| |
| |||||||
Mülltonne: Windows 11: Computer verhält sich merkwürdig ausschließlich innerhalb einer E-Sport LigaWindows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne... |
20.08.2021, 22:13
| #1 |
| |  Windows 11: Computer verhält sich merkwürdig ausschließlich innerhalb einer E-Sport Liga Problemschilderung: Hallo, ich nutze derzeitig Windows 11, jedoch begann die Problematik bereits mit Windows 10. Ich spiele aktiv IRACING und bestreite auch jeweilige E-Sport Rennen. Vor kurzer Zeit kam ein neues Mitglied in unser Team, dieser hat nach kurzer Zeit mir Worte vorgelesen, welche ich gerade am Eintippen war innerhalb der Chat-Kommunikation über Discord. Innerhalb des Rennens hatte ich sporadisch extreme und unerklärliche CPU und GPU Auslastungen, die das allgemeine Vergnügen stark beeinträchtigt haben. Ebenso ist während dem Fahren meine Software ausgefallen, er unterhielt sich dabei im Hintergrund mit einem anderen Menschen und sagte "Scheiße ich habe den falschen Knopf gedrückt", der Prozess wurde auch "gekillt", war kein bekanntes abstürzen. Mehrere meiner Teamkollegen vermeldeten auch in dieser Zeit Virenbefall auf Ihrem Computer. Die Person habe ich darauf angesprochen, streitet jedoch bis heute alles ab. Während dem Fahren wechselte das Force Feedback als würde ich auf Eis fahren, über die Ereignisberichte konnte ich erkennen das meine USB-Geräte sporadisch abgemeldet und angemeldet werden. Der PC fuhr auch mitten in der Nacht mehrmalig von allein hoch, obwohl Wake on Lan nach besagtem auftreten abgeschaltet wurde, sowie auch die Reaktivierung ausschließlich über das BIOS gesetzt war. PC startete auch von allein ohne aktive Internetleitung, bzw. ohne aktiven Internetanschluss. Ein Backup, welches ich geladen hatte, hat auch nicht den gewünschten Erfolg gebracht, das Spiel hat sich von selbst innerhalb eines E-Sport Rennens geschlossen, ein Crash DUMP wurde nicht erzeugt. Ich habe den PC zwischenzeitlich komplett formatiert (auch alle externen Platten, Router zurückgesetzt, und alle weitere PC´s im Haus) und Windows 11 aufgespielt sowie die Treiber. Derzeitig nur das nötigste Installiert, heute wieder ein E-Sport Rennen innerhalb der Liga bestritten. Während dem Fahren wurde der Bildschirm kurz schwarz, als würde ich blinzeln oder ein Screenshot erstellt werden. Kurzzeitig höhere Auslastung gehabt, welche kurz darauf nicht weiter auffällig war. Fahre jeden Tag circa 4-8 Stunden, ohne Probleme dieser Art, diese Probleme treten immer nur innerhalb des Liga Rennens auf. Mittlerweile EXPRESS VPN im Betrieb, auch über die Mobile Datenverbindung gleiches Fehlerbild. Ereignisbericht für mich unauffällig, keine Viren von vorinstalliertem Windows Anti Viren System gefunden. Ich habe die Vermutung das unsere PC´s manipuliert/angegriffen werden, um uns ausscheiden zu lassen. Innerhalb der Liga, auch außerhalb unseres Teams gab es einen weiteren Fahrer, der über das sporadische Beenden des Spiels berichtete. Rückschlusse konnte er keine ziehen. Wie dieser Angriff stattfindet, kann ich mir auch nicht erklären. Entweder als direkten Windows Angriff oder eventuelle Sicherheitslücke auf den IRACING Servern selbst? Ich benötige Hilfe bei der Feststellung, bzw. Auswertung ob solch ein Angriff erfolgt während eines E-Sport Rennens. Falls ja, welche Möglichkeiten mich dagegen zu sichern. Vielen Dank im Voraus. Shortcut: Code:
ATTFilter Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 14-08-2021
durchgeführt von ***** (20-08-2021 22:45:50)
Gestartet von C:\Users\*****\Downloads
Start-Modus: Normal
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\TP Updater.lnk -> C:\Program Files (x86)\Rhinode LLC\Trading Paints\TP Updater.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Trading Paints.lnk -> C:\Program Files (x86)\Rhinode LLC\Trading Paints\Trading Paints.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk -> C:\Program Files\Adobe\Adobe Photoshop 2021\Photoshop.exe (Adobe)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExpressVPN.lnk -> C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe (ExpressVPN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVCleanstall.lnk -> C:\Program Files\NVCleanstall\NVCleanstall.exe (TechPowerUp)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Program Files\Microsoft OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Sandbox.lnk -> C:\Windows\System32\WindowsSandbox.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winaero Tweaker\EULA.lnk -> C:\Program Files\Winaero Tweaker\Winaero EULA.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winaero Tweaker\Winaero Tweaker.lnk -> C:\Program Files\Winaero Tweaker\WinaeroTweaker.exe (hxxps://winaero.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winaero Tweaker\Winaero Website.lnk -> C:\Program Files\Winaero Tweaker\Winaero.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Digital Race Engineer\The Digital Race Engineer.lnk -> C:\Program Files (x86)\Steam\steamapps\common\VoiceAttack\Apps\The Digital Race Engineer\DRE Launcher.exe (Escapisim)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Digital Race Engineer\Uninstall The Digital Race Engineer.lnk -> C:\Program Files (x86)\Steam\steamapps\common\VoiceAttack\Apps\The Digital Race Engineer\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Power Automate Desktop\Desktop flows.lnk -> C:\Program Files (x86)\Power Automate Desktop\Microsoft.Flow.RPA.Notifier.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Power Automate Desktop\Power Automate Desktop.lnk -> C:\Program Files (x86)\Power Automate Desktop\PAD.Console.Host.exe (Microsoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office-Spracheinstellungen.lnk -> C:\Program Files\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN\FRITZ!WLAN Hilfe.lnk -> C:\Program Files (x86)\avmwlanstick\FRITZ!WLAN_N.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN\FRITZ!WLAN Readme.lnk -> C:\Program Files (x86)\avmwlanstick\readme.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Endor Fanatec\FanaLab.lnk -> C:\Program Files (x86)\Fanatec\FanaLab\Control\FanaLab.exe (Endor Fanatec)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e2eSoft iVCam\iVCam entfernen.lnk -> C:\Program Files\e2eSoft\iVCam\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e2eSoft iVCam\iVCam.lnk -> C:\Program Files\e2eSoft\iVCam\iVCam.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z MSI\CPU-Z MSI.lnk -> C:\Program Files\CPUID\CPU-Z MSI\cpuz.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z MSI\Edit CPU-Z MSI Config File.lnk -> C:\Program Files\CPUID\CPU-Z MSI\cpuz.ini ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z MSI\Uninstall CPU-Z MSI.lnk -> C:\Program Files\CPUID\CPU-Z MSI\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BCUninstaller\BCUninstaller entfernen.lnk -> C:\Program Files\BCUninstaller\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BCUninstaller\BCUninstaller.lnk -> C:\Program Files\BCUninstaller\BCUninstaller.exe (Marcin Szeniak)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Ryzen Master\Ryzen Master\Ryzen Master Help Guide.lnk -> C:\Program Files\AMD\RyzenMaster\Documentation\Userguide.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Ryzen Master\Ryzen Master\Ryzen Master.lnk -> C:\Program Files\AMD\RyzenMaster\bin\AMD Ryzen Master.exe (Advanced Micro Devices, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD\StoreMI\StoreMI.lnk -> C:\Program Files\AMD\StoreMI\bin\AMD StoreMI.EXE (Advanced Micro Devices, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files\7-Zip\7zFM.exe (Igor Pavlov)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files\7-Zip\7-zip.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\Links\Desktop.lnk -> C:\Users\*****\OneDrive\Desktop ()
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\Links\Downloads.lnk -> C:\Users\*****\Downloads ()
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth File Transfer.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\Links\Desktop.lnk -> C:\Users\*****\OneDrive\Desktop ()
Shortcut: C:\Users\*****\Links\Downloads.lnk -> C:\Users\*****\Downloads ()
Shortcut: C:\Users\*****\Creative Cloud Files\_Cloud-Dokumente.lnk -> C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe ()
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YouTube Music.lnk -> C:\Users\*****\AppData\Local\Programs\youtube-music\YouTube Music.exe (th-ch)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SnoreToast\0.7.0\SnoreToast.lnk -> C:\Users\*****\AppData\Local\Programs\youtube-music\resources\app.asar.unpacked\node_modules\node-notifier\vendor\snoreToast\snoretoast-x64.exe ()
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iRacing\iRacing Member Website.lnk -> C:\Program Files (x86)\iRacing\iracingbeta.ico ()
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iRacing\iRacing UI.lnk -> C:\Program Files (x86)\iRacing\ui\iRacingUI.exe (iRacing)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iRacing UI.lnk -> C:\Program Files (x86)\iRacing\ui\iRacingUI.exe (iRacing)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\SetupDev2021.lnk -> C:\Program Files (x86)\Steam\steamapps\common\Setup Developer Tool 2021\SetupDev2021.exe ()
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube Music.lnk -> C:\Users\*****\AppData\Local\Programs\youtube-music\YouTube Music.exe (th-ch)
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\AMD Ryzen Master.lnk -> C:\Program Files\AMD\RyzenMaster\bin\AMD Ryzen Master.exe (Advanced Micro Devices, Inc.)
Shortcut: C:\Users\Public\Desktop\CPUID CPU-Z MSI.lnk -> C:\Program Files\CPUID\CPU-Z MSI\cpuz.exe (CPUID)
Shortcut: C:\Users\Public\Desktop\ExpressVPN.lnk -> C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe (ExpressVPN)
Shortcut: C:\Users\Public\Desktop\FanaLab.lnk -> C:\Windows\Installer\{9EFAE929-6D90-4BB2-8879-D521786D874C}\ShortCutIcon.exe ()
Shortcut: C:\Users\Public\Desktop\Fanatec Control Panel.lnk -> C:\Windows\Installer\{1CD17EF4-2A50-4D98-B9D1-1763A74813D5}\IconIdCplV2.exe ()
Shortcut: C:\Users\Public\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Power Automate Desktop.lnk -> C:\Program Files (x86)\Power Automate Desktop\PAD.Console.Host.exe (Microsoft)
Shortcut: C:\Users\Public\Desktop\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\Users\Public\Desktop\StoreMI.lnk -> C:\Program Files\AMD\StoreMI\bin\AMD StoreMI.EXE (Advanced Micro Devices, Inc.)
Shortcut: C:\Users\Public\Desktop\The DRE Launcher.lnk -> C:\Program Files (x86)\Steam\steamapps\common\VoiceAttack\Apps\The Digital Race Engineer\DRE Launcher.exe (Escapisim)
Shortcut: C:\Users\Public\Desktop\Trading Paints.lnk -> C:\Program Files (x86)\Rhinode LLC\Trading Paints\Trading Paints.exe ()
Shortcut: C:\Users\Public\Desktop\Winaero Tweaker.lnk -> C:\Program Files\Winaero Tweaker\WinaeroTweaker.exe (hxxps://winaero.com)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VE 5.4 American English Nathan\Uninstall Nathan.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {F108161B-AB4E-43CF-94BE-78A04BAF89EA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN\FRITZ!WLAN Client.lnk -> C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe (AVM Berlin) -> -1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAbout
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAbout
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAbout
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAbout
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DRE Launcher.exe(elevated).lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation) -> /run /tn "DRE Launcher.exe_1642829084"
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord.lnk -> C:\Users\*****\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) -> /recycle
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAbout
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\*****\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Setup Developer Tool 2021.url -> URL: steam://rungameid/1617090
InternetURL: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\VoiceAttack.url -> URL: steam://rungameid/583010
==================== Ende vom Shortcut.txt =============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-08-2021
durchgeführt von ***** (20-08-2021 22:45:17)
Gestartet von C:\Users\*****\Downloads
Windows 10 Pro Version 21H2 22000.132 (X64) (2021-08-15 19:11:13)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-487585160-604149877-1877980533-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-487585160-604149877-1877980533-503 - Limited - Disabled)
Gast (S-1-5-21-487585160-604149877-1877980533-501 - Limited - Disabled)
***** (S-1-5-21-487585160-604149877-1877980533-1001 - Administrator - Enabled) => C:\Users\*****
WDAGUtilityAccount (S-1-5-21-487585160-604149877-1877980533-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.5.0.617 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_5) (Version: 22.5.0.384 - Adobe Inc.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.17.25.506 - Advanced Micro Devices, Inc.)
