (Allow) C:\users\termi\desktop\mini motorways\mini motorways.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{5CBC935F-3319-4E75-8B28-CF87FC2ADAF4}C:\users\termi\desktop\mini motorways\mini motorways.exe] => (Allow) C:\users\termi\desktop\mini motorways\mini motorways.exe () [Datei ist nicht signiert]
FirewallRules: [{617955B4-F905-497B-83DE-9FFA02776413}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{21432F54-68DB-4B8C-84B7-0FB9FA207CCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C8911B7B-5DFB-43C1-B54C-FBF30A06782F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F9ADAB58-6FA4-4173-8EB9-EB3C61D41534}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{BF0E2EBF-59E4-4C75-BE99-11BFD843CA73}R:\riot games\riot client\riotclientservices.exe] => (Allow) R:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{A63940AB-49C2-45E3-B471-ECD1F06FFA07}R:\riot games\riot client\riotclientservices.exe] => (Allow) R:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{3A115758-A411-4EA2-B7DF-53DEF70E2F40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [Datei ist nicht signiert]
FirewallRules: [{73F00344-16FB-44F9-9EF9-73100841688C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [Datei ist nicht signiert]
FirewallRules: [{39B19084-BC27-4E7E-8FC9-5B48A30A8F96}] => (Allow) R:\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> )
FirewallRules: [{17B4BD42-FEFA-4312-A939-C6A7EF7CD9AC}] => (Allow) R:\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> )
FirewallRules: [{1F497FA9-B7F9-4965-BE6A-19A45E9A9425}] => (Allow) R:\SteamLibrary\steamapps\common\Dig or Die\DigOrDie.exe () [Datei ist nicht signiert]
FirewallRules: [{3BE11350-3FDE-4299-92A6-908FEEDCA29E}] => (Allow) R:\SteamLibrary\steamapps\common\Dig or Die\DigOrDie.exe () [Datei ist nicht signiert]
FirewallRules: [{58E5419B-3C45-495E-B75F-18216D91D537}] => (Allow) R:\SteamLibrary\steamapps\common\Ironsight_wpg\launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{B52D0AB7-E479-4CDB-8DAA-C16DD341BEFE}] => (Allow) R:\SteamLibrary\steamapps\common\Ironsight_wpg\launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{2446425D-EBB5-44BC-B78E-FEF66C12CAF5}] => (Allow) R:\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{A603BE56-E7B2-4CFE-AB47-FA8149CD632C}] => (Allow) R:\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{59E1806C-0DE5-4A7C-BD28-25D6CD02DFEF}] => (Block) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [TCP Query User{24C02AD2-5918-4068-8908-2EE61C113CDE}C:\users\termi\appdata\local\programs\opera gx\77.0.4054.298\opera.exe] => (Allow) C:\users\termi\appdata\local\programs\opera gx\77.0.4054.298\opera.exe => Keine Datei
FirewallRules: [UDP Query User{9860210B-0F17-416E-B02A-E973D62089AE}C:\users\termi\appdata\local\programs\opera gx\77.0.4054.298\opera.exe] => (Allow) C:\users\termi\appdata\local\programs\opera gx\77.0.4054.298\opera.exe => Keine Datei
FirewallRules: [{95AB9B25-C18C-4363-AB1F-8C1134E5AC95}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FF3D0E96-0A40-4EB6-8D2D-EBC720BB39FC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{502F6868-15F0-4371-B325-CAFF24B80714}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{42FF698F-551A-410E-9BCA-EFCFEBAC18DC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{627D7FC1-31AB-4CDD-91E7-421D8E7F3F9C}] => (Allow) R:\SteamLibrary\steamapps\common\The Forest\TheForest.exe () [Datei ist nicht signiert]
FirewallRules: [{31DDDCAB-A8F4-4F4A-B3C9-61CDBABA5A19}] => (Allow) R:\SteamLibrary\steamapps\common\The Forest\TheForest.exe () [Datei ist nicht signiert]
FirewallRules: [{2C7A953A-876A-43AF-B370-8FF6D0EA99D8}] => (Allow) R:\SteamLibrary\steamapps\common\The Forest\TheForestVR.exe () [Datei ist nicht signiert]
FirewallRules: [{E7851C69-D198-4417-B50A-99091FC85EF1}] => (Allow) R:\SteamLibrary\steamapps\common\The Forest\TheForestVR.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{86FC4086-6663-4D4B-BB2D-AAF855E6C02F}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{5BA2789B-7E35-4D88-B23B-4A35A0C2E9BC}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{FDAC41D7-F1F6-4876-9125-5389D8A3EF39}] => (Allow) R:\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe (Chucklefish LTD) [Datei ist nicht signiert]
FirewallRules: [{E169D981-7CD4-4503-ADFF-9A7F729A3504}] => (Allow) R:\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe (Chucklefish LTD) [Datei ist nicht signiert]
FirewallRules: [{5B9561C7-8B35-41FE-94E2-362E946CC04E}] => (Allow) R:\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe () [Datei ist nicht signiert]
FirewallRules: [{49D95CE2-F042-4D84-9084-6909F74B1966}] => (Allow) R:\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe () [Datei ist nicht signiert]
FirewallRules: [{A78D3A6B-D0D5-4F64-975E-4FEECE234483}] => (Allow) R:\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe () [Datei ist nicht signiert]
FirewallRules: [{08B5B3A5-35D2-431C-8BF4-C34D698962C2}] => (Allow) R:\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe () [Datei ist nicht signiert]
FirewallRules: [{25F12664-9FE7-4991-A167-DA3BA1CFFDB5}] => (Allow) R:\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe (Chucklefish LTD) [Datei ist nicht signiert]
FirewallRules: [{5B8E4D2F-A891-4AF8-A54F-B357990C1CC0}] => (Allow) R:\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe (Chucklefish LTD) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{460C26BF-06D7-489F-9B15-93AB91C30EA3}C:\users\termi\appdata\local\programs\opera gx\78.0.4093.153\opera.exe] => (Allow) C:\users\termi\appdata\local\programs\opera gx\78.0.4093.153\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{7EA17992-29D1-4E45-88E7-E0AECA0DCB1E}C:\users\termi\appdata\local\programs\opera gx\78.0.4093.153\opera.exe] => (Allow) C:\users\termi\appdata\local\programs\opera gx\78.0.4093.153\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{E71FDC67-E5A5-4C73-80E6-9EE37C60F310}] => (Block) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{DFCC5B23-D1A9-4706-831C-C4DD50BB3C21}] => (Allow) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{99420762-59AA-4893-80F9-1F5C9708D893}] => (Block) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{9FB7F7C2-5F23-4BAF-8F9E-891CA1E53963}] => (Allow) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{AD7BD40A-429C-4625-81D8-E26B3B4DEB2E}] => (Block) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{2ED1BC5C-E327-4636-85FD-E528B55474D9}] => (Block) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{F11E50C2-5CFC-4E0C-906D-68243683D65E}] => (Block) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{CD53D11E-70F1-4941-8EEF-76DEB6B49EE8}] => (Block) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{A5831ED2-08D0-4C94-9830-CE43C21D601D}] => (Block) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{859ED231-E126-476D-A564-237DCB0C37BE}] => (Block) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{88A013B7-7A15-4205-A184-0D848CCB8D59}] => (Block) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{CF19A340-7C55-4726-B578-FA734349A90E}] => (Block) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{5AAE9512-73FB-42FF-92ED-74FA1CD62B52}] => (Block) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{CB348152-441E-46A7-9E48-DE933103162E}] => (Block) C:\Program Files (x86)\Overwolf\0.174.87.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{A549FF6B-DD48-4BE4-B04E-929AC293B789}] => (Allow) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{F19BD356-A456-4FBC-AB15-45C39E5FB790}] => (Allow) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{BB508600-4D44-47E8-A08E-71084CEE17E3}] => (Block) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{2B7FB5D8-C0D3-4128-90B6-956D2E2AE188}] => (Block) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{3C519049-5953-4EF5-89F1-DBB6793AD1BF}] => (Block) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{8DAC4B14-68F9-4860-BA9A-FEC252FAD882}] => (Block) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{0FFBB512-0136-429A-AB0B-EF596AB1D6B8}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei
FirewallRules: [{38EC10A5-5384-4F70-888B-85ABA5F17639}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei
FirewallRules: [{CA69EDC7-3CE6-4097-9D2F-52F21C7A03CE}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei
FirewallRules: [{E89D8454-43EC-4264-BE23-EA648491C86C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Splitgate\equ8-launcher.exe (Int3 Software AB -> Int3 Software AB)
FirewallRules: [{265C0419-9E0F-4327-8B5C-0E8ECA9B3D72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Splitgate\equ8-launcher.exe (Int3 Software AB -> Int3 Software AB)
FirewallRules: [{291FDD4D-C3D0-4099-8BA9-FA0263199A44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Splitgate\PortalWars\Binaries\Win64\PortalWars-Win64-Shipping.exe (1047 Games, LLC -> Epic Games, Inc.)
FirewallRules: [{C3F54AB0-A0EC-44D3-9796-4C06D564FAB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Splitgate\PortalWars\Binaries\Win64\PortalWars-Win64-Shipping.exe (1047 Games, LLC -> Epic Games, Inc.)

