Liebes Trojanerboard-Team,

seit einigen Tagen ist mein Rechner auffällig langsam und gestern habe ich eine Virenwarnung erhalten (kann die leider nicht posten). Gestern habe ich CC: Cleaner drüberlaufen lassen, dennoch ist der Rechner weiterhin langsamer als gewöhnlich und ich bin unsicher, ob alles wieder ok ist. Wäre sehr dankbar, wenn Ihe über die folgenden logfiles drüberschauen und mir einen Rat geben könntet, wie ich weiter verfahren soll/ kann.

Danke sehr im Voraus und beste Grüße! Zac

FRST Text:


FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-05-2021
durchgeführt von ***** (Administrator) auf ***** (ASUSTeK COMPUTER INC. N550JK) (18-05-2021 18:36:04)
Gestartet von C:\Users\*****\Downloads
Geladene Profile: UpdatusUser & *****
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AdoptOpenJDK) [Datei ist nicht signiert] C:\Users\Public\Documents\RED Medical Commander\jre\11.0.7_10\bin\javaw.exe
(ASUS Cloud Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\122.4.4867\QtWebEngineProcess.exe <3>
(Hanwang Technology Co., LTD -> Hanwang Technology Co.,Ltd.) C:\Program Files\ASUS\ASUS FaceID\HWFaceKeyService.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP OfficeJet 3830 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Corporation) [Datei ist nicht signiert] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\4.1.106.0\McCSPServiceHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_12\mcapexe.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\MAT\McPvTray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\MQS\QcShm.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\browserhost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.13929.20372\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19750_none_fa39f32f9b2d0928\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <9>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 6\updater-ws.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 6\ws.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Securepoint GmbH -> ) [Datei ist nicht signiert] C:\Program Files (x86)\Securepoint SSL VPN\SPSSLVpnService.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7818552 2013-11-07] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1063200 2013-10-18] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-13] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ASUSWSLoader.exe [63296 2013-08-16] (ASUS Cloud Corporation -> )
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-10] (CyberLink Corp. -> cyberlink)
HKLM-x32\...\Run: [ASUS InstantKey] => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [13936 2014-01-20] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8172264 2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-2088324930-380084447-817914727-1002\...\Run: [HP OfficeJet 3830 series (NET)] => C:\Program Files\HP\HP OfficeJet 3830 series\Bin\ScanToPCActivationApp.exe [3770504 2017-03-27] (Hewlett Packard -> HP Inc.)
HKU\S-1-5-21-2088324930-380084447-817914727-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33698888 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2088324930-380084447-817914727-1002\...\MountPoints2: {3f28f187-0059-11e8-827d-ac7ba1b03bc7} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL F:\index.html
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\EPSON WF-3520 Series 64MonitorBE: C:\Windows\system32\E_YLMJJE.DLL [120320 2011-04-19] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [558592 2012-11-12] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\HP E511 Status Monitor: C:\Windows\system32\hpinkstsE511LM.dll [393352 2017-03-09] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\Windows\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [117248 2018-04-14] (pdfforge GmbH) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-17] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.92\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\...\Authentication\Credential Providers: [{b84ca702-35a8-4e67-8d2a-6c2807b297d3}] -> C:\Windows\system32\FaceCredentialProvider.dll [2013-12-11] (Hanwang Technology Co., LTD -> Hanwang Technology Co.,Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2018-07-22]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RED Commander.lnk [2020-12-16]
ShortcutTarget: RED Commander.lnk -> C:\Users\Public\Documents\RED Medical Commander\commander-launcher.bat () [Datei ist nicht signiert]

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {015A19A5-8A39-4389-84D2-585FA1FA8072} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-03-31] (Dropbox, Inc -> Dropbox, Inc.)
Task: {087F63C4-3CAC-4623-8EEA-A8017DB5EFC9} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2013-12-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {099B9CF9-7985-4E06-90C7-367C6356E1CB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-30] (Google LLC -> Google LLC)
Task: {0AEDA0D3-5B7A-4622-8ED0-C5EB71593A20} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143672 2019-04-02] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {18E2236E-0D1B-499E-A2BF-4C27E4FE820F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114048 2021-05-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F70D3BE-D6E5-43B9-AC19-57F1146DC602} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [995848 2021-03-29] (McAfee, LLC -> McAfee, LLC)
Task: {227FC87F-5BD0-4B88-9EE8-14796422AAD0} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18232 2014-02-13] (ASUSTeK Computer Inc. -> AsusTek)
Task: {2B854CF2-77C5-4021-8377-A8C529731C08} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19647568 2014-01-16] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {3DAE6454-77C3-4526-BAFA-456A4A6016B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-30] (Google LLC -> Google LLC)
Task: {4013CA0E-12A0-42C9-820D-0DFE00AE4885} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [181360 2013-10-07] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {4B97D069-AC6E-4109-A099-CFAECBBEB0A9} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [74112 2013-08-29] (ASUSTeK Computer Inc. -> )
Task: {518C67BB-81AF-499C-A80E-0B0D16CF0AA2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28082760 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5A6DBF35-9A61-4BDF-9A1E-8EB259AE9302} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [740760 2021-03-31] (McAfee, LLC -> McAfee, LLC)
Task: {5EBD96BE-8B65-448C-B2E8-227B9A45BE86} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [642544 2021-05-11] (Mozilla Corporation -> Mozilla Foundation)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" wurde entsperrt. <==== ACHTUNG
Task: {60D58043-E601-48F5-9E86-A4BC10FF3DF5} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [995848 2021-03-29] (McAfee, LLC -> McAfee, LLC)
Task: {6DEBA7D1-3946-42F4-ABAF-21630AEEE682} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-03-31] (Dropbox, Inc -> Dropbox, Inc.)
Task: {8F62B996-CFC1-497F-A060-5E5D930B520F} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.6.102\DADUpdater.exe [4114728 2021-04-26] (McAfee, LLC -> McAfee, LLC)
Task: {9404DA04-777A-4960-9D5E-180C879AE301} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {A4969B2E-FB1D-49E1-AB26-81E5E28BEF0D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114000 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {BBE9E92E-435B-41F3-9C58-57F7608E290D} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1038648 2013-08-29] (ASUSTeK Computer Inc. -> ASUS)
Task: {BF254445-79CE-4A72-A7A4-E6E6E4B37CC7} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [1957040 2013-11-04] (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert]
Task: {BFED9617-56A6-447D-9A1C-BACA083DC5B7} - System32\Tasks\ASUS Console => C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe [2278168 2013-12-26] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {C6B0EE01-0AD5-4E6C-A5D5-6FE75921EF56} - System32\Tasks\Teamviewer-QS-updater-rj57qaw => C:\Users\*****\AppData\Local\TeamViewer\CustomConfigs\rj57qaw\TeamViewer.exe [33996568 2021-02-04] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
Task: {D375FDD2-29C5-461C-A378-BAC71C9E7BD1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-04-22] (Piriform Software Ltd -> Piriform)
Task: {D3A5A5E4-45DF-4F57-82E8-CCF92E85AA17} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [55880 2013-10-07] (ASUSTeK Computer Inc. -> ASUS)
Task: {E7A5E4D5-D34B-4C53-B7E4-53EA6272BA91} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13663448 2014-01-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {EE5D2AF8-1330-4533-8AD5-1ADFB91230B8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4BB10D7-6A5B-407A-844F-5B76B218924F} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\Teamviewer-QS-updater-rj57qaw.job => C:\Users\*****\AppData\Local\TeamViewer\CustomConfigs\rj57qaw\TeamViewer.exe
Task: C:\Windows\Tasks\WebReg HP Photosmart C4400 Series.job => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1B1D22E7-8FEC-4AEE-BC32-CA56675AC5F1}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{326C1471-C576-4E11-88CD-5ED2029D0E51}: [DhcpNameServer] 192.168.2.1

Edge: 
=======
Edge Profile: C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-17]

FireFox:
========
FF DefaultProfile: ij57dgfr.default
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ij57dgfr.default [2021-05-18]
FF Homepage: Mozilla\Firefox\Profiles\ij57dgfr.default -> hxxps://www.google.de/webhp?hl=de&sa=X&ved=0ahUKEwjqzbqolMjWAhWmOsAKHYjaCNIQPAgD
FF Notifications: Mozilla\Firefox\Profiles\ij57dgfr.default -> hxxps://www.facebook.com
FF NewTabOverride: Mozilla\Firefox\Profiles\ij57dgfr.default -> Disabled: browser-mailcheck@gmx.net
FF Extension: (GMX MailCheck) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ij57dgfr.default\Extensions\browser-mailcheck@gmx.net.xpi [2021-04-27] [UpdateUrl:hxxps://dl.gmx.net/mailcheck/firefox/mozupdates.json]
FF Extension: (GMX MailCheck) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\browser-mailcheck@gmx.net.xpi [2018-10-18] [UpdateUrl:hxxps://dl.gmx.net/mailcheck/firefox/mozupdates.json]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-05-17] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM\...\Firefox\Extensions: [pdf_architect_6_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 6\creator\plugins\FirefoxAddin\pdf_architect_6_conv_v.2@pdfforge.org.xpi
FF Extension: (PDF Architect 6 Creator) - C:\Program Files\PDF Architect 6\creator\plugins\FirefoxAddin\pdf_architect_6_conv_v.2@pdfforge.org.xpi [2018-09-18]
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_6_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 6\creator\plugins\FirefoxAddin\pdf_architect_6_conv_v.2@pdfforge.org.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2021-04-18] [] [ist nicht signiert]
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2021-03-31] (McAfee, LLC -> )
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2021-03-31] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] (WildTangent Inc -> )
FF Plugin-x32: PDF Architect 6 -> C:\Program Files (x86)\PDF Architect 6\np-previewer.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)