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.8.0.1937 - Advanced Micro Devices, Inc.)
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.7.0.1725 - Advanced Micro Devices, Inc.)
AMD StoreMI (HKLM\...\AMD_StoreMI) (Version: 2.1.0.191 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{9bbdaa84-1315-4bcf-ac55-57449b4228f1}) (Version: 2.17.25.506 - Advanced Micro Devices, Inc.) Hidden
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 06.20.10 - AVM Berlin)
BCUninstaller (HKLM\...\{f4fef76c-1aa9-441c-af7e-d27f58d898d1}_is1) (Version: 5.1.0.0 - Marcin Szeniak)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
cFosSpeed 12.01 (HKLM\...\cFosSpeed) (Version: 12.01 - cFos Software GmbH, Bonn)
CPUID CPU-Z MSI 1.96 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.96 - CPUID, Inc.)
Discord (HKU\S-1-5-21-487585160-604149877-1877980533-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.)
ENE_DRAM_GSKILL_SE (HKLM\...\{5A6AC577-F8F8-4B6A-B684-13FD7E306CA2}) (Version: 1.0.1.0 - Ene Tech.) Hidden
ENE_DRAM_GSKILL_SE (HKLM-x32\...\{bf49eb2f-f2fb-4631-a95a-1f0cadd21eac}) (Version: 1.0.1.0 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.2.33 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{5d801c90-9d81-4c67-be5b-07e5855dc22e}) (Version: 1.0.2.33 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.8.13 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{54d3d2b5-db16-446d-b6dd-f4964b166b3b}) (Version: 1.0.8.13 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
ExpressVPN (HKLM-x32\...\{336616d6-abef-4ff8-9afd-43ceb249ff9a}) (Version: 10.4.1.2 - ExpressVPN)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8760D8833}) (Version: 10.4.1.2 - ExpressVPN) Hidden
FanaLab (HKLM-x32\...\{9EFAE929-6D90-4BB2-8879-D521786D874C}) (Version: 1.57.2 - Endor AG)
FANATEC driver package (HKLM\...\{1CD17EF4-2A50-4D98-B9D1-1763A74813D5}) (Version: 8.42.0 - Endor AG Fanatec)
iRacing.com Race Simulation (HKLM-x32\...\{2CB193B9-1B9D-4A84-BC70-0948145BA4BA}_is1) (Version: 2021.08.10.03 - iRacing.com)
iVCam 6.2 (HKLM\...\iVCam_is1) (Version: 6.2.2 - e2eSoft)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.14228.20250 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.73 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 92.0.902.73 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.160.0808.0001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29910 (HKLM-x32\...\{53f1dc9d-ed94-4650-a079-129785ce7905}) (Version: 14.28.29910.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2021.0628.01 - MSI)
Nuance VE 5.4 American English Nathan (HKLM\...\{F108161B-AB4E-43CF-94BE-78A04BAF89EA}) (Version: 5.4 - Arctodus)
NVCleanstall (HKLM\...\{B422A5B9-1671-4E8B-BD8B-1E76A2ABFF57}}_is1) (Version: 1.10.0 - TechPowerUp)
NVIDIA Grafiktreiber 471.68 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.68 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.14228.20222 - Microsoft Corporation) Hidden
Power Automate Desktop (HKLM-x32\...\{00123800-d164-43e9-9af7-752d39a6c7e1}) (Version: 2.11.51.21196 - Microsoft Corporation)
Power Automate Desktop (HKLM-x32\...\{07F084CC-D027-4C58-811F-7680741303EF}) (Version: 2.11.00051.21196 - Microsoft Corporation) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9202.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.46.1231.2020 - Realtek)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Digital Race Engineer version 3.3.5.7 (HKLM-x32\...\{490EC064-009E-4E95-8A17-873F490D90F7}_is1) (Version: 3.3.5.7 - Escapisim)
Trading Paints (HKLM-x32\...\{7DD94BA7-5DB1-43C3-8D5E-97F9634E4531}) (Version: 2.0.35 - Rhinode LLC)
UXP WebView Support (HKLM-x32\...\UXPW_1_0_0) (Version: 1.0.0 - Adobe Inc.)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Winaero Tweaker (HKLM\...\Winaero Tweaker_is1) (Version: 1.31.0.0 - Winaero)
WindowManager (HKLM-x32\...\WindowManager) (Version: 8.1.3 - DeskSoft)
Windows Subsystem for Linux Update (HKLM\...\{DCA984CD-203C-4747-A6EC-B7CCC56C7DD0}) (Version: 5.10.43 - Microsoft Corporation)
Windows Subsystem for Linux WSLg Preview (HKLM\...\{E04B0005-A349-4BCC-9662-CA0132007E14}) (Version: 1.0.26 - Microsoft Corporation)
YouTube Music 1.12.2 (HKU\S-1-5-21-487585160-604149877-1877980533-1001\...\352e3c04-9f15-58b2-adec-0057f1f82f70) (Version: 1.12.2 - th-ch)
Packages:
=========
Adobe Lightroom -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeLightroom_4.4.13983.0_x64__ynb6jyjzte8ga [2021-08-18] (Adobe Inc.)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2021-08-17] (Adobe Systems Incorporated)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.9.253.0_x64__rz1tebttyb220 [2021-08-18] (Dolby Laboratories)
EarTrumpet -> C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.1.8.0_x86__1sdd7yawvg6ne [2021-08-18] (File-New-Project) [Startup Task]
FeedLab -> C:\Program Files\WindowsApps\ClevLab.FeedLab_3.1.4.0_x64__qdcg6xvbhrn16 [2021-08-18] (ClevLab) [MS Ad]
HEVC-Videoerweiterungen -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_1.0.42094.0_x64__8wekyb3d8bbwe [2021-08-18] (Microsoft Corporation)
Lively Wallpaper -> C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.67.0_x86__97hta09mmv6hy [2021-08-18] (rocksdanister) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-08-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-08-18] (Microsoft Corporation) [MS Ad]
Microsoft Teams (Preview) -> C:\Program Files\WindowsApps\MicrosoftTeams_21217.300.928.2028_x64__8wekyb3d8bbwe [2021-08-15] (Microsoft) [Startup Task]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_0.50.42141.0_x64__8wekyb3d8bbwe [2021-08-17] (Microsoft Corporation)
Microsoft.UI.Xaml.CBS -> C:\Windows\SystemApps\Microsoft.UI.Xaml.CBS_8wekyb3d8bbwe [2021-08-19] (Microsoft Platform Extensions)
MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_1.0.24.0_x64__kzh8wxbdkxb8p [2021-08-16] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-08-19] (Netflix, Inc.)
OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_19.23.16.0_x64__8wekyb3d8bbwe [2021-08-20] (Microsoft Corporation)
Paint -> C:\Program Files\WindowsApps\Microsoft.Paint_10.2108.1.0_x64__8wekyb3d8bbwe [2021-08-17] (Microsoft Corporation)
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_1.0.89.0_x64__8wekyb3d8bbwe [2021-08-18] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.27.253.0_x64__dt26b99r8h8gj [2021-08-17] (Realtek Semiconductor Corp)
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.13.156.0_x64__43tkc6nmykmb6 [2021-08-19] (Ookla)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm [2021-08-17] (WhatsApp Inc.)
Windows Notepad -> C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_10.2103.6.0_x64__8wekyb3d8bbwe [2021-08-17] (Microsoft Corporation)
Windows Terminal -> C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.9.1942.0_x64__8wekyb3d8bbwe [2021-08-17] (Microsoft Corporation) [Startup Task]
Windows Web Experience Pack -> C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.19701.0.0_x64__cw5n1h2txyewy [2021-08-18] (Microsoft Windows)
Windows-Sicherheit -> C:\Program Files\WindowsApps\Microsoft.SecHealthUI_1000.22000.1.0_neutral__8wekyb3d8bbwe [2021-08-16] (Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-487585160-604149877-1877980533-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-E6BD8442C481} -> [Creative Cloud Files] => C:\Users\*****\Creative Cloud Files [2021-08-17 22:52]
CustomCLSID: HKU\S-1-5-21-487585160-604149877-1877980533-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-487585160-604149877-1877980533-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-487585160-604149877-1877980533-1001_Classes\CLSID\{eb1fdd5b-8f70-4b5a-b230-998a2dc19303}\localserver32 -> C:\Users\*****\AppData\Local\Programs\youtube-music\resources\app.asar.unpacked\node_modules\node-notifier\vendor\snoreToast\snoretoast-x64.exe (K Desktop Environment e.V. -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-17] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-17] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-17] (Adobe Inc. -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-17] (Adobe Inc. -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2021-08-05] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-17] (Adobe Inc. -> )
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [VIDC.WVC1] => C:\Windows\system32\d3dgeardecoder64.dll [158592 2021-06-01] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.WMV3] => C:\Windows\system32\d3dgeardecoder64.dll [158592 2021-06-01] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.MJPG] => C:\Windows\system32\d3dgeardecoder64.dll [158592 2021-06-01] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.M4S2] => C:\Windows\system32\d3dgeardecoder64.dll [158592 2021-06-01] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.FVFW] => C:\Windows\system32\d3dgeardecoder64.dll [158592 2021-06-01] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.MP4V] => C:\Windows\system32\d3dgeardecoder64.dll [158592 2021-06-01] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.FFVH] => C:\Windows\system32\d3dgeardecoder64.dll [158592 2021-06-01] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.H264] => C:\Windows\system32\d3dgeardecoder64.dll [158592 2021-06-01] (D3DGear Technologies -> D3DGear Technologies.)