==================== Wiederherstellungspunkte =========================

03-04-2021 04:06:35 Windows Modules Installer
21-08-2021 21:32:41 Geplanter Prüfpunkt
26-08-2021 18:26:43 Driver Update
26-08-2021 18:26:52 Windows Update
26-08-2021 18:37:08 Avira System Speedup Optimierung
30-08-2021 22:33:40 O&O ShutUp10
31-08-2021 13:18:24 AdwCleaner_BeforeCleaning_31/08/2021_13:18:21

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (08/31/2021 02:46:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamtray.exe, Version: 4.0.0.1089, Zeitstempel: 0x6109559e
Name des fehlerhaften Moduls: Qt5Core.dll, Version: 5.14.1.0, Zeitstempel: 0x603971ce
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000219dc5
ID des fehlerhaften Prozesses: 0x1a40
Startzeit der fehlerhaften Anwendung: 0x01d79e3d280c7eee
Pfad der fehlerhaften Anwendung: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Berichtskennung: 5aa3e91e-ddaa-4329-9f1f-8a22e075fd55
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/31/2021 09:52:29 AM) (Source: NIHardwareService) (EventID: 259) (User: )
Description: MIDIDevice: Unable to unlock BMIDI DLL/driver

Error: (08/30/2021 10:35:22 PM) (Source: NIHardwareService) (EventID: 259) (User: )
Description: MIDIDevice: Unable to unlock BMIDI DLL/driver

Error: (08/30/2021 10:34:44 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (08/30/2021 10:34:44 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (08/30/2021 10:27:50 PM) (Source: NIHardwareService) (EventID: 259) (User: )
Description: MIDIDevice: Unable to unlock BMIDI DLL/driver

Error: (08/30/2021 10:27:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (08/30/2021 10:27:02 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]


Systemfehler:
=============
Error: (08/31/2021 01:18:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "hide.me VPN Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/31/2021 01:18:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/31/2021 01:18:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Graphics Command Center Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/31/2021 01:18:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "nordvpn-service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/31/2021 01:18:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Digital Wave Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/31/2021 01:18:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office Click-to-Run Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/31/2021 01:18:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NIHardwareService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/31/2021 01:18:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Realtek Audio Universal Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.


Windows Defender:
================
Date: 2021-08-25 22:45:30
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {EBBDE743-DE5C-4201-9551-B66CE4A18AB1}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-08-24 21:52:00
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {FB54C865-41AB-4B45-BA94-1F57F96FE025}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-08-23 23:17:31
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {F9D4C809-9B1E-4262-8E59-BCD8B3EC1523}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-08-22 22:11:10
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {4CF2E328-B873-45C9-91C9-4F738685E51D}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-08-21 21:55:19
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {09437ADC-A6A2-4470-A0F0-5CF6B7377833}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

CodeIntegrity:
===============
Date: 2021-08-31 09:52:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Users\termi\AppData\Local\Programs\Opera GX\78.0.4093.186\opera.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-08-26 20:24:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-08-26 18:51:18
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Users\termi\AppData\Local\Programs\Opera GX\78.0.4093.153\opera.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-08-26 01:54:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\WaaSMedicAgent.exe) attempted to load \Device\HarddiskVolume7\Windows\System32\acaptuser64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-08-03 18:05:18
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-07-13 13:19:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Users\termi\AppData\Local\WhatsApp\app-2.2126.10\WhatsApp.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Overwolf\0.173.0.16\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2021-07-12 20:31:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Users\termi\AppData\Local\WhatsApp\app-2.2123.8\WhatsApp.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Overwolf\0.173.0.16\OWExplorer.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen ===========================

BIOS: American Megatrends Inc. 3016 12/27/2016
Hauptplatine: ASUSTeK COMPUTER INC. H110M-A/M.2
Prozessor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 16255.11 MB
Verfügbarer physikalischer RAM: 9624.59 MB
Summe virtueller Speicher: 20863.11 MB
Verfügbarer virtueller Speicher: 11947.56 MB

==================== Laufwerke ================================

Drive c: (WIN10_1) (Fixed) (Total:231.77 GB) (Free:49.72 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:869.32 GB) NTFS
Drive f: () (Fixed) (Total:100 GB) (Free:98.05 GB) NTFS
Drive r: (Volume) (Fixed) (Total:1763.01 GB) (Free:74.34 GB) NTFS

\\?\Volume{78269f4c-e660-11e7-8ac3-704d7b2db4bc}\ (Wiederherstellung) (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
\\?\Volume{dfb2431d-ec2f-4309-968a-fd41448ddd5a}\ () (Fixed) (Total:0.57 GB) (Free:0.07 GB) NTFS
\\?\Volume{c0dc1d43-3a10-4b0a-b850-705cab2dc9c8}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 9B424CEE)
Partition 1: (Not Active) - (Size=1763 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: CE219331)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================

cosinus 31.08.2021 14:53
Scripting/Repair mit FRST64

WARNUNG AN ALLE MITLESER !!!
Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System angewendet werden!
  • Kopiere den gesamten Inhalt der folgenden Code-Box:
    Code:
    Start::
    CloseProcesses:
    HKLM-x32\...\Run: [Avira Security startup helper] => "C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe" DelayedStartup
    HKLM-x32\...\Run: [Acrobat Assistant 8.0] => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
    GroupPolicy: Beschränkung ? <==== ACHTUNG
    Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
    HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG
    HKU\S-1-5-21-3983815968-458737157-1999859390-1001\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG
    HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [vibranceGUI] => "C:\Users\termi\AppData\Local\Temp\Rar$EXa3644.19640\vibranceGUI.exe" -minimized <==== ACHTUNG
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
    Task: {78772080-6D06-4E28-BDCE-184DE907ED35} - System32\Tasks\Microsoft\Windows\Maintenance\InstallWinSAT => Maintenance.vbs
    C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle
    C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip
    C:\windows\system32\Maintenance.vbs
    C:\Program Files (x86)\Adobe\Acrobat 9.0
    C:\Users\termi\AppData\LocalLow\pF2qC1gG7yH8hI1o
    C:\ProgramData\Avira
    C:\Program Files (x86)\Avira
    C:\Users\AllUserName\AppData\Local\Avira
    C:\WINDOWS\system32\Tasks\Avira
    C:\WINDOWS\system32\Tasks\Avira_Security_Update
    C:\WINDOWS\system32\Tasks\AviraSystemSpeedupUpdate
    cmd: reg query "HKCU\Environment"
    cmd: reg query "HKCU\Software"
    cmd: netsh advfirewall reset
    emptytemp:
    End::
  • Starte nun FRST und klicke direkt den Reparieren Button.Wichtig: Du brauchst den Inhalt der Code-Box nirgends einfügen, da sich FRST den Code aus der Zwischenablage holt!
  • Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich FRST befindet.
  • Gegebenenfalls muss dein Rechner neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Individuum 31.08.2021 16:15
Code:
Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-08-2021
durchgeführt von termi (31-08-2021 16:49:32) Run:1
Gestartet von C:\Users\termi\Desktop
Geladene Profile: defaultuser0 & termi
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
CloseProcesses:
HKLM-x32\...\Run: [Avira Security startup helper] => "C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe" DelayedStartup
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [vibranceGUI] => "C:\Users\termi\AppData\Local\Temp\Rar$EXa3644.19640\vibranceGUI.exe" -minimized <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
Task: {78772080-6D06-4E28-BDCE-184DE907ED35} - System32\Tasks\Microsoft\Windows\Maintenance\InstallWinSAT => Maintenance.vbs
C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle
C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip
C:\windows\system32\Maintenance.vbs
C:\Program Files (x86)\Adobe\Acrobat 9.0
C:\Users\termi\AppData\LocalLow\pF2qC1gG7yH8hI1o
C:\ProgramData\Avira
C:\Program Files (x86)\Avira
C:\Users\ProgramData\AppData\Local\Avira
C:\Users\Default\AppData\Local\Avira
C:\Users\defaultuser0\AppData\Local\Avira
C:\Users\Public\AppData\Local\Avira
C:\Users\termi\AppData\Local\Avira
C:\WINDOWS\system32\Tasks\Avira
C:\WINDOWS\system32\Tasks\Avira_Security_Update
C:\WINDOWS\system32\Tasks\AviraSystemSpeedupUpdate
cmd: reg query "HKCU\Environment"
cmd: reg query "HKCU\Software"
cmd: netsh advfirewall reset
emptytemp:

*****************

Prozesse erfolgreich geschlossen.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Avira Security startup helper" => erfolgreich entfernt
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0" => erfolgreich entfernt
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => erfolgreich entfernt
C:\WINDOWS\system32\GroupPolicy\Machine => erfolgreich verschoben
C:\WINDOWS\system32\GroupPolicy\GPT.ini => erfolgreich verschoben
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => erfolgreich verschoben
C:\ProgramData\NTUSER.pol => erfolgreich verschoben
HKLM\SOFTWARE\Policies\Microsoft\Edge => erfolgreich entfernt
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\SOFTWARE\Policies\Microsoft\Edge => erfolgreich entfernt
"HKU\S-1-5-21-3983815968-458737157-1999859390-1001\Software\Microsoft\Windows\CurrentVersion\Run\\vibranceGUI" => erfolgreich entfernt
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{78772080-6D06-4E28-BDCE-184DE907ED35}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78772080-6D06-4E28-BDCE-184DE907ED35}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Maintenance\InstallWinSAT => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\InstallWinSAT" => erfolgreich entfernt
C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle => erfolgreich verschoben
C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip => erfolgreich verschoben
"C:\windows\system32\Maintenance.vbs" => nicht gefunden
C:\Program Files (x86)\Adobe\Acrobat 9.0 => erfolgreich verschoben
C:\Users\termi\AppData\LocalLow\pF2qC1gG7yH8hI1o => erfolgreich verschoben
C:\ProgramData\Avira => erfolgreich verschoben
C:\Program Files (x86)\Avira => erfolgreich verschoben
"C:\Users\ProgramData\AppData\Local\Avira" => nicht gefunden
"C:\Users\Default\AppData\Local\Avira" => nicht gefunden
"C:\Users\defaultuser0\AppData\Local\Avira" => nicht gefunden
"C:\Users\Public\AppData\Local\Avira" => nicht gefunden
C:\Users\termi\AppData\Local\Avira => erfolgreich verschoben
C:\WINDOWS\system32\Tasks\Avira => erfolgreich verschoben
"C:\WINDOWS\system32\Tasks\Avira_Security_Update" => nicht gefunden
"C:\WINDOWS\system32\Tasks\AviraSystemSpeedupUpdate" => nicht gefunden

========= reg query "HKCU\Environment" =========


HKEY_CURRENT_USER\Environment
    Path    REG_EXPAND_SZ    %USERPROFILE%\AppData\Local\Microsoft\WindowsApps;
    TEMP    REG_EXPAND_SZ    %USERPROFILE%\AppData\Local\Temp
    TMP    REG_EXPAND_SZ    %USERPROFILE%\AppData\Local\Temp
    OneDrive    REG_EXPAND_SZ    C:\Users\termi\OneDrive
    OneDriveConsumer    REG_EXPAND_SZ    C:\Users\termi\OneDrive


========= Ende von CMD: =========


========= reg query "HKCU\Software" =========


HKEY_CURRENT_USER\Software\153f8ce0-b97a-575b-ba12-4ff8b1481894
HKEY_CURRENT_USER\Software\57ba83c7-44cc-50c5-93e2-68092ebb1ce7
HKEY_CURRENT_USER\Software\Ableton
HKEY_CURRENT_USER\Software\ac231ef6-6414-5f8d-b36f-3b57705721dd
HKEY_CURRENT_USER\Software\Adobe
HKEY_CURRENT_USER\Software\Akeo Consulting
HKEY_CURRENT_USER\Software\AM
HKEY_CURRENT_USER\Software\AppDataLow
HKEY_CURRENT_USER\Software\Asmodee
HKEY_CURRENT_USER\Software\Avira
HKEY_CURRENT_USER\Software\Azureus
HKEY_CURRENT_USER\Software\Blackbird Interactive
HKEY_CURRENT_USER\Software\Blizzard Entertainment
HKEY_CURRENT_USER\Software\Broken Arrow Games
HKEY_CURRENT_USER\Software\BugSplat
HKEY_CURRENT_USER\Software\Cheat Engine
HKEY_CURRENT_USER\Software\Chromium
HKEY_CURRENT_USER\Software\Clients
HKEY_CURRENT_USER\Software\Clock
HKEY_CURRENT_USER\Software\ComfortSoftware
HKEY_CURRENT_USER\Software\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b
HKEY_CURRENT_USER\Software\Digital Extremes
HKEY_CURRENT_USER\Software\Dinosaur Polo Club
HKEY_CURRENT_USER\Software\Disc Soft
HKEY_CURRENT_USER\Software\Discord
HKEY_CURRENT_USER\Software\DVDVideoSoft
HKEY_CURRENT_USER\Software\ej-technologies
HKEY_CURRENT_USER\Software\Epic Games
HKEY_CURRENT_USER\Software\EPSON
HKEY_CURRENT_USER\Software\FabFilter
HKEY_CURRENT_USER\Software\Gaddy Games
HKEY_CURRENT_USER\Software\GOG.com
HKEY_CURRENT_USER\Software\Google
HKEY_CURRENT_USER\Software\Haemimont Games
HKEY_CURRENT_USER\Software\IM Providers
HKEY_CURRENT_USER\Software\Intel
HKEY_CURRENT_USER\Software\IronGate
HKEY_CURRENT_USER\Software\iSkysoft
HKEY_CURRENT_USER\Software\iZotope
HKEY_CURRENT_USER\Software\KoeiTecmo
HKEY_CURRENT_USER\Software\Landfall Games
HKEY_CURRENT_USER\Software\LAV
HKEY_CURRENT_USER\Software\Licenses
HKEY_CURRENT_USER\Software\Logitech
HKEY_CURRENT_USER\Software\Ludeon Studios
HKEY_CURRENT_USER\Software\Madruga Works
HKEY_CURRENT_USER\Software\Magnet
HKEY_CURRENT_USER\Software\Malwarebytes
HKEY_CURRENT_USER\Software\MegaDev
HKEY_CURRENT_USER\Software\Microsoft
HKEY_CURRENT_USER\Software\Mojang
HKEY_CURRENT_USER\Software\MPC-HC
HKEY_CURRENT_USER\Software\Native Instruments
HKEY_CURRENT_USER\Software\Netscape
HKEY_CURRENT_USER\Software\NVIDIA Corporation
HKEY_CURRENT_USER\Software\ODBC
HKEY_CURRENT_USER\Software\Opera Software
HKEY_CURRENT_USER\Software\Overwolf
HKEY_CURRENT_USER\Software\PACE Anti-Piracy
HKEY_CURRENT_USER\Software\PhoenixPacs
HKEY_CURRENT_USER\Software\PocketPair
HKEY_CURRENT_USER\Software\Policies
HKEY_CURRENT_USER\Software\QtProject
HKEY_CURRENT_USER\Software\Realtek
HKEY_CURRENT_USER\Software\RegisteredApplications
HKEY_CURRENT_USER\Software\ROBLOX Corporation
HKEY_CURRENT_USER\Software\Roland
HKEY_CURRENT_USER\Software\Spotify
HKEY_CURRENT_USER\Software\SPS
HKEY_CURRENT_USER\Software\Star Drifters
HKEY_CURRENT_USER\Software\SyncEngines
HKEY_CURRENT_USER\Software\TCP Optimizer
HKEY_CURRENT_USER\Software\TeamViewer
HKEY_CURRENT_USER\Software\TelegramDesktop
HKEY_CURRENT_USER\Software\Toukana Interactive
HKEY_CURRENT_USER\Software\TuneFab Spotify Music Converter
HKEY_CURRENT_USER\Software\U-HE
HKEY_CURRENT_USER\Software\Unity
HKEY_CURRENT_USER\Software\Valve
HKEY_CURRENT_USER\Software\WinRAR
HKEY_CURRENT_USER\Software\WinRAR SFX
HKEY_CURRENT_USER\Software\Wondershare
HKEY_CURRENT_USER\Software\WOW6432Node
HKEY_CURRENT_USER\Software\ZoomUMX
HKEY_CURRENT_USER\Software\{2F37A49C-3AFA-D13D-DF75-C7D820A7145F}
HKEY_CURRENT_USER\Software\{7DEA5C45-B1B9-BB60-C6ED-0095FBB3705F}
HKEY_CURRENT_USER\Software\{97B20F72-D896-AEED-5FA1-988DD7983EDB}
HKEY_CURRENT_USER\Software\Classes

========= Ende von CMD: =========


========= netsh advfirewall reset =========

OK.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 53597098 B
Java, Flash, Steam htmlcache => 346553950 B
Windows/system/drivers => 8615609 B
Edge => 8118319 B
Chrome => 484028505 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 77308 B
NetworkService => 407102 B
defaultuser0 => 407102 B
termi => 197321696 B

RecycleBin => 270484 B
EmptyTemp: => 1 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 16:50:14 ====

cosinus 31.08.2021 21:16
Zur Kontrolle bitte nochmal Windows neu starten und wieder ne neue FRST.txt und Addition.txt.

