| |
| |||||||
Log-Analyse und Auswertung: PUP.Optional.DefaultSearch | Malwarebytes findet immer wieder die selbe BedrohungWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
04.05.2021, 10:44
| #1 |
 |  PUP.Optional.DefaultSearch | Malwarebytes findet immer wieder die selbe Bedrohung Ich habe mir vor kurzem Malwarebytes heruntergeladen und ein paar Viren und Malwares entfernt. Leider taucht aber immer wieder die zwei gleichen Bedrohungen nach dem Scan auf, obwohl ich sie jedes mal in die Quarantäne schicke. PUP.Optional.DefaultSearch PUP.Optional.DefaultSearch Anscheinend hat es irgendetwas mit meinem Browser Mozilla Firefox zu tun.  Wieso taucht diese Bedrohung immer wieder auf, obwohl ich sie in Quarantäne schicke? Ist es ein Trojaner oder eine Malware? Ich kenne mich leider nicht damit aus. |
|
04.05.2021, 11:07
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | PUP.Optional.DefaultSearch | Malwarebytes findet immer wieder die selbe Bedrohung Hinweise für Hilfesuchende gelesen?
__________________Und Logs werden grundsätzlich nur komplett gepostet, in CODE-Tags.
__________________ |
|
05.05.2021, 10:28
| #3 |
| | PUP.Optional.DefaultSearch | Malwarebytes findet immer wieder die selbe Bedrohung Ich habe mir vor kurzem Malwarebytes heruntergeladen und ein paar Viren und Malwares entfernt. Leider taucht aber immer wieder die zwei gleichen Bedrohungen nach dem Scan auf, obwohl ich sie jedes mal in die Quarantäne schicke.
__________________Bedrohungen: PUP.Optional.DefaultSearch PUP.Optional.DefaultSearch Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 05.05.21
Scan-Zeit: 10:44
Protokolldatei: 12041c3c-ad7e-11eb-9d61-001a7dda7115.json
-Softwaredaten-
Version: 4.3.0.98
Komponentenversion: 1.0.1273
Version des Aktualisierungspakets: 1.0.40135
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 19041.928)
CPU: x64
Dateisystem: NTFS
Benutzer: System
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Zeitplaner
Ergebnis: Abgeschlossen
Gescannte Objekte: 331775
Erkannte Bedrohungen: 2
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 4 Min., 17 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 2
PUP.Optional.DefaultSearch, C:\USERS\MAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8ZXZ0Q4W.DEFAULT-RELEASE\PREFS.JS, Keine Aktion durch Benutzer, 330, 932426, 1.0.40135, , ame, , 8A9D953107028D858FD650D091E53E15, 9EC31A17319D97680AA718A36A815D22D7D975B66A78FF9E3E122B2C8B5E817E
PUP.Optional.DefaultSearch, C:\USERS\MAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8ZXZ0Q4W.DEFAULT-RELEASE\PREFS.JS, Keine Aktion durch Benutzer, 330, 932427, 1.0.40135, , ame, , 8A9D953107028D858FD650D091E53E15, 9EC31A17319D97680AA718A36A815D22D7D975B66A78FF9E3E122B2C8B5E817E
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Geändert von cosinus (05.05.2021 um 11:08 Uhr) Grund: code tags |
|
05.05.2021, 10:38
| #4 |
| /// Helfer-Team   | PUP.Optional.DefaultSearch | Malwarebytes findet immer wieder die selbe Bedrohung Mir ist nicht klar, was das soll. Für Dich geht es hier weiter. Sollte es Dir langweilig sein, ist hier nicht das richtige Forum.
__________________ LG Der Felix Keine Hilfe per PN und E-Mail |
|
05.05.2021, 11:07
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PUP.Optional.DefaultSearch | Malwarebytes findet immer wieder die selbe Bedrohung Schon gut Felix, ich verschiebe einfach in den anderen Thread. Man muss ja nicht immer draufhauen 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
05.05.2021, 11:09
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PUP.Optional.DefaultSearch | Malwarebytes findet immer wieder die selbe Bedrohung @Maxecute: hast du die Hinweise jetzt mal komplett gelesen? Wenn ja wüsstest du, dass wir mehr Logs brauchen.
__________________ --> PUP.Optional.DefaultSearch | Malwarebytes findet immer wieder die selbe Bedrohung |
|
05.05.2021, 12:24
| #7 |
| | PUP.Optional.DefaultSearch | Malwarebytes findet immer wieder die selbe Bedrohung Oh sorry, hier sind die Logs von FRST: FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 28-04-2021
durchgeführt von Max (Administrator) auf DESKTOP-DHA2F6H (Micro-Star International Co., Ltd. MS-7A38) (05-05-2021 12:58:11)
Gestartet von C:\Users\Max\Downloads
Geladene Profile: Max
Platform: Windows 10 Pro Version 2004 19041.928 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\CEPHtmlEngine\CEPHtmlEngine.exe <3>
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\AfterFX.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe) C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\dynamiclinkmanager.exe
(Adobe Inc. -> Adobe) C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\TeamProjectsLocalHub.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\89.0.4389.25\remoting_host.exe <2>
(Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Excel_16001.13801.20454.0_x64__8wekyb3d8bbwe\xlim.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\Display.NvContainer\NVDisplay.Container.exe <2>
(Pulse Secure, LLC -> Pulse Secure, LLC) C:\Program Files (x86)\Common Files\Pulse Secure\JUNS\PulseSecureService.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bb0c442560f99618\RtkAudUService64.exe <2>
(Skutta, Kristjan -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
(Spotify AB -> Spotify Ltd) C:\Users\Max\AppData\Roaming\Spotify\Spotify.exe <6>
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\Max\AppData\Roaming\Zoom\bin\Zoom.exe <2>
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bb0c442560f99618\RtkAudUService64.exe [1253232 2021-03-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3951968 2019-07-09] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353408 2021-04-27] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7991528 2021-04-24] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [PulseSecure] => C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\Pulse.exe [4500096 2020-10-16] (Pulse Secure, LLC -> )
HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [648328 2020-03-09] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\Run: [Discord] => C:\Users\Max\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [123792288 2021-04-16] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29262520 2020-07-09] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\Run: [WallpaperEngine] => C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [2769000 2021-03-08] (Skutta, Kristjan -> )
HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-04-21] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\Software\...\Authentication\Credential Providers: [{4B9CAC01-6732-40d0-8B8F-B5B340F9D44F}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2020-10-16] (Pulse Secure, LLC -> )
HKLM\Software\...\Authentication\Credential Providers: [{4EFD0F35-BFBA-44eb-8F25-2B3530203C1D}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2020-10-16] (Pulse Secure, LLC -> )
HKLM\Software\...\Authentication\Credential Providers: [{C1258FBC-F04F-4862-B78A-DDAAEF4A9707}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2020-10-16] (Pulse Secure, LLC -> )
HKLM\Software\...\Authentication\Credential Providers: [{EAB1A79F-DFAA-4faf-A7B9-A6652E97EE16}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2020-10-16] (Pulse Secure, LLC -> )
HKLM\Software\...\Authentication\Credential Provider Filters: [{3884BCAA-C611-4e2d-9105-E11B1203294E}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2020-10-16] (Pulse Secure, LLC -> )
Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2020-01-16] ()
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {29B57124-92B3-4B4C-89B0-D000A4B43D84} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-04-20] (Mozilla Corporation -> Mozilla Foundation)
Task: {3307FBD1-9A74-4353-8688-11375DE57C1A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {408B50CB-F98D-4EA8-8BFA-528E29B1A599} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4EAEDFE0-FEC2-4ACA-8FBC-61D753B7BF4B} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {5450DD0E-87ED-48AC-969B-30826F9F1071} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {570C83FA-1028-41E5-8552-A7302EBE767C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-07-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {58BE253D-7E37-4F66-B1C1-C617C35B7B9F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9084EBF6-A213-40E4-8A91-21C71A108D3D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {97AB08BB-1048-4827-B395-025ABFC4F5F2} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9B84120F-5064-442D-9574-FC74937ADFB2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24910520 2020-07-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9BD85B5E-1768-4704-AD73-075E7C68251A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BAD41C75-A840-4ED3-A9B5-D888B1B7B254} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {C247FDC7-DA6E-4842-8C93-F1C7D3799CB6} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-05-20] (Dropbox, Inc -> Dropbox, Inc.)
Task: {D64C505B-F27B-4D10-A9C4-0B21AB5BAC3D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DB266B37-18F7-4089-9662-AF3AE1E871EB} - System32\Tasks\Mozilla\Firefox Default Browser Agent CDFCF4B7528A39A6 => D:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-12-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {F1BAAA2E-056A-44B7-BC36-907A5831895D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-05-20] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F7AE6CC1-7CAB-43F9-9955-2977717CD914} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{10eb58ff-534e-4d43-9b25-3b3e203536a5}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{19cb2e09-30dd-40d3-b56e-c00aee98ea2f}: [NameServer] 132.195.249.13,132.195.20.13
Tcpip\..\Interfaces\{8d559033-aa29-4301-916a-906f4e0d4fc6}: [NameServer] 132.195.249.13,132.195.20.13
Tcpip\..\Interfaces\{f380a77b-200e-4177-b271-a49a9b2fff31}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Profile: C:\Users\Max\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-16]
Edge StartupUrls: Default -> "hxxps://www.google.de/"
Edge DefaultSearchURL: Default -> hxxps://www.google.de/search?q={searchTerms}&ie={inputEncoding?}&oe={outputEncoding?}
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: kcp1ykde.default
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\iguxhc92.default-release-1 [2021-04-28]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\iguxhc92.default-release-1\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-04-28]
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\kcp1ykde.default [2020-05-01]
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\8zxz0q4w.default-release [2021-05-05]
FF Homepage: Mozilla\Firefox\Profiles\8zxz0q4w.default-release -> hxxps://www.ecosia.org/
FF NewTab: Mozilla\Firefox\Profiles\8zxz0q4w.default-release -> hxxps://defaultsearch.co/homepage?hp=1&pId=IC150206&iDate=2020-05-01 01:44:31&bName=&bitmask=0600
FF Notifications: Mozilla\Firefox\Profiles\8zxz0q4w.default-release -> hxxps://www.chess.com; hxxps://chat.uni-wuppertal.de
FF Extension: (BetterTTV) - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\8zxz0q4w.default-release\Extensions\firefox@betterttv.net.xpi [2021-04-25]
FF Extension: (Chrome Remote Desktop) - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\8zxz0q4w.default-release\Extensions\remotedesktop@google.com.xpi [2021-03-15] [UpdateUrl:hxxps://www.gstatic.com/chromoting/firefox_extension/update.json]
FF Extension: (Ecosia – Die Suchmaschine, die Bäume pflanzt) - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\8zxz0q4w.default-release\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2020-10-09]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\8zxz0q4w.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-01-29]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
StartMenuInternet: Firefox-CDFCF4B7528A39A6 - D:\Program Files\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe [440368 2019-12-11] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\89.0.4389.25\remoting_host.exe [72808 2021-01-27] (Google LLC -> Google LLC)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-05-20] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-05-20] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-04-24] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818288 2020-06-10] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [439880 2021-01-05] (Epic Games Inc. -> Epic Games, Inc.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [409456 2021-03-30] (NVIDIA Corporation -> NVIDIA)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10605472 2021-04-16] (Logitech Inc -> Logitech, Inc.)