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2021-08-17 20:22 - 2021-08-17 20:22 - 000269824 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm\app\resources\app.asar.unpacked\node_modules\electron-panel-window\build\Release\NativeExtension.node
2021-08-17 20:22 - 2021-08-17 20:22 - 000149504 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm\app\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2021-08-17 20:22 - 2021-08-17 20:22 - 000145920 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm\app\resources\app.asar.unpacked\node_modules\node-shared-mem\build\Release\node_shared_mem.node
2021-08-17 20:22 - 2021-08-17 20:22 - 004204032 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm\app\resources\app.asar.unpacked\node_modules\wavoip\build\Release\binding.node
2021-08-17 20:22 - 2021-08-17 20:22 - 000150528 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm\app\resources\app.asar.unpacked\node_modules\windows-focus-assist\build\Release\focus-assist.node
2021-08-17 20:22 - 2021-08-17 20:22 - 000097792 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm\app\resources\app.asar.unpacked\node_modules\windows-notification-state\build\Release\notificationstate.node
2021-08-17 20:22 - 2021-08-17 20:22 - 000101376 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm\app\resources\app.asar.unpacked\node_modules\windows-quiet-hours\build\Release\quiethours.node
2021-08-20 22:44 - 2021-08-20 22:44 - 000659456 _____ () [Datei ist nicht signiert] \\?\C:\Users\*****\AppData\Local\Temp\3485d4dc-5f23-4434-b76e-6fd1db7caecb.tmp.node
2021-08-20 22:44 - 2021-08-20 22:44 - 000195072 _____ () [Datei ist nicht signiert] \\?\C:\Users\*****\AppData\Local\Temp\ecab4951-733a-447d-8f74-a5d2d75d0913.tmp.node
2021-08-17 13:50 - 2021-07-15 10:26 - 002821120 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\iRacing\ui\ffmpeg.dll
2021-08-17 13:51 - 2021-07-15 10:26 - 000446464 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\iRacing\ui\libegl.dll
2021-08-17 13:51 - 2021-07-15 10:26 - 007900160 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\iRacing\ui\libglesv2.dll
2021-08-17 20:22 - 2021-08-17 20:22 - 002772480 _____ () [Datei ist nicht signiert] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm\app\ffmpeg.dll
2021-08-17 20:22 - 2021-08-17 20:22 - 000379904 _____ () [Datei ist nicht signiert] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm\app\libegl.dll
2021-08-17 20:22 - 2021-08-17 20:22 - 007863296 _____ () [Datei ist nicht signiert] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm\app\libglesv2.dll
2021-08-16 15:54 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [Datei ist nicht signiert] C:\Program Files\7-Zip\7-zip.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\nvdimm.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{53966cb1-4d46-4166-bf23-c522403cd495} => ""="ScmDisk"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nvdimm.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{53966cb1-4d46-4166-bf23-c522403cd495} => ""="ScmDisk"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2021-06-05 14:08 - 2021-06-05 14:08 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
2021-08-18 16:59 - 2021-08-18 18:47 - 000000514 _____ C:\Windows\system32\drivers\etc\hosts.ics
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-487585160-604149877-1877980533-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\*****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-80-3017052307-2994996872-1615411526-3164924635-3391446484\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.184.96
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
ist aktiviert.
Network Binding:
=============
Ethernet 2: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
Ethernet: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
Ethernet 4: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AVMWlanClient"
HKLM\...\StartupApproved\Run32: => "Power Automate Desktop notifier"
HKU\S-1-5-21-487585160-604149877-1877980533-1001\...\StartupApproved\Run: => "ExpressVPN4"
HKU\S-1-5-21-487585160-604149877-1877980533-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-487585160-604149877-1877980533-1001\...\StartupApproved\Run: => "DRE Launcher"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{B3390969-CEDF-4086-831C-F2ECCF8054B3}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21217.300.928.2028_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EFF3F018-F294-4A42-B007-79F7D9199030}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21217.300.928.2028_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0F2C46A4-2753-4637-9A37-28AF830590F6}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\92.0.902.73\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D1E8D5F0-8DD3-48C0-94FD-AA86A406E04C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D57BB272-2519-40EA-8414-93659137A564}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4F83FEAA-25BA-4BF5-BF71-5462B43402DA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{62A33B66-AF08-471D-ACE4-94D0C1B8BA1E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1567DC52-7D22-416B-9F3F-FC4B4DAF0E8A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AEB6F6E3-6F22-4FF3-8D85-83A979D85461}C:\users\*****\onedrive\dokumente\iracing\tools\ircorners\ircorners.exe] => (Allow) C:\users\*****\onedrive\dokumente\iracing\tools\ircorners\ircorners.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{5825105A-6C5A-4A7C-BA3F-2ACD3D0C36CF}C:\users\*****\onedrive\dokumente\iracing\tools\ircorners\ircorners.exe] => (Allow) C:\users\*****\onedrive\dokumente\iracing\tools\ircorners\ircorners.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{5100B091-5C2B-477E-9983-EE26D3BAC94C}C:\program files\e2esoft\ivcam\ivcam.exe] => (Allow) C:\program files\e2esoft\ivcam\ivcam.exe (Shanghai Yitu Information Technology Co., Ltd. -> )
FirewallRules: [UDP Query User{F89B5BE2-6855-45AA-8F0F-51BB61E3084F}C:\program files\e2esoft\ivcam\ivcam.exe] => (Allow) C:\program files\e2esoft\ivcam\ivcam.exe (Shanghai Yitu Information Technology Co., Ltd. -> )
FirewallRules: [{426CE265-9ED4-4769-9F18-96A445647179}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1009C473-0226-4924-BBE9-7FEB7DCAD8C6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{528112F8-DAF1-4A2A-907C-FC596052464C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5B958B6E-6216-4250-AD97-B3407ADF6B84}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4BEF0DC7-2110-497D-82CB-A13DC2ECE72A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VoiceAttack\VoiceAttack.exe (VoiceAttack.com -> VoiceAttack.com)
FirewallRules: [{6BB9E220-D1B2-4FC9-9F05-5A70CB66ADFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VoiceAttack\VoiceAttack.exe (VoiceAttack.com -> VoiceAttack.com)
FirewallRules: [{08BC8058-BA35-459A-A550-6DDE88BF2D51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Setup Developer Tool 2021\SetupDev2021.exe () [Datei ist nicht signiert]
FirewallRules: [{AA6CBDE1-A95F-4EED-8770-D927E12FC1BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Setup Developer Tool 2021\SetupDev2021.exe () [Datei ist nicht signiert]
FirewallRules: [{B90A85BC-E575-46A6-80CF-EF74FC27FB52}] => (Allow) LPort=26822
FirewallRules: [{5FA66C46-4808-4BDC-BDE7-7B1DE36BA307}] => (Allow) LPort=32682
==================== Wiederherstellungspunkte =========================
18-08-2021 07:59:09 Power Automate Desktop
18-08-2021 15:39:19 Windows Modules Installer
18-08-2021 22:28:56 Windows Modules Installer
19-08-2021 03:17:33 Installed AMD_Chipset_Drivers.
19-08-2021 16:24:25 Installed FANATEC driver package
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (08/20/2021 10:44:10 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: SIMULATOR-PC)
Description: Windows kann die erweiterbare Leistungsindikator-DLL "C:\Windows\system32\sysmain.dll" nicht laden (Win32-Fehlercode 126).
Error: (08/20/2021 07:13:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname SIMULATOR-PC.local already in use; will try SIMULATOR-PC-2.local instead
Error: (08/20/2021 07:13:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 SIMULATOR-PC.local. Addr 192.168.184.56
Error: (08/20/2021 07:13:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.184.56:5353 16 SIMULATOR-PC.local. AAAA 2A01:0598:A12F:C6EA:C575:7F9F:D67C:A62E
Error: (08/20/2021 07:13:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 SIMULATOR-PC.local. AAAA FE80:0000:0000:0000:B103:59DF:9588:70C9
Error: (08/20/2021 07:13:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.184.56:5353 16 SIMULATOR-PC.local. AAAA 2A01:0598:A12F:C6EA:C575:7F9F:D67C:A62E
Error: (08/20/2021 07:13:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 SIMULATOR-PC.local. AAAA 2A01:0598:A12F:C6EA:1D05:4ED0:64AD:BBA0
Error: (08/20/2021 07:13:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.184.56:5353 16 SIMULATOR-PC.local. AAAA 2A01:0598:A12F:C6EA:C575:7F9F:D67C:A62E
Systemfehler:
=============
Error: (08/20/2021 10:38:24 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{E4C6581F-355E-44A3-8E17-CB3751D64E0A} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (08/20/2021 08:16:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/20/2021 08:12:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ExpressVPN Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/20/2021 08:12:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dienst "Bonjour"" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/20/2021 08:11:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Fanatec Wheel Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/20/2021 05:42:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iRacing.com Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/20/2021 05:41:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/20/2021 04:50:47 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{79145C84-36D3-4C01-9A22-F2AD86882812} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Windows Defender:
================Event[0]
Date: 2021-08-17 16:19:21
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {B148D72B-03C2-429D-9BF8-54318397967E}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Event[0]
Date: 2021-08-18 20:12:32
Description:
Das Microsoft Defender Antivirus-Modul wurde aufgrund eines unerwarteten Fehlers beendet.
Fehlertyp: Absturz
Ausnahmecode: 0xc0000005
Ressource:
Event[1]
Date: 2021-08-16 16:05:41
Description:
N/A
CodeIntegrity:
===============
Date: 2021-08-20 22:44:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends International, LLC. A.E0 06/22/2021
Hauptplatine: Micro-Star International Co., Ltd. MPG X570 GAMING PLUS (MS-7C37)
Prozessor: AMD Ryzen 9 3900X 12-Core Processor
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 32688.98 MB
Verfügbarer physikalischer RAM: 22436.76 MB
Summe virtueller Speicher: 32688.98 MB
Verfügbarer virtueller Speicher: 18382.13 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:953.24 GB) (Free:838.61 GB) (Protected) NTFS
Drive d: (HDD_PLATTE_3TB) (Fixed) (Total:2794.52 GB) (Free:2794.33 GB) (Protected) NTFS
Drive e: (WINDOWS-11_BACKUP) (Fixed) (Total:1861.02 GB) (Free:1846.27 GB) NTFS
Drive f: (WIN11_MBR) (Removable) (Total:29.41 GB) (Free:24.71 GB) NTFS
\\?\Volume{c92f151f-6713-4e11-af31-2dd243c3a6a8}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{717c6873-a90c-4b9a-8181-b32ea1ff9ad6}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 2794.5 GB) (Disk ID: 887C7BDD)
Partition: GPT.
==========================================================
Disk: 1 (Size: 953.9 GB) (Disk ID: DD4EAF9C)
Partition: GPT.