Chrome: 
=======
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default [2021-05-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-20]
CHR Extension: (Chrome Media Router) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-17]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ASUS FaceID Service; C:\Program Files\ASUS\ASUS FaceID\HWFaceKeyService.exe [261648 2013-10-24] (Hanwang Technology Co., LTD -> Hanwang Technology Co.,Ltd.)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUSTeK Computer Inc. -> ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8798600 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1508656 2018-05-31] (McAfee, Inc. -> McAfee, Inc.)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-10] (CyberLink Corp. -> CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-03-31] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-03-31] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [44272 2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-09] (WildTangent Inc -> WildTangent)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [129992 2014-01-19] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971976 2021-05-17] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_12\McApExe.exe [780032 2021-03-31] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\4.1.106.0\\McCSPServiceHost.exe [2787160 2021-03-29] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [645736 2020-12-10] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [645736 2020-12-10] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [645736 2020-12-10] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1631736 2021-03-29] (McAfee, LLC -> McAfee, LLC)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R3 PDF Architect 6; C:\Program Files\PDF Architect 6\ws.exe [2569976 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 6 Creator; C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe [832248 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 6 Update Service; C:\Program Files\PDF Architect 6\updater-ws.exe [1665272 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4241112 2021-03-29] (McAfee, LLC -> McAfee, LLC)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Securepoint VPN; C:\Program Files (x86)\Securepoint SSL VPN\SPSSLVpnService.exe [45720 2016-10-10] (Securepoint GmbH -> ) [Datei ist nicht signiert]
S3 SmartVPNService; C:\Program Files (x86)\DrayTek\Smart VPN Client\SmartVPNService.exe [35536 2019-05-02] (Draytek -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70928 2014-02-13] (ASUSTeK Computer Inc. -> ASUS Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [75712 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [218960 2020-05-26] (McAfee, LLC -> McAfee, Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> )
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [89112 2021-01-18] (McAfee, LLC -> McAfee, LLC)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [544704 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [385984 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85944 2020-12-11] (Microsoft Windows Early Launch Anti-Malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522176 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [1027520 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [608192 2020-12-17] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [107968 2020-12-17] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [116672 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [252352 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\Windows\system32\DRIVERS\tap0901.sys [43472 2021-03-30] (McAfee, LLC -> The OpenVPN Project)
R3 VPPP; C:\Windows\system32\DRIVERS\VPPP.sys [37584 2018-11-28] (Draytek -> DrayTek, Corp.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-05-18 18:36 - 2021-05-18 18:39 - 000032544 _____ C:\Users\*****\Downloads\FRST.txt
2021-05-18 18:33 - 2021-05-18 18:37 - 000000000 ____D C:\FRST
2021-05-18 18:32 - 2021-05-18 18:32 - 002299392 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2021-05-17 15:56 - 2021-04-06 08:51 - 001678056 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-05-17 15:18 - 2021-05-18 18:27 - 000000000 ____D C:\Program Files\CCleaner
2021-05-17 15:18 - 2021-05-18 18:16 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-05-17 15:18 - 2021-05-17 15:18 - 000002802 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-05-17 15:18 - 2021-05-17 15:18 - 000000836 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-05-17 15:18 - 2021-05-17 15:18 - 000000836 _____ C:\ProgramData\Desktop\CCleaner.lnk
2021-05-17 15:18 - 2021-05-17 15:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-05-17 15:14 - 2021-05-17 15:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-05-17 15:03 - 2021-05-17 15:03 - 000002113 _____ C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2021.lnk
2021-05-17 15:03 - 2021-05-17 15:03 - 000002113 _____ C:\ProgramData\Desktop\WISO Steuer-Sparbuch 2021.lnk
2021-05-17 15:03 - 2021-05-17 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2021
2021-05-17 14:23 - 2021-05-17 14:24 - 622911824 _____ C:\Users\*****\Downloads\WISOSteuersoftware2021.exe
2021-05-17 14:17 - 2021-05-17 14:17 - 000002113 _____ C:\Users\Public\Desktop\WISO steuer Sparbuch 2020.lnk
2021-05-17 14:17 - 2021-05-17 14:17 - 000002113 _____ C:\ProgramData\Desktop\WISO steuer Sparbuch 2020.lnk
2021-05-17 14:17 - 2021-05-17 14:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Sparbuch 2020
2021-05-17 14:03 - 2021-05-17 14:04 - 576211648 _____ C:\Users\*****\Downloads\WISOSteuersoftware2020.exe
2021-05-11 23:25 - 2021-05-11 23:25 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2021-05-11 23:25 - 2021-05-11 23:25 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2021-05-11 23:25 - 2021-05-11 23:25 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2021-05-11 23:25 - 2021-05-11 23:25 - 000044272 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2021-05-11 07:19 - 2021-05-11 07:19 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-05-10 15:01 - 2021-05-10 15:01 - 002014971 _____ C:\Users\*****\Desktop\LEAIND-D-20-00459_R1_reviewer-1.pdf
2021-05-10 14:53 - 2021-05-10 15:00 - 002042623 _____ C:\Users\*****\Downloads\LEAIND-D-20-00459_R1_reviewer.pdf
2021-05-10 14:53 - 2021-05-10 15:00 - 000000000 ____D C:\Users\*****\AppData\Local\Adobe
2021-04-27 19:50 - 2021-05-18 18:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-04-18 14:20 - 2021-04-18 14:20 - 000000000 ____D C:\Users\*****\Desktop\Wohnung_Aule
2021-04-18 13:39 - 2021-01-18 02:58 - 000089112 _____ (McAfee, LLC) C:\Windows\system32\Drivers\McPvDrv.sys
2021-04-18 13:38 - 2021-03-30 16:21 - 000043472 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-05-18 18:39 - 2013-08-22 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-18 18:36 - 2013-12-13 06:08 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-05-18 18:30 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2021-05-18 18:18 - 2019-02-10 19:43 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-18 18:18 - 2017-02-10 15:50 - 000003918 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{6AD40EF4-85B6-43B8-9B04-C30598223A51}
2021-05-18 18:18 - 2017-02-10 15:50 - 000003594 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2088324930-380084447-817914727-1002
2021-05-18 18:17 - 2017-02-10 16:09 - 000000000 ____D C:\Users\*****\AppData\LocalLow\Mozilla
2021-05-18 18:17 - 2017-02-10 15:48 - 000000000 ___DO C:\Users\*****\SkyDrive
2021-05-18 18:17 - 2017-02-10 15:45 - 000000074 _____ C:\Users\*****\AppData\Roaming\sp_data.sys
2021-05-18 18:16 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2021-05-18 18:14 - 2020-12-16 12:30 - 000000000 __RSD C:\Users\*****\Documents\McAfee-Tresore
2021-05-18 18:13 - 2019-03-31 19:59 - 000001220 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2021-05-18 18:10 - 2017-04-18 18:06 - 000000000 ____D C:\Windows\system32\Tasks\McAfee
2021-05-18 18:10 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-05-18 18:10 - 2013-08-22 16:44 - 000368696 _____ C:\Windows\system32\FNTCACHE.DAT
2021-05-18 18:09 - 2017-02-10 16:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-05-17 19:17 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2021-05-17 19:14 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2021-05-17 19:06 - 2019-03-31 19:59 - 000001224 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2021-05-17 18:48 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2021-05-17 18:33 - 2017-02-10 21:47 - 000000000 ____D C:\Windows\system32\MRT
2021-05-17 18:22 - 2017-02-10 21:47 - 132732536 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-05-17 16:25 - 2020-01-30 19:31 - 000002238 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-17 16:25 - 2020-01-30 19:31 - 000002197 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-17 16:25 - 2020-01-30 19:31 - 000002197 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-05-17 15:33 - 2017-02-13 17:54 - 000000000 ____D C:\Program Files\PDFCreator
2021-05-17 15:28 - 2013-12-13 13:45 - 000000000 ____D C:\Windows\Panther
2021-05-17 15:27 - 2018-06-22 12:24 - 000000000 ____D C:\Windows\Minidump
2021-05-17 15:15 - 2019-03-31 19:59 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-05-17 15:09 - 2017-03-29 08:05 - 000000000 ____D C:\Users\*****\AppData\Local\Buhl
2021-05-17 15:01 - 2017-03-29 08:02 - 000000000 ____D C:\Program Files (x86)\WISO
2021-05-17 15:01 - 2014-04-09 22:42 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-05-17 14:45 - 2017-03-29 08:02 - 000000000 ____D C:\ProgramData\Buhl Data Service GmbH
2021-05-17 14:37 - 2017-07-26 07:53 - 000003168 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2088324930-380084447-817914727-1002
2021-05-17 14:33 - 2020-10-30 17:32 - 000002353 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2021-05-11 07:19 - 2017-02-10 16:09 - 000001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-05-10 11:01 - 2019-03-31 19:59 - 000004196 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineUA
2021-05-10 11:01 - 2019-03-31 19:59 - 000003960 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineCore
2021-05-05 07:29 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\FxsTmp
2021-05-05 07:28 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2021-05-05 06:55 - 2019-06-10 21:35 - 000000000 ____D C:\Users\*****\AppData\Roaming\Securepoint SSL VPN
2021-04-27 19:21 - 2020-01-30 19:31 - 000003544 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-27 19:21 - 2020-01-30 19:31 - 000003416 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-18 14:31 - 2013-12-13 13:04 - 000759378 _____ C:\Windows\system32\perfh007.dat
2021-04-18 14:31 - 2013-12-13 13:04 - 000156604 _____ C:\Windows\system32\perfc007.dat
2021-04-18 14:31 - 2013-12-13 06:09 - 001769264 _____ C:\Windows\system32\PerfStringBackup.INI
2021-04-18 14:26 - 2014-04-09 23:05 - 000000000 ____D C:\Program Files (x86)\McAfee
2021-04-18 14:20 - 2020-08-01 08:28 - 000000000 ____D C:\Users\*****\Desktop\DGVT
2021-04-18 14:19 - 2020-11-08 17:18 - 000000000 ____D C:\Users\*****\Desktop\Materialien_Gruppe
2021-04-18 14:18 - 2021-02-16 18:50 - 000000000 ____D C:\Users\*****\Desktop\Handyfotos_Berlin
2021-04-18 14:18 - 2017-02-13 11:01 - 000000000 ____D C:\Users\*****\Desktop\be
2021-04-18 14:18 - 1980-02-16 09:06 - 000000000 ___RD C:\Users\*****\Desktop\Eigene Bilder
2021-04-18 14:17 - 2020-08-01 09:14 - 000000000 ____D C:\Users\*****\Desktop\Self-compassion
2021-04-18 14:17 - 2020-08-01 08:24 - 000000000 ____D C:\Users\*****\Desktop\Fälle
2021-04-18 14:17 - 2018-08-05 19:26 - 000000000 ____D C:\Users\*****\Desktop\SChool_BO_Extras
2021-04-18 14:04 - 2021-01-06 15:34 - 000000000 ____D C:\Users\*****\Desktop\Protokolle_AG_RV
2021-04-18 13:39 - 2017-04-18 18:02 - 000000000 ____D C:\Program Files\Common Files\McAfee
2021-04-18 13:37 - 2020-02-12 20:48 - 000003272 _____ C:\Windows\system32\Tasks\McAfeeLogon
2021-04-18 13:29 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2017-02-10 15:45 - 2021-05-18 18:17 - 000000074 _____ () C:\Users\*****\AppData\Roaming\sp_data.sys