R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [499336 2020-05-18] (Logitech Inc -> Logitech)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-04-28] (Malwarebytes Inc -> Malwarebytes)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [9513760 2020-12-06] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [99136 2020-10-23] (ProtonVPN AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-10-23] (ProtonVPN AG -> )
R2 PulseSecureService; C:\Program Files (x86)\Common Files\Pulse Secure\JUNS\PulseSecureService.exe [380544 2020-10-16] (Pulse Secure, LLC -> Pulse Secure, LLC)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bb0c442560f99618\RtkAudUService64.exe [1253232 2021-03-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5361256 2021-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182328 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10301672 2021-04-27] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [33832 2019-12-11] (ASUSTeK Computer Inc. -> )
S3 csravrcp; C:\WINDOWS\System32\drivers\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 CsrBthAudioHF; C:\WINDOWS\System32\drivers\CsrBthAudioHF.sys [39120 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 CsrBtPort; C:\WINDOWS\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrhfgcc; C:\WINDOWS\System32\drivers\csrhfgcc.sys [38080 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrpan; C:\WINDOWS\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrserial; C:\WINDOWS\System32\drivers\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusb; C:\WINDOWS\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusbfilter; C:\WINDOWS\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csr_bthav; C:\WINDOWS\system32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [19968 2019-10-17] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-04-28] (Malwarebytes Inc -> Malwarebytes)
R1 GLCKIO2; C:\WINDOWS\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
R1 jnprns; C:\WINDOWS\system32\DRIVERS\jnprns.sys [507192 2020-10-16] (Juniper Networks, Inc. -> Juniper Networks)
S4 jnprTdi_919_4983; C:\WINDOWS\system32\Drivers\jnprTdi_919_4983.sys [98280 2020-10-16] (Pulse Secure, LLC -> Pulse Secure, LLC)
R3 JnprVaMgr; C:\WINDOWS\System32\drivers\jnprvamgr.sys [45352 2020-10-16] (Juniper Networks, Inc. -> Juniper Networks, Inc.)
R2 LGHUBTemperatureService; C:\Program Files\LGHUB\logi_core_temp.sys [22864 2021-04-16] (Logitech Inc -> Logitech)
S3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2018-05-07] (Logitech Inc -> Logitech Inc.)
S3 LGJoyHidLo; C:\WINDOWS\system32\drivers\LGJoyHidLo.sys [47256 2018-05-07] (Logitech Inc -> Logitech Inc.)
S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-05-07] (Logitech Inc -> Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\System32\drivers\LGSHidFilt.Sys [64280 2018-05-07] (Logitech -> Logitech Inc.)
S3 LGSUsbFilt; C:\WINDOWS\System32\drivers\LGSUsbFilt.Sys [41752 2018-05-07] (Logitech -> Logitech Inc.)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [37200 2021-03-17] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [25928 2021-03-17] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66896 2021-03-17] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-04-28] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-04-28] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-05-05] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-05-05] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-28] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-05-05] (Malwarebytes Inc -> Malwarebytes)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [25616 2018-02-12] (MICSYS Technology Co., Ltd. -> )
S3 ProtonVPNSplitTunnel; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.SplitTunnelDriver.sys [31584 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 PulseSAM; C:\WINDOWS\system32\Drivers\PulseSAM.sys [149904 2020-10-16] (Pulse Secure, LLC. -> Pulse Secure, LLC)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43368 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [6438816 2021-04-27] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-05-05 12:58 - 2021-05-05 12:58 - 000027360 _____ C:\Users\Max\Downloads\FRST.txt
2021-05-05 12:57 - 2021-05-05 12:58 - 000000000 ____D C:\FRST
2021-05-05 12:57 - 2021-05-05 12:57 - 002298368 _____ (Farbar) C:\Users\Max\Downloads\FRST64.exe
2021-05-05 10:39 - 2021-05-05 10:39 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-05-05 10:39 - 2021-05-05 10:39 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-05-05 10:39 - 2021-05-05 10:39 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-05-04 13:53 - 2021-05-04 13:53 - 000001250 _____ C:\Users\Max\Desktop\Adobe After Effects 2020.lnk
2021-05-02 12:24 - 2021-05-02 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxon
2021-05-02 12:23 - 2021-05-02 12:25 - 000000000 ____D C:\Program Files\Maxon Cinema 4D R21
2021-05-02 12:22 - 2021-05-02 12:22 - 000001250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2020.lnk
2021-05-02 10:52 - 2021-05-02 10:52 - 2323535189 _____ C:\Users\Max\Downloads\Adobe After Effects 2020.rar
2021-05-02 10:35 - 2021-05-02 10:35 - 000000000 ____D C:\AdwCleaner
2021-05-02 10:34 - 2021-05-02 10:34 - 008534696 _____ (Malwarebytes) C:\Users\Max\Downloads\adwcleaner_8.2.exe
2021-04-29 20:53 - 2021-04-29 20:53 - 000016888 _____ C:\Users\Max\AppData\Local\recently-used.xbel
2021-04-29 20:53 - 2021-04-29 20:53 - 000000000 ____D C:\WINDOWS\system32\lxss
2021-04-29 20:48 - 2021-04-24 03:08 - 000038640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-04-29 20:44 - 2021-04-27 23:16 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-04-29 20:44 - 2021-04-27 23:16 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-04-29 20:44 - 2021-04-27 23:16 - 001453344 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-04-29 20:44 - 2021-04-27 23:16 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-04-29 20:44 - 2021-04-27 23:16 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-04-29 20:44 - 2021-04-27 23:16 - 001192736 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-04-29 20:44 - 2021-04-27 23:16 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-04-29 20:44 - 2021-04-27 23:16 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-04-29 20:44 - 2021-04-27 23:16 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-04-29 20:44 - 2021-04-27 23:16 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-04-29 20:44 - 2021-04-27 23:13 - 000715544 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-04-29 20:44 - 2021-04-27 23:13 - 000626976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-04-29 20:44 - 2021-04-27 23:13 - 000575760 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-04-29 20:44 - 2021-04-27 23:12 - 002106144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-04-29 20:44 - 2021-04-27 23:12 - 001590560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-04-29 20:44 - 2021-04-27 23:12 - 001514784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-04-29 20:44 - 2021-04-27 23:12 - 001166112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-04-29 20:44 - 2021-04-27 23:12 - 000689952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-04-29 20:44 - 2021-04-27 23:12 - 000675104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-04-29 20:44 - 2021-04-27 23:12 - 000656160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-04-29 20:44 - 2021-04-27 23:12 - 000564000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-04-29 20:44 - 2021-04-27 23:11 - 008317232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-04-29 20:44 - 2021-04-27 23:11 - 007434032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-04-29 20:44 - 2021-04-27 23:11 - 004795152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-04-29 20:44 - 2021-04-27 23:11 - 002823472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-04-29 20:44 - 2021-04-27 23:11 - 000445744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-04-29 20:44 - 2021-04-27 23:10 - 000848664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-04-29 20:44 - 2021-04-27 23:09 - 006159176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-04-29 20:44 - 2021-04-24 03:08 - 000087164 _____ C:\WINDOWS\system32\nvinfo.pb
2021-04-29 20:37 - 2021-04-29 20:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-04-28 22:37 - 2021-04-28 22:37 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-04-28 22:37 - 2021-04-28 22:37 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-04-28 22:37 - 2021-04-28 22:37 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-04-28 22:37 - 2021-04-28 22:37 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-04-28 22:37 - 2021-04-28 22:37 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-04-28 22:37 - 2021-04-28 22:37 - 000000000 ____D C:\Users\Max\AppData\Local\mbam
2021-04-28 22:37 - 2021-04-28 22:36 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-04-28 22:37 - 2021-04-28 22:36 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-04-28 22:36 - 2021-04-28 22:36 - 002078632 _____ (Malwarebytes) C:\Users\Max\Downloads\MBSetup.exe
2021-04-28 22:36 - 2021-04-28 22:36 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-04-28 22:36 - 2021-04-28 22:36 - 000000000 ____D C:\Program Files\Malwarebytes
2021-04-28 21:49 - 2021-04-28 21:49 - 003483480 _____ (Alexander Roshal) C:\Users\Max\Downloads\winrar-x64-601d.exe
2021-04-28 21:49 - 2021-04-28 21:49 - 000000000 ____D C:\Users\Max\AppData\Roaming\WinRAR
2021-04-28 21:49 - 2021-04-28 21:49 - 000000000 ____D C:\Program Files\WinRAR
2021-04-26 10:19 - 2021-04-26 10:19 - 000069642 _____ C:\Users\Max\Downloads\Blatt_02.pdf
2021-04-26 10:18 - 2021-04-22 19:02 - 000002136 _____ C:\Users\Max\Desktop\Acrobat Reader DC.lnk
2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-04-24 12:55 - 2021-04-24 12:55 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-04-23 14:44 - 2021-04-23 14:44 - 000194175 _____ C:\Users\Max\Downloads\ProseminarImportantDatesSummer21.pdf
2021-04-23 14:23 - 2021-04-23 14:23 - 000178483 _____ C:\Users\Max\Downloads\GuidelinesScientificWriting_Screencast_SS2021.pdf
2021-04-20 12:25 - 2021-04-21 12:59 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-17 12:43 - 2021-04-17 12:43 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2021-04-17 12:43 - 2021-04-17 12:43 - 000000650 _____ C:\ProgramData\Desktop\Logitech G HUB.lnk