==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 3 (Size: 29.4 GB) (Disk ID: 008ED5FA)
Partition 1: (Active) - (Size=29.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt =======================
Geändert von velotoxic (20.08.2021 um 22:18 Uhr) Grund: Geht nicht nur um ein Rennen, sondern eine Liga |
|
20.08.2021, 22:14
| #2 |
| |  Windows 11: Computer verhält sich merkwürdig ausschließlich innerhalb einer E-Sport Liga FRST:
__________________FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-08-2021
durchgeführt von ***** (Administrator) auf SIMULATOR-PC (Micro-Star International Co., Ltd. MS-7C37) (20-08-2021 22:44:12)
Gestartet von C:\Users\*****\Downloads
Geladene Profile: ***** & UIFlowService
Platform: Windows 10 Pro Version 21H2 22000.132 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(DeskSoft -> DeskSoft) C:\Program Files (x86)\WindowManager\WindowManager.exe
(Discord Inc. -> Discord Inc.) C:\Users\*****\AppData\Local\Discord\app-1.0.9002\Discord.exe <6>
(Escapisim) [Datei ist nicht signiert] C:\Program Files (x86)\Steam\steamapps\common\VoiceAttack\Apps\The Digital Race Engineer\DRE Launcher.exe
(EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe
(EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(File-New-Project) C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.1.8.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe
(iRacing.com Motorsport Simulations, LLC -> iRacing) C:\Program Files (x86)\iRacing\ui\iRacingUI.exe <4>
(iRacing.com Motorsport Simulations, LLC -> iRacing.com Motorsport Simulations, LLC Bedford, MA 01730) C:\Program Files (x86)\iRacing\iRacingService64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <26>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Power Automate Desktop\Microsoft.Flow.RPA.LauncherService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Power Automate Desktop\Microsoft.Flow.RPA.LogShipper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Power Automate Desktop\UIFlowService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileCoAuth.exe
(Microsoft Corporation -> Microsoft) C:\Program Files (x86)\Power Automate Desktop\PAD.BrowserNativeMessageHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.56.11001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.56.11001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ScreenSketch_11.2104.3.0_x64__8wekyb3d8bbwe\SnippingTool\SnippingTool.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20090.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20090.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20090.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_22108.1401.0.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.8052.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> ) C:\Windows\System32\AggregatorHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <5>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe
(Microsoft) C:\Program Files\WindowsApps\MicrosoftTeams_21217.300.928.2028_x64__8wekyb3d8bbwe\msteamsupdate.exe <2>
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Speed Up\StorageMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\True Color\New\MSI.True Color.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe
(Micro-Star INT'L CO., LTD.) [Datei ist nicht signiert] C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControlEngine.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e9f6c354061743a4\RtkAudUService64.exe
(Rhinode LLC -> ) C:\Program Files (x86)\Rhinode LLC\Trading Paints\Trading Paints.exe
(WhatsApp Inc.) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm\app\WhatsApp.exe <7>
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e9f6c354061743a4\RtkAudUService64.exe [1270344 2021-07-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [370088 2021-06-28] (EXPRSVPN LLC -> ExpressVPN)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779504 2021-08-17] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Power Automate Desktop notifier] => C:\Program Files (x86)\Power Automate Desktop\Microsoft.Flow.RPA.Notifier.exe [50592 2021-07-15] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [944088 2017-02-06] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
HKU\S-1-5-21-487585160-604149877-1877980533-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2338688 2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-487585160-604149877-1877980533-1001\...\Run: [Discord] => C:\Users\*****\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-487585160-604149877-1877980533-1001\...\Run: [FanaLab] => C:\Program Files (x86)\Fanatec\FanaLab\Control\FanaLab.exe [65395064 2021-08-16] (Endor AG -> Endor Fanatec)
HKU\S-1-5-21-487585160-604149877-1877980533-1001\...\Run: [Trading Paints] => C:\Program Files (x86)\Rhinode LLC\Trading Paints\Trading Paints.exe [638368 2021-06-14] (Rhinode LLC -> )
HKU\S-1-5-21-487585160-604149877-1877980533-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4110568 2021-07-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-487585160-604149877-1877980533-1001\...\Run: [DRE Launcher] => C:\program files (x86)\steam\steamapps\common\VoiceAttack\Apps\The Digital Race Engineer\DRE Launcher.exe [2390016 2021-06-07] (Escapisim) [Datei ist nicht signiert]
HKU\S-1-5-21-487585160-604149877-1877980533-1001\...\Run: [ExpressVPN4] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe [850344 2021-06-28] (EXPRSVPN LLC -> ExpressVPN)
HKU\S-1-5-21-487585160-604149877-1877980533-1001\...\MountPoints2: {a37b9407-fe98-11eb-9f4e-a26aeb553390} - "G:\pushinst.exe"
HKLM\Software\...\Winlogon\GPExtensions: [{8472C2C4-6B70-4301-A20D-A6CEA5F82B7E}] -> C:\Windows\System32\StartTileData.dll [2021-08-15] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DRE Launcher.exe(elevated).lnk [2021-08-19]
ShortcutTarget: DRE Launcher.exe(elevated).lnk -> C:\Windows\System32\schtasks.exe (Microsoft Windows -> Microsoft Corporation)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0628A741-FEE6-4CB7-BC6C-B3A95F66DDB5} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {0784FCB0-C376-4566-B51F-1B087907C2EF} - System32\Tasks\MSI Task Host - MSI_Smart Image Finder => C:\Program Files (x86)\MSI\MSI Center\Smart Image Finder\MSI_Smart Image Finder.exe [994104 2021-04-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_1.0.24.0_x64__kzh8wxbdkxb8p\DCv2
Task: {0CF071CA-711B-452A-B7D7-485624A0C73D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0F130E4E-1EE9-46A8-95DF-3E3FCFA91CF6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1252A84C-8F10-40E8-A3DB-1C30B0D37B16} - System32\Tasks\Microsoft\Windows\Printing\PrinterCleanupTask => {C56F065E-DE49-4E42-BE7C-305C45609D25} C:\Windows\System32\PrinterCleanupTask.dll [118784 2021-08-15] (Microsoft Windows -> Microsoft Corporation)
Task: {169BB5A6-43F3-4FC7-9068-31E587549BC0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139112 2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {24A9C769-BA2A-4BAF-950B-F6F1D1C447DA} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [667832 2021-07-16] (Advanced Micro Devices INC. -> )
Task: {615DF84C-4037-4E74-B87C-3E6A5C59B6D0} - System32\Tasks\D3DGearRawFrameCaptureTask => C:\Program Files (x86)\iRacing\d3dgear\d3dGear.exe [1986984 2021-06-01] (D3DGear Technologies -> D3DGear Technologies.)
Task: {72F821B4-F095-4416-AC15-28B0D545859C} - System32\Tasks\DRE Launcher.exe_1642829084 => cmd.exe /c start "" "C:\Program Files (x86)\Steam\steamapps\common\VoiceAttack\Apps\The Digital Race Engineer\DRE Launcher.exe"
Task: {7B059DF4-A1AB-49CD-9989-2E3D2D016A05} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253888 2021-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B51225E-3874-40DE-B771-408E5E7DCCBB} - System32\Tasks\Microsoft\Windows\Kernel\La57Cleanup => C:\Windows\system32\la57setup.exe [36864 2021-08-15] (Microsoft Windows -> Microsoft Corporation)
Task: {8C94665D-F9DA-4E18-BF62-B81D82E4C1A5} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe [1735504 2021-07-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {9499E490-4AEB-4F2C-A07D-C4510BE51407} - System32\Tasks\NVCleanstall => C:\Program Files\NVCleanstall\NVCleanstall.exe [3593616 2021-08-18] (TechPowerUp LLC -> TechPowerUp)
Task: {982129A5-E66A-47D4-B7BC-D645CCE498F6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139112 2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {A113AD26-AA99-4C14-9101-6C53FDBA2241} - System32\Tasks\Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup => C:\Windows\system32\MdmDiagnosticsTool.exe [90112 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {A5D28693-2D90-427E-AE30-37C2B3A90581} - System32\Tasks\WindowManager => C:\Program Files (x86)\WindowManager\WindowManager.exe [1556320 2021-08-06] (DeskSoft -> DeskSoft)
Task: {A79BA140-4629-44DD-88F3-26A23688E8F2} - System32\Tasks\microsoft\windows\capabilityaccessmanager\maintenancetasks => %windir%\system32\rundll32.exe %windir%\system32\CapabilityAccessManager.dll,CapabilityAccessManagerDoStoreMaintenance
Task: {AA87A09C-4157-45DA-9880-7EA283460D6F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253888 2021-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {D3E9B511-584F-4797-A159-D7452BD5AE6F} - System32\Tasks\Microsoft\Windows\AppListBackup\Backup => {E0DCC2CC-3354-45F2-8914-519E07809082} C:\Windows\system32\AppListBackupLauncher.dll [110592 2021-08-15] (Microsoft Windows -> Microsoft Corporation)
Task: {EC78B48C-CE17-4A6A-9E2C-FDFC50E81AE4} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [3977088 2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {EF911247-B64F-40A8-9900-5CEA83FBC424} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F1321F12-EDDE-490D-B553-C1EF67162EF6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F21E75C8-2470-408B-90B9-0C16A9649589} - System32\Tasks\Microsoft\Windows\Shell\ThemesSyncedImageDownload => {79F8E185-4E45-4B74-8182-02AA430661E4} C:\Windows\System32\Themes.SsfDownload.ScheduledTask.dll [200704 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 07 C:\Windows\SysWOW64\nlansp_c.dll [83456 2021-06-05] (Microsoft Windows -> Microsoft Corporation) ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Windows\system32\nlansp_c.dll [126976 2021-06-05] (Microsoft Windows -> Microsoft Corporation) ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.184.96
Tcpip\..\Interfaces\{5f5840e2-9074-4bc9-a13f-fbf1490f4ac0}: [NameServer] 10.184.0.1
Tcpip\..\Interfaces\{79145c84-36d3-4c01-9a22-f2ad86882812}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{e4c6581f-355e-44a3-8e17-cb3751d64e0a}: [DhcpNameServer] 192.168.184.96
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-20]
Edge Notifications: Default -> hxxps://business.facebook.com; hxxps://majorsgarage.com; hxxps://www.facebook.com; hxxps://www.youtube.com
Edge HomePage: Default -> hxxps://www.youtube.com/watch?v=YVkUvmDQ3HY&list=PLAOy3YeIoPJEMl8d3ZA3AJZzB-ygKD38G
Edge StartupUrls: Default -> "hxxps://d3bxz2vegbjddt.cloudfront.net/members/pdfs/iRacing_Setup_Guide.pdf","hxxps://majorsgarage.com/","hxxps://www.simracingportal.de/teams/194/edit","hxxps://app.teamup.management/dashboard","hxxps://members.iracing.com/membersite/account_auth.jsp","hxxps://status.iracing.com/","hxxps://members.iracing.com/membersite/member/worldrecords.jsp","hxxps://members.iracing.com/membersite/member/statsseries.jsp","hxxps://members.iracing.com/jforum/recentTopics/list.page","hxxps://members.iracing.com/jforum/posts/list/3481077.page","hxxps://www.instagram.com/p/CNkb5uJhVdV/","hxxps://web.whatsapp.com/","hxxps://www.facebook.com/","hxxps://www.nessoft.com/ispeed/replay_to_irlap.html","hxxp://www.speedmaniacs.com/News,iRacing-ATLAS-Telemetriesoftware-und-Guide-verfgbar,5272","hxxps://www.z1simwheel.com/m/analyzer/","hxxps://www.nessoft.com/ispeed/pointsofinterest.html","hxxps://www.nessoft.com/ispeed/lapanalyzer.html","hxxps://www.wir-machen-rennfahrer.de/"
Edge Session Restore: Default -> ist aktiviert.
Edge Extension: (XN Price Checker) - C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bgkmdbhpfhmbgmbphejlepfcphjfaaej [2021-08-16]
Edge Extension: (Microsoft-Editor: Rechtschreibung- und Grammatikprüfung) - C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hokifickgkhplphjiodbggjmoafhignh [2021-08-20]
Edge Extension: (Tampermonkey) - C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iikmkjmpaadaobahmlepeloendndfphd [2021-08-16]
Edge Extension: (SingleFile) - C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mpiodijhokgodhhofbcjdecpffjipkle [2021-08-19]
Edge Extension: (Microsoft Power Automate) - C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\njjljiblognghfjfpcdpdbpbfcmhgafg [2021-08-16]
Edge Extension: (Bitwarden - Kostenloser Passwortmanager) - C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nngceckbapebfimnlniiiahkandclblb [2021-08-20]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-08-17] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-08-17] (Adobe Inc. -> Adobe Systems)
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842480 2021-08-17] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3779840 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3547904 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [602376 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9142128 2021-08-05] (Microsoft Corporation -> Microsoft Corporation)
S3 cloudidsvc; C:\Windows\system32\cloudidsvc.dll [135168 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2021-06-01] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [437160 2021-06-28] (EXPRSVPN LLC -> ExpressVPN)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncHelper.exe [3249536 2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
S3 FrameServerMonitor; C:\Windows\system32\FrameServerMonitor.dll [319488 2021-08-15] (Microsoft Windows -> Microsoft Corporation)
S2 FWPnpService; C:\Program Files\Fanatec\Fanatec Wheel\FWPnpService.exe [423288 2021-04-28] (Endor AG -> )
R2 iRacingService; C:\Program Files (x86)\iRacing\iRacingService64.exe [1629416 2021-08-10] (iRacing.com Motorsport Simulations, LLC -> iRacing.com Motorsport Simulations, LLC Bedford, MA 01730)
R2 LightKeeperService; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S3 McpManagementService; C:\Windows\System32\McpManagementService.dll [319488 2021-08-15] (Microsoft Windows -> Microsoft Corporation)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [150840 2021-06-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Super_Charger_Service; C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe [39224 2021-04-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [36152 2021-06-07] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe [39760 2021-05-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S3 NPSMSvc; C:\Windows\System32\npsm.dll [233472 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 NPSMSvc; C:\Windows\SysWOW64\npsm.dll [163840 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.160.0808.0001\OneDriveUpdaterService.exe [3711864 2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
S3 P9RdrService; C:\Windows\system32\p9rdrservice.dll [122880 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5533120 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 UIFlowAgentLauncherService; C:\Program Files (x86)\Power Automate Desktop\Microsoft.Flow.RPA.LauncherService.exe [26000 2021-07-15] (Microsoft Corporation -> Microsoft Corporation)
R2 UIFlowLogShipper; C:\Program Files (x86)\Power Automate Desktop\Microsoft.Flow.RPA.LogShipper.exe [22416 2021-07-15] (Microsoft Corporation -> Microsoft Corporation)
R2 UIFlowService; C:\Program Files (x86)\Power Automate Desktop\UIFlowService.exe [32672 2021-07-15] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-16] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2017-02-06] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
R1 cFosSpeed; C:\Windows\system32\DRIVERS\cfosspeed6.sys [1695016 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
R1 CTIIO; C:\Windows\system32\drivers\CtiIo64.sys [17944 2021-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3440440 2021-06-05] (Microsoft Windows -> Marvell Semiconductor Inc.)