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)


LastRegBack: 2021-05-05 07:16
==================== Ende von FRST.txt ========================
         

--- --- ---


FRST Addition:

FRST Additions Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-05-2021
durchgeführt von ***** (18-05-2021 18:41:11)
Gestartet von C:\Users\*****\Downloads
Windows 8.1 (Update) (X64) (2017-02-10 13:44:26)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2088324930-380084447-817914727-500 - Administrator - Disabled)
Gast (S-1-5-21-2088324930-380084447-817914727-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2088324930-380084447-817914727-1004 - Limited - Enabled)
***** (S-1-5-21-2088324930-380084447-817914727-1002 - Administrator - Enabled) => C:\Users\*****
UpdatusUser (S-1-5-21-2088324930-380084447-817914727-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AS: McAfee VirusScan (Enabled - Up to date) {2624E002-54CC-27F9-FD39-B2DD14D41191}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
ASUS Console (HKLM\...\{6D989E08-8143-4AB8-B0A8-5B836235CAA4}) (Version: 1.0.4 - ASUS)
Asus FaceID (HKLM-x32\...\{C4071085-DDF0-403F-90F9-27582FC22C9B}) (Version: 7.6.8.3 - ASUS)
ASUS Instant Key (HKLM-x32\...\{D97A1B80-131F-4692-9543-E652956D8B99}) (Version: 1.1.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.8 - ASUSTeK COMPUTER INC.)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.6 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.2 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.10 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.8 - ASUS)
ASUSDVD (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5712.52 - CyberLink Corp.) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5712.52 - CyberLink Corp.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.79 - Piriform)
DrayTek Smart VPN Client (HKLM-x32\...\DrayTek Smart VPN Client) (Version:  - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 122.4.4867 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{1028AD34-EB8A-4136-9A93-27FC60FD0A40}) (Version: 4.4.11 - Seiko Epson Corporation)
EPSON WF-3520 Series Printer Uninstall (HKLM\...\EPSON WF-3520 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
FastImageResizer (remove only) (HKLM-x32\...\FastImageResizer) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.15 - Google Inc.) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Dropbox Plugin (HKLM-x32\...\{1E18E86D-632C-48B5-962C-B60C2E53A478}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{039DDA62-50CC-4E7F-9D54-7CF032A2D362}) (Version: 36.0.41.58587 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP OfficeJet 3830 series - Grundlegende Software für das Gerät (HKLM\...\{DAA02EA6-3D2E-4BF4-9110-9DFAE6FD9EB0}) (Version: 40.11.1119.1786 - HP Inc.)
HP OfficeJet 3830 series Hilfe (HKLM-x32\...\{99C52AB4-FBA3-4C12-9AC3-B19A3421EB96}) (Version: 35.0.0 - Hewlett Packard)
HP Photosmart C4400 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{886E586A-9121-4515-9C18-2C04202614B2}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
IBM SPSS Statistics 25 (HKLM\...\{C2D1E17D-CB8A-4742-84FA-1DB5C6A1ABDD}) (Version: 25.0.0.0 - IBM Corp)
Image Resizer for Windows (64 bit) (HKLM\...\{617CA6E9-D5FB-4017-8130-82E68C56C34D}) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{eff1d9d1-41fa-49ef-a986-082bfe49c293}) (Version: 16.8.0 - Intel Corporation)
McAfee LiveSafe   (HKLM-x32\...\MSC) (Version: 16.0 R31 - McAfee, LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.13929.20372 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2088324930-380084447-817914727-1002\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
Mozilla Firefox 88.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 88.0.1 (x86 de)) (Version: 88.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0 - Mozilla)
NVIDIA GeForce Experience 1.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7 - NVIDIA Corporation)
NVIDIA Graphics Driver 332.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.9 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13929.20372 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20372 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20372 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.13929.20372 - Microsoft Corporation) Hidden
PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.26.25466 - pdfforge GmbH)
PDF Architect 6 (HKLM-x32\...\PDF Architect 6) (Version: 6.1.19.842 - pdfforge GmbH)
PDF Architect 6 Create Module (HKLM\...\{A0ACB885-7CDD-4E43-9109-E49CF70E4039}) (Version: 6.1.24.1862 - pdfforge GmbH) Hidden
PDF Architect 6 Edit Module (HKLM\...\{FC39343C-732F-433E-9929-F9D08BA73792}) (Version: 6.1.24.1862 - pdfforge GmbH) Hidden
PDF Architect 6 View Module (HKLM\...\{7FFD0E0F-478A-4393-BBB0-4B20FAF5F3B7}) (Version: 6.1.24.1862 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.2.0 - pdfforge GmbH)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7135 - Realtek Semiconductor Corp.)
RED Medical Commander (HKU\S-1-5-21-2088324930-380084447-817914727-1002\...\RED Medical Commander) (Version:  - RED Medical Systems GmbH)
Securepoint SSL VPN (HKLM-x32\...\{BCF4AF1D-08EB-428F-B3E4-27BC2175D073}) (Version: 2.0.25 - Securepoint GmbH)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype Version 8.66 (HKLM-x32\...\Skype_is1) (Version: 8.66 - Skype Technologies S.A.)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WebAdvisor von McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.590 - McAfee, LLC)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.0.3.226 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.10.25 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse  (01/07/2014 1.0.0.197) (HKLM\...\2BEE838DC3D664A0CAB23AEA0332BB3877ED0685) (Version: 01/07/2014 1.0.0.197 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WISO steuer:Sparbuch 2017 (HKLM-x32\...\{1BDB1738-CC4A-4C88-BDC6-F74E787CAF2E}) (Version: 24.00.1375 - Buhl Data Service GmbH)
WISO steuer:Sparbuch 2018 (HKLM-x32\...\{424714F0-1065-4C86-AE89-78F7D33E9C8F}) (Version: 25.00.1359 - Buhl Data Service GmbH)
WISO steuer:Sparbuch 2019 (HKLM-x32\...\{C4146CBC-74D4-4D7F-A6BB-ED72BF3489B6}) (Version: 26.09.1982 - Buhl Data Service GmbH)
WISO steuer:Sparbuch 2020 (HKLM-x32\...\{A3D6A879-545F-4775-A299-E63F4BA4EE69}) (Version: 27.12.2340 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2021 (HKLM-x32\...\{544FD321-EE2A-40B2-8448-186D0A9B164F}) (Version: 28.06.2220 - Buhl Data Service GmbH)
Zoom (HKU\S-1-5-21-2088324930-380084447-817914727-1002\...\ZoomUMX) (Version: 5.5.4 (13142.0301) - Zoom Video Communications, Inc.)

Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2017-02-13] (WildTangent Games)
ASUS WebStorage -> C:\Program Files\WindowsApps\ASUSCloudCorporation.MobileFileExplorer_1.0.24.190_x86__wk4d32h0cvhem [2017-02-13] (ASUS Cloud Corporation)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.15133.0_x86__8wekyb3d8bbwe [2017-02-13] (Microsoft Corporation)
HP All-in-One Printer Remote -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_55.1.43.0_x86__v10z8vjag6ke6 [2020-01-30] (Hewlett-Packard Company)
MSN Finanzen -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2017-02-13] (Microsoft Corporation) [MS Ad]
MSN Gesundheit & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2017-02-13] (Microsoft Corporation) [MS Ad]
MSN Kochen & Genuss -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2017-02-13] (Microsoft Corporation) [MS Ad]
MSN Nachrichten -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2017-02-13] (Microsoft Corporation) [MS Ad]
MSN Reisen -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2017-02-13] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2017-02-13] (Microsoft Corporation) [MS Ad]
MSN Wetter -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2017-02-13] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_2.3.1055.0_x64__a2t3txkz9j1jw [2017-06-11] (MAGIX)
Musik -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2017-02-13] (Microsoft Corporation) [MS Ad]
Spiele -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2017-02-10] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_1.1.13.8_x64__wgeqdkkx372wm [2013-12-13] (Twitter Inc.)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2017-02-13] (Microsoft Corporation) [MS Ad]
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2017-02-13] (Zinio LLC)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2088324930-380084447-817914727-1002_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\*****\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => Keine Datei
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Image Resizer] -> {51B4D7E5-7568-4234-B4BB-47FB3C016A69} => C:\Program Files\Image Resizer for Windows\ShellExtensions.dll [2013-02-23] (Brice Lambson) [Datei ist nicht signiert]
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-03-31] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [PDFArchitect6_ManagerExt] -> {6508EEA0-C540-4420-AF21-64937A1536D0} => C:\Program Files\PDF Architect 6\context-menu.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2017-10-19] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSContextMenu.dll [2013-08-16] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2014-01-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-03-31] (McAfee, LLC -> McAfee, LLC)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RED Commander.lnk -> C:\Users\Public\Documents\RED Medical Commander\commander-launcher.bat ()
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RED Medical\RED Medical Commander.lnk -> C:\Users\Public\Documents\RED Medical Commander\commander-launcher.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2013-09-09 19:23 - 2013-09-09 19:23 - 000162816 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2021-02-08 12:15 - 2021-02-08 12:15 - 004596224 _____ (AdoptOpenJDK) [Datei ist nicht signiert] C:\Users\Public\Documents\RED Medical Commander\jre\11.0.7_10\bin\client\jvm.dll
2021-02-08 12:15 - 2021-02-08 12:15 - 000121856 _____ (AdoptOpenJDK) [Datei ist nicht signiert] C:\Users\Public\Documents\RED Medical Commander\jre\11.0.7_10\bin\java.dll
2021-02-08 12:15 - 2021-02-08 12:15 - 000015360 _____ (AdoptOpenJDK) [Datei ist nicht signiert] C:\Users\Public\Documents\RED Medical Commander\jre\11.0.7_10\bin\jimage.dll
2021-02-08 12:15 - 2021-02-08 12:15 - 000065536 _____ (AdoptOpenJDK) [Datei ist nicht signiert] C:\Users\Public\Documents\RED Medical Commander\jre\11.0.7_10\bin\jli.dll
2021-02-08 12:15 - 2021-02-08 12:15 - 000067072 _____ (AdoptOpenJDK) [Datei ist nicht signiert] C:\Users\Public\Documents\RED Medical Commander\jre\11.0.7_10\bin\net.dll
2021-02-08 12:15 - 2021-02-08 12:15 - 000044544 _____ (AdoptOpenJDK) [Datei ist nicht signiert] C:\Users\Public\Documents\RED Medical Commander\jre\11.0.7_10\bin\nio.dll
2021-02-08 12:15 - 2021-02-08 12:15 - 000133120 _____ (AdoptOpenJDK) [Datei ist nicht signiert] C:\Users\Public\Documents\RED Medical Commander\jre\11.0.7_10\bin\sunec.dll
2021-02-08 12:15 - 2021-02-08 12:15 - 000023552 _____ (AdoptOpenJDK) [Datei ist nicht signiert] C:\Users\Public\Documents\RED Medical Commander\jre\11.0.7_10\bin\sunmscapi.dll
2021-02-08 12:15 - 2021-02-08 12:15 - 000034816 _____ (AdoptOpenJDK) [Datei ist nicht signiert] C:\Users\Public\Documents\RED Medical Commander\jre\11.0.7_10\bin\verify.dll
2021-02-08 12:15 - 2021-02-08 12:15 - 000064000 _____ (AdoptOpenJDK) [Datei ist nicht signiert] C:\Users\Public\Documents\RED Medical Commander\jre\11.0.7_10\bin\zip.dll
2009-11-17 22:58 - 2009-11-17 22:58 - 000342656 _____ (Hewlett Packard -> Hewlett-Packard Co.) [Datei ist nicht signiert] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
2009-11-17 22:58 - 2009-11-17 22:58 - 000559232 _____ (Hewlett Packard -> Hewlett-Packard Co.) [Datei ist nicht signiert] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
2012-05-27 15:54 - 2012-05-27 15:54 - 000032768 _____ (Hewlett-Packard Co.) [Datei ist nicht signiert] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
2011-04-29 19:08 - 2011-04-29 19:08 - 000048128 _____ (Hewlett-Packard Co.) [Datei ist nicht signiert] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzipm12.dll
2021-05-18 18:15 - 2021-05-18 18:15 - 000207872 ____N (Java(TM) Native Access (JNA)) [Datei ist nicht signiert] C:\Users\*****\AppData\Local\Temp\jna-71933241\jna15468787793444620090.dll
2013-10-05 01:38 - 2013-10-05 01:38 - 000229536 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\Securepoint SSL VPN\MSVCP120.dll
2013-10-05 01:38 - 2013-10-05 01:38 - 000430752 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\Securepoint SSL VPN\MSVCR120.dll
2017-02-13 17:54 - 2018-04-14 13:28 - 000117248 _____ (pdfforge GmbH) [Datei ist nicht signiert] C:\Windows\System32\pdfcmon.dll
2018-05-31 19:19 - 2012-11-12 15:15 - 000558592 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Windows\System32\enppmon.dll
2018-05-31 19:19 - 2012-10-22 17:19 - 000219648 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Windows\System32\enpres.dll
2018-03-09 05:20 - 2018-03-09 05:20 - 000427520 _____ (The curl library, hxxps://curl.haxx.se/) [Datei ist nicht signiert] C:\Program Files\PDF Architect 6\libcurl.dll
2016-04-21 15:03 - 2016-04-21 15:03 - 002146816 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Securepoint SSL VPN\Qt5Core.dll
2016-03-03 13:15 - 2016-03-03 13:15 - 000328192 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Securepoint SSL VPN\Qt5Network.dll
2013-05-14 20:58 - 2013-05-14 20:58 - 001600000 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\Splendid\Alb_ASUSLib.dll
2013-05-24 18:31 - 2013-05-24 18:31 - 001609216 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:BDSDRMHK [64]
AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Application Data:BDSDRMHK [64]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKU\S-1-5-21-2088324930-380084447-817914727-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-2088324930-380084447-817914727-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
URLSearchHook: [S-1-5-21-2088324930-380084447-817914727-1001] ACHTUNG => Standard URLSearchHook fehlt
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-07] (Microsoft Corporation -> Microsoft Corporation)
BHO: PDF Architect 6 Helper -> {9FD094B1-A4BF-415A-82AE-8C2845D0B769} -> C:\Program Files\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-05-17] (McAfee, LLC -> McAfee, LLC)
BHO-x32: PDF Architect 6 Helper -> {9FD094B1-A4BF-415A-82AE-8C2845D0B769} -> C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-05-17] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation -> Microsoft Corporation.)
Toolbar: HKLM - PDF Architect 6 Toolbar - {E8536605-CA24-4DFF-B1BC-316EE27F6DF7} - C:\Program Files\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation -> Microsoft Corporation.)
Toolbar: HKLM-x32 - PDF Architect 6 Toolbar - {E8536605-CA24-4DFF-B1BC-316EE27F6DF7} - C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll Keine Datei
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2021-03-31] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2021-03-31] (McAfee, LLC -> McAfee, LLC)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\IBM\SPSS\Statistics\25\JRE\bin
HKU\S-1-5-21-2088324930-380084447-817914727-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\*****\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "Nvtmru"
HKLM\...\StartupApproved\Run32: => "ASUSPRP"
HKLM\...\StartupApproved\Run32: => "WebStorage"
HKLM\...\StartupApproved\Run32: => "BDRegion"
HKLM\...\StartupApproved\Run32: => "ASUS InstantKey"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{617571A7-D513-45A6-9CCB-AC636D004256}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{B6E42491-50D3-405A-A5B1-29884EC6DAFF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{A6064568-2583-43C1-A982-7ACF824660A9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8D9E0484-AB15-47A0-8731-2C68F6154A44}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{77F4BE9D-BBEA-406D-B7D6-3663AE236ADF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6E19C44A-B983-443E-9E5B-5EDBB86F9A92}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{88D9B0C4-B571-476A-A67D-854FC6542927}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{581CA6F3-CBEF-4202-A583-8C9AD0D7F227}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{608C14C5-DB1A-4A42-8AD9-2A72CE6C3B3F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{C1173FC9-885F-4655-BB21-1D2A58ADB419}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{ECA68777-68DA-4E97-A822-9F7EF0274610}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3679ECA5-ADD3-4552-B1CC-65970A51D68C}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{13C693AD-AB03-4B7A-BB97-C0AFB16700EC}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{68400F3D-F06E-4718-B903-EE7F983B8438}] => (Allow) C:\Users\*****\AppData\Local\Temp\EPSON WF-3520 Series_Home\Network\EpsonNetSetup\Data\ENEasyApp.exe => Keine Datei
FirewallRules: [{4F942FFD-81FD-4B6D-8522-A57D2F21EF62}] => (Allow) C:\Users\*****\AppData\Local\Temp\EPSON WF-3520 Series_Home\Network\EpsonNetSetup\Data\ENEasyApp.exe => Keine Datei
FirewallRules: [{B7BBDE14-E01C-4552-B076-56BD32A4A650}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{8ADDF190-B740-475D-A7FC-46B718EFB7CB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{E2098DDF-8C14-43EB-8437-FD3595A92625}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{1B8E8B8C-E763-4A98-A066-FAFAE2D5034A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{B70669C3-075C-47CD-B6D4-C6EBFD6F7DEC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{D72A7B14-AFD5-43C1-90DB-AE861D8361EC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{420BDD11-15EA-42FD-B7AB-1F525376EFD1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{EE7CAB5F-C76F-46CB-B21F-F0BDEB3FD56E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{D1109E71-DC26-4E3B-A1B1-32DF07C92C2E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard)
FirewallRules: [{AFA21CC5-5004-49EC-BC3D-43E2F2374F7F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.) [Datei ist nicht signiert]
FirewallRules: [{09598004-7ACE-4E08-AE05-D3621103FF47}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.) [Datei ist nicht signiert]
FirewallRules: [{E0EEEA54-D3C8-491F-AB3A-478FEB442BFF}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{9CACF6A1-527B-41A4-B9B7-46490960FE70}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\WinWrapIDE.exe (IBM -> IBM Corp.) [Datei ist nicht signiert]
FirewallRules: [{97A0DA5C-66A7-49DB-B817-E79D91B4CE0D}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.exe (IBM -> IBM Corp.) [Datei ist nicht signiert]
FirewallRules: [{4E8B4004-E9E8-4355-B35C-9A47AF82334D}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.com (IBM -> IBM Corp.) [Datei ist nicht signiert]
FirewallRules: [{8545527C-F655-423B-ABA2-7934CBB622B5}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\WinWrapIDE.exe (IBM -> IBM Corp.) [Datei ist nicht signiert]
FirewallRules: [{80F0DD68-83D8-4763-959E-85D1283FEEEA}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.exe (IBM -> IBM Corp.) [Datei ist nicht signiert]
FirewallRules: [{AF8EE19B-AC5B-4E17-8D18-CD9C7CF0D100}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.com (IBM -> IBM Corp.) [Datei ist nicht signiert]
FirewallRules: [{49B38510-35BE-4217-A112-832531B42C12}] => (Allow) C:\Program Files (x86)\DrayTek\Smart VPN Client\SmartVPNClient.exe (Draytek -> DrayTek Corp.)
FirewallRules: [{C44FE59F-698E-4A1A-8B7C-D0311945DC31}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS1CBE\HP.EasyStart.exe => Keine Datei
FirewallRules: [{C1F6F646-67D8-4234-828D-0C9ED277754D}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\FaxApplications.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{DE63DC83-D668-4989-972B-78AA2F3EFDC6}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{374041D9-6D87-4F13-8A69-932413378FFC}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\SendAFax.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{C6F5494F-E35E-4AC0-8F6A-6F7FB38BC08F}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{D4695AC5-90A6-4B92-9204-096A7CDBF669}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{9117504B-FB69-4A94-9FF6-804720A7B05D}] => (Allow) LPort=5357
FirewallRules: [{AD3CC971-2B98-4D92-8553-CDED8B61DF4F}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{60CB09CF-1021-4559-AE77-FF827651C937}] => (Allow) C:\Users\*****\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{F506D826-41DE-468D-A6D6-04FFCC28ED14}] => (Allow) C:\Users\*****\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{523ACEB9-7EF4-4766-B128-CBB236496A9F}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS3B53\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{106C950E-C9D2-40C2-8D5B-CC3287FDB153}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS3B53\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{82A9B6B6-2439-41A5-A2AA-75D8E76A9A14}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS65F1\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{58BEBC98-A79B-4A51-8AF0-4015209C670D}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS65F1\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{46AAFD5F-ED1F-4577-AE54-97647B3D721E}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS556D\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{F5FBFC44-22E1-4D4C-9F9F-B012E8BB416E}] => (Allow) C:\Users\*****\AppData\Local\Temp\7zS556D\HPDiagnosticCoreUI.exe => Keine Datei
FirewallRules: [{12A37939-B475-414C-A072-425AD7B3C961}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EC3C3B8A-BA4E-4056-9450-D8B424DD69D3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AF27B281-5160-4BA0-89DA-4D1C08F794F9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{43868572-B5CA-4C8E-8936-68D0DD1A2971}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Wiederherstellungspunkte =========================