2021-04-17 12:43 - 2021-04-17 12:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2021-04-17 12:43 - 2021-04-17 12:43 - 000000000 ____D C:\ProgramData\Logishrd
2021-04-17 12:43 - 2021-04-17 12:43 - 000000000 ____D C:\Program Files\LGHUB
2021-04-16 09:59 - 2021-04-16 09:59 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-16 09:59 - 2021-04-16 09:59 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-16 09:59 - 2021-04-16 09:59 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-14 23:26 - 2020-08-14 09:59 - 000043416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys
2021-04-13 13:20 - 2021-04-13 13:20 - 049411051 _____ C:\Users\Max\Downloads\DigitalTutor.zip
2021-04-09 22:16 - 2021-04-09 22:16 - 000150938 _____ C:\Users\Max\Downloads\Instagram_logo_2016.svg.webp
2021-04-09 21:53 - 2021-04-09 21:53 - 004956194 _____ C:\Users\Max\Downloads\_lol__death_sworn_katarina___twitch_banner_by_psychomilla_dbtd2xt.zip
2021-04-09 21:49 - 2021-04-09 21:49 - 000000946 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.24.lnk
2021-04-09 21:46 - 2021-04-09 21:46 - 247382056 _____ (The GIMP Team ) C:\Users\Max\Downloads\gimp-2.10.24-setup-2.exe
2021-04-09 21:22 - 2021-04-09 21:22 - 003173711 _____ C:\Users\Max\Downloads\Logo Blue Ai new.ai
2021-04-09 21:21 - 2021-04-09 21:21 - 000165930 _____ C:\Users\Max\Downloads\Logo Blue Ai.ai
2021-04-05 15:58 - 2021-04-05 15:58 - 000196985 _____ C:\Users\Max\Downloads\lohnsteuerbescheid 3.jpeg
2021-04-05 15:58 - 2021-04-05 15:58 - 000136125 _____ C:\Users\Max\Downloads\lohnsteuerbescheid 2.jpeg
2021-04-05 15:58 - 2021-04-05 15:58 - 000126460 _____ C:\Users\Max\Downloads\lohnsteuerbescheid 4.jpeg
2021-04-05 15:58 - 2021-04-05 15:58 - 000115263 _____ C:\Users\Max\Downloads\lohnsteuerbescheid 1.jpeg
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-05-05 12:40 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-05 12:25 - 2020-04-28 19:28 - 000000000 ____D C:\ProgramData\NVIDIA
2021-05-05 12:12 - 2021-02-10 01:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-05 11:53 - 2020-04-28 20:40 - 000000000 ____D C:\Users\Max\AppData\Roaming\Spotify
2021-05-05 11:38 - 2020-04-28 23:06 - 000000000 ____D C:\Users\Max\AppData\Local\D3DSCache
2021-05-05 10:59 - 2020-04-28 20:41 - 000000000 ____D C:\Users\Max\AppData\Local\Spotify
2021-05-05 10:46 - 2021-02-10 14:53 - 001722792 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-05 10:46 - 2019-12-07 16:51 - 000743714 _____ C:\WINDOWS\system32\perfh007.dat
2021-05-05 10:46 - 2019-12-07 16:51 - 000150136 _____ C:\WINDOWS\system32\perfc007.dat
2021-05-05 10:46 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-05 10:41 - 2020-05-11 18:38 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-05-05 10:40 - 2021-02-10 01:17 - 000004300 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-05-05 10:40 - 2021-02-10 01:17 - 000004068 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-05-05 10:40 - 2020-05-20 16:17 - 000001240 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-05-05 10:40 - 2020-05-20 16:17 - 000001236 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-05-05 10:39 - 2021-02-10 01:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-05 10:39 - 2021-02-10 01:10 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-05 10:39 - 2020-06-17 18:05 - 000000000 ____D C:\Users\Max\AppData\Roaming\LGHUB
2021-05-05 10:39 - 2020-06-17 18:05 - 000000000 ____D C:\Users\Max\AppData\Local\LGHUB
2021-05-05 10:39 - 2020-04-28 20:18 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-05 10:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-05-05 10:39 - 2018-06-10 12:52 - 000000000 ____D C:\Users\Max\AppData\LocalLow\Mozilla
2021-05-04 23:34 - 2020-06-13 11:55 - 000000000 ____D C:\Users\Max\AppData\Roaming\Blitz
2021-05-04 23:34 - 2020-05-01 19:57 - 000000000 ____D C:\Users\Max\AppData\Roaming\discord
2021-05-04 23:34 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-05-04 23:29 - 2020-04-28 20:23 - 000000000 ____D C:\Users\Max\AppData\Roaming\TS3Client
2021-05-04 22:41 - 2020-05-01 19:57 - 000000000 ____D C:\Users\Max\AppData\Local\Discord
2021-05-04 18:36 - 2020-04-28 20:18 - 000000000 ____D C:\ProgramData\Riot Games
2021-05-04 11:49 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-04 11:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-02 12:32 - 2020-05-01 14:28 - 000000000 ____D C:\Users\Max\AppData\Local\Adobe
2021-05-02 12:32 - 2020-04-29 20:30 - 000000000 ____D C:\Users\Max\AppData\Local\NVIDIA
2021-05-02 12:32 - 2020-04-28 20:15 - 000000000 ____D C:\Users\Max\AppData\Roaming\Adobe
2021-05-02 12:32 - 2020-04-02 12:16 - 000000000 ____D C:\Users\Max\Documents\Adobe
2021-05-02 12:22 - 2020-05-01 14:31 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-05-02 12:22 - 2020-05-01 14:31 - 000000000 ____D C:\Program Files\Adobe
2021-05-02 12:22 - 2020-04-02 12:01 - 000000000 ____D C:\Users\Public\Documents\Adobe
2021-05-02 12:22 - 2020-04-02 12:01 - 000000000 ____D C:\ProgramData\Documents\Adobe
2021-05-02 12:13 - 2020-05-01 14:28 - 000000000 ____D C:\ProgramData\Adobe
2021-05-02 10:36 - 2020-05-01 15:44 - 000000000 ____D C:\Users\Max\AppData\Roaming\Lavasoft
2021-05-02 10:36 - 2020-05-01 15:44 - 000000000 ____D C:\Users\Max\AppData\Local\Lavasoft
2021-05-02 10:36 - 2020-05-01 15:44 - 000000000 ____D C:\ProgramData\Lavasoft
2021-05-02 10:36 - 2020-05-01 15:44 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2021-05-02 10:36 - 2020-04-02 11:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2021-05-01 19:22 - 2020-07-05 11:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-30 11:09 - 2020-05-01 14:44 - 000000000 ____D C:\Users\Max\AppData\Roaming\obs-studio
2021-04-30 10:36 - 2021-01-11 04:48 - 000000000 ____D C:\Users\Max\Desktop\OBS Aufnahmen
2021-04-29 20:54 - 2020-05-26 15:41 - 000000000 ____D C:\Users\Max\AppData\Local\babl-0.1
2021-04-29 20:53 - 2020-05-26 17:11 - 000000000 ____D C:\Users\Max\AppData\Local\gtk-2.0
2021-04-29 20:53 - 2020-04-28 19:28 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-04-29 20:51 - 2020-10-28 12:58 - 000000000 ____D C:\Users\Max\Desktop\Gimp
2021-04-29 20:46 - 2021-02-10 01:17 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2956124056-3800980870-852740744-1001
2021-04-29 20:46 - 2021-02-10 00:19 - 000002373 _____ C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-29 20:46 - 2018-04-24 06:45 - 000000000 ___RD C:\Users\Max\OneDrive
2021-04-29 20:37 - 2020-05-20 16:16 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-04-29 20:36 - 2021-03-29 21:04 - 000000000 ____D C:\Program Files\Riot Vanguard
2021-04-28 22:37 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-28 21:49 - 2018-06-19 14:19 - 000000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-04-28 21:49 - 2018-06-19 14:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-04-27 23:12 - 2021-02-07 22:36 - 000811808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-04-27 23:09 - 2021-02-07 22:36 - 007212232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-04-27 10:55 - 2020-05-18 12:25 - 000000000 ____D C:\Users\Max\AppData\Local\PlaceholderTileLogoFolder
2021-04-26 11:22 - 2020-10-28 21:45 - 000000000 ____D C:\Users\Max\AppData\Roaming\WhatsApp
2021-04-26 11:21 - 2020-04-28 19:24 - 000000352 _____ C:\WINDOWS\BRRBCOM.INI
2021-04-26 10:57 - 2021-02-11 21:46 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6ff39a30a6aea
2021-04-26 10:57 - 2021-02-10 01:17 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-24 03:08 - 2021-02-07 22:36 - 000135408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-04-23 16:56 - 2021-02-06 21:56 - 000000000 ____D C:\Users\Max\AppData\Local\WhatsApp
2021-04-22 19:02 - 2021-03-24 20:49 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-04-21 12:59 - 2020-04-28 20:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-20 20:27 - 2021-02-10 01:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-04-20 20:27 - 2020-04-28 20:18 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-17 16:24 - 2020-04-28 20:14 - 000000000 ____D C:\Users\Max\AppData\Local\Packages
2021-04-16 20:03 - 2021-02-10 01:10 - 000461728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-16 20:01 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-16 10:01 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-16 09:59 - 2021-02-10 01:12 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-16 09:46 - 2021-02-09 01:11 - 000000000 ___HD C:\$WinREAgent
2021-04-16 09:46 - 2020-04-29 01:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-16 09:45 - 2020-04-29 01:02 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-15 12:29 - 2020-06-13 11:50 - 000000000 ____D C:\Users\Max\AppData\Local\CrashDumps
2021-04-14 23:27 - 2021-02-10 01:17 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 23:27 - 2021-02-10 01:17 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 23:27 - 2021-02-10 01:17 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 23:27 - 2021-02-10 01:17 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 23:27 - 2021-02-10 01:17 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 23:27 - 2021-02-10 01:17 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 23:27 - 2021-02-10 01:17 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 23:27 - 2021-02-10 01:17 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 23:27 - 2021-02-10 01:17 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 23:27 - 2021-02-10 01:17 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 23:27 - 2020-06-13 11:51 - 000001443 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2021-04-14 23:27 - 2020-06-13 11:51 - 000001443 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2021-04-14 23:27 - 2020-04-28 19:28 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-04-14 23:27 - 2020-04-28 19:28 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-04-14 23:27 - 2020-04-28 19:28 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-04-13 16:20 - 2020-09-30 16:06 - 000000000 ____D C:\Users\Max\Desktop\Uni
2021-04-13 13:04 - 2020-04-28 20:15 - 000000000 ____D C:\ProgramData\Packages
2021-04-11 12:59 - 2020-04-28 19:47 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-07 13:38 - 2020-06-13 11:48 - 002817904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2021-04-07 13:38 - 2020-06-13 11:48 - 002171760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2021-04-07 13:38 - 2020-06-13 11:48 - 001293680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-05-01 15:43 - 2020-05-01 15:43 - 000284338 _____ () C:\Users\Max\AppData\Roaming\93h_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2021-04-29 20:53 - 2021-04-29 20:53 - 000016888 _____ () C:\Users\Max\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-04-2021