S0 ebdrv0; C:\Windows\System32\drivers\evbd0a.sys [3423032 2021-06-05] (Microsoft Windows -> QLogic Corporation)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ExecutionContext; C:\Windows\System32\Drivers\ExecutionContext.sys [61440 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [37024 2021-06-28] (ExprsVPN LLC -> ExpressVPN)
R3 expressvpnwintun; C:\Windows\System32\drivers\expressvpn-wintun.sys [46824 2021-06-28] (Express VPN International Ltd. -> ExpressVPN)
R3 FanatecWheelFilterUsb; C:\Windows\System32\drivers\FWFilterUsb.sys [94112 2021-07-16] (Endor AG -> Endor AG)
S3 fwuac430mu; C:\Windows\system32\DRIVERS\fwuac430mu.sys [1977704 2017-02-06] (WDKTestCert rstolz,131045024706955510 -> AVM GmbH)
R3 FWVirtualInputDevice; C:\Windows\System32\drivers\FWVirtualInputDevice.sys [36240 2021-07-16] (Endor AG -> Endor AG)
S3 HidSpiCx; C:\Windows\System32\drivers\HidSpiCx.sys [118784 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 I2cHkBurn; C:\Windows\system32\drivers\I2cHkBurn.sys [38544 2018-12-13] (Feature Integration Technology Inc -> FINTEK Corp.)
R0 IntelPMT; C:\Windows\System32\drivers\IntelPMT.sys [74224 2021-06-05] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
R3 iVCam; C:\Windows\system32\DRIVERS\iVCam.sys [1090536 2020-11-02] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft)
S0 megasas35i; C:\Windows\System32\drivers\megasas35i.sys [100176 2021-06-05] (Microsoft Windows -> Broadcom Inc)
S0 mpi3drvi; C:\Windows\System32\drivers\mpi3drvi.sys [87352 2021-06-05] (Microsoft Windows -> Broadcom Limited)
R3 MpKsl81fb8495; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{253C515F-6FA0-40C8-8BCF-6C1C167795B6}\MpKslDrv.sys [123112 2021-08-19] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 mt7612US; C:\Windows\System32\drivers\mt7612US.sys [377864 2015-12-09] (Windows Central Build Account - X -> MediaTek Inc.)
S3 NDKPerf; C:\Windows\System32\drivers\NDKPerf.sys [78152 2021-06-05] (Microsoft Windows -> )
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [32624 2021-03-16] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_CPU; C:\Program Files (x86)\MSI\MSI Center\Super Charger\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NVHDA; C:\Windows\system32\drivers\nvhda64v.sys [129960 2021-08-05] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S0 nvmedisk; C:\Windows\System32\drivers\nvmedisk.sys [82240 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 rpkmdrvkc; C:\Windows\system32\drivers\rpkmdrvkc.sys [49064 2020-05-13] (深圳雷柏科技股份有限公司 -> )
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_d2a498d51a4f7bec\rtcx21x64.sys [409000 2021-06-01] (Realtek Semiconductor Corp. -> Realtek)
R3 tapexpressvpn; C:\Windows\System32\drivers\tapexpressvpn.sys [52904 2021-06-28] (ExprsVPN LLC -> The OpenVPN Project)
S3 Usb4DeviceRouter; C:\Windows\System32\DriverStore\FileRepository\usb4devicerouter.inf_amd64_8d9a17bd8e5b4b11\Usb4DeviceRouter.sys [831800 2021-08-15] (Microsoft Windows -> Microsoft Corporation)
S3 Usb4HostRouter; C:\Windows\System32\DriverStore\FileRepository\usb4hostrouter.inf_amd64_acb1b78bb0ae3528\Usb4HostRouter.sys [557368 2021-08-15] (Microsoft Windows -> Microsoft Corporation)
S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [90112 2021-08-18] (Microsoft Windows -> )
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49568 2021-08-16] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [434424 2021-08-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-16] (Microsoft Windows -> Microsoft Corporation)
R3 WinRing0_1_2_2; C:\Windows\system32\drivers\WinRing0_1_2_2.sys [31152 2021-08-20] (PAIPTAC Driver -> )
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-08-20 22:44 - 2021-08-20 22:44 - 000031208 _____ C:\Users\*****\Downloads\FRST.txt
2021-08-20 22:44 - 2021-08-20 22:44 - 000000000 ____D C:\FRST
2021-08-20 22:43 - 2021-08-20 22:43 - 002300416 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2021-08-20 19:01 - 2021-08-20 19:01 - 000188158 _____ C:\Users\*****\Downloads\OneDrive.zip
2021-08-20 18:58 - 2021-08-20 18:58 - 000009197 _____ C:\Users\*****\Downloads\OneDrive-ADMX-Template-Sept2018.zip
2021-08-20 17:03 - 2021-07-29 08:07 - 001695016 _____ (cFos Software GmbH) C:\Windows\system32\Drivers\cfosspeed6.sys
2021-08-20 16:58 - 2021-08-20 16:58 - 000000000 ____D C:\Users\*****\AppData\Local\cFos
2021-08-19 20:51 - 2021-08-19 20:51 - 000003214 _____ C:\Windows\system32\Tasks\DRE Launcher.exe_1642829084
2021-08-19 20:04 - 2021-08-19 20:04 - 000000000 ____D C:\Users\*****\AppData\Local\Endor_Fanatec
2021-08-19 19:18 - 2021-08-19 19:18 - 000004316 _____ C:\Users\*****\OneDrive\Dokumente\log_mforce 2021-08-19 19-18-17.csv
2021-08-19 19:17 - 2021-08-19 19:18 - 000005173 _____ C:\Users\*****\OneDrive\Dokumente\log_mforce 2021-08-19 19-17-55.csv
2021-08-19 19:16 - 2021-08-19 19:16 - 000023898 _____ C:\Users\*****\OneDrive\Dokumente\log_mforce 2021-08-19 19-16-35.csv
2021-08-19 19:16 - 2021-08-19 19:16 - 000003872 _____ C:\Users\*****\OneDrive\Dokumente\log_mforce 2021-08-19 19-16-20.csv
2021-08-19 19:02 - 2021-08-19 19:02 - 000037371 _____ C:\Users\*****\OneDrive\Dokumente\log_mforce 2021-08-19 19-02-01.csv
2021-08-19 19:02 - 2021-08-19 19:02 - 000035199 _____ C:\Users\*****\OneDrive\Dokumente\log_mforce 2021-08-19 19-02-15.csv
2021-08-19 19:01 - 2021-08-19 19:01 - 000029231 _____ C:\Users\*****\OneDrive\Dokumente\log_mforce 2021-08-19 19-01-53.csv
2021-08-19 19:01 - 2021-08-19 19:01 - 000003571 _____ C:\Users\*****\OneDrive\Dokumente\log_mforce 2021-08-19 19-01-44.csv
2021-08-19 19:01 - 2021-08-19 19:01 - 000000045 _____ C:\Users\*****\OneDrive\Dokumente\log_mforce 2021-08-19 19-01-50.csv
2021-08-19 19:01 - 2021-08-19 19:01 - 000000045 _____ C:\Users\*****\OneDrive\Dokumente\log_mforce 2021-08-19 19-01-49.csv
2021-08-19 19:00 - 2021-08-19 19:00 - 000030434 _____ C:\Users\*****\OneDrive\Dokumente\log_mforce 2021-08-19 19-00-14.csv
2021-08-19 18:58 - 2021-08-19 18:58 - 000034945 _____ C:\Users\*****\OneDrive\Dokumente\log_mforce 2021-08-19 18-58-40.csv
2021-08-19 18:46 - 2021-08-19 18:46 - 000018730 _____ C:\Users\*****\OneDrive\Dokumente\log_mforce 2021-08-19 18-46-22.csv
2021-08-19 18:46 - 2021-08-19 18:46 - 000017065 _____ C:\Users\*****\OneDrive\Dokumente\log_mforce 2021-08-19 18-46-33.csv
2021-08-19 18:45 - 2021-08-19 18:45 - 000017900 _____ C:\Users\*****\OneDrive\Dokumente\log_mforce 2021-08-19 18-45-44.csv
2021-08-19 16:37 - 2021-08-19 16:37 - 000036043 _____ C:\Users\*****\OneDrive\Dokumente\log_mforce 2021-08-19 16-37-02.csv
2021-08-19 16:24 - 2021-08-19 16:24 - 000002611 _____ C:\Users\Public\Desktop\Fanatec Control Panel.lnk
2021-08-19 16:24 - 2021-08-19 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Endor Fanatec
2021-08-19 16:24 - 2021-08-19 16:24 - 000000000 ____D C:\Program Files\Fanatec
2021-08-19 16:24 - 2021-08-19 16:24 - 000000000 ____D C:\Program Files (x86)\Fanatec
2021-08-19 15:28 - 2021-08-20 16:54 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2021-08-19 15:26 - 2021-08-19 15:26 - 000000226 _____ C:\Windows\system32\prime.txt
2021-08-19 15:26 - 2021-08-19 15:26 - 000000190 _____ C:\Windows\system32\local.txt
2021-08-19 03:16 - 2021-08-19 03:16 - 000000000 ____D C:\Users\*****\AppData\Local\RadeonInstaller
2021-08-19 03:16 - 2021-08-19 03:16 - 000000000 ____D C:\ProgramData\AMD
2021-08-19 00:26 - 2021-08-19 00:26 - 000000000 ____D C:\Users\*****\AppData\Local\A
2021-08-18 23:43 - 2021-08-18 23:43 - 000002158 _____ C:\Users\Public\Desktop\StoreMI.lnk
2021-08-18 23:43 - 2021-08-18 23:43 - 000000946 _____ C:\Users\Public\Desktop\CPUID CPU-Z MSI.lnk
2021-08-18 23:43 - 2021-08-18 23:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2021-08-18 23:43 - 2021-08-18 23:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD
2021-08-18 23:43 - 2021-08-18 23:43 - 000000000 ____D C:\Program Files\CPUID
2021-08-18 23:26 - 2021-08-18 23:26 - 000000000 ____D C:\Users\*****\AppData\Roaming\MAXON
2021-08-18 23:22 - 2021-08-20 19:04 - 000031152 _____ C:\Windows\system32\Drivers\WinRing0_1_2_2.sys
2021-08-18 22:40 - 2021-08-19 15:26 - 000000000 ____D C:\CTR 2.1 RC5
2021-08-18 21:14 - 2021-08-18 21:14 - 000000000 ____D C:\Users\*****\AppData\Roaming\VoiceAttack
2021-08-18 21:13 - 2021-08-18 21:13 - 000001845 _____ C:\Users\Public\Desktop\The DRE Launcher.lnk
2021-08-18 21:11 - 2021-08-18 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VE 5.4 American English Nathan
2021-08-18 21:11 - 2021-08-18 21:11 - 000000000 ____D C:\Program Files\VE
2021-08-18 21:10 - 2021-08-18 21:10 - 000000000 ____D C:\Users\*****\AppData\LocalLow\Monkey Face Software LLC
2021-08-18 21:10 - 2021-08-18 21:10 - 000000000 ____D C:\Users\*****\AppData\Local\VoiceAttack.com
2021-08-18 21:09 - 2021-08-18 21:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Digital Race Engineer
2021-08-18 21:09 - 2021-08-18 21:09 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-08-18 21:07 - 2021-08-18 21:07 - 000000000 ____D C:\Users\*****\AppData\Local\Steam
2021-08-18 21:06 - 2021-08-19 22:06 - 000000000 ____D C:\Program Files (x86)\Steam
2021-08-18 21:06 - 2021-08-18 21:06 - 000001032 _____ C:\Users\Public\Desktop\Steam.lnk
2021-08-18 21:06 - 2021-08-18 21:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-08-18 20:35 - 2021-08-18 20:35 - 000000000 ____D C:\Users\*****\AppData\Local\ImageMagick
2021-08-18 20:33 - 2021-08-18 23:43 - 000003516 _____ C:\Windows\system32\Tasks\AMDAutoUpdate
2021-08-18 20:33 - 2021-08-18 23:43 - 000000000 ____D C:\Users\*****\AppData\Local\AMD