17-05-2021 14:11:03 Installiert WISO steuer:Sparbuch 2020

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (05/18/2021 06:39:55 PM) (Source: MsiInstaller) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".

Error: (05/18/2021 06:39:49 PM) (Source: MsiInstaller) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".

Error: (05/18/2021 06:39:44 PM) (Source: MsiInstaller) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".

Error: (05/18/2021 06:38:30 PM) (Source: MsiInstaller) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".

Error: (05/18/2021 06:31:39 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Ein Problem hat das Senden von Daten aus dem Programm zur Verbesserung der Benutzerfreundlichkeit an Microsoft verhindert (Fehler 80070005).

Error: (05/18/2021 06:16:10 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (05/18/2021 06:16:10 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/17/2021 05:52:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mfemms.exe, Version: 20.12.0.173, Zeitstempel: 0x5fcfeee0
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00007fff00000000
ID des fehlerhaften Prozesses: 0x2a64
Startzeit der fehlerhaften Anwendung: 0x01d74b17f5599326
Pfad der fehlerhaften Anwendung: C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: d9789f24-b727-11eb-82c5-ac7ba1b03bc7
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (05/18/2021 06:34:54 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Security Intelligence-Update für Microsoft Defender Antivirus - KB2267602 (Version 1.339.970.0)

Error: (05/18/2021 06:34:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (05/18/2021 06:11:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (05/17/2021 07:14:04 PM) (Source: DCOM) (EventID: 10010) (User: *****)
Description: Der Server "{87269F27-EBDA-11E3-9433-005056C00008}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/17/2021 07:14:04 PM) (Source: DCOM) (EventID: 10010) (User: *****)
Description: Der Server "{87269F28-EBDA-11E3-943C-005056C00008}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/17/2021 05:52:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "McAfee Validation Trust Protection Service" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.

Error: (05/17/2021 05:52:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "McAfee Service Controller" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.

Error: (05/17/2021 03:57:59 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Security Intelligence-Update für Microsoft Defender Antivirus - KB2267602 (Version 1.339.895.0)


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. N550JK.204 01/23/2014
Hauptplatine: ASUSTeK COMPUTER INC. N550JK
Prozessor: Intel(R) Core(TM) i5-4200H CPU @ 2.80GHz
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 8075.08 MB
Verfügbarer physikalischer RAM: 4283.51 MB
Summe virtueller Speicher: 9355.08 MB
Verfügbarer virtueller Speicher: 5439.29 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:205.48 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:537.64 GB) NTFS

\\?\Volume{e26cb5f6-91af-4bee-a741-2779365fb63e}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.53 GB) NTFS
\\?\Volume{cddce52e-ab40-4e47-87e1-b0cd34bafb97}\ (Restore) (Fixed) (Total:20.01 GB) (Free:9.46 GB) NTFS

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DBA31902)

Partition: GPT.