durchgeführt von Max (05-05-2021 12:59:32)
Gestartet von C:\Users\Max\Downloads
Windows 10 Pro Version 2004 19041.928 (X64) (2021-02-09 23:17:39)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2956124056-3800980870-852740744-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2956124056-3800980870-852740744-503 - Limited - Disabled)
Gast (S-1-5-21-2956124056-3800980870-852740744-501 - Limited - Disabled)
locma (S-1-5-21-2956124056-3800980870-852740744-1006 - Limited - Enabled) => C:\Users\locma
Max (S-1-5-21-2956124056-3800980870-852740744-1001 - Administrator - Enabled) => C:\Users\Max
WDAGUtilityAccount (S-1-5-21-2956124056-3800980870-852740744-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.001.20150 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_0) (Version: 17.0 - Adobe Systems Incorporated)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_1) (Version: 14.1 - Adobe Systems Incorporated)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.3.11.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{96f500e7-aac6-40c8-aa25-d223f373d8dd}) (Version: 2.3.11.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.0.19 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{1b15ca41-2671-4685-ab55-b8c814c4942a}) (Version: 1.0.19 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.25 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32\...\{94267bd0-fa8a-4aa4-925d-ec3e0d130fba}) (Version: 1.1.25 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.16 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{e46f527f-1e64-4554-abc1-115f3429c25c}) (Version: 1.0.16 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.02.12 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{b96dabae-c7ef-45f2-95ab-1a4d917262a3}) (Version: 1.02.12 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{D800D836-DE15-4B00-8273-521F022CD837}) (Version: 1.0.58 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{d00daf18-4c78-4fc6-bb05-376a06c79c48}) (Version: 1.0.58 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM\...\{B5E322FB-C191-463E-BDDD-4F22290EDFDB}) (Version: 1.0.8 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM-x32\...\{277875e0-972c-4705-b09c-ca5acf5b2f7c}) (Version: 1.0.8 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.2.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{2977b6c2-6523-42f4-8f52-bf4f7fc7a840}) (Version: 0.0.2.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{3507c756-a80f-4b0e-8475-975d8b432176}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.50 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{52400cff-4628-4ca3-a922-3767b198c1fd}) (Version: 1.0.50 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.32 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{243ceb39-3b77-43ab-9135-fddab4ac7caf}) (Version: 1.0.32 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.53 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{3dcded5b-10da-4d98-9c1f-c33d25288ebd}) (Version: 1.0.53 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM\...\{723B40A4-5BF2-4DC6-834A-2ADF75F3CF7E}) (Version: 1.0.1.2 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM-x32\...\{0ebcd5fb-7bf9-45b4-a0b6-0932d728e289}) (Version: 1.0.1.2 - ASUSTek COMPUTER INC.) Hidden
AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.37 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{60d8d6b5-0ec5-420a-a407-a42e19346d46}) (Version: 1.0.37 - ASUS) Hidden
Blitz 1.14.6 (HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.14.6 - Blitz, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.69 - Piriform)
Chrome Remote Desktop Host (HKLM-x32\...\{2E2C5B04-0539-43B0-BC16-EF1B7DFF03A5}) (Version: 89.0.4389.25 - Google LLC)
CLIP STUDIO 1.9.10 (HKLM-x32\...\{49274EB8-4598-47E6-8039-9BB7CE07627E}) (Version: 1.9.10 - CELSYS)
CLIP STUDIO PAINT 1.9.11 (HKLM-x32\...\{1E4572D2-28BC-4BC9-B743-13DC6CFD71DB}) (Version: 1.9.11 - CELSYS)
Corsair AURA DRAM Component (HKLM\...\{376E0869-A4F1-4DC7-A1FD-EBF3AFFEB832}) (Version: 1.0.13 - CORSAIR COMPONENTS INC.) Hidden
Corsair AURA DRAM Component (HKLM-x32\...\{8fce5ea9-d56f-4f89-a363-830eceb72c72}) (Version: 1.0.13 - CORSAIR COMPONENTS INC.) Hidden
Discord (HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 121.4.4267 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden
ENE RGB HAL (HKLM\...\{BBEB79B8-472B-44E6-B0BA-157909EFE7D6}) (Version: 1.00.12 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{e0fa04a3-0593-40a3-8eea-c45cf5d09062}) (Version: 1.00.12 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM\...\{BC5E0A82-C638-44CB-8129-20C8ED70DE7A}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM-x32\...\{f3d7fb09-b93f-4c01-a765-0b0adc5bc746}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_EHD_ASM_HAL (HKLM\...\{CB19FBA3-7A4F-4D2A-A231-F580B5DCD203}) (Version: 1.00.05 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_ASM_HAL (HKLM-x32\...\{3532d794-73d7-42bd-af02-9f00623dd567}) (Version: 1.00.05 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{455E34DD-5F26-431E-B542-72F73A8FEED8}) (Version: 1.00.02 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{24a265a5-9f90-4090-904f-5ed9fa4414b8}) (Version: 1.00.02 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{07D9F8F3-EC99-4133-919D-DA341C62937C}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{6D70A161-C29B-441B-9AA5-2ABBAB3B4B4D}) (Version: 1.1.1.0 - Epic Games, Inc.)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
GALAX GAMER RGB (HKLM\...\{06A16AA8-BBA7-4362-962E-16651962D87C}) (Version: 1.00.02 - Galaxy Microsystems Ltd.) Hidden
GALAX GAMER RGB (HKLM-x32\...\{1257fdeb-ffa3-4e17-9d4b-189075ea3656}) (Version: 1.00.02 - Galaxy Microsystems Ltd.)
Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.7.3.0 - miHoYo Co.,Ltd)
GIMP 2.10.24 (HKLM\...\GIMP-2_is1) (Version: 2.10.24 - The GIMP Team)
Ground Control (HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\ground_control) (Version: 1.0.0 - StreamElements)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.20 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{c0c65c06-e79e-44b5-bd66-85099364afeb}) (Version: 1.0.20 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
LibreOffice 7.1.0.3 (HKLM\...\{FF0BB16C-BD95-497C-BCE6-4B567668AF1B}) (Version: 7.1.0.3 - The Document Foundation)
Logitech Capture (HKLM\...\Capture) (Version: 2.02.155 - Logitech)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2021.3.5164 - Logitech)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Maxon Cinema 4D R21 (HKLM\...\Maxon Cinema 4D R21) (Version: R21 - Maxon)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.51 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\OneDriveSetup.exe) (Version: 21.062.0328.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2956124056-3800980870-852740744-1006\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{E15F69FA-660D-45CC-B28F-6CBC4CAD2091}) (Version: 1.0.0.0 - Mojang)
MiniTool Partition Wizard Free 9.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 83.0 (x64 de) (HKLM\...\Mozilla Firefox 83.0 (x64 de)) (Version: 83.0 - Mozilla)
Mozilla Firefox 88.0 (x64 de) (HKLM\...\Mozilla Firefox 88.0 (x64 de)) (Version: 88.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 75.0 - Mozilla)
NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation)
NVIDIA Grafiktreiber 466.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.27 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.8 - OBS Project)
OpenOffice 4.1.7 (HKLM-x32\...\{81D7585D-3E44-4984-B99B-911492419D3E}) (Version: 4.17.9800 - Apache Software Foundation)
Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.04 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{ebb7013c-0b03-497c-bed1-1e48e806a593}) (Version: 1.00.04 - Patriot Memory)
Patriot Viper RGB (HKLM\...\{E42E13B0-071E-49C1-B1CC-58198E82F302}) (Version: 1.00.08 - Patriot Memory) Hidden
Patriot Viper RGB (HKLM-x32\...\{4b7bfeff-ac47-46c1-aea6-4556f5f0e6bb}) (Version: 1.00.08 - Patriot Memory)
ProtonVPN (HKLM-x32\...\{D19979C9-8B5B-4500-AA6A-EF331F658074}) (Version: 1.17.5 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.17.5) (Version: 1.17.5 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{BCB82CD9-F514-4F93-A6D9-F898494DC927}) (Version: 1.1.0 - Proton Technologies AG)
Pulse Secure (HKLM\...\{ABAEAD38-AD9E-4444-B587-9284A22F877E}) (Version: 9.1.4983 - Pulse Secure, LLC) Hidden
Pulse Secure 9.1 (HKLM-x32\...\Pulse Secure 9.1) (Version: 9.1.4983 - Pulse Secure, LLC)
Pulse Secure Setup Client (HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\Pulse_Setup_Client) (Version: 9.1.9.4983 - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Pulse_Setup_Client Activex Control) (Version: 3.1.1.1 - Pulse Secure, LLC)
Pulse Secure Setup Client Activex Control (HKLM-x32\...\Pulse_Setup_Client Activex Control) (Version: 3.1.1.1 - Pulse Secure, LLC)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Rocket.Chat 3.0.6 (HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\9b73a9fb-f1d5-59ee-b41e-e1dd393a748a) (Version: 3.0.6 - Rocket.Chat Support)
Spotify (HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\Spotify) (Version: 1.1.58.820.g2ae50076 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StreamElements OBS.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 21.3.8.729 - StreamElements)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.2 - TeamSpeak Systems GmbH)
VALORANT (HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WhatsApp (HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\WhatsApp) (Version: 2.2114.9 - WhatsApp)
WinRAR 6.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\ZoomUMX) (Version: 5.3.1 (52879.0927) - Zoom Video Communications, Inc.)
Packages:
=========
Excel Mobile -> C:\Program Files\WindowsApps\Microsoft.Office.Excel_16001.13801.20454.0_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-06-26] (Microsoft Corporation)
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.42.41091.0_x64__8wekyb3d8bbwe [2021-04-20] (Microsoft Corporation) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-09-17] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-04-29] (NVIDIA Corp.)