2021-08-18 20:33 - 2021-08-18 20:37 - 000000000 ____D C:\ProgramData\AMD AutoUpdate
2021-08-18 20:33 - 2021-08-18 20:33 - 000002219 _____ C:\Users\Public\Desktop\AMD Ryzen Master.lnk
2021-08-18 20:33 - 2021-08-18 20:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Ryzen Master
2021-08-18 18:38 - 2021-08-18 18:38 - 000032922 _____ C:\Users\*****\OneDrive\Dokumente\log_mforce 2021-08-18 18-38-04.csv
2021-08-18 18:37 - 2021-08-18 18:37 - 000029435 _____ C:\Users\*****\OneDrive\Dokumente\log_mforce 2021-08-18 18-37-34.csv
2021-08-18 18:18 - 2021-08-18 18:18 - 000034103 _____ C:\Users\*****\OneDrive\Dokumente\log_mforce 2021-08-18 18-18-24.csv
2021-08-18 16:59 - 2021-08-18 18:47 - 000000514 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2021-08-18 16:58 - 2021-08-18 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN
2021-08-18 16:58 - 2021-08-18 16:59 - 000000000 ____D C:\Program Files (x86)\avmwlanstick
2021-08-18 16:58 - 2017-02-06 01:00 - 001977704 _____ (AVM GmbH) C:\Windows\system32\Drivers\fwuac430mu.sys
2021-08-18 16:58 - 2017-02-06 01:00 - 000574640 _____ C:\Windows\system32\Drivers\fwuac430mu_wlan.bin
2021-08-18 16:58 - 2017-02-06 01:00 - 000114200 _____ (AVM Berlin) C:\Windows\system32\fwuac430muci_29.dll
2021-08-18 16:58 - 2017-02-06 01:00 - 000023821 _____ C:\Windows\system32\Drivers\fwuac430mu_otp.bin
2021-08-18 16:58 - 2017-02-06 01:00 - 000014120 _____ (AVM Berlin) C:\Windows\system32\Drivers\avmeject.sys
2021-08-18 16:58 - 2017-02-06 01:00 - 000008124 _____ C:\Windows\system32\Drivers\fwuac430mu_bdata.bin
2021-08-18 16:54 - 2021-08-18 16:54 - 000000000 ____D C:\Users\*****\AppData\Roaming\NVIDIA
2021-08-18 16:50 - 2021-08-18 16:50 - 000000000 ____D C:\Users\*****\AppData\Local\e2eSoft
2021-08-18 15:39 - 2021-08-18 15:39 - 000000000 ___HD C:\$WinREAgent
2021-08-18 15:28 - 2021-08-18 15:28 - 000000000 ____D C:\Windows\system32\Tasks\Agent Activation Runtime
2021-08-18 15:19 - 2021-08-18 15:19 - 000000000 ___SD C:\Windows\system32\containers
2021-08-18 15:19 - 2021-08-18 15:19 - 000000000 ____D C:\Windows\system32\HvsiSettingsProviders
2021-08-18 13:47 - 2021-08-19 15:28 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-08-18 13:47 - 2021-08-19 15:28 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-18 13:47 - 2021-08-18 13:47 - 000000000 ___RD C:\Users\Default\OneDrive
2021-08-18 13:47 - 2021-08-18 13:47 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-08-18 13:46 - 2021-08-18 13:46 - 000002541 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-08-18 13:46 - 2021-08-18 13:46 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-08-18 13:46 - 2021-08-18 13:46 - 000002516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-08-18 13:46 - 2021-08-18 13:46 - 000002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-08-18 13:46 - 2021-08-18 13:46 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-08-18 13:46 - 2021-08-18 13:46 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-08-18 13:46 - 2021-08-18 13:46 - 000002427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-08-18 13:46 - 2021-08-18 13:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-08-18 13:43 - 2021-08-18 13:46 - 000000000 ____D C:\Program Files\Microsoft Office
2021-08-18 13:43 - 2021-08-18 13:43 - 000000000 ____D C:\Users\*****\AppData\LocalLow\Temp
2021-08-18 13:43 - 2021-08-18 13:43 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-08-18 11:10 - 2021-08-18 11:10 - 000000000 ____D C:\Users\*****\AppData\Local\Microsoft_Corporation
2021-08-18 08:27 - 2021-08-18 08:27 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2021-08-18 08:27 - 2021-08-05 19:24 - 009650987 _____ C:\Windows\system32\nvcoproc.bin
2021-08-18 08:27 - 2021-08-05 19:24 - 005672144 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2021-08-18 08:27 - 2021-08-05 19:24 - 002639568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2021-08-18 08:27 - 2021-08-05 19:24 - 001758408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2021-08-18 08:27 - 2021-08-05 19:24 - 000991440 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2021-08-18 08:27 - 2021-08-05 19:24 - 000120520 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2021-08-18 08:27 - 2021-08-05 19:24 - 000082632 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2021-08-18 08:27 - 2021-04-30 11:09 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2021-08-18 08:26 - 2021-08-06 10:41 - 001858688 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2021-08-18 08:26 - 2021-08-06 10:41 - 001858688 _____ C:\Windows\system32\vulkaninfo.exe
2021-08-18 08:26 - 2021-08-06 10:41 - 001438824 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-08-18 08:26 - 2021-08-06 10:41 - 001438824 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2021-08-18 08:26 - 2021-08-06 10:41 - 001097832 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2021-08-18 08:26 - 2021-08-06 10:41 - 001097832 _____ C:\Windows\system32\vulkan-1.dll
2021-08-18 08:26 - 2021-08-06 10:41 - 000951936 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2021-08-18 08:26 - 2021-08-06 10:41 - 000951936 _____ C:\Windows\SysWOW64\vulkan-1.dll
2021-08-18 08:26 - 2021-08-06 10:40 - 001212536 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2021-08-18 08:26 - 2021-08-06 10:38 - 001520784 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2021-08-18 08:26 - 2021-08-06 10:38 - 000716928 _____ C:\Windows\system32\nvofapi64.dll
2021-08-18 08:26 - 2021-08-06 10:38 - 000676496 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2021-08-18 08:26 - 2021-08-06 10:38 - 000577168 _____ C:\Windows\SysWOW64\nvofapi.dll
2021-08-18 08:26 - 2021-08-06 10:38 - 000564344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2021-08-18 08:26 - 2021-08-06 10:37 - 002112144 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2021-08-18 08:26 - 2021-08-06 10:37 - 001731728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6447168.dll
2021-08-18 08:26 - 2021-08-06 10:37 - 001595536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2021-08-18 08:26 - 2021-08-06 10:37 - 001491600 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6447168.dll
2021-08-18 08:26 - 2021-08-06 10:37 - 001171064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2021-08-18 08:26 - 2021-08-06 10:37 - 000919184 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2021-08-18 08:26 - 2021-08-06 10:37 - 000750224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2021-08-18 08:26 - 2021-08-06 10:36 - 008854136 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2021-08-18 08:26 - 2021-08-06 10:36 - 007920752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2021-08-18 08:26 - 2021-08-06 10:36 - 004987512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2021-08-18 08:26 - 2021-08-06 10:36 - 002925688 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2021-08-18 08:26 - 2021-08-06 10:34 - 007280840 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2021-08-18 08:26 - 2021-08-06 10:34 - 006215808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2021-08-18 08:26 - 2021-08-05 23:13 - 001682384 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2021-08-18 08:26 - 2021-08-05 23:13 - 000067138 _____ C:\Windows\system32\nvinfo.pb
2021-08-18 08:26 - 2021-08-05 23:13 - 000037680 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2021-08-18 08:22 - 2021-08-18 08:22 - 000003754 _____ C:\Windows\system32\Tasks\NVCleanstall
2021-08-18 08:22 - 2021-08-18 08:22 - 000000913 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVCleanstall.lnk
2021-08-18 08:22 - 2021-08-18 08:22 - 000000000 ____D C:\Program Files\NVCleanstall
2021-08-18 08:04 - 2021-08-18 08:04 - 000000000 ____D C:\Users\*****\AppData\Local\iRacingOnlineStatus
2021-08-18 08:00 - 2021-08-18 08:00 - 000003186 _____ C:\Windows\system32\Tasks\WindowManager
2021-08-18 08:00 - 2021-08-18 08:00 - 000000000 ____D C:\Users\*****\AppData\Roaming\DeskSoft
2021-08-18 08:00 - 2021-08-18 08:00 - 000000000 ____D C:\ProgramData\DeskSoft
2021-08-18 08:00 - 2021-08-18 08:00 - 000000000 ____D C:\Program Files (x86)\WindowManager
2021-08-18 07:59 - 2021-08-18 07:59 - 000001190 _____ C:\Users\Public\Desktop\Power Automate Desktop.lnk
2021-08-18 07:59 - 2021-08-18 07:59 - 000000932 _____ C:\Users\Public\Desktop\Winaero Tweaker.lnk
2021-08-18 07:59 - 2021-08-18 07:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winaero Tweaker
2021-08-18 07:59 - 2021-08-18 07:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Power Automate Desktop
2021-08-18 07:59 - 2021-08-18 07:59 - 000000000 ____D C:\Program Files\Winaero Tweaker
2021-08-18 07:59 - 2021-08-18 07:59 - 000000000 ____D C:\Program Files (x86)\Power Automate Desktop
2021-08-18 07:58 - 2021-08-18 07:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e2eSoft iVCam
2021-08-18 07:58 - 2021-08-18 07:58 - 000000000 ____D C:\ProgramData\Apple
2021-08-18 07:58 - 2021-08-18 07:58 - 000000000 ____D C:\Program Files\e2eSoft
2021-08-18 07:58 - 2021-08-18 07:58 - 000000000 ____D C:\Program Files\Bonjour
2021-08-18 07:58 - 2021-08-18 07:58 - 000000000 ____D C:\Program Files (x86)\Bonjour
2021-08-18 07:58 - 2020-11-02 18:40 - 001090536 _____ (e2eSoft) C:\Windows\system32\Drivers\iVCam.sys
2021-08-18 05:09 - 2021-08-18 05:09 - 000003522 _____ C:\Windows\system32\Tasks\MSI Task Host - MSI_Smart Image Finder
2021-08-18 00:42 - 2018-12-13 16:02 - 000137360 _____ (TODO: <公司名稱>) C:\Windows\system32\FintekIcon1.dll