==================== Ende von Addition.txt =======================
         

--- --- ---

FRST Shortcut:

Code: Alles auswählenAufklappen

ATTFilter

Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 17-05-2021
durchgeführt von ***** (18-05-2021 18:44:40)
Gestartet von C:\Users\*****\Downloads
Start-Modus: Normal

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics\Python 3.4 for IBM SPSS Statistics 25\Python 3.4 Python (Befehlszeile).lnk -> C:\Program Files\IBM\SPSS\Statistics\25\statisticspython3.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics\Python 2.7 for IBM SPSS Statistics 25\Python 2.7 Python (Befehlszeile).lnk -> C:\Program Files\IBM\SPSS\Statistics\25\statisticspython.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast Image Resizer\Online Documentation.lnk -> hxxp://adionsoft.net/fastimageresize/documentation.ph
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast Image Resizer\Website.lnk -> hxxp://adionsoft.net/fastimageresiz


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk -> C:\Program Files\Realtek\Audio\HDA\MaxxAudioControl64.exe (Waves Audio Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk -> C:\Windows\Camera\Camera.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk -> C:\Windows\FileManager\FileManager.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk -> C:\Program Files (x86)\HP\Digital Imaging\DocProc\regipe.exe (I.R.I.S. Image Recognition Integarted Systems)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk -> C:\Windows\FileManager\PhotosApp.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2021\WISO Steuer-Sparbuch 2021.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2021\WISO2021.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Sparbuch 2020\WISO steuer Sparbuch 2020.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2020\WISO2020.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Sparbuch 2019\WISO steuer Sparbuch 2019.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2019\WISO2019.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Sparbuch 2018\WISO steuer Sparbuch 2018.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2018\wiso2018.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Sparbuch 2017\WISO steuer Sparbuch 2017.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2017\wiso2017.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek\Realtek HD Audio Manager.lnk -> C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator Hilfe.lnk -> C:\Program Files\PDFCreator\PDFCreator_german.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator im Internet.lnk -> C:\Program Files\PDFCreator\PDFCreator.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator.lnk -> C:\Program Files\PDFCreator\PDFCreator.exe (pdfforge)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Spende für den PDFCreator.lnk -> C:\Program Files\PDFCreator\Spende für den PDFCreator.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 6\PDF Architect 6.lnk -> C:\Program Files\PDF Architect 6\architect.exe (pdfforge GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe (NVIDIA)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office Language Preferences.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Resizer for Windows\License.lnk -> C:\Program Files (x86)\Image Resizer for Windows\Ms-PL.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics\IBM SPSS Statistics 25.lnk -> C:\Program Files\IBM\SPSS\Statistics\25\stats.exe (IBM Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics\Python 3.4 for IBM SPSS Statistics 25\Python 3.4-Handbücher.lnk -> C:\Program Files\IBM\SPSS\Statistics\25\Python3\Doc\python343.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics\Python 2.7 for IBM SPSS Statistics 25\Python 2.7-Handbücher.lnk -> C:\Program Files\IBM\SPSS\Statistics\25\Python\Doc\python276.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Solution Center.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP*Update.lnk -> C:\Program Files (x86)\HP\HP Software Update\hpwucli.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Shop für HP Zubehör.lnk -> C:\Program Files (x86)\HP\HPSSUPPLY\hpqSSupply.exe (Hewlett-Packard Development Company L.P.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart C4400 series\Hilfe.lnk -> C:\Program Files (x86)\HP\Digital Imaging\help\aio47.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart C4400 series\HP Support-Website.lnk -> C:\Program Files (x86)\HP\Digital Imaging\HP Photosmart C4400 series\help\HP Product Support Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart C4400 series\Liesmich.lnk -> C:\Program Files (x86)\HP\Digital Imaging\help\PS_AIO_03_C4400_readme\readme.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP OfficeJet 3830 series\HP TWAIN Administration.lnk -> C:\Program Files (x86)\HP\HP OfficeJet 3830 series\bin\TwainUtilityUI.exe (HP Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast Image Resizer\Fast Image Resizer.lnk -> C:\Program Files (x86)\Fast Image Resizer\fastimageresizer.exe (adionSoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast Image Resizer\Uninstall.lnk -> C:\Program Files (x86)\Fast Image Resizer\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\Einstellungsfenster für die Überwachung freigegebener Drucker.lnk -> C:\Windows\System32\spool\drivers\x64\3\E_SAG4ST.EXE (SEIKO EPSON CORPORATION)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Scan\EPSON Scan-Einstellungen.lnk -> C:\Windows\twain_32\escndv\escfg.exe (SEIKO EPSON CORP.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Scan\EPSON Scan.lnk -> C:\Windows\twain_32\escndv\escndv.exe (SEIKO EPSON CORP.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Software Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUSDVD\ASUSDVD.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD10\PDVDLaunchPolicy.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Console.lnk -> C:\Program Files\ASUS\ASUS Console\ASUS Console.exe (ASUSTeK Computer Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Install.lnk -> C:\eSupport\eDriver\AsInsWiz.exe (ASUSTek Computer INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Instant Key Menu.lnk -> C:\Windows\Installer\{D97A1B80-131F-4692-9543-E652956D8B99}\_77307F60ECCC7E5ED9C276.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Live Update.Lnk -> C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK COMPUTER INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS On-Screen Display.lnk -> C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSDMgr.exe (ASUSTek Computer Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\eManual.Lnk -> C:\eSupport\Manual\eManual.exe (ASUSTek Computer Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\Power4Gear Hybrid.lnk -> C:\Windows\Installer\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}\_07E2DD01D544B80FF38709.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\USB Charger Plus.lnk -> C:\Windows\Installer\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}\_9F9BE6CE84DA804776A4D6.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\WinFlash.Lnk -> C:\Program Files (x86)\ASUS\WinFlash\WinFlash.exe (ASUSTek Computer Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\WebStorage\WebStorage.lnk -> C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSPanel.exe (ASUS Cloud Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AsusVibe\Agatha Christie's Mysteries Bundle.lnk -> C:\ProgramData\ASUSVibe\Agatha Christie's Mysteries Bundle.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AsusVibe\ASUS  Vibe Fun Center.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AsusVibe\Dream Day Wedding Bundle.lnk -> C:\ProgramData\ASUSVibe\Dream Day Wedding Bundle.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AsusVibe\Jewel Quest Mysteries Bundle.lnk -> C:\ProgramData\ASUSVibe\Jewel Quest Mysteries Bundle.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AsusVibe\Jewel Quest.lnk -> C:\ProgramData\ASUSVibe\Jewel Quest.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Splendid Utility\Splendid Utility.Lnk -> C:\Program Files (x86)\ASUS\Splendid\ACVT.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS FaceID\ASUS FaceID.lnk -> C:\Program Files\ASUS\ASUS FaceID\HWFaceKey.exe (Hanwang Technology Co.,Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\Links\OneDrive for Business.lnk -> C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\*****\Documents ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk -> C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\*****\Pictures ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Help.lnk -> C:\Windows\HelpPane.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\Links\Desktop.lnk -> C:\Users\*****\Desktop ()
Shortcut: C:\Users\*****\Links\Downloads.lnk -> C:\Users\*****\Downloads ()
Shortcut: C:\Users\*****\Links\Dropbox.lnk -> C:\Users\*****\Dropbox ()
Shortcut: C:\Users\*****\Links\RecentPlaces.lnk -> [::{22877A6D-37A1-461A-91B0-DBDA5AAEBC99}]
Shortcut: C:\Users\*****\Downloads\ImageResizerSetup-3.0 - Verknüpfung.lnk -> C:\Users\*****\Downloads\ImageResizerSetup-3.0.exe (Brice Lambson)
Shortcut: C:\Users\*****\Documents\sicherung gast\Links\Desktop.lnk -> C:\Users\*****\Desktop ()
Shortcut: C:\Users\*****\Documents\sicherung gast\Links\Downloads.lnk -> C:\Users\*****\Downloads ()
Shortcut: C:\Users\*****\Documents\sicherung gast\Links\RecentPlaces.lnk -> [::{22877A6D-37A1-461A-91B0-DBDA5AAEBC99}]
Shortcut: C:\Users\*****\Desktop\FastImageResizer.lnk -> C:\Program Files (x86)\Fast Image Resizer\fastimageresizer.exe (adionSoft)
Shortcut: C:\Users\*****\Desktop\WISO steuer Sparbuch 2018.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2018\wiso2018.exe ()
Shortcut: C:\Users\*****\Desktop\Steuer_2017\WISO steuer Sparbuch 2017.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2017\wiso2017.exe ()