Individuum 01.09.2021 08:11
Schönen Guten Morgen :-)

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 28-08-2021
durchgeführt von termi (Administrator) auf MISTERSUN (01-09-2021 09:07:25)
Gestartet von C:\Users\termi\Desktop
Geladene Profile: termi
Platform: Windows 10 Home Version 21H1 19043.1165 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Opera
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Comfort Software Group -> Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
(Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(eVenture Limited -> eVenture Limited) C:\Program Files (x86)\hide.me VPN\hidemesvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\GfxDownloadWrapper.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHeciSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5d5c294bb8d17217\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\termi\AppData\Local\Programs\Opera GX\78.0.4093.186\opera.exe <19>
(Opera Software AS -> Opera Software) C:\Users\termi\AppData\Local\Programs\Opera GX\78.0.4093.186\opera_crashreporter.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(ShareX Team) [Datei ist nicht signiert] C:\Program Files\ShareX\ShareX.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(Unified Intents AB -> Unified Intents AB) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [835136 2018-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3180256 2021-08-17] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-09-14] (Adobe Inc. -> )
HKLM\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [Discord] => C:\Users\termi\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4110568 2021-07-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1806680 2021-08-12] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\termi\AppData\Local\Microsoft\Teams\Update.exe [2455264 2021-08-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [Spotify] => C:\Users\termi\AppData\Roaming\Spotify\Spotify.exe [24731784 2021-08-24] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [com.blitz.app] => C:\Users\termi\AppData\Local\Programs\Blitz\Blitz.exe [122577672 2021-08-31] (Swift Media Entertainment, Inc. -> Blitz, Inc.)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [8514512 2021-03-30] (Comfort Software Group -> Comfort Software Group)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3243784 2021-02-22] (Unified Intents AB -> Unified Intents AB)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\termi\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\MountPoints2: {80388fa7-1736-11e7-8a88-704d7b2db4bc} - "G:\setup.exe"
HKLM\...\Windows x64\Print Processors\Canon PIXMA iP4000 Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD64.DLL [31744 2005-09-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor PIXMA iP4000: C:\WINDOWS\system32\CNMLM64.DLL [245248 2005-09-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
Startup: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2021-03-26]
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) [Datei ist nicht signiert]
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05A2FEC2-1C2C-4773-AA3B-286113F6B073} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2483032 2021-08-12] (Overwolf Ltd -> Overwolf LTD)
Task: {17752473-9109-4EA6-9FC3-BC432A5F0A2A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113496 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5B2EBBF5-585C-4F1D-8324-84CED127CECC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {5D428151-ADD0-4928-9671-B53C9F3DDE1E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {699A37EB-0B9C-49FE-B6F1-7008A4CB3959} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {74A9055D-ABC6-4A96-BE7C-1085A4DBC692} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {79714970-3FA9-4706-9C99-C4C9EB1AC1BD} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1621345670 => C:\Users\termi\AppData\Local\Programs\Opera GX\launcher.exe [3774160 2021-08-25] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\termi\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {797F3A86-3924-4981-9A1E-1AC4B75081E8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5439384 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8557749A-35AD-4AC9-8403-1D2ADE4B865F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {880A8237-7692-492D-A102-607F82FC5DEE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8980E3BC-3724-4DF9-968E-06A757235055} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {97418155-1665-434C-8D24-16EF744E4ECF} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {974B6DF1-6BEE-4B68-A1C1-7E13C524D357} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {97D8E99F-8F55-45E2-8E2F-7A7D059E5FF7} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {A0E1A034-6886-4730-8969-FDBF867B1BD1} - System32\Tasks\Opera GX scheduled Autoupdate 1619790436 => C:\Users\termi\AppData\Local\Programs\Opera GX\launcher.exe [3774160 2021-08-25] (Opera Software AS -> Opera Software)
Task: {B43F773F-A4A7-49E7-8630-178B7E6D5A0E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5439384 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCC9DA24-2791-42CB-BC0A-7670923CFCC7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CF31B2BF-4704-45FE-A305-D904A65A3442} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D713615F-9C01-439C-AEDE-D55D0E207756} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113496 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F69C8215-5B1F-44A5-ACB3-D040277B8B8D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 217.147.55.3 217.147.60.5
Tcpip\..\Interfaces\{fe70adbd-29a4-48d7-9244-369e6eea9ff0}: [DhcpNameServer] 217.147.55.3 217.147.60.5

Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-01]
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
Edge Extension: (Outlook) - C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2021-04-03]
Edge Extension: (Word) - C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2021-04-03]
Edge Extension: (Excel) - C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2021-04-03]
Edge Extension: (PowerPoint) - C:\Users\termi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2021-04-03]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]

FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default [2021-08-31]
CHR Notifications: Default -> hxxps://www6.todhamilton.pro
CHR Extension: (Präsentationen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-23]
CHR Extension: (Docs) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-23]
CHR Extension: (Google Drive) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-23]
CHR Extension: (Earth View from Google Earth) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhloflhklmhfpedakmangadcdofhnnoh [2021-03-23]
CHR Extension: (James White) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2021-03-23]
CHR Extension: (YouTube) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-23]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-20]
CHR Extension: (Adblock für Youtube™) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2021-05-20]
CHR Extension: (Tabellen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-23]
CHR Extension: (Google Docs Offline) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-03]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-07-03]
CHR Extension: (Tinder) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejiihbkifllpgdfndalmghiodgkefan [2021-03-23]
CHR Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2021-03-23]
CHR Extension: (Chrometana - Redirect Bing Somewhere Better) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaicbfmipfpfpjmlbpejaoaflfdnabnc [2021-03-23]
CHR Extension: (Fair AdBlocker) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgblnfidahcdcjddiepkckcfdhpknnjh [2021-03-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-23]
CHR Extension: (Hover Zoom+) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pccckmaobkjjboncdfnnofkonhgpceea [2021-07-26]
CHR Extension: (Google Mail) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-23]
CHR Extension: (Chrome Media Router) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-11]
CHR Profile: C:\Users\termi\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-08-31]
CHR Profile: C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-08-31]
CHR Extension: (Präsentationen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-23]
CHR Extension: (Docs) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-23]
CHR Extension: (Google Drive) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-23]
CHR Extension: (YouTube) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-23]
CHR Extension: (Tabellen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-23]
CHR Extension: (Google Docs Offline) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-23]
CHR Extension: (Google Mail) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-23]
CHR Extension: (Chrome Media Router) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-14]
CHR Profile: C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-08-31]
CHR Extension: (Präsentationen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-14]
CHR Extension: (Docs) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2021-07-14]
CHR Extension: (Google Drive) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-07-14]
CHR Extension: (YouTube) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-07-14]
CHR Extension: (Tabellen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-14]
CHR Extension: (Google Docs Offline) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-14]
CHR Extension: (Google Mail) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-07-14]
CHR Extension: (Chrome Media Router) - C:\Users\termi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-14]
CHR Profile: C:\Users\termi\AppData\Local\Google\Chrome\User Data\System Profile [2021-08-31]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-3983815968-458737157-1999859390-1001) Opera GXStable - "C:\Users\termi\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8895512 2021-05-11] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9166736 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2018-02-16] (Digital Wave Ltd -> Digital Wave Ltd.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [805488 2021-03-06] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EQU8_19; C:\ProgramData\EQU8\Totally Accurate Battlegrounds\bin\anticheat.x64.equ8.exe [5673048 2021-04-02] (Int3 Software AB -> Int3 Software AB)
S3 EQU8_36; C:\ProgramData\EQU8\Splitgate\bin\anticheat.x64.equ8.exe [6161552 2021-08-28] (Int3 Software AB -> Int3 Software AB)
R2 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [145744 2021-05-05] (eVenture Limited -> eVenture Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7497336 2021-08-26] (Malwarebytes Inc -> Malwarebytes)
S3 MicrosoftEdgeElevationService1d77dbb2c5be210; C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.84\elevation_service.exe [1640352 2021-08-26] (Microsoft Corporation -> Microsoft Corporation)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [277688 2021-04-21] (TEFINCOM S.A. -> TEFINCOM S.A.)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2483032 2021-08-12] (Overwolf Ltd -> Overwolf LTD)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14676264 2021-07-01] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10112672 2021-08-17] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-07-23] (Microsoft Windows Publisher -> Microsoft Corporation)
U2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-07-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MicrosoftEdgeElevationService; "C:\Program Files (x86)\Microsoft\Edge\Application\91.0.864.70\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5d5c294bb8d17217\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5d5c294bb8d17217\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AsusVBus; C:\WINDOWS\System32\drivers\AsusVBus.sys [39704 2017-01-09] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [84472 2017-01-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 BrSerIb; C:\WINDOWS\System32\drivers\BrSerIb.sys [95344 2014-10-23] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BrUsbSIb; C:\WINDOWS\System32\drivers\BrUsbSIb.sys [21872 2014-10-23] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-12-14] (Microsoft Corporation) [Datei ist nicht signiert]
S3 Bulk; C:\WINDOWS\System32\Drivers\HDJBulk.sys [354824 2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2018. All rights reserved.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\System32\drivers\Dot4.sys [146856 2015-03-10] (BoiseTest -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\System32\drivers\dot4usb.sys [43944 2015-03-10] (BoiseTest -> Microsoft Corporation)
R3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\System32\DriverStore\FileRepository\droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 EQU8_HELPER_19; C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_19.sys [38032 2021-04-12] (Int3 Software AB -> )
S3 EQU8_HELPER_36; C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_36.sys [38032 2021-08-28] (Int3 Software AB -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HDJAsioK; C:\WINDOWS\System32\Drivers\HDJAsioK.sys [334344 2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2018. All rights reserved.)
S3 HDJCtrl; C:\WINDOWS\System32\Drivers\HDJCtrl.sys [72712 2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2017. All rights reserved.)
S3 HDJMidi; C:\WINDOWS\system32\DRIVERS\HDJMidi.sys [287240 2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2018. All rights reserved.)
R1 hideFirewall; C:\WINDOWS\System32\drivers\hideFirewall.sys [99824 2021-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [40960 2021-07-21] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 MAUSBMIDI; C:\WINDOWS\System32\drivers\MAudioUSBMIDI.sys [200200 2010-04-13] (M-Audio -> M-Audio)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2021-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-08-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-09-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [68528 2021-09-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-09-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 NDivert; C:\WINDOWS\System32\drivers\NDivert.sys [105184 2021-03-28] (TEFINCOM S.A. -> )
S3 niks4m2usb; C:\WINDOWS\System32\drivers\niks4m2usb.sys [104304 2015-09-04] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
R3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2021-05-13] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-12-14] (TEFINCOM S.A. -> TEFINCOM S.A.)
R3 RDID1117; C:\WINDOWS\system32\Drivers\RDWM1117.SYS [309888 2015-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Roland Corporation)
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64880 2020-11-11] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [43376 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
R3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [28128 2020-04-21] (Unified Intents AB -> Windows (R) Win 7 DDK provider)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8232160 2021-08-17] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2019-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-07-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-07-23] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-07-23] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2021-05-13] (WireGuard LLC -> WireGuard LLC)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-09-01 09:07 - 2021-09-01 09:08 - 000033431 ____C C:\Users\termi\Desktop\FRST.txt
2021-09-01 09:06 - 2021-09-01 09:06 - 000068528 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-09-01 09:06 - 2021-09-01 09:06 - 000000000 ___DC C:\Users\termi\AppData\LocalLow\IGDump
2021-09-01 09:05 - 2021-09-01 09:05 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-09-01 09:05 - 2021-09-01 09:05 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-08-31 17:08 - 2021-08-31 17:08 - 000000008 __RSH C:\ProgramData\ntuser.pol
2021-08-31 14:45 - 2021-08-31 14:45 - 000000000 ___DC C:\Users\termi\Desktop\FRST-OlderVersion
2021-08-31 13:15 - 2021-08-31 13:18 - 000000000 ____D C:\AdwCleaner
2021-08-31 13:15 - 2021-08-31 13:15 - 008553680 ____C (Malwarebytes) C:\Users\termi\Desktop\adwcleaner_8.3.0.exe
2021-08-30 22:31 - 2021-08-30 22:31 - 001483120 _____ (O&O Software GmbH) C:\Users\termi\Downloads\OOSU1023.exe
2021-08-30 22:31 - 2021-08-30 22:31 - 000000000 ____D C:\Users\termi\AppData\Local\OO Software
2021-08-28 16:07 - 2021-08-28 16:57 - 000038032 _____ C:\WINDOWS\system32\Drivers\EQU8_HELPER_36.sys
2021-08-28 16:07 - 2021-08-28 16:07 - 000000000 ____D C:\Users\termi\AppData\Local\PortalWars
2021-08-28 15:24 - 2021-08-28 15:24 - 000000222 ____C C:\Users\termi\Desktop\Splitgate.url
2021-08-26 19:44 - 2021-09-01 09:07 - 000000000 ____D C:\FRST
2021-08-26 19:44 - 2021-08-31 14:45 - 002301440 _____ (Farbar) C:\Users\termi\Desktop\FRST64.exe
2021-08-26 18:50 - 2021-08-26 18:50 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-08-26 18:50 - 2021-08-26 18:50 - 000210344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-08-26 18:50 - 2021-08-26 18:50 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-08-26 18:50 - 2021-08-26 18:50 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-08-26 18:50 - 2021-08-26 18:50 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-08-26 18:50 - 2021-08-26 18:50 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-08-26 18:50 - 2021-08-26 18:50 - 000000000 ____D C:\Users\termi\AppData\Local\mbam
2021-08-26 18:50 - 2021-08-26 18:50 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-08-26 18:50 - 2021-08-26 18:50 - 000000000 ____D C:\Program Files\Malwarebytes
2021-08-26 18:49 - 2021-08-26 18:49 - 002120496 _____ (Malwarebytes) C:\Users\termi\Downloads\MBSetup.exe
2021-08-26 18:14 - 2021-08-26 18:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Ivanti
2021-08-26 18:10 - 2021-08-26 19:27 - 000000000 ____D C:\Users\Public\Security Sessions
2021-08-26 17:59 - 2021-08-26 17:59 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2021-08-26 17:58 - 2021-08-26 17:58 - 005901768 _____ (Avira Operations GmbH & Co. KG) C:\Users\termi\Downloads\avira_de_sptl1_1654573332-1629993478__adwg-spotlightprcupdate1-new2.exe
2021-08-26 00:20 - 2021-08-26 00:20 - 034499456 _____ (TeamViewer Germany GmbH) C:\Users\termi\Downloads\TeamViewer_Setup_x64.exe
2021-08-24 16:00 - 2021-08-24 16:00 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2021-08-20 18:50 - 2021-09-01 09:05 - 000000000 ____D C:\Users\termi\AppData\Roaming\Blitz
2021-08-20 18:50 - 2021-08-24 23:01 - 000000000 ____D C:\Users\termi\AppData\Local\blitz-updater
2021-08-20 18:49 - 2021-08-20 18:49 - 076770248 _____ (Blitz, Inc.) C:\Users\termi\Downloads\Blitz-1.15.32.exe
2021-08-19 17:09 - 2021-08-19 17:09 - 000000222 ____C C:\Users\termi\Desktop\The Forest.url
2021-08-18 03:00 - 2021-08-18 03:00 - 000000000 ___DC C:\Users\termi\Documents\u-he
2021-08-16 09:20 - 2021-08-16 09:20 - 000044775 _____ C:\Users\termi\Downloads\ACFrOgBSMEuoyDAfOx97hvj2vD_EvhaZTeghQaTzxERCgiyQSDH2IHCJf0eSIJX5lV3pnJPruJjZA_I4Gkyy4dQSttBm59AF1nvAUWRIMzuaKkLTju_8NDnZHsLI8EQ=.pdf
2021-08-15 20:13 - 2021-08-22 00:08 - 000000000 ___DC C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-08-15 20:13 - 2021-08-15 21:14 - 000000000 ____D C:\Users\termi\AppData\Local\Roblox
2021-08-15 20:13 - 2021-08-15 20:25 - 000000256 ____C C:\Users\termi\AppData\LocalLow\rbxcsettings.rbx
2021-08-15 20:13 - 2021-08-15 20:13 - 001666008 _____ (Roblox Corporation) C:\Users\termi\Downloads\RobloxPlayerLauncher.exe
2021-08-14 00:22 - 2021-08-14 00:22 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-14 00:22 - 2021-08-14 00:22 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-14 00:22 - 2021-08-14 00:22 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-14 00:22 - 2021-08-14 00:22 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-14 00:21 - 2021-08-14 00:21 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-14 00:21 - 2021-08-14 00:21 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-14 00:21 - 2021-08-14 00:21 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-14 00:16 - 2021-08-14 00:16 - 000000000 ___HD C:\$WinREAgent
2021-08-12 08:15 - 2021-08-12 08:26 - 000000000 ___DC C:\Users\termi\Desktop\Dokumente
2021-08-09 08:55 - 2021-08-09 08:57 - 000000000 ___DC C:\Users\termi\Desktop\Schulfremdenprüfung Leony
2021-08-05 15:37 - 2021-08-05 15:37 - 000000000 ___DC C:\Users\termi\Desktop\efi