2021-08-18 00:42 - 2018-12-13 16:02 - 000038544 _____ (FINTEK Corp.) C:\Windows\system32\Drivers\I2cHkBurn.sys
2021-08-18 00:15 - 2021-08-20 19:03 - 000000448 __RSH C:\ProgramData\ntuser.pol
2021-08-17 23:29 - 2021-08-17 23:29 - 000000000 ___RD C:\Users\*****\Recorded Calls
2021-08-17 23:29 - 2021-08-17 23:29 - 000000000 ___RD C:\Users\*****\3D Objects
2021-08-17 23:09 - 2021-08-17 23:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BCUninstaller
2021-08-17 23:08 - 2021-08-17 23:10 - 000000000 ____D C:\Program Files\BCUninstaller
2021-08-17 23:05 - 2021-08-17 23:06 - 000000000 ____D C:\Users\*****\AppData\Local\SimSync.de
2021-08-17 23:02 - 2021-08-17 23:02 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk
2021-08-17 23:02 - 2021-08-17 23:02 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\Adobe
2021-08-17 22:52 - 2021-08-17 22:52 - 000003522 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2021-08-17 22:52 - 2021-08-17 22:52 - 000000000 ___RD C:\Users\*****\Creative Cloud Files
2021-08-17 22:52 - 2021-08-17 22:52 - 000000000 ____D C:\Users\*****\AppData\Local\CEF
2021-08-17 22:50 - 2021-08-17 22:55 - 000000000 ____D C:\ProgramData\Adobe
2021-08-17 22:50 - 2021-08-17 22:50 - 000001382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2021-08-17 22:49 - 2021-08-17 23:02 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-08-17 22:49 - 2021-08-17 22:52 - 000000000 ____D C:\Program Files\Adobe
2021-08-17 22:49 - 2021-08-17 22:51 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-08-17 22:48 - 2021-08-17 22:52 - 000000000 ____D C:\Users\*****\AppData\Local\Adobe
2021-08-17 22:17 - 2021-08-17 22:17 - 000000000 ____D C:\Program Files\DIFX
2021-08-17 22:16 - 2021-08-17 23:29 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rapoo
2021-08-17 21:54 - 2021-08-17 21:54 - 000000000 ____D C:\Users\*****\AppData\Roaming\EasyAntiCheat
2021-08-17 21:48 - 2021-08-20 17:03 - 000081346 _____ C:\Windows\cFosSpeed_Setup_Log.txt
2021-08-17 21:48 - 2021-08-20 17:03 - 000000000 ____D C:\Program Files\cFosSpeed
2021-08-17 21:48 - 2021-08-17 21:48 - 000000000 ____D C:\ProgramData\cFos
2021-08-17 21:38 - 2021-08-17 21:38 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SnoreToast
2021-08-17 21:32 - 2021-08-17 21:32 - 000002471 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YouTube Music.lnk
2021-08-17 21:32 - 2021-08-17 21:32 - 000000000 ____D C:\Users\*****\AppData\Local\youtube-music-updater
2021-08-17 21:31 - 2021-08-20 17:23 - 000000000 ____D C:\Users\*****\AppData\Roaming\YouTube Music
2021-08-17 21:30 - 2021-08-18 07:57 - 000000000 ____D C:\Users\*****\Programme_Portable
2021-08-17 20:35 - 2021-08-17 23:25 - 000000000 ____D C:\Users\*****\AppData\Roaming\TradingPaints Downloader
2021-08-17 20:35 - 2021-08-17 20:35 - 000002194 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Trading Paints.lnk
2021-08-17 20:35 - 2021-08-17 20:35 - 000002188 _____ C:\Users\Public\Desktop\Trading Paints.lnk
2021-08-17 20:35 - 2021-08-17 20:35 - 000002174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\TP Updater.lnk
2021-08-17 20:35 - 2021-08-17 20:35 - 000000000 ____D C:\Program Files (x86)\Rhinode LLC
2021-08-17 20:10 - 2021-08-17 20:16 - 000000000 ____D C:\Users\*****\AppData\Local\ExpressVPN
2021-08-17 20:10 - 2021-08-17 20:10 - 000002330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExpressVPN.lnk
2021-08-17 20:10 - 2021-08-17 20:10 - 000002160 _____ C:\Users\Public\Desktop\ExpressVPN.lnk
2021-08-17 20:10 - 2021-08-17 20:10 - 000000000 ____D C:\ProgramData\ExpressVPN
2021-08-17 20:10 - 2021-08-17 20:10 - 000000000 ____D C:\Program Files (x86)\ExpressVPN
2021-08-17 19:50 - 2021-08-17 19:50 - 000017944 _____ (Creative Technology Innovation Co., LTd.) C:\Windows\system32\Drivers\CtiIo64.sys
2021-08-17 19:50 - 2021-08-17 19:50 - 000003176 _____ C:\Windows\system32\Tasks\MSI Task Host - LEDKeeper2_Host
2021-08-17 19:50 - 2021-08-17 19:50 - 000000000 ____D C:\Program Files\ENE
2021-08-17 19:50 - 2021-08-17 19:50 - 000000000 ____D C:\Program Files (x86)\ENE
2021-08-17 19:50 - 2020-05-12 01:28 - 000020992 _____ C:\Windows\system32\Drivers\ene.sys
2021-08-17 19:50 - 2020-01-19 19:49 - 000017424 _____ (MICSYS Technology Co., LTd) C:\Windows\system32\Drivers\MsIo64.sys
2021-08-17 19:47 - 2021-07-08 01:45 - 047736047 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2021-08-17 19:46 - 2021-08-18 03:31 - 000000000 ____D C:\MSI
2021-08-17 19:45 - 2021-08-19 03:16 - 000000000 ____D C:\Program Files\AMD
2021-08-17 19:45 - 2021-08-18 20:33 - 000000000 ____D C:\Users\*****\AppData\Local\Downloaded Installations
2021-08-17 19:45 - 2021-08-17 19:45 - 000000000 ____D C:\Users\*****\AppData\Local\INetHistory
2021-08-17 19:45 - 2021-04-28 13:22 - 000015696 _____ (Windows (R) Win 7 DDK provider) C:\Windows\acpimof.dll
2021-08-17 19:44 - 2021-08-17 19:44 - 000000000 ____D C:\Program Files (x86)\MSI
2021-08-17 19:42 - 2021-08-17 19:42 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2021-08-17 19:31 - 2021-08-17 19:31 - 000000000 ____D C:\Users\*****\AppData\Local\iRacing
2021-08-17 14:52 - 2021-08-17 14:52 - 000000000 ____D C:\Users\*****\AppData\Local\PeerDistRepub
2021-08-17 14:43 - 2021-08-20 22:45 - 000000000 ____D C:\Users\*****\AppData\Roaming\iracing-electron
2021-08-17 14:00 - 2021-08-17 14:00 - 000000000 ____D C:\Users\*****\AppData\Local\PodiumControl
2021-08-17 13:59 - 2021-08-19 16:24 - 000002599 _____ C:\Users\Public\Desktop\FanaLab.lnk
2021-08-17 13:59 - 2021-08-17 13:59 - 000000000 ____D C:\Users\Public\FanaLab Logs
2021-08-17 13:58 - 2017-02-06 01:00 - 000481632 _____ (AVM Berlin) C:\Windows\instwcli.dex
2021-08-17 13:57 - 2021-08-17 13:57 - 000000000 ____D C:\Users\*****\AppData\Roaming\BetterDiscord Installer
2021-08-17 13:56 - 2021-08-17 13:56 - 000000000 ____D C:\Users\*****\AppData\Roaming\BetterDiscord
2021-08-17 13:53 - 2021-08-17 21:54 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2021-08-17 13:53 - 2021-08-17 19:25 - 000003288 _____ C:\Windows\system32\Tasks\D3DGearRawFrameCaptureTask
2021-08-17 13:53 - 2021-08-17 13:53 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iRacing
2021-08-17 13:53 - 2021-06-01 16:08 - 001076848 _____ (Intel Corporation) C:\Windows\SysWOW64\libiomp5md.DLL
2021-08-17 13:53 - 2021-06-01 16:08 - 000158592 _____ (D3DGear Technologies.) C:\Windows\system32\D3DGearDecoder64.dll
2021-08-17 13:51 - 2021-08-20 22:39 - 000000000 ____D C:\Users\*****\AppData\Roaming\discord
2021-08-17 13:51 - 2021-08-20 20:47 - 000000000 ____D C:\Users\*****\AppData\Local\Discord
2021-08-17 13:51 - 2021-08-17 13:51 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-08-17 13:51 - 2021-08-17 13:51 - 000000000 ____D C:\Users\*****\AppData\Local\SquirrelTemp
2021-08-17 13:50 - 2021-08-20 20:42 - 000000000 ____D C:\Program Files (x86)\iRacing
2021-08-16 16:13 - 2021-01-08 10:21 - 001147352 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2021-08-16 16:12 - 2021-08-17 19:47 - 000000000 ___HD C:\Program Files (x86)\Temp
2021-08-16 16:12 - 2021-08-17 19:46 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-08-16 16:12 - 2021-08-16 16:13 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-08-16 16:12 - 2021-07-08 01:55 - 006523936 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2021-08-16 16:12 - 2020-07-09 10:11 - 002877104 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2021-08-16 16:12 - 2020-07-09 10:11 - 001145480 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCOM64.dll
2021-08-16 16:12 - 2020-07-09 10:11 - 001098480 _____ (Realtek Semiconductor) C:\Windows\system32\RtkAudUService64.exe
2021-08-16 16:12 - 2020-07-09 10:11 - 000844888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64U.dll
2021-08-16 16:12 - 2020-07-09 10:11 - 000468784 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2021-08-16 16:12 - 2020-07-09 10:11 - 000224288 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2021-08-16 16:08 - 2021-08-17 21:43 - 000000000 ____D C:\ProgramData\MSI
2021-08-16 16:01 - 2021-08-18 16:58 - 000000000 ____D C:\Windows\AVM_Driver
2021-08-16 16:00 - 2021-08-16 16:00 - 000000000 ____D C:\Users\*****\AVM_Driver
2021-08-16 15:56 - 2021-08-20 18:18 - 000000000 ____D C:\Users\Public\Fanatec Logs
2021-08-16 15:56 - 2021-08-19 16:29 - 000000000 ____D C:\Users\*****\AppData\Local\Fanatec
2021-08-16 15:56 - 2021-08-16 15:56 - 000000000 ____D C:\Users\*****\AppData\Roaming\AMD
2021-08-16 15:56 - 2021-08-16 15:56 - 000000000 ____D C:\Program Files (x86)\AMD
2021-08-16 15:55 - 2021-08-19 03:17 - 000000000 ____D C:\AMD
2021-08-16 15:55 - 2021-08-18 08:31 - 000000000 ____D C:\Users\*****\AppData\Local\NVIDIA
2021-08-16 15:55 - 2021-08-18 07:59 - 000000000 ____D C:\ProgramData\Package Cache
2021-08-16 15:55 - 2021-08-17 23:08 - 000000000 ____D C:\Users\*****\AppData\Local\cache
2021-08-16 15:55 - 2021-08-16 15:55 - 000000000 ____D C:\Users\*****\AppData\Local\setup
2021-08-16 15:54 - 2021-08-16 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2021-08-16 15:54 - 2021-08-16 15:54 - 000000000 ____D C:\Program Files\7-Zip
2021-08-16 15:54 - 2021-08-16 15:54 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-08-16 15:53 - 2021-08-16 15:53 - 000000000 ____D C:\Users\*****\AppData\Local\OneDrive
2021-08-16 15:53 - 2021-08-06 10:40 - 001474680 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2021-08-16 15:51 - 2021-08-16 15:51 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2021-08-15 22:09 - 2021-08-18 00:48 - 000000000 ____D C:\Windows\Panther
2021-08-15 21:45 - 2021-08-15 21:46 - 000000000 ____D C:\Windows\system32\MRT