QR Code for Windows 10 -> C:\Program Files\WindowsApps\17036IYIA.QRCodeforWindows10_6.4.2.0_x64__dggz0n4pnn0ge [2021-04-17] (IYIA)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.40392.0_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-04-13] (Adobe Systems Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.25.245.0_x64__dt26b99r8h8gj [2021-05-03] (Realtek Semiconductor Corp)
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.13.154.0_x64__43tkc6nmykmb6 [2021-04-14] (Ookla)
Word Mobile -> C:\Program Files\WindowsApps\Microsoft.Office.Word_16001.13801.20454.0_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2956124056-3800980870-852740744-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Max\Dropbox [2019-05-14 10:39]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-28] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\nvshext.dll [2021-04-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-28] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2019-10-23 19:09 - 2019-10-23 19:09 - 001141248 _____ () [Datei ist nicht signiert] C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\git2.dll
2019-10-23 19:09 - 2019-10-23 19:09 - 001418240 _____ () [Datei ist nicht signiert] C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\kdu_as7AR.dll
2019-10-23 19:09 - 2019-10-23 19:09 - 087665152 _____ () [Datei ist nicht signiert] C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\opencv_world345.dll
2021-05-05 11:51 - 2021-05-05 11:51 - 000064512 _____ () [Datei ist nicht signiert] C:\Users\Max\AppData\Local\Temp\cr_sdk_temp_00436195.tmp
2019-11-14 12:55 - 2019-11-14 12:55 - 047822424 _____ (Adobe Inc. -> Adobe) [Datei ist nicht signiert] C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\AfterFXLib.dll
2019-11-14 12:55 - 2019-11-14 12:55 - 009176152 _____ (Adobe Inc. -> Adobe) [Datei ist nicht signiert] C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\EAClient.dll
2019-11-14 12:55 - 2019-11-14 12:55 - 000279640 _____ (Adobe Inc. -> Adobe) [Datei ist nicht signiert] C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\SweetPeaSupport.dll
2019-10-23 19:09 - 2019-10-23 19:09 - 007510528 _____ (Avid Technology, Inc.) [Datei ist nicht signiert] C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\DNxHR.dll
2019-10-23 19:09 - 2019-10-23 19:09 - 015033856 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\CrmSdk.dll
2019-10-23 19:09 - 2019-10-23 19:09 - 001485312 _____ (CineForm Inc.) [Datei ist nicht signiert] C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\CFHDDecoder64.dll
2019-10-23 19:09 - 2019-10-23 19:09 - 001778176 _____ (CineForm Inc.) [Datei ist nicht signiert] C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\CFHDEncoder64.dll
2019-10-23 19:09 - 2019-10-23 19:09 - 000368128 _____ (NVIDIA Corporation) [Datei ist nicht signiert] C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\cudart64_92.dll
2019-10-23 19:09 - 2019-10-23 19:09 - 002940416 _____ (RED Digital Cinema) [Datei ist nicht signiert] C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\REDR3D-x64.dll
2019-10-23 19:09 - 2019-10-23 19:09 - 001001472 _____ (Sony B&P Research Labs) [Datei ist nicht signiert] C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\mp4decoder_dll.dll
2019-10-23 19:09 - 2019-10-23 19:09 - 001309696 _____ (The University of New South Wales) [Datei ist nicht signiert] C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\kdu_vs7AR.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2956124056-3800980870-852740744-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
DPF: HKLM-x32 {8E375A63-C616-46F1-AC77-59DF78F3A826} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient.cab
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\localhost -> localhost
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2020-04-28 19:56 - 2020-04-28 19:53 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\Pulse Secure\VC142.CRT\X64\;C:\Program Files (x86)\Pulse Secure\VC142.CRT\X86\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-2956124056-3800980870-852740744-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Max\Desktop\Background Images\Attack on Titan\Mikasa and Levi.jpg
HKU\S-1-5-21-2956124056-3800980870-852740744-1006\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
ist aktiviert.
Network Binding:
=============
Ethernet 2: Juniper Network Service -> jnprns (enabled)
LAN-Verbindung: Juniper Network Service -> jnprns (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "CSRHarmonySkypePlugin"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "PulseSecure"
HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{6332DC13-88F9-4D15-B20A-E0A5091534FE}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => Keine Datei
FirewallRules: [TCP Query User{8CBA35EF-09FF-48FD-AACA-1A267E866697}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => Keine Datei
FirewallRules: [{4EEF746B-BDB7-4C48-BDAE-B033BA408991}] => (Allow) D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7D481149-628B-460E-AB1C-B34891A412BA}] => (Allow) D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{E87D1A38-9A39-424F-87F8-DB5DC6B33120}C:\users\max\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\max\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [TCP Query User{665704DA-59C1-4867-BD5B-5BEFC0358E28}C:\users\max\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\max\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [{15A3A66B-061A-4C8A-B445-B6C56FFF4816}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe => Keine Datei
FirewallRules: [{0DF1F9C0-14E2-45D7-BF49-028DC3997F11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe => Keine Datei
FirewallRules: [{2140DE2C-A666-4A93-9606-1672088E70F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe => Keine Datei
FirewallRules: [{71FCBA8D-D42B-4360-997F-0739FA1901A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe => Keine Datei
FirewallRules: [{967BF865-9A69-4AAF-82A4-45A32636B358}] => (Allow) C:\Users\Max\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{5D477B40-D22F-4A22-BC3C-3B56AE600CB7}] => (Allow) C:\Users\Max\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{1326595E-2ED9-4CC6-8B76-D05141B7B4D7}] => (Allow) C:\Users\Max\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{3ED79C23-43A5-4C9B-B5AC-6A6D67CC17F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe => Keine Datei
FirewallRules: [{6E602F52-DC12-44BA-A8E9-FAAB8BDFEDCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe => Keine Datei
FirewallRules: [{EBC128BF-5BAD-42ED-AB34-3D0ED7E7F685}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{46DA7428-1C8B-4642-8880-F287E7760C48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [UDP Query User{486387BB-A87D-4BC9-91A9-73B05CE9FDC4}C:\users\max\appdata\roaming\twitch studio\bin\twitchstudioagent.exe] => (Allow) C:\users\max\appdata\roaming\twitch studio\bin\twitchstudioagent.exe => Keine Datei
FirewallRules: [TCP Query User{F065509E-3A02-4629-88CC-F26451E82A83}C:\users\max\appdata\roaming\twitch studio\bin\twitchstudioagent.exe] => (Allow) C:\users\max\appdata\roaming\twitch studio\bin\twitchstudioagent.exe => Keine Datei
FirewallRules: [{6AE65522-C2B7-46A3-802F-4DE82103097D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Elsword (Anime MMO)\data\x2.exe => Keine Datei
FirewallRules: [{0F039F76-1E3A-48DF-A39D-CDB65AF97E4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Elsword (Anime MMO)\data\x2.exe => Keine Datei
FirewallRules: [{97B6734F-C399-4095-BDD7-EAD869D6462D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Elsword (Anime MMO)\steam_launcher.exe => Keine Datei
FirewallRules: [{EC054513-30F1-498A-AA4E-19A17B990B3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Elsword (Anime MMO)\steam_launcher.exe => Keine Datei
FirewallRules: [{CED1A6C1-4B41-4908-AA87-1640E383D198}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4F4EA02F-B6C1-4446-8A5B-09257D81CA7E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{360C5139-9457-4BFD-9C2B-746D341506AB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{696C2293-30EE-42B7-94E1-A185FA40F66A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{74D9911B-6F48-4C43-8151-363CD1F464FF}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{4ED9BD7D-F7BB-4BE6-98A8-DDB61626DCD9}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{37A2552A-9BB4-466C-BDD2-0F004A5AAAE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4A66088A-8A0A-455E-BC65-840A1B55B275}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{9F0D180E-2AA5-4466-8DE9-6FF34D24A9DA}C:\program files\epic games\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) C:\program files\epic games\spellbreak\g3\binaries\win64\spellbreak.exe => Keine Datei
FirewallRules: [TCP Query User{C7158FFC-2623-4021-AE01-AE4D001CDC71}C:\program files\epic games\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) C:\program files\epic games\spellbreak\g3\binaries\win64\spellbreak.exe => Keine Datei
FirewallRules: [UDP Query User{E1096331-D20F-40C2-B9C3-0F5587219A10}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{2FC9AE9A-A5B5-435B-963E-11E67ECDC69D}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4B13ADD4-D09A-47EC-ABC1-4F71D27216FB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6E116884-43A9-4075-9778-97889310A4A5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{26BEBABD-2B16-43C2-86B1-545BB0FF8F19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Keine Datei
FirewallRules: [{4DB4027C-E0D0-495E-834D-748A668977E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Keine Datei
FirewallRules: [UDP Query User{0696F6C2-61A5-4642-AA03-BA3877026A82}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{B6D052D3-693A-4D60-B05A-6A7576A8A24B}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{68AFFE9E-381E-4796-8A11-0F755ACDD2A4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E63797AD-F844-46E9-B5EF-30DA7798BE3A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{9F191AD5-2D86-46CF-AA14-45D4E3FD5FD5}C:\users\max\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\max\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{148BBD54-8C31-45FD-AD79-7D6742CDA17E}C:\users\max\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\max\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{37C7140B-990C-435A-B3FD-8BDAD0A395FF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8FF9C97B-6B5F-4E52-A9D2-3E0F26A3BDBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{466C0765-BFB9-4BD6-9CD2-D3C70FE80553}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D942A690-E0BD-4385-8BBD-C394FF6C2E45}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{79C6B325-398E-46A4-917D-3E7592E7D05B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{64E35AA1-E74F-4967-AF0E-8B1B2693241A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{FA082E8B-10D5-4A1E-9E1E-89AFD97063D2}D:\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe] => (Allow) D:\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe => Keine Datei