Shortcut: C:\Users\*****\Desktop\Eigene Bilder - Kopie\Beispielbilder.lnk -> [LFf|g|g|PO :i+002.tY^Hg3(GYr?DUk0^11mQEIGENE~2F1ZQ1Q0Eigene Bilder@shell32.dll,-28997L11QBEISPI~141mQ1QBeispielbilder~-}rC:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Bilder\Beispielbilder9..\..\..\All Users\Dokumente\Eigene Bilder\Beispielbilder6`Xyour-6b489c839beJz-lN[1Fȉ:eJz-lN[1Fȉ:] (Keine Datei)
Shortcut: C:\Users\*****\Desktop\Eigene Bilder\Beispielbilder.lnk -> [LFf|g|g|PO :i+002.tY^Hg3(GYr?DUk0^11mQEIGENE~2F1ZQ1Q0Eigene Bilder@shell32.dll,-28997L11QBEISPI~141mQ1QBeispielbilder~-}rC:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Bilder\Beispielbilder9..\..\..\All Users\Dokumente\Eigene Bilder\Beispielbilder6`Xyour-6b489c839beJz-lN[1Fȉ:eJz-lN[1Fȉ:] (Keine Datei)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Word\_Anschreiben_Holkenbrink_010720308236942447155734\_Anschreiben_Holkenbrink_010720.doc.lnk -> 
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk -> C:\Users\*****\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Zoom.lnk -> C:\Users\*****\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Help.lnk -> C:\Windows\HelpPane.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RED Commander.lnk -> C:\Users\Public\Documents\RED Medical Commander\commander-launcher.bat ()
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RED Medical\RED Medical Commander.lnk -> C:\Users\Public\Documents\RED Medical Commander\commander-launcher.bat ()
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\SendTo\Dropbox.lnk -> C:\Users\*****\Dropbox ()
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ASUS Console.lnk -> C:\Program Files\ASUS\ASUS Console\ASUS Console.exe (ASUSTeK Computer Inc.)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ASUS Install.lnk -> C:\eSupport\eDriver\AsInsWiz.exe (ASUSTek Computer INC.)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\eManual.Lnk -> C:\eSupport\Manual\eManual.exe (ASUSTek Computer Inc.)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Excel 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome (2).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\OneNote 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PowerPoint 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Word 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\ZinioLLC.Zinio_0q6dqzpp40p2e\App.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\WildTangentGames.-GamesApp-_qt5r5pa5dyg8m\WTGames.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.ZuneVideo_8wekyb3d8bbwe\Microsoft.ZuneVideo.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.ZuneMusic_8wekyb3d8bbwe\Microsoft.ZuneMusic.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\Microsoft.XboxLIVEGames.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsScan_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsReadingList_8wekyb3d8bbwe\Microsoft.WindowsReadingList.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Calendar.lnk -> [LFz1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweGmicrosoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbweQmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.CalendardC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe1SPSMԆi<D*TQ ModernCalendar\CalendarLogo.pngU!ModernCalendar\CalendarBadge.png]%ModernCalendar\CalendarSmallLogo.pngY$ModernCalendar\CalendarWideLogo.pngQ3]%ModernCalendar\CalendarLargeLogo.pngMms-resource:calendarAppTitleY$ModernCalendar\CalendarTinyLogo.pngi1SPS0%G`Mms-resource:calendarAppTitle-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (Keine Datei)
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Mail.lnk -> [LF1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweGmicrosoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbweMmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.MaildC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwev1SPSMԆi<D*TIModernMail\Res\MailLogo.pngMModernMail\Res\MailBadge.pngU!ModernMail\Res\MailSmallLogo.pngQ ModernMail\Res\MailWideLogo.pngrU!ModernMail\Res\MailLargeLogo.pngEms-resource:mailAppTitleQ ModernMail\Res\MailTinyLogo.pnga1SPS0%G`Ems-resource:mailAppTitleq1SPS}@H1U!ms-resource:mailShareDescription-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (Keine Datei)
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.People.lnk -> [LFr1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweGmicrosoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbweOmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.PeopledC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe1SPSMԆi<D*TAModernPeople\People.pngMModernPeople\PeopleSmall.pngIModernPeople\PeopleWide.pngG&MModernPeople\PeopleLarge.png]%ms-resource:///strings/peopleAppNameIModernPeople\PeopleTiny.pngy1SPS0%G`]%ms-resource:///strings/peopleAppName1SPS}@H1e*ms-resource:///strings/raShareDescription-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (Keine Datei)
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsCalculator_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsAlarms_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Reader_8wekyb3d8bbwe\Microsoft.Reader.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Office.OneNote_8wekyb3d8bbwe\microsoft.onenoteim.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.HelpAndTips_8wekyb3d8bbwe\HelpAndTips.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.FreshPaint_8wekyb3d8bbwe\Microsoft.FreshPaint.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingWeather_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingTravel_8wekyb3d8bbwe\AppexTravel.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingSports_8wekyb3d8bbwe\AppexSports.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingNews_8wekyb3d8bbwe\AppexNews.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingMaps_8wekyb3d8bbwe\AppexMaps.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingHealthAndFitness_8wekyb3d8bbwe\AppexHealthAndFitness.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\AppexFoodAndDrink.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingFinance_8wekyb3d8bbwe\AppexFinance.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\MAGIX.MusicMakerJam_a2t3txkz9j1jw\MAGIX.MusicMakerJam.App.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\ASUSCloudCorporation.MobileFileExplorer_wk4d32h0cvhem\App.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\AD2F1837.HPPrinterControl_v10z8vjag6ke6\AD2F1837.HPPrinterControl.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\Application Shortcuts\9E2F88E3.Twitter_wgeqdkkx372wm\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Software Ltd)
Shortcut: C:\Users\Public\Desktop\EPSON Scan.lnk -> C:\Windows\twain_32\escndv\escndv.exe (SEIKO EPSON CORP.)
Shortcut: C:\Users\Public\Desktop\Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk -> C:\Program Files (x86)\HP\Diagnostics\PSDR\HPPSDr.exe ()
Shortcut: C:\Users\Public\Desktop\HP Solution Center.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe (Hewlett-Packard Company)
Shortcut: C:\Users\Public\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\PDF Architect 6.lnk -> C:\Program Files\PDF Architect 6\architect.exe (pdfforge GmbH)
Shortcut: C:\Users\Public\Desktop\PDFCreator.lnk -> C:\Program Files\PDFCreator\PDFCreator.exe (pdfforge)
Shortcut: C:\Users\Public\Desktop\Shop für HP Zubehör.lnk -> C:\Program Files (x86)\HP\HPSSUPPLY\hpqSSupply.exe (Hewlett-Packard Development Company L.P.)
Shortcut: C:\Users\Public\Desktop\Shop für Zubehör - HP OfficeJet 3830 series.lnk -> C:\Program Files\HP\HP OfficeJet 3830 series\Bin\hpqDTSS.exe (HP Inc.)
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\Users\Public\Desktop\WISO steuer Sparbuch 2019.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2019\WISO2019.EXE ()
Shortcut: C:\Users\Public\Desktop\WISO steuer Sparbuch 2020.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2020\WISO2020.EXE ()
Shortcut: C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2021.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2021\WISO2021.EXE ()
Shortcut: C:\Users\UpdatusUser\Desktop\FastImageResizer.lnk -> C:\Program Files (x86)\Fast Image Resizer\fastimageresizer.exe (adionSoft)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Help.lnk -> C:\Windows\HelpPane.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - asus.lnk -> C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe (WildTangent) -> /src gamesmenu /dp asus
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Securepoint SSL VPN\Start Securepoint SSL VPN.lnk -> C:\Program Files (x86)\Securepoint SSL VPN\SSLVpnClient.exe () -> -manage -german
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 6\Uninstall or Modify PDF Architect 6.lnk -> C:\ProgramData\PDF Architect 6\Installation\PDFArchitect6Installer.exe (© pdfforge GmbH.) -> /uninstall
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Office Upload Center.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\MSOUC.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee File Lock.lnk -> C:\Program Files\mcafee\MAT\McPvTray.exe (McAfee, LLC) -> /showvaults
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee LiveSafe  .lnk -> C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (McAfee, LLC) -> /desktopicon /platui
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\WiFi Advanced Statistics.lnk -> C:\Program Files\Common Files\Intel\WirelessCommon\imFrmwrk.exe (Intel(R) Corporation) -> /sf Advanced Statistics
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\WiFi Event Viewer.lnk -> C:\Program Files\Common Files\Intel\WirelessCommon\imFrmwrk.exe (Intel(R) Corporation) -> /sf Wireless Event Viewer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\WiFi Manual Diagnostics.lnk -> C:\Program Files\Common Files\Intel\WirelessCommon\imFrmwrk.exe (Intel(R) Corporation) -> /sf Wireless Diagnostics
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) HD Graphics Control Panel.lnk -> C:\Windows\System32\igfxstarter.exe (Intel Corporation) -> Metro