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-09-01 09:08 - 2021-04-20 22:59 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-09-01 09:07 - 2021-03-23 18:03 - 000000000 ____D C:\ProgramData\NVIDIA
2021-09-01 09:05 - 2021-07-07 12:34 - 000000000 ____D C:\Program Files\TeamViewer
2021-09-01 09:05 - 2021-03-23 18:44 - 000000000 ____D C:\Users\termi\AppData\Roaming\discord
2021-09-01 09:05 - 2021-03-23 18:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-01 09:05 - 2021-03-23 17:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-01 09:05 - 2021-03-23 17:47 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-09-01 09:05 - 2020-12-14 14:23 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-01 09:05 - 2020-06-13 22:10 - 000000000 ___DC C:\Users\termi\Documents\ShareX
2021-09-01 09:05 - 2017-03-02 15:47 - 000000000 __SHD C:\Users\termi\IntelGraphicsProfiles
2021-09-01 09:05 - 2017-03-02 15:44 - 000000000 ___DC C:\Intel
2021-09-01 08:33 - 2021-03-23 18:49 - 000000000 ____D C:\ProgramData\Riot Games
2021-09-01 08:27 - 2021-06-09 14:17 - 000000000 ____D C:\Users\termi\AppData\Roaming\Spotify
2021-09-01 08:21 - 2021-03-23 18:44 - 000000000 ____D C:\Users\termi\AppData\Local\Discord
2021-09-01 08:00 - 2021-03-23 18:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-31 22:31 - 2021-05-12 00:37 - 000000000 ____D C:\ProgramData\Unified Remote
2021-08-31 21:30 - 2021-05-06 11:14 - 000000000 ____D C:\Users\termi\AppData\Local\ElevatedDiagnostics
2021-08-31 21:27 - 2021-06-09 14:17 - 000000000 ____D C:\Users\termi\AppData\Local\Spotify
2021-08-31 21:27 - 2021-05-18 12:51 - 000000032 _____ C:\Users\termi\AppData\Roaming\.machineId
2021-08-31 17:14 - 2021-03-23 18:19 - 001722788 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-31 17:14 - 2021-03-23 17:53 - 000743546 _____ C:\WINDOWS\system32\perfh007.dat
2021-08-31 17:14 - 2021-03-23 17:53 - 000149968 _____ C:\WINDOWS\system32\perfc007.dat
2021-08-31 17:14 - 2021-03-23 17:51 - 000000000 ____D C:\WINDOWS\INF
2021-08-31 16:49 - 2021-04-16 15:18 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-08-31 16:49 - 2021-03-23 17:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-08-31 16:49 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-08-31 16:49 - 2017-03-11 12:21 - 000000000 ___DC C:\Users\termi\AppData\LocalLow\Temp
2021-08-31 15:29 - 2021-04-15 19:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-08-31 14:46 - 2021-04-05 13:29 - 000000000 ____D C:\Users\termi\AppData\Local\CrashDumps
2021-08-31 13:18 - 2017-12-21 19:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2021-08-31 09:55 - 2021-05-12 22:34 - 000000000 ____D C:\Users\termi\AppData\Roaming\TeamViewer
2021-08-30 22:26 - 2021-03-23 18:49 - 000000000 ____D C:\Program Files (x86)\Steam
2021-08-28 16:07 - 2021-04-21 08:55 - 000000000 ____D C:\Users\termi\AppData\Local\UnrealEngine
2021-08-28 16:07 - 2021-04-02 19:57 - 000000000 ____D C:\ProgramData\EQU8
2021-08-28 16:07 - 2021-03-25 22:56 - 000000000 ____D C:\Users\termi\AppData\Local\NVIDIA Corporation
2021-08-28 15:24 - 2017-03-02 23:56 - 000000000 ___DC C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-08-28 11:45 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-08-28 02:12 - 2021-03-23 17:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-28 02:12 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-28 02:12 - 2020-06-28 11:22 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-27 11:41 - 2021-04-30 15:47 - 000004204 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1619790436
2021-08-27 11:41 - 2021-04-30 15:47 - 000001441 ____C C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Opera GX.lnk
2021-08-26 20:34 - 2021-03-23 18:02 - 000438288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-26 20:25 - 2021-04-21 20:22 - 000000000 ____D C:\Users\termi\AppData\Roaming\Disc-Soft
2021-08-26 20:25 - 2021-04-21 20:22 - 000000000 ____D C:\ProgramData\Disc-Soft
2021-08-26 20:25 - 2021-04-03 11:16 - 000004420 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-26 20:25 - 2021-03-25 22:56 - 000004194 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-08-26 20:25 - 2021-03-25 22:56 - 000004020 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-08-26 20:25 - 2021-03-25 22:56 - 000003742 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-08-26 20:25 - 2021-03-23 18:29 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-26 20:24 - 2021-04-16 15:18 - 000000000 ____D C:\ProgramData\Adobe
2021-08-26 20:24 - 2021-03-23 17:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-08-26 20:22 - 2021-04-16 15:22 - 000000000 ____D C:\Users\termi\AppData\Local\Adobe
2021-08-26 19:33 - 2021-03-23 19:29 - 000000000 ____D C:\Program Files\WinRAR
2021-08-26 19:33 - 2017-03-03 03:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-08-26 19:19 - 2021-04-14 16:33 - 000000000 ____D C:\Program Files\Cheat Engine 7.2
2021-08-26 19:06 - 2019-03-08 10:08 - 002092776 _____ C:\UkLog.dat
2021-08-26 01:07 - 2021-05-27 15:05 - 000002371 ____C C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-08-26 00:16 - 2021-04-30 14:00 - 000000000 ____D C:\Users\termi\AppData\Roaming\TS3Client
2021-08-25 14:04 - 2021-05-04 18:04 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-08-23 06:25 - 2021-03-23 18:26 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3983815968-458737157-1999859390-1001
2021-08-23 06:25 - 2021-03-23 18:10 - 000002402 ____C C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-21 20:44 - 2021-03-23 18:03 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-08-20 22:41 - 2021-04-17 21:26 - 000000000 ____D C:\Users\termi\AppData\Roaming\.minecraft
2021-08-20 21:48 - 2021-04-17 21:26 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2021-08-20 19:56 - 2021-03-23 19:25 - 000000000 ____D C:\Users\termi\AppData\Local\D3DSCache
2021-08-20 19:54 - 2021-04-20 22:55 - 000000000 ____D C:\Program Files\Riot Vanguard
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-20 19:53 - 2021-03-23 17:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-20 19:53 - 2021-03-23 17:47 - 000000000 ____D C:\WINDOWS\servicing
2021-08-20 18:50 - 2021-05-18 12:51 - 000002244 ____C C:\Users\termi\Desktop\Blitz.lnk
2021-08-20 18:50 - 2021-03-23 18:51 - 000002252 ____C C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz.lnk
2021-08-18 03:01 - 2018-02-27 16:54 - 000000000 ____D C:\Users\Public\Documents\NI Resources
2021-08-18 03:00 - 2021-06-19 23:53 - 000000000 ____D C:\Program Files\Common Files\VST3
2021-08-16 00:08 - 2021-03-25 22:48 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-14 15:23 - 2021-05-01 22:14 - 000000000 ___DC C:\Users\termi\Desktop\minecraft
2021-08-14 15:20 - 2021-07-31 07:38 - 000000000 ___DC C:\Users\termi\Desktop\Bilder von Mir
2021-08-14 00:24 - 2021-03-23 17:48 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-14 00:15 - 2021-03-25 22:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-14 00:12 - 2021-03-25 22:46 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-13 08:06 - 2021-04-03 11:16 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-12 18:33 - 2021-03-23 18:24 - 000000000 ____D C:\Users\termi\AppData\Local\Packages
2021-08-09 10:06 - 2021-03-23 18:26 - 000000000 ____D C:\Users\termi\AppData\Local\PlaceholderTileLogoFolder
2021-08-09 04:37 - 2017-03-02 15:40 - 000000000 ___RD C:\Users\termi\OneDrive

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2021-01-17 16:04 - 2021-01-17 16:04 - 001408808 _____ (Microsoft Corporation) C:\Users\termi\vs_community__1087382636.1580554586.exe
2021-05-18 12:51 - 2021-08-31 21:27 - 000000032 _____ () C:\Users\termi\AppData\Roaming\.machineId
2021-04-30 16:27 - 2021-04-30 16:28 - 000002400 _____ () C:\Users\termi\AppData\Roaming\vibranceGUI.log