FirewallRules: [UDP Query User{FE3FDDD7-1CCD-41A0-85A7-FD018AC3243C}D:\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe] => (Allow) D:\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe => Keine Datei
FirewallRules: [{351605D1-421D-4072-8801-68CFEA936D4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{DE73D175-3185-4532-AD22-6EEFC1D88CA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{922CABF4-3613-47CF-9EEF-A5B1048F967D}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\89.0.4389.25\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{F2E1B228-CD4E-4211-962D-4AF6D207F650}] => (Allow) D:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe () [Datei ist nicht signiert]
FirewallRules: [{32DB5F90-66D1-4A85-8898-3707B2EF0DBC}] => (Allow) D:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe () [Datei ist nicht signiert]
FirewallRules: [{FE53B7B3-8268-4A44-8F00-34D2BDE254BB}] => (Allow) D:\SteamLibrary\steamapps\common\Smash Legends\Smash_Legends.exe (LINE Games Corporation -> )
FirewallRules: [{BBBDE75B-20A7-4798-9B79-DE5086A8951C}] => (Allow) D:\SteamLibrary\steamapps\common\Smash Legends\Smash_Legends.exe (LINE Games Corporation -> )
FirewallRules: [{A3500EA8-E502-47F8-956F-2F95905D7E4B}] => (Allow) D:\SteamLibrary\steamapps\common\VRChat\VRChat.exe () [Datei ist nicht signiert]
FirewallRules: [{2381EA17-FCF9-4F7A-860B-F7D3DBCDDCE4}] => (Allow) D:\SteamLibrary\steamapps\common\VRChat\VRChat.exe () [Datei ist nicht signiert]
FirewallRules: [{2E84FF59-7AA1-467F-A8BB-96C917EE01DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D0772715-7562-42C4-8A5E-3FC19E4828F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B0A48308-2D7E-437C-B59B-1CDE67CCA61F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2D481034-1F7D-4C75-9E18-474EE0A5E336}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5DE6032D-2A7C-4F0F-85E7-3B221B13661D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
25-04-2021 22:46:05 Geplanter Prüfpunkt
04-05-2021 11:55:54 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (05/05/2021 10:39:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Name des fehlerhaften Moduls: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001c132
ID des fehlerhaften Prozesses: 0x14b4
Startzeit der fehlerhaften Anwendung: 0x01d7418a1d0031c3
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Berichtskennung: 6ce473fd-df4e-4f41-b605-b8090f0ed33e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/04/2021 11:50:21 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf (D:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)
Error: (05/04/2021 11:23:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Name des fehlerhaften Moduls: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001c132
ID des fehlerhaften Prozesses: 0x148c
Startzeit der fehlerhaften Anwendung: 0x01d740c714ffc0ea
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Berichtskennung: 0fd935d4-310f-4341-ab2b-2e908fbc4bb5
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/03/2021 12:44:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Name des fehlerhaften Moduls: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001c132
ID des fehlerhaften Prozesses: 0x142c
Startzeit der fehlerhaften Anwendung: 0x01d7400956275a40
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Berichtskennung: 4b902710-bcf3-458d-afbd-0f506b2dca9f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/02/2021 09:26:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Name des fehlerhaften Moduls: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001c132
ID des fehlerhaften Prozesses: 0x1438
Startzeit der fehlerhaften Anwendung: 0x01d73f891d0dbec4
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Berichtskennung: 8d72dda3-f2f3-47bb-8b43-434297631691
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/02/2021 10:22:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Name des fehlerhaften Moduls: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001c132
ID des fehlerhaften Prozesses: 0x1404
Startzeit der fehlerhaften Anwendung: 0x01d73f2c3cdfb1e5
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Berichtskennung: c23e995b-d3f7-47e8-8d10-d1f8eb80f7c8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/01/2021 07:12:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Name des fehlerhaften Moduls: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001c132
ID des fehlerhaften Prozesses: 0x1290
Startzeit der fehlerhaften Anwendung: 0x01d73ead2c348b61
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Berichtskennung: ef4a12a5-6b01-4e9f-b965-98724f9316b0
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/01/2021 06:28:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Name des fehlerhaften Moduls: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001c132
ID des fehlerhaften Prozesses: 0x1444
Startzeit der fehlerhaften Anwendung: 0x01d73ea70225eff2
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Berichtskennung: e2e76d6e-f91c-4354-b5e2-a4e84ff884c1
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (05/05/2021 10:39:18 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (45000 ms) wurde beim Verbindungsversuch mit dem Dienst asComSvc erreicht.
Error: (05/04/2021 11:34:33 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "wuauserv" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (05/04/2021 11:34:33 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "wuauserv" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (05/04/2021 11:34:33 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "wuauserv" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (05/04/2021 11:34:33 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "wuauserv" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (05/04/2021 11:34:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DHA2F6H)
Description: Der Server "Microsoft.Windows.ContentDeliveryManager_10.0.19041.423_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/04/2021 11:34:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DHA2F6H)
Description: Der Server "Microsoft.Windows.ContentDeliveryManager_10.0.19041.423_neutral_neutral_cw5n1h2txyewy!App.AppX447jn8wbjb1qsw3jxkndb19cwgsrtrkk.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/04/2021 11:23:12 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (45000 ms) wurde beim Verbindungsversuch mit dem Dienst asComSvc erreicht.
Windows Defender:
================
Date: 2021-04-28 22:34:08
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Ransom:MSIL/Crawl&threatid=2147768618&enterprise=0
Name: Ransom:MSIL/Crawl
Schweregrad: Schwerwiegend
Kategorie: Ransomware
Pfad: file:_C:\Users\Max\Downloads\Spyware112TerminatorSetup.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DESKTOP-DHA2F6H\Max
Prozessname: C:\Program Files\Mozilla Firefox\firefox.exe
Sicherheitsversion: AV: 1.337.117.0, AS: 1.337.117.0, NIS: 1.337.117.0
Modulversion: AM: 1.1.18100.5, NIS: 1.1.18100.5
Date: 2021-04-28 22:31:41
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=App:Chip_Updater_BundleInstaller&threatid=268628&enterprise=0
Name: App:Chip_Updater_BundleInstaller
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\Users\Max\Downloads\Malwarebytes Malware Scanner - CHIP-Installer vom 28.04.2021 64fb9770db3271f3eee3698473e57f52.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DESKTOP-DHA2F6H\Max
Prozessname: C:\Program Files\Mozilla Firefox\firefox.exe
Sicherheitsversion: AV: 1.337.117.0, AS: 1.337.117.0, NIS: 1.337.117.0
Modulversion: AM: 1.1.18100.5, NIS: 1.1.18100.5
Date: 2021-04-28 22:02:43
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {5326F850-A9A4-4CEA-A21A-AA6F57BD4FF0}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2021-04-27 18:49:09
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {B6DE24EA-B236-4ABD-A107-8C8BCCE9EACE}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2021-04-20 15:55:43
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {AC033489-363B-476C-B2BB-B70CE5DF7553}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2021-04-27 10:57:49
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.337.29.0
%Vorherige Version der Sicherheitsinformationen: 1.335.1700.0
Update Source: Benutzer
Sicherheitstyp: AntiSpyware
Updatetyp: Delta
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 1.1.18100.5
%Vorherige Modulversion: 1.1.18000.5
Fehlercode: 0x80070666
Fehlerbeschreibung: Eine andere Version des Produkts ist bereits installiert. Die Installation dieser Version kann nicht fortgesetzt werden. Verwenden Sie die Systemsteuerungsoption "Software", um die vorhandene Version dieses Produkts zu konfigurieren oder zu entfernen.
Date: 2021-04-27 10:57:49
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.337.29.0
%Vorherige Version der Sicherheitsinformationen: 1.335.1700.0
Update Source: Benutzer
Sicherheitstyp: AntiVirus
Updatetyp: Delta
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 1.1.18100.5
%Vorherige Modulversion: 1.1.18000.5
Fehlercode: 0x80070666
Fehlerbeschreibung: Eine andere Version des Produkts ist bereits installiert. Die Installation dieser Version kann nicht fortgesetzt werden. Verwenden Sie die Systemsteuerungsoption "Software", um die vorhandene Version dieses Produkts zu konfigurieren oder zu entfernen.
Date: 2021-04-27 10:57:49
Description:
Fehler von Microsoft Defender Antivirus beim Aktualisieren des Moduls.
Neue Modulversion: 1.1.18100.5
Vorherige Modulversion: 1.1.18000.5
Benutzer: NT-AUTORITÄT\SYSTEM
Fehlercode: 0x80070666
Fehlerbeschreibung: Eine andere Version des Produkts ist bereits installiert. Die Installation dieser Version kann nicht fortgesetzt werden. Verwenden Sie die Systemsteuerungsoption "Software", um die vorhandene Version dieses Produkts zu konfigurieren oder zu entfernen.
Date: 2021-03-29 08:55:12
Description:
Fehler des Microsoft Defender Antivirus-Echtzeitschutz-Features.
Feature: Bei Zugriff
Fehlercode: 0x80004005
Fehlerbeschreibung: Unbekannter Fehler
Ursache: Die Elementenüberprüfung des Filtertreibers wurde übersprungen, und er befindet sich nun im Durchleitungsmodus. Dies ist möglicherweise auf Ressourcenmangel zurückzuführen.