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics\IBM SPSS Statistics 25 Lizenzautorisierungsassistent.lnk -> C:\Program Files\IBM\SPSS\Statistics\25\law.exe (IBM Corp.) -> -is:javahome "C:\Program Files\IBM\SPSS\Statistics\25\JRE" -s:silent
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics\IBM SPSS Statistics 25 – Pendlerlizenz.lnk -> C:\Program Files\IBM\SPSS\Statistics\25\JRE\bin\javaw.exe (IBM) -> -Djava.library.path=. -jar licensecommute.jar
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics\Python 3.4 for IBM SPSS Statistics 25\Python 3.4 IDLE (Python-GUI).lnk -> C:\Program Files\IBM\SPSS\Statistics\25\statisticspython3w.bat () -> /i
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics\Python 3.4 for IBM SPSS Statistics 25\Python 3.4 Moduldokumentation.lnk -> C:\Program Files\IBM\SPSS\Statistics\25\statisticspython3w.bat () -> /o
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics\Python 2.7 for IBM SPSS Statistics 25\Python 2.7 IDLE (Python-GUI).lnk -> C:\Program Files\IBM\SPSS\Statistics\25\statisticspythonw.bat () -> /i
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics\Python 2.7 for IBM SPSS Statistics 25\Python 2.7 Moduldokumentation.lnk -> C:\Program Files\IBM\SPSS\Statistics\25\statisticspythonw.bat () -> /m
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart C4400 series\Deinstallieren.lnk -> C:\Program Files (x86)\HP\Digital Imaging\{886E586A-9121-4515-9C18-2C04202614B2}\setup\hpzscr40.exe (Hewlett-Packard) -> -datfile hposcr29.dat -onestop
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart C4400 series\Gerät hinzufügen.lnk -> C:\Program Files (x86)\HP\Digital Imaging\{886E586A-9121-4515-9C18-2C04202614B2}\hpzstub.exe (Hewlett-Packard) -> -addadevice
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart C4400 series\Produktregistrierung.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe (Hewlett-Packard Company) -> "HP Photosmart C4400 series"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP OfficeJet 3830 series\HP OfficeJet 3830 series.lnk -> C:\Program Files\HP\HP OfficeJet 3830 series\Bin\HP OfficeJet 3830 series.exe (HP Inc.) -> -Start UDCDevicePage
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Casual Games.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=000d96f5-8034-4b74-a429-b6f0b04c75f4 /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Enthusiast Games.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=26352374-af55-4b53-b07b-6b0288ed97df /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Family Games.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=d58eecb0-0816-11de-8c30-0800200c9a66 /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Kids Games.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=3eda1e54-8889-41f5-a649-5a306789b7ef /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\WildTangent Games App - asus.lnk -> C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe (WildTangent) -> /src gamesmenu /dp asus
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software\Epson Software Updater.lnk -> C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE (Seiko Epson Corporation) -> /ST
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON WF-3520 Series\EPSON-Druckersoftware deinstallieren.lnk -> C:\Windows\System32\spool\drivers\x64\3\E_YINSJJE.EXE (SEIKO EPSON CORPORATION) -> /R /APD /P:"EPSON WF-3520 Series"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON WF-3520 Series\Kaufinformationen.lnk -> C:\Windows\System32\spool\drivers\x64\3\E_YARNJJE.EXE (SEIKO EPSON CORPORATION) -> /T "MENU" /D "EPSON WF-3520 Series" /M "WF-3520 Series" /A
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON WF-3520 Series\Softwareaktualisierung.lnk -> C:\Windows\System32\spool\drivers\x64\3\E_YUBJJE.EXE (SEIKO EPSON CORPORATION) -> /RUN /D "EPSON WF-3520 Series"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON WF-3520 Series\Technischer Support.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\Windows\system32\spool\DRIVERS\x64\3\E_YGEPJJE.DLL,GE_OpenELINK "WF-3520 Series" 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DrayTek Smart VPN Client\Smart VPN Client.lnk -> C:\Program Files (x86)\DrayTek\Smart VPN Client\SmartVPNClient.exe (DrayTek Corp.) -> C:\Program Files (x86)\DrayTek\Smart VPN Client\\SmartVPNClient.exe
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DrayTek Smart VPN Client\Uninstall.lnk -> C:\Program Files (x86)\DrayTek\Smart VPN Client\Uninstall.exe (DrayTek Corp.) -> C:\Program Files (x86)\DrayTek\Smart VPN Client\Uninstall.exe
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{d58eecb0-0816-11de-8c30-0800200c9a66}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=d58eecb0-0816-11de-8c30-0800200c9a66 /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{3eda1e54-8889-41f5-a649-5a306789b7ef}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=3eda1e54-8889-41f5-a649-5a306789b7ef /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{26352374-af55-4b53-b07b-6b0288ed97df}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=26352374-af55-4b53-b07b-6b0288ed97df /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{000d96f5-8034-4b74-a429-b6f0b04c75f4}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=000d96f5-8034-4b74-a429-b6f0b04c75f4 /src gameexploreroem
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\*****\Desktop\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\*****\Desktop\LMS Fernwartung.lnk -> C:\Users\*****\AppData\Local\TeamViewer\CustomConfigs\rj57qaw\TeamViewer.exe (TeamViewer Germany GmbH) -> --configuration rj57qaw
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LMS Fernwartung.lnk -> C:\Users\*****\AppData\Local\TeamViewer\CustomConfigs\rj57qaw\TeamViewer.exe (TeamViewer Germany GmbH) -> --configuration rj57qaw
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\*****\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Video Communications, Inc.) -> /uninstall
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Public\Desktop\HP OfficeJet 3830 series.lnk -> C:\Program Files\HP\HP OfficeJet 3830 series\Bin\HP OfficeJet 3830 series.exe (HP Inc.) -> -Start UDCDevicePage
ShortcutWithArgument: C:\Users\Public\Desktop\McAfee LiveSafe  .lnk -> C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (McAfee, LLC) -> /desktopicon /platui
ShortcutWithArgument: C:\Users\Public\Desktop\Securepoint SSL VPN.lnk -> C:\Program Files (x86)\Securepoint SSL VPN\SSLVpnClient.exe () -> -manage -german
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2021\Hilfen\WISO Steuer-Sparbuch 2021 Online-Hilfe.url -> URL: hxxp://www.buhl.de/go/13468
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Sparbuch 2020\Hilfen\WISO steuer Sparbuch 2020 Online-Hilfe.url -> URL: hxxp://www.buhl.de/go/11892
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Sparbuch 2019\Hilfen\WISO steuer Sparbuch 2019 Online-Hilfe.url -> URL: hxxp://www.buhl.de/go/8143
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Sparbuch 2018\Hilfen\WISO steuer Sparbuch 2018 Online-Hilfe.url -> URL: hxxp://www.buhl.de/go/4451
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Sparbuch 2017\Hilfen\WISO steuer Sparbuch 2017 Online-Hilfe.url -> URL: hxxp://www.buhl.de/go/2241
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Resizer for Windows\Documentation.url -> URL: hxxp://imageresizer.codeplex.com/documentation
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> 
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> URL: hxxp://www.ccleaner.com/ccleaner
InternetURL: C:\Users\*****\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\*****\Favorites\ASUS E-Service\ASUS Homepage.url -> URL: hxxp://www.asus.com/
InternetURL: C:\Users\*****\Favorites\ASUS E-Service\ASUS Member.url -> URL: hxxp://member.asus.com/
InternetURL: C:\Users\*****\Favorites\ASUS E-Service\ASUS Software Download.url -> URL: hxxp://support.asus.com/download
InternetURL: C:\Users\*****\Favorites\ASUS E-Service\ASUS Technical Support.url -> URL: hxxp://support.asus.com/
InternetURL: C:\Users\*****\Dropbox\Diagnostik - Störungsübergreifende Verfahren im Kindes- und Jugendalter\www.dropbox.com.url -> URL: hxxps://www.dropbox.com/home/Diagnostik%20-%20St%C3%B6rungs%C3%BCbergreifende%20Verfahren%20im%20Kindes-%20und%20Jugendalter#
InternetURL: C:\Users\*****\Documents\sicherung gast\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\*****\Documents\sicherung gast\Favorites\ASUS E-Service\ASUS Homepage.url -> URL: hxxp://www.asus.com/
InternetURL: C:\Users\*****\Documents\sicherung gast\Favorites\ASUS E-Service\ASUS Member.url -> URL: hxxp://member.asus.com/
InternetURL: C:\Users\*****\Documents\sicherung gast\Favorites\ASUS E-Service\ASUS Software Download.url -> URL: hxxp://support.asus.com/download
InternetURL: C:\Users\*****\Documents\sicherung gast\Favorites\ASUS E-Service\ASUS Technical Support.url -> URL: hxxp://support.asus.com/

==================== Ende vom Shortcut.txt =============================
         

Mein Name ist Matthias und ich werde dir bei der Analyse und der eventuell notwendigen Bereinigung deines Computers helfen.

Zitat:

und gestern habe ich eine Virenwarnung erhalten (kann die leider nicht posten).

Dann sorg bitte dafür, dass du sie posten kannst.

Von Wahrsagen bezüglich Malware halte ich nämlich nicht viel...

Macht ne Rettung hier echt noch Sinn? Das System ist noch mit Windows 8.1 installiert und zugemüllt mit Schwachsinn von ASUS, McAfee und CCleaner. Zudem sehe ich da auch einiges an alter Software.

Werkelt in dem Rechner schon eine SSD? Nein? Dann SSD besorgen und Neuinstallation mit Windows 10 durchführen. Und so ein Schwachsinn wie McAfee oder CCleaner weglassen!

Ich habe mir die Logdateien zweimal angesehen, keine Anzeichen von Malware zu sehen, daher verschiebe ich in den Bereich Web/PC.

Ich würde auch eine Neuinstallation von Windows 10 empfehlen, da laut Logdateien mehrere Windows Dienste beschädigt, zudem verursacht McAfee Fehlermeldungen.