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-08-2021
durchgeführt von termi (01-09-2021 09:09:03)
Gestartet von C:\Users\termi\Desktop
Windows 10 Home Version 21H1 19043.1165 (X64) (2021-03-23 16:23:58)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-3983815968-458737157-1999859390-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3983815968-458737157-1999859390-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3983815968-458737157-1999859390-1000 - Limited - Enabled) => C:\Users\defaultuser0
Gast (S-1-5-21-3983815968-458737157-1999859390-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3983815968-458737157-1999859390-1004 - Limited - Enabled)
lulus (S-1-5-21-3983815968-458737157-1999859390-1002 - Limited - Disabled)
termi (S-1-5-21-3983815968-458737157-1999859390-1001 - Administrator - Enabled) => C:\Users\termi
WDAGUtilityAccount (S-1-5-21-3983815968-458737157-1999859390-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Ableton Live 11 Suite (HKLM\...\{FB6EECE6-87D2-4538-A1CE-61CCCA7C3DCE}) (Version: 11.0.0.0 - Ableton) Hidden
Ableton Live 11 Suite (HKLM-x32\...\{92d4040b-4cb4-4710-802b-a742c194a235}) (Version: 11.0.0.0 - Ableton)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_0_1) (Version: 22.0.1.73 - Adobe Inc.)
AutoHotkey 1.1.33.09 (HKLM\...\AutoHotkey) (Version: 1.1.33.09 - Lexikos)
balenaEtcher 1.5.120 (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.120 - Balena Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blitz (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.15.35 - Blitz, Inc.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
Cheat Engine 7.2 (HKLM\...\Cheat Engine_is1) (Version:  - Cheat Engine)
CurseForge (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.178.2.1 - Overwolf app)
Danger Scavenger (HKLM-x32\...\Danger Scavenger_is1) (Version:  - )
Dead Island Definitive Edition (HKLM-x32\...\Dead Island Definitive Edition_is1) (Version:  - )
Discord (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DroidCam Client (HKLM-x32\...\DroidCam) (Version: 6.4.3 - DEV47APPS)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
Excel (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
FabFilter Total Bundle (HKLM\...\Total Bundle_is1) (Version: 2016.11.10 - FabFilter)
FileZilla Client 3.53.1 (HKLM-x32\...\FileZilla Client) (Version: 3.53.1 - Tim Kosse)
Free Alarm Clock (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 5.1.0.0 - Comfort Software Group)
Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.1.7.215 - Digital Wave Ltd)
Frostpunk (HKLM-x32\...\Frostpunk_is1) (Version:  - )
Harver System Checker 2.0.4 (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\57ba83c7-44cc-50c5-93e2-68092ebb1ce7) (Version: 2.0.4 - Harver)
hide.me VPN 3.8.3 (HKLM-x32\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 3.8.3 - eVenture Limited)
hide.me Wintun (HKLM\...\{6A3B09CD-8B4A-4A66-9C90-833023E463E9}) (Version: 0.8 - hide.me) Hidden
Intel(R) C++ Redistributables on IA-32 (HKLM-x32\...\{7858618B-FA45-4797-988D-4E8B793C3B88}) (Version: 17.0.109 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{A7D3C4B3-2CA8-46F3-9C34-63205AC018FF}) (Version: 17.0.109 - Intel Corporation)
IntelliJ IDEA Community Edition 2021.1 (HKLM-x32\...\IntelliJ IDEA Community Edition 2021.1) (Version: 211.6693.111 - JetBrains s.r.o.)
Malwarebytes version 4.4.5.130 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.5.130 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.84 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.14326.20238 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.14326.20238 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\OneDriveSetup.exe) (Version: 21.150.0725.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Teams) (Version: 1.4.00.22472 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{911FBC64-4C64-4B8F-A637-B34832638C86}) (Version: 1.0.0.0 - Mojang)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 2.5.2.503 - Native Instruments)
Native Instruments Form (HKLM-x32\...\Native Instruments Form) (Version: 1.0.1.2 - Native Instruments)
Native Instruments Kontour (HKLM-x32\...\Native Instruments Kontour) (Version: 1.0.0.4 - Native Instruments)
Native Instruments Molekular (HKLM-x32\...\Native Instruments Molekular) (Version: 1.0.0.2 - Native Instruments)
Native Instruments Monark (HKLM-x32\...\Native Instruments Monark) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Passive EQ (HKLM-x32\...\Native Instruments Passive EQ) (Version:  - Native Instruments)
Native Instruments Reaktor 6 (HKLM-x32\...\Native Instruments Reaktor 6) (Version: 6.0.4.23 - Native Instruments)
Native Instruments Rounds (HKLM-x32\...\Native Instruments Rounds) (Version: 1.2.0.1 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Native Instruments Traktor Pro 3 (HKLM-x32\...\Native Instruments Traktor Pro 3) (Version: 3.2.1.9 - Native Instruments)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.36.6.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 - NordVPN)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 471.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.41 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Opera GX Stable 78.0.4093.186 (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Opera GX 78.0.4093.186) (Version: 78.0.4093.186 - Opera Software)
Outlook (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.178.0.16 - Overwolf Ltd.)
PC-Wecker 5.00 (HKLM-x32\...\PC-Wecker_is1) (Version:  - Ben Kheder-Software)
Plitch 1.1.7 (HKLM\...\d45b2222-59a8-54dc-8e4a-f1dc396456dc) (Version: 1.1.7 - MegaDev GmbH)
PowerPoint (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
QUAD-CAPTURE Driver (HKLM\...\RolandRDID0117) (Version:  - Roland Corporation)
r2modman 3.1.15 (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\ac231ef6-6414-5f8d-b36f-3b57705721dd) (Version: 3.1.15 - ebkr)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
Roblox Player for termi (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\roblox-player) (Version:  - Roblox Corporation)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 13.5.0 - ShareX Team)
Sidify Music Converter 2.2.5 (HKLM-x32\...\Sidify Music Converter) (Version: 2.2.5 - Sidify)
Spotify (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Spotify) (Version: 1.1.66.580.gbd43cbc9 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Surviving Mars (HKLM-x32\...\Surviving Mars_is1) (Version:  - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.19.5 - TeamViewer)
Telegram Desktop Version 2.7.1 (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.7.1 - Telegram FZ-LLC)
TuneFab Spotify Music Converter 2.23.0 (HKLM-x32\...\{9ff685d9-8f1e-59e1-a273-b7c9e7cf0c17}) (Version: 2.23.0 - TuneFab)
u-he Hive (HKLM-x32\...\u-he Hive) (Version: 1.1.0.3898 - u-he)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.10.0 - Unified Intents AB)
VALORANT (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.4.12 - Black Tree Gaming Ltd.)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.6.0 - Azureus Software, Inc.)
Waves Complete (HKLM\...\Complete_is1) (Version: 2016.11.14 - Waves)
WeMod (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\WeMod) (Version: 7.0.19 - WeMod)
WhatsApp (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\WhatsApp) (Version: 2.2126.10 - WhatsApp)
WinRAR 6.02 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\ZoomUMX) (Version: 5.6.6 (961) - Zoom Video Communications, Inc.)

Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-06] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-07-24] (NVIDIA Corp.)
Word -> C:\Program Files\WindowsApps\word.office.com-CECA1A7F_1.0.0.2_neutral__jc2kecmnkxwqc [2021-06-06] (word.office.com)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3983815968-458737157-1999859390-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\termi\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21140.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-10-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-10-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-10-07] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-10-07] (Adobe Inc. -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5d5c294bb8d17217\nvshext.dll [2021-07-13] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-10-07] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument: C:\Users\termi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2021-08-21 20:50 - 2021-08-21 20:50 - 003864576 _____ (Newtonsoft) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\7b8ab54038ddb56a6cb56f93d2867a79\Newtonsoft.Json.ni.dll
2021-05-12 00:37 - 2016-10-10 06:27 - 000556544 _____ (Soft Service Company) [Datei ist nicht signiert] C:\Program Files (x86)\Unified Remote 3\wcl.dll
2021-05-12 00:37 - 2017-05-29 04:55 - 001846272 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Unified Remote 3\libcryptoMD.dll
2021-05-12 00:37 - 2017-05-29 04:55 - 000382976 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Unified Remote 3\libsslMD.dll
2021-04-13 05:33 - 2019-12-17 14:16 - 000128181 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files (x86)\FreeAlarmClock\bass.dll
2021-04-13 05:33 - 2020-12-04 14:04 - 000029452 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files (x86)\FreeAlarmClock\bassflac.dll
2021-04-13 05:33 - 2016-04-04 12:22 - 000017733 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files (x86)\FreeAlarmClock\basswma.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\termi\Cookies:YUrEA9vCOWRzE2EzPMEq59br [2336]
AlternateDataStreams: C:\Users\termi\AppData\Local\un9cVOFCI:dm5YTZWWMaWHHfeyCnbLY [2500]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2021-03-23 17:52 - 2021-05-06 22:01 - 000002408 _____ C:\WINDOWS\system32\drivers\etc\hosts
109.94.209.70      fitgirlrepacks.in              # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.in          # Fake FitGirl site
109.94.209.70      fitgirl-repacks.to              # Fake FitGirl site
109.94.209.70      fitgirlrepack.games            # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.to          # Fake FitGirl site
109.94.209.70      www.fitgirlrepack.games        # Fake FitGirl site
109.94.209.70      *.fitgirl-repacks.xyz          # Fake FitGirl site
109.94.209.70      fitgirlrepacks.co              # Fake FitGirl site
109.94.209.70      fitgirl-repacks.cc              # Fake FitGirl site
109.94.209.70      fitgirl-repack.com              # Fake FitGirl site
109.94.209.70      fitgirl-repacks.website        # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.co          # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.cc          # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.com          # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.website    # Fake FitGirl site
109.94.209.70      ww9.fitgirl-repacks.xyz        # Fake FitGirl site
109.94.209.70      *.fitgirl-repacks.xyz          # Fake FitGirl site
109.94.209.70      fitgirl-repacks.xyz            # Fake FitGirl site
109.94.209.70      fitgirl-repack.net              # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.net          # Fake FitGirl site
109.94.209.70      fitgirlpack.site                # Fake FitGirl site
109.94.209.70      www.fitgirlpack.site            # Fake FitGirl site

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64_win\compiler;%INTEL_DEV_REDIST%redist\ia32_win\compiler;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3983815968-458737157-1999859390-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 217.147.55.3 - 217.147.60.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
 ist aktiviert.