CodeIntegrity:
===============
Date: 2021-05-05 12:56:27
Description:
Windows blocked file \Device\HarddiskVolume4\Windows\System32\scrobj.dll which has been disallowed for protected processes.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. B.70 06/10/2020
Hauptplatine: Micro-Star International Co., Ltd. B450M PRO-VDH MAX (MS-7A38)
Prozessor: AMD Ryzen 5 3600 6-Core Processor
Prozentuale Nutzung des RAM: 51%
Installierter physikalischer RAM: 16333.29 MB
Verfügbarer physikalischer RAM: 7982.2 MB
Summe virtueller Speicher: 18765.29 MB
Verfügbarer virtueller Speicher: 5318.89 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:222.62 GB) (Free:22.63 GB) NTFS
Drive d: () (Fixed) (Total:930.44 GB) (Free:764.22 GB) NTFS
\\?\Volume{67b79e30-1fca-01d6-18cf-db33e50feb00}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{bfde7ce0-1fce-01d6-703a-e45be70feb00}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{790920d1-5781-479b-8f7f-edafec533855}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{8bfebfbd-009e-45d1-aaa4-8eccf38519f6}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{00034367-4240-69ac-cabf-d601ce860600}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
\\?\Volume{b0e14cab-f013-41d0-9267-8cdf66e721ab}\ () (Fixed) (Total:0 GB) (Free:0 GB)
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 223.6 GB) (Disk ID: 33B9DBB0)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt =======================
|
|
05.05.2021, 12:27
| #8 |
| | PUP.Optional.DefaultSearch | Malwarebytes findet immer wieder die selbe Bedrohung Shortcut: Code:
ATTFilter Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 28-04-2021
durchgeführt von Max (05-05-2021 13:00:57)
Gestartet von C:\Users\Max\Downloads
Start-Modus: Normal
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2020.lnk -> C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\AfterFX.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2020.lnk -> C:\Program Files\Adobe\Adobe Premiere Pro 2020\Adobe Premiere Pro.exe (Adobe)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.24.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.10.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pulse Secure\Deinstallation Pulse.lnk -> C:\Program Files (x86)\Pulse Secure\Pulse\PulseUninstall.exe (${NEO_COMPANY_FULL_NAME})
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProtonVPN\ProtonVPN.lnk -> C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Base.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sbase.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Calc.lnk -> C:\Program Files (x86)\OpenOffice 4\program\scalc.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Draw.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Impress.lnk -> C:\Program Files (x86)\OpenOffice 4\program\simpress.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Math.lnk -> C:\Program Files (x86)\OpenOffice 4\program\smath.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Writer.lnk -> C:\Program Files (x86)\OpenOffice 4\program\swriter.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (64bit).lnk -> C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\Uninstall.lnk -> C:\Program Files\obs-studio\uninstall.exe (obsproject.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.0\MiniTool Partition Wizard Free.lnk -> C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0\loader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.0\MiniTool Partition Wizard Help.lnk -> C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0\pw.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.0\Uninstall MiniTool Partition Wizard Free.lnk -> C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher\Minecraft Launcher.lnk -> C:\Program Files (x86)\Minecraft Launcher\MinecraftLauncher.exe (Mojang)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxon\Maxon Cinema 4D\Commandline R21.lnk -> C:\Program Files\Maxon Cinema 4D R21\Commandline.exe (MAXON Computer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxon\Maxon Cinema 4D\Maxon Cinema 4D R21.lnk -> C:\Program Files\Maxon Cinema 4D R21\Cinema 4D.exe (MAXON Computer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxon\Maxon Cinema 4D\Team Render Client R21.lnk -> C:\Program Files\Maxon Cinema 4D R21\Cinema 4D Team Render Client.exe (MAXON Computer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxon\Maxon Cinema 4D\Team Render Server R21.lnk -> C:\Program Files\Maxon Cinema 4D R21\Cinema 4D Team Render Server.exe (MAXON Computer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Capture.lnk -> C:\Program Files\Logitech\LogiCapture\bin\LogiCapture.exe (Logitech)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi\Logitech G HUB.lnk -> C:\Program Files\LGHUB\lghub.exe (Logitech, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1\LibreOffice Base.lnk -> C:\Program Files\LibreOffice\program\sbase.exe (The Document Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1\LibreOffice Calc.lnk -> C:\Program Files\LibreOffice\program\scalc.exe (The Document Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1\LibreOffice Draw.lnk -> C:\Program Files\LibreOffice\program\sdraw.exe (The Document Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1\LibreOffice Impress.lnk -> C:\Program Files\LibreOffice\program\simpress.exe (The Document Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1\LibreOffice Math.lnk -> C:\Program Files\LibreOffice\program\smath.exe (The Document Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1\LibreOffice Writer.lnk -> C:\Program Files\LibreOffice\program\swriter.exe (The Document Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1\LibreOffice.lnk -> C:\Program Files\LibreOffice\program\soffice.exe (The Document Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 20.lnk -> C:\Program Files\Image-Line\FL Studio 20\FL64.exe (Image-Line)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genshin Impact\DeinstallierenGenshin Impact.lnk -> C:\Program Files\Genshin Impact\uninstall.exe (miHoYo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genshin Impact\Genshin Impact.lnk -> C:\Program Files\Genshin Impact\launcher.exe (miHoYo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CLIP STUDIO\CLIP STUDIO.lnk -> C:\Program Files\CELSYS\CLIP STUDIO 1.5\CLIP STUDIO\CLIPStudio.exe (CELSYS,Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Software Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Max\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\Links\Desktop.lnk -> C:\Users\locma\Desktop ()
Shortcut: C:\Users\locma\Links\Downloads.lnk -> C:\Users\locma\Downloads ()
Shortcut: C:\Users\locma\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\locma\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge (2).lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\max3004dinh@gmail.com Creative Cloud Files\_Cloud-Dokumente.lnk -> C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe (Keine Datei)
Shortcut: C:\Users\Max\Links\Desktop.lnk -> C:\Users\Max\Desktop ()
Shortcut: C:\Users\Max\Links\Downloads.lnk -> C:\Users\Max\Downloads ()
Shortcut: C:\Users\Max\Links\iCloud Drive.lnk -> C:\Users\Max\iCloudDrive ()
Shortcut: C:\Users\Max\Documents\Adobe\After Effects 2020\User Presets\(Adobe).lnk -> C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\Presets ()
Shortcut: C:\Users\Max\Desktop\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Max\Desktop\Adobe After Effects 2020.lnk -> C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\AfterFX.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Max\Desktop\Blitz.lnk -> C:\Users\Max\AppData\Local\Programs\Blitz\Blitz.exe (Blitz, Inc.)
Shortcut: C:\Users\Max\Desktop\Genshin Impact.lnk -> C:\Program Files\Genshin Impact\launcher.exe (miHoYo)
Shortcut: C:\Users\Max\Desktop\GIMP 2.10.18.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.10.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team)
Shortcut: C:\Users\Max\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\Desktop\Premiere Pro - Verknüpfung.lnk -> C:\Users\Max\Documents\Adobe\Premiere Pro ()
Shortcut: C:\Users\Max\Desktop\Rocket.Chat.lnk -> C:\Users\Max\AppData\Local\Programs\Rocket.Chat\Rocket.Chat.exe (Rocket.Chat Support)
Shortcut: C:\Users\Max\Desktop\Spotify.lnk -> C:\Users\Max\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\Max\Desktop\Start Tor Browser.lnk -> C:\Users\Max\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Max\Desktop\StreamElements OBS.Live.lnk -> C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS)
Shortcut: C:\Users\Max\Desktop\WhatsApp.lnk -> C:\Users\Max\AppData\Local\WhatsApp\WhatsApp.exe (WhatsApp)
Shortcut: C:\Users\Max\Desktop\Zoom.lnk -> C:\Users\Max\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\Max\Desktop\Twitch\Ground Control.lnk -> C:\Users\Max\AppData\Local\ground_control\Ground Control.exe (StreamElements)
Shortcut: C:\Users\Max\Desktop\Twitch\StreamElements OBS.Live.lnk -> C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS)
Shortcut: C:\Users\Max\Desktop\Tor Browser\Start Tor Browser.lnk -> C:\Users\Max\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Max\Creative Cloud Files\_Cloud-Dokumente.lnk -> C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe (Keine Datei)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz.lnk -> C:\Users\Max\AppData\Local\Programs\Blitz\Blitz.exe (Blitz, Inc.)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Max\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rocket.Chat.lnk -> C:\Users\Max\AppData\Local\Programs\Rocket.Chat\Rocket.Chat.exe (Rocket.Chat Support)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Users\Max\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk -> C:\Users\Max\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Start Zoom.lnk -> C:\Users\Max\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Zoom.lnk -> C:\Users\Max\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp\WhatsApp.lnk -> C:\Users\Max\AppData\Local\WhatsApp\WhatsApp.exe (WhatsApp)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StreamElements\Ground Control.lnk -> C:\Users\Max\AppData\Local\ground_control\Ground Control.exe (StreamElements)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 20.lnk -> C:\Program Files\Image-Line\FL Studio 20\FL64.exe (Image-Line)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\More....lnk -> C:\Program Files\Image-Line\Shared\Start ()
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud Drive.lnk -> C:\Users\Max\iCloudDrive ()
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2\ASIO4ALL v2 Instruction Manual.lnk -> C:\Program Files (x86)\ASIO4ALL v2\ASIO4ALL v2 Instruction Manual.pdf ()
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2\ASIO4ALL Web Site.lnk -> C:\Program Files (x86)\ASIO4ALL v2\ASIO4ALL Web Site.url ()
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2\Uninstall.lnk -> C:\Program Files (x86)\ASIO4ALL v2\uninstall.exe ()
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Premiere Pro 2020.lnk -> C:\Program Files\Adobe\Adobe Premiere Pro 2020\Adobe Premiere Pro.exe (Adobe)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\FL Studio 20.lnk -> C:\Program Files\Image-Line\FL Studio 20\FL64.exe (Image-Line)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GIMP 2.10.18.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.10.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\OBS Studio (64bit).lnk -> C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\OpenOffice 4.1.7.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Spotify.lnk -> C:\Users\Max\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Start Zoom.lnk -> C:\Users\Max\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\81f60f1222210b45\League of Legends.lnk -> C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc.)
Shortcut: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Software Ltd)
Shortcut: C:\Users\Public\Desktop\CLIP STUDIO.lnk -> C:\Program Files\CELSYS\CLIP STUDIO 1.5\CLIP STUDIO\CLIPStudio.exe (CELSYS,Inc.)
Shortcut: C:\Users\Public\Desktop\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.)
Shortcut: C:\Users\Public\Desktop\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\FL Studio 20.lnk -> C:\Program Files\Image-Line\FL Studio 20\FL64.exe (Image-Line)
Shortcut: C:\Users\Public\Desktop\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation)
Shortcut: C:\Users\Public\Desktop\LibreOffice 7.1.lnk -> C:\Program Files\LibreOffice\program\soffice.exe (The Document Foundation)
Shortcut: C:\Users\Public\Desktop\Logitech G HUB.lnk -> C:\Program Files\LGHUB\lghub.exe (Logitech, Inc.)