Network Binding:
=============
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "vibranceGUI"
HKU\S-1-5-21-3983815968-458737157-1999859390-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{DE77C3E3-4A80-4C61-B072-D4CADA2B6661}C:\program files (x86)\unified remote 3\remoteserverwin.exe] => (Allow) C:\program files (x86)\unified remote 3\remoteserverwin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [UDP Query User{9208D921-E3EE-4863-9FA4-DC4F9BFDDC50}C:\program files (x86)\unified remote 3\remoteserverwin.exe] => (Allow) C:\program files (x86)\unified remote 3\remoteserverwin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [TCP Query User{C2EF960C-CF5F-4F7C-B469-4296EDC86DD0}C:\users\termi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\termi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{A61B78A7-1031-453E-AE31-BD9943706017}C:\users\termi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\termi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)

==================== Wiederherstellungspunkte =========================

03-04-2021 04:06:35 Windows Modules Installer
21-08-2021 21:32:41 Geplanter Prüfpunkt
26-08-2021 18:26:43 Driver Update
26-08-2021 18:26:52 Windows Update
26-08-2021 18:37:08 Avira System Speedup Optimierung
30-08-2021 22:33:40 O&O ShutUp10
31-08-2021 13:18:24 AdwCleaner_BeforeCleaning_31/08/2021_13:18:21

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (09/01/2021 09:05:54 AM) (Source: NIHardwareService) (EventID: 259) (User: )
Description: MIDIDevice: Unable to unlock BMIDI DLL/driver

Error: (08/31/2021 05:08:50 PM) (Source: NIHardwareService) (EventID: 259) (User: )
Description: MIDIDevice: Unable to unlock BMIDI DLL/driver

Error: (08/31/2021 02:46:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamtray.exe, Version: 4.0.0.1089, Zeitstempel: 0x6109559e
Name des fehlerhaften Moduls: Qt5Core.dll, Version: 5.14.1.0, Zeitstempel: 0x603971ce
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000219dc5
ID des fehlerhaften Prozesses: 0x1a40
Startzeit der fehlerhaften Anwendung: 0x01d79e3d280c7eee
Pfad der fehlerhaften Anwendung: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Berichtskennung: 5aa3e91e-ddaa-4329-9f1f-8a22e075fd55
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/31/2021 09:52:29 AM) (Source: NIHardwareService) (EventID: 259) (User: )
Description: MIDIDevice: Unable to unlock BMIDI DLL/driver

Error: (08/30/2021 10:35:22 PM) (Source: NIHardwareService) (EventID: 259) (User: )
Description: MIDIDevice: Unable to unlock BMIDI DLL/driver

Error: (08/30/2021 10:34:44 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (08/30/2021 10:34:44 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (08/30/2021 10:27:50 PM) (Source: NIHardwareService) (EventID: 259) (User: )
Description: MIDIDevice: Unable to unlock BMIDI DLL/driver


Systemfehler:
=============
Error: (08/31/2021 05:09:00 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "%2", um die Schnittstelle zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.

Error: (08/31/2021 05:09:00 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "%2", um die Schnittstelle zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.

Error: (08/31/2021 05:08:03 PM) (Source: DCOM) (EventID: 10010) (User: MISTERSUN)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (08/31/2021 04:49:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/31/2021 04:49:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office Click-to-Run Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/31/2021 04:49:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/31/2021 04:49:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/31/2021 04:49:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Realtek Audio Universal Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.


Windows Defender:
================
Date: 2021-08-25 22:45:30
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {EBBDE743-DE5C-4201-9551-B66CE4A18AB1}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-08-24 21:52:00
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {FB54C865-41AB-4B45-BA94-1F57F96FE025}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-08-23 23:17:31
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {F9D4C809-9B1E-4262-8E59-BCD8B3EC1523}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-08-22 22:11:10
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {4CF2E328-B873-45C9-91C9-4F738685E51D}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-08-21 21:55:19
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {09437ADC-A6A2-4470-A0F0-5CF6B7377833}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

CodeIntegrity:
===============
Date: 2021-09-01 09:06:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Users\termi\AppData\Local\Programs\Opera GX\78.0.4093.186\opera.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-08-26 20:24:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-08-26 18:51:18
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Users\termi\AppData\Local\Programs\Opera GX\78.0.4093.153\opera.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-08-26 01:54:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\WaaSMedicAgent.exe) attempted to load \Device\HarddiskVolume7\Windows\System32\acaptuser64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-08-03 18:05:18
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen ===========================

BIOS: American Megatrends Inc. 3016 12/27/2016
Hauptplatine: ASUSTeK COMPUTER INC. H110M-A/M.2
Prozessor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 16255.11 MB
Verfügbarer physikalischer RAM: 11233.09 MB
Summe virtueller Speicher: 18687.11 MB
Verfügbarer virtueller Speicher: 11839.01 MB

==================== Laufwerke ================================

Drive c: (WIN10_1) (Fixed) (Total:231.77 GB) (Free:50.23 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:869.32 GB) NTFS
Drive f: () (Fixed) (Total:100 GB) (Free:98.05 GB) NTFS
Drive r: (Volume) (Fixed) (Total:1763.01 GB) (Free:74.37 GB) NTFS

\\?\Volume{78269f4c-e660-11e7-8ac3-704d7b2db4bc}\ (Wiederherstellung) (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
\\?\Volume{dfb2431d-ec2f-4309-968a-fd41448ddd5a}\ () (Fixed) (Total:0.57 GB) (Free:0.07 GB) NTFS
\\?\Volume{c0dc1d43-3a10-4b0a-b850-705cab2dc9c8}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 9B424CEE)
Partition 1: (Not Active) - (Size=1763 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: CE219331)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================

cosinus 01.09.2021 09:20
Kontrollscans mit MBAM und RK

Wir sind fast fertig. Jetzt ist es an der Zeit für Kontrollscans mit
Poste nach Abschluss der beiden Scans die Logs in CODE-Tags.

Individuum 01.09.2021 13:02
Code:
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 01.09.21
Scan-Zeit: 13:42
Protokolldatei: a7f7e9e6-0b19-11ec-a762-704d7b2db4bc.json

-Softwaredaten-
Version: 4.4.5.130
Komponentenversion: 1.0.1430
Version des Aktualisierungspakets: 1.0.44501
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 19043.1165)
CPU: x64
Dateisystem: NTFS
Benutzer: MisterSun\termi

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 387623
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 2 Min., 5 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)
Code:
RogueKiller Anti-Malware V15.0.9.0 (x64) [Aug  5 2021] (Free) von Adlice Software
Mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Betriebssystem : Windows 10 (10.0.19043) 64-bit
Gestartet in : Normaler Modus
Benutzer : termi [Administrator]
Gestartet von : C:\Users\termi\Desktop\RogueKiller_portable64.exe
Signaturen : 20210830_093148, Treiber : Geladen
Modus : Standard-Scan, Löschen -- Datum : 2021/09/01 14:00:03 (Dauer : 00:05:06)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Löschen ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUM.Policies (Potenziell bösartig)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin --  -> Ersetzt (2)
[PUP.AutoIt.Gen (Potenziell bösartig)] AutoClicker30.exe -- %USERPROFILE%\Desktop\AutoClicker30.exe -> Gelöscht
[PUP.DownloadStudio (Potenziell bösartig)] Download Studio -- %programdata%\Microsoft\Windows\Start Menu\Programs\Download Studio -> Gelöscht
[PUP.AutoIt.Gen (Potenziell bösartig)] AutoClicker30.exe -- %USERPROFILE%\Desktop\AutoClicker30.exe -> Gefunden

cosinus 01.09.2021 13:14
Ah, fast hab ich es vergessen:

Zitat:
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
Kannst du mal sagen was das sein soll? :pfeiff:

Individuum 01.09.2021 14:13
bin ich ehrlich gesagt auch grad überfragt... meine ex und meine kinder haben den oaar jahre mitbenutzt ^^

oder könnte das auch was von ausserhalb sein ? muss ich mir da weiterhin gedanken machen jetzt ?

cosinus 01.09.2021 14:19
https://fitgirl-repacks.site/faq/

Sieht nach nach "repacks" aus, einer vornehmen Umschreibung von Warez. :balla:

Individuum 01.09.2021 14:33
oh wow, ja dann brauch ich mich nicht wundern das mir dauernd passwörter abhanden kommen... was ist da das beste ? muss ich jetzt doch noch neuinstallieren ?

cosinus 01.09.2021 15:00
Was da in den repacks genau drin ist weiß ich nicht. Angeblich soll fitgirl auch nur für Spiele sein. :kaffee:

Individuum 01.09.2021 15:08
achso, hab da auch keinen plan, das meisste hab ich nach der trennung gelöscht brauch ich mir da also keinen kopf zu machen ?

cosinus 01.09.2021 15:19
Die letzten Logs waren ansonsten unaufällig.


Dann wären wir durch! :daumenhoc

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

Abschließend bitte noch einen Cleanup mit unserem TB-Cleanup-Script durchführen und unbedingt die Sicherheitsmaßnahmen lesen und umsetzen - beides ist in folgendem Lesestoff verlinkt:

Anleitung: Cleanup & Maßnahmen zur Absicherung des Rechners

Individuum 01.09.2021 20:42
Danke Dir, werd nach der Arbeit noch eine kleine Spende schicken <3

Hei,

mein mikro geht über die quad capture jetzt nichtmehr... das ist jetzt nach den änderungen aufgetreten... kannst du mir helfen ? bekomme es nichtmehr hin.. Greets

nevermind habs hinbekommen xD

cosinus 01.09.2021 22:55
Mach bitte künftig für solche Dinge mit Mikro und andere Peripherie einen neuen Thread im entsprechenden Bereich auf. Hier in diesem Thema ergeibt das keinen Sinn.


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:51 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132