Shortcut: C:\Users\Public\Desktop\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\Users\Public\Desktop\OBS Studio.lnk -> C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS)
Shortcut: C:\Users\Public\Desktop\OpenOffice 4.1.7.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\Users\Public\Desktop\ProtonVPN.lnk -> C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe ()
Shortcut: C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games\League of Legends.lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=league_of_legends --launch-patchline=live
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games\VALORANT.lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=valorant --launch-patchline=live
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pulse Secure\Pulse Secure.lnk -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\Pulse.exe () -> -show
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pulse Secure\Reparieren Pulse.lnk -> C:\Program Files (x86)\Pulse Secure\Pulse\PulseUninstall.exe (${NEO_COMPANY_FULL_NAME}) -> /repair=1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1\LibreOffice (abgesicherter Modus).lnk -> C:\Program Files\LibreOffice\program\soffice.exe (The Document Foundation) -> --safe-mode
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends\League of Legends.lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=league_of_legends --launch-patchline=live
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\locma\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\locma\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\locma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\locma\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Max\Desktop\Discord.lnk -> C:\Users\Max\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\Max\Desktop\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\Max\Desktop\League of Legends.lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=league_of_legends --launch-patchline=live
ShortcutWithArgument: C:\Users\Max\Desktop\Pulse Secure.lnk -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\Pulse.exe () -> -show
ShortcutWithArgument: C:\Users\Max\Desktop\VALORANT.lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=valorant --launch-patchline=live
ShortcutWithArgument: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\Max\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Video Communications, Inc.) -> /uninstall
ShortcutWithArgument: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games\Legends of Runeterra (2).lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=bacon --launch-patchline=live
ShortcutWithArgument: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord.lnk -> C:\Users\Max\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\Max\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Max\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Discord.lnk -> C:\Users\Max\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\4ac866364817f10c\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Max\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.0\MiniTool Partition Wizard Free on the Web.url -> URL: hxxp://www.partitionwizard.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot\Learn More.url -> URL: hxxp://app.prntscr.com/learnmore.html
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot\Screenshot history.url -> URL: hxxp://app.prntscr.com/about-gallery.html
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Besuchen Sie Java.com.url -> URL: hxxps://java.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Hilfe aufrufen.url -> URL: hxxps://java.com/help
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL ->
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> URL: hxxp://www.ccleaner.com/ccleaner
InternetURL: C:\Users\locma\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Max\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Max\Favorites\Links\Apple.url -> URL: hxxps://www.apple.com/de/
InternetURL: C:\Users\Max\Favorites\Links\Bing.url -> URL: hxxps://www.bing.com/
InternetURL: C:\Users\Max\Favorites\Links\Google.url -> URL: hxxps://www.google.com/?client=safari&channel=iphone_bm
InternetURL: C:\Users\Max\Favorites\Links\Yahoo.url -> URL: hxxps://de.yahoo.com/
InternetURL: C:\Users\Max\Dropbox\Get Started with Dropbox Paper.url -> URL: hxxps://www.dropbox.com/login?_tk=dropbox_desktop_urlfile&cont=https%3A%2F%2Fpaper.dropbox.com%2Fpad%2Fopen-or-create-sample%2Fintro®ister_cont=https%3A%2F%2Fpaper.dropbox.com%2Fpad%2Fopen-or-create-sample%2Fintro
InternetURL: C:\Users\Max\Desktop\Phasmophobia.url -> URL: steam://rungameid/739630
InternetURL: C:\Users\Max\Desktop\VRChat.url -> URL: steam://rungameid/438100
InternetURL: C:\Users\Max\Desktop\Wallpaper Engine.url -> URL: steam://rungameid/431960
InternetURL: C:\Users\Max\Desktop\Unterlagen\Bewerbung\lebenslaufmuster1\Premium Bewerbungsvorlagen*-*BewerbungsDesigns.de.URL -> URL: hxxps://www.bewerbungsdesigns.de/
InternetURL: C:\Users\Max\Desktop\Twitch\Minimal Alert Maker - Nerd or Die\Minimal Alert Maker - Nerd or Die\Quick Setup Alert Maker - Streamlabs.url -> URL: hxxps://streamlabs.com/profile/share/alert_box/15968183/32740b3ba2325363d291a5dfebacf560?s=1
InternetURL: C:\Users\Max\Desktop\Twitch\Minimal Alert Maker - Nerd or Die\Minimal Alert Maker - Nerd or Die\Video Guide\Free Alert Maker - Minimal Design for Twitch, YouTube Gaming, and Mixer - YouTube.url -> URL: hxxps://www.youtube.com/watch?v=amkW-GGpZdc
InternetURL: C:\Users\Max\Desktop\Twitch\Minimal Alert Maker - Nerd or Die\Minimal Alert Maker - Nerd or Die\Setup Guide\Free Minimal Alert Maker - Nerd or Die.url -> URL: hxxps://nerdordie.com/free-minimal-alert-maker/
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\WAProd_Free_Tech_House_Tools\25% DISCOUNT -Buy More Samples Here.url -> URL: hxxp://waproduction-samples.com/
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\WAProd_Free_Tech_House_Tools\FREE Downloads From W. A. Production.url -> URL: hxxps://soundcloud.com/w-a-production/sets/free-downloads
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\WAProd_FREE_Progressive_House_drums2\25% DISCOUNT - Buy More Samples Here.url -> URL: hxxp://waproduction-samples.com/
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\WAProd_FREE_Progressive_House_drums2\FREE Downloads From W. A. Production.url -> URL: hxxps://soundcloud.com/w-a-production/sets/free-downloads
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\WAProd_Free_Hybrid_Trap_Drums\25% DISCOUNT -Buy More Samples Here.url -> URL: hxxp://waproduction-samples.com/
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\WAProd_Free_Hybrid_Trap_Drums\FREE Downloads From W. A. Production.url -> URL: hxxps://www.facebook.com/waproductioncz
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\WAProd_Free_Future_Bass_Drums\25% DISCOUNT -Buy More Samples Here.url -> URL: hxxp://waproduction-samples.com/
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\WAProd_Free_Future_Bass_Drums\FREE Downloads From W. A. Production.url -> URL: hxxps://www.facebook.com/waproductioncz
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\Sounds of KSHMR Vol. 1 (Splice)\Sounds of KSHMR Vol. 1 (Splice)\Splice Sounds of KSHMR Presets\sounds-of-kshmr-vol-1.url -> URL: hxxps://splice.com/sounds/splice/sounds-of-kshmr-vol-1
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\Fl Studio Sample Packs\Julians Premium Samples\WAProd_Free_Tech_House_Tools\25% DISCOUNT -Buy More Samples Here.url -> URL: hxxp://waproduction-samples.com/
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\Fl Studio Sample Packs\Julians Premium Samples\WAProd_Free_Tech_House_Tools\FREE Downloads From W. A. Production.url -> URL: hxxps://soundcloud.com/w-a-production/sets/free-downloads
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\Fl Studio Sample Packs\Julians Premium Samples\WAProd_FREE_Progressive_House_drums2\25% DISCOUNT - Buy More Samples Here.url -> URL: hxxp://waproduction-samples.com/
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\Fl Studio Sample Packs\Julians Premium Samples\WAProd_FREE_Progressive_House_drums2\FREE Downloads From W. A. Production.url -> URL: hxxps://soundcloud.com/w-a-production/sets/free-downloads
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\Fl Studio Sample Packs\Julians Premium Samples\WAProd_Free_Hybrid_Trap_Drums\25% DISCOUNT -Buy More Samples Here.url -> URL: hxxp://waproduction-samples.com/
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\Fl Studio Sample Packs\Julians Premium Samples\WAProd_Free_Hybrid_Trap_Drums\FREE Downloads From W. A. Production.url -> URL: hxxps://www.facebook.com/waproductioncz
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\Fl Studio Sample Packs\Julians Premium Samples\WAProd_Free_Future_Bass_Drums\25% DISCOUNT -Buy More Samples Here.url -> URL: hxxp://waproduction-samples.com/
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\Fl Studio Sample Packs\Julians Premium Samples\WAProd_Free_Future_Bass_Drums\FREE Downloads From W. A. Production.url -> URL: hxxps://www.facebook.com/waproductioncz
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\Fl Studio Sample Packs\Julians Premium Samples\Sounds of KSHMR Vol. 1 (Splice)\Sounds of KSHMR Vol. 1 (Splice)\Splice Sounds of KSHMR Presets\sounds-of-kshmr-vol-1.url -> URL: hxxps://splice.com/sounds/splice/sounds-of-kshmr-vol-1
InternetURL: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Wallpaper Engine.url -> URL: steam://rungameid/431960
==================== Ende vom Shortcut.txt =============================
|
|
05.05.2021, 12:38
| #9 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PUP.Optional.DefaultSearch | Malwarebytes findet immer wieder die selbe BedrohungZitat:
 Was hat dieser ganze Krempel von ASUS auf dem Rechner zu suchen, wozu soll das gut sein? Und sowas wie Patriot Viper M2 SSD RGB ist ja nun auch unnötig. Auf jeden Fall muss das hier deinstalliert werden: - CCleaner - OpenOffice
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.05.2021, 13:59
| #10 | |
| | PUP.Optional.DefaultSearch | Malwarebytes findet immer wieder die selbe BedrohungZitat:
CCleaner habe ich deinstalliert, OpenOffice jedoch benutze ich öfters. Wieso sollte ich das Programm denn deinstallieren? "Patriot Viper M2 SSD RGB" ist meine SSD-Karte, richtig? Die habe ich damit mein PC schneller hochfährt und weil ich wenig Platz auf meiner Festplatte C hatte. Leider weiß ich nicht was du mit "ASUS Krempel" meinst. Habe ich etwa unnötige Dateien heruntergeladen? Und zu Adobe Premiere Pro: Das benutze ich für meine YouTube Videos. |
|
05.05.2021, 14:02
| #11 | |||
| /// Winkelfunktion /// TB-Süch-Tiger™ | PUP.Optional.DefaultSearch | Malwarebytes findet immer wieder die selbe BedrohungZitat:
OpenOffice ist veraltet. Das bekommt nur noch höchsten selten Updates. Das Team, das das betreut ist nur noch eine Rumpftruppe, nachdem Oracle Sun übernommen hat sind fast alle Entwickler zu LibreOffice gewechselt. Und deswegen rät man schon seit 10 Jahren zu LibreOffice statt zu OpenOffice. Zitat:
Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.05.2021, 15:52
| #12 |
| | PUP.Optional.DefaultSearch | Malwarebytes findet immer wieder die selbe Bedrohung Ok, ich habe alle genannten Programme außer den ASUS Kram gelöscht, weil ich nicht weiß wo ich den Krempel finde. Aber gut, dass du mich darauf hinweist. Was ist denn jetzt eigentlich mit meinem eigentlichem Problem: PUP.Optional.DefaultSearch ? |
|
05.05.2021, 16:10
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PUP.Optional.DefaultSearch | Malwarebytes findet immer wieder die selbe Bedrohung Unnötigen Krempel deinstallieren gehört zum Reinigungsprozess! Oder glaubste ich entfern nur was zu den Funden gehörte und lasse uralte oder völlig unsinnige Programme drauf? Wäre ziemlich sinnfrei oder? Programme deinstalliert man über die Systemsteuerung. Drück Windows-Taste+R und tipp ins Ausführenfeld appwiz.cpl ein, dann erscheint auch die Liste der Software so wie man das bei Windows 7 auch kennt.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.05.2021, 11:20
| #14 |
| | PUP.Optional.DefaultSearch | Malwarebytes findet immer wieder die selbe Bedrohung Ich weiß wie man Programme deinstalliert, jedoch finde ich auf der Liste der nichts mit ASUS :/ |
|
07.05.2021, 14:44
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PUP.Optional.DefaultSearch | Malwarebytes findet immer wieder die selbe Bedrohung adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. adwcleaner zwecks Kontrolle bitte wiederholen, falls es Funde gab.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu PUP.Optional.DefaultSearch | Malwarebytes findet immer wieder die selbe Bedrohung |
| aktion, appdata, bedrohung, bedrohungen, browser, build, bösartige, confused, elemente, entfern, firefox, gen, gestartet, https, immer wieder, irgendetwas, kurzem, malware?, malwarebytes, mozilla, mozilla firefox, objekte, pup.optional.defaultsearch, quara, quarantäne, roaming, scan, schei, search, taucht, troja, trojaner, users, viren, virus, windows |
Linear-Darstellung