2021-08-15 21:45 - 2021-08-15 21:45 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\VRS-TelemetryLogger
2021-08-15 21:45 - 2021-08-15 21:45 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\*****lKohlmann
2021-08-15 21:45 - 2021-08-15 21:45 - 000000000 ____D C:\Users\*****\AppData\Local\Comms
2021-08-15 21:45 - 2020-11-09 08:06 - 000189133 _____ C:\Users\*****\OneDrive\Dokumente\Arbeitsbescheinigung.pdf
2021-08-15 21:45 - 2020-10-05 01:50 - 000019385 _____ C:\Users\*****\OneDrive\Dokumente\Rechnungen.xlsx
2021-08-15 21:43 - 2021-08-15 21:43 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\Outlook-Dateien
2021-08-15 21:43 - 2021-08-15 21:43 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\img
2021-08-15 21:43 - 2021-08-15 21:43 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\Holotech
2021-08-15 21:43 - 2021-08-15 21:43 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\Frontier Developments
2021-08-15 21:43 - 2021-05-29 18:21 - 002150509 _____ C:\Users\*****\OneDrive\Dokumente\eBook - Learn to setup your race car.pdf
2021-08-15 21:42 - 2021-08-15 21:42 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\Benutzerdefinierte Office-Vorlagen
2021-08-15 21:41 - 2021-08-20 19:08 - 000000000 ____D C:\Users\*****\AppData\Local\PlaceholderTileLogoFolder
2021-08-15 21:41 - 2021-08-20 18:56 - 000000000 ___RD C:\Users\*****\OneDrive
2021-08-15 21:41 - 2021-08-18 18:25 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\iRacing
2021-08-15 21:41 - 2021-08-15 21:43 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\Visual Studio 2019
2021-08-15 21:41 - 2021-08-15 21:43 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\Backups
2021-08-15 21:41 - 2021-08-15 21:42 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\Z1Server
2021-08-15 21:41 - 2021-08-15 21:42 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\Z1Dashboard
2021-08-15 21:41 - 2021-08-15 21:42 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\Z1Analyzer
2021-08-15 21:41 - 2021-08-15 21:42 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\Joel Real Timing
2021-08-15 21:41 - 2021-08-15 21:41 - 000000000 ___HD C:\OneDriveTemp
2021-08-15 21:41 - 2021-08-15 21:41 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\Z1Designer
2021-08-15 21:41 - 2021-08-15 21:41 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\Voicemeeter
2021-08-15 21:41 - 2021-08-15 21:41 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\URD
2021-08-15 21:41 - 2021-08-15 21:41 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\The Digital Race Engineer
2021-08-15 21:41 - 2021-08-15 21:41 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\NewBlueFX
2021-08-15 21:41 - 2021-08-15 21:41 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\MoTeC
2021-08-15 21:41 - 2021-08-15 21:41 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\Meine Datenquellen
2021-08-15 21:41 - 2021-08-15 21:41 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\McLaren Electronic Systems
2021-08-15 21:41 - 2021-08-15 21:41 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\MAXON
2021-08-15 21:41 - 2021-08-15 21:41 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\iRacing_OLD
2021-08-15 21:41 - 2021-08-15 21:41 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\iPitting
2021-08-15 21:41 - 2021-08-15 21:41 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\HAPPENMOTORSPORT
2021-08-15 21:41 - 2021-08-15 21:41 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\Flow Recordings
2021-08-15 21:41 - 2021-08-15 21:41 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\FeedbackHub
2021-08-15 21:41 - 2021-08-15 21:41 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\CyberLink
2021-08-15 21:41 - 2021-08-15 21:41 - 000000000 ____D C:\Users\*****\OneDrive\Dokumente\CapFrameX
2021-08-15 21:41 - 2021-08-15 21:41 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-08-15 21:41 - 2021-06-20 13:01 - 000012192 _____ C:\Users\*****\OneDrive\Dokumente\Mappe1.xlsx
2021-08-15 21:41 - 2021-06-10 23:15 - 000011268 _____ C:\Users\*****\OneDrive\Dokumente\IRACING SETUP RECHNER.xlsx
2021-08-15 21:41 - 2021-05-29 12:31 - 000014075 _____ C:\Users\*****\OneDrive\Dokumente\G.Skill F4-3200C16-16GTZR.html
2021-08-15 21:41 - 2021-05-07 11:18 - 000045076 _____ C:\Users\*****\OneDrive\Dokumente\l2.pdf
2021-08-15 21:41 - 2021-05-07 11:17 - 000223688 _____ C:\Users\*****\OneDrive\Dokumente\Label.pdf
2021-08-15 21:41 - 2021-05-06 23:45 - 000000124 ____R C:\Users\*****\OneDrive\Dokumente\Notizbuch von *****l.url
2021-08-15 21:41 - 2021-04-16 05:48 - 015888902 _____ C:\Users\*****\OneDrive\Dokumente\RUHX-Manual.pdf
2021-08-15 21:39 - 2021-08-20 19:08 - 000000000 ____D C:\Users\*****\AppData\Local\Packages
2021-08-15 21:39 - 2021-08-20 17:41 - 000000000 ____D C:\Users\*****\AppData\Local\D3DSCache
2021-08-15 21:39 - 2021-08-17 23:02 - 000000000 ____D C:\Users\*****\AppData\Roaming\Adobe
2021-08-15 21:39 - 2021-08-16 15:51 - 000000000 ____D C:\Users\*****\AppData\Local\ConnectedDevicesPlatform
2021-08-15 21:39 - 2021-08-15 21:41 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-08-15 21:39 - 2021-08-15 21:39 - 000000000 ____D C:\Users\*****\AppData\Local\VirtualStore
2021-08-15 21:39 - 2021-08-15 21:39 - 000000000 ____D C:\Users\*****\AppData\Local\Publishers
2021-08-15 21:38 - 2021-08-18 20:34 - 000000000 ____D C:\Users\*****
2021-08-15 21:38 - 2021-08-15 21:38 - 000000020 ___SH C:\Users\*****\ntuser.ini
2021-08-15 21:38 - 2021-08-15 21:38 - 000000000 _SHDL C:\Users\*****\Vorlagen
2021-08-15 21:38 - 2021-08-15 21:38 - 000000000 _SHDL C:\Users\*****\Startmenü
2021-08-15 21:38 - 2021-08-15 21:38 - 000000000 _SHDL C:\Users\*****\Netzwerkumgebung
2021-08-15 21:38 - 2021-08-15 21:38 - 000000000 _SHDL C:\Users\*****\Lokale Einstellungen
2021-08-15 21:38 - 2021-08-15 21:38 - 000000000 _SHDL C:\Users\*****\Eigene Dateien
2021-08-15 21:38 - 2021-08-15 21:38 - 000000000 _SHDL C:\Users\*****\Druckumgebung
2021-08-15 21:38 - 2021-08-15 21:38 - 000000000 _SHDL C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2021-08-15 21:38 - 2021-08-15 21:38 - 000000000 _SHDL C:\Users\*****\AppData\Local\Verlauf
2021-08-15 21:38 - 2021-08-15 21:38 - 000000000 _SHDL C:\Users\*****\AppData\Local\Anwendungsdaten
2021-08-15 21:38 - 2021-08-15 21:38 - 000000000 _SHDL C:\Users\*****\Anwendungsdaten
2021-08-15 21:38 - 2021-06-05 14:04 - 000001281 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2021-08-15 21:38 - 2021-06-05 14:04 - 000000407 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2021-08-15 21:25 - 2021-08-20 17:41 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-15 21:25 - 2021-08-18 15:04 - 000000000 ____D C:\ProgramData\Packages
2021-08-15 21:25 - 2021-08-18 08:27 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-08-15 21:24 - 2021-08-18 08:27 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-08-15 21:24 - 2021-08-05 23:13 - 000129960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2021-08-15 21:24 - 2020-11-30 08:47 - 000047240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2021-08-15 21:15 - 2021-08-20 17:02 - 001862690 _____ C:\Windows\system32\PerfStringBackup.INI
2021-08-15 21:11 - 2021-08-18 15:20 - 000001607 _____ C:\Windows\system32\config\VSMIDK
2021-08-15 21:11 - 2021-08-15 21:11 - 000000000 _SHDL C:\Users\Default\Vorlagen
2021-08-15 21:11 - 2021-08-15 21:11 - 000000000 _SHDL C:\Users\Default\Startmenü
2021-08-15 21:11 - 2021-08-15 21:11 - 000000000 _SHDL C:\Users\Default\Netzwerkumgebung
2021-08-15 21:11 - 2021-08-15 21:11 - 000000000 _SHDL C:\Users\Default\Lokale Einstellungen
2021-08-15 21:11 - 2021-08-15 21:11 - 000000000 _SHDL C:\Users\Default\Eigene Dateien
2021-08-15 21:11 - 2021-08-15 21:11 - 000000000 _SHDL C:\Users\Default\Druckumgebung
2021-08-15 21:11 - 2021-08-15 21:11 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2021-08-15 21:11 - 2021-08-15 21:11 - 000000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2021-08-15 21:11 - 2021-08-15 21:11 - 000000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2021-08-15 21:11 - 2021-08-15 21:11 - 000000000 _SHDL C:\Users\Default\Anwendungsdaten
2021-08-15 21:11 - 2021-08-15 21:11 - 000000000 _SHDL C:\Programme
2021-08-15 21:11 - 2021-08-15 21:11 - 000000000 _SHDL C:\ProgramData\Vorlagen
2021-08-15 21:11 - 2021-08-15 21:11 - 000000000 _SHDL C:\ProgramData\Startmenü
2021-08-15 21:11 - 2021-08-15 21:11 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2021-08-15 21:11 - 2021-08-15 21:11 - 000000000 _SHDL C:\ProgramData\Dokumente
2021-08-15 21:11 - 2021-08-15 21:11 - 000000000 _SHDL C:\ProgramData\Anwendungsdaten
2021-08-15 21:11 - 2021-08-15 21:11 - 000000000 _SHDL C:\Program Files\Gemeinsame Dateien
2021-08-15 21:11 - 2021-08-15 21:11 - 000000000 _SHDL C:\Dokumente und Einstellungen
2021-08-15 21:11 - 2021-08-15 21:11 - 000000000 ____D C:\Windows\CSC
2021-08-15 21:10 - 2021-08-16 16:29 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-15 21:10 - 2021-08-16 16:29 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-08-15 21:10 - 2021-08-15 21:17 - 000003700 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-15 21:10 - 2021-08-15 21:17 - 000003576 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-15 21:09 - 2021-08-19 22:07 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-08-15 21:09 - 2021-08-19 20:38 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-08-15 21:09 - 2021-08-18 20:35 - 000473328 _____ C:\Windows\system32\FNTCACHE.DAT
2021-08-15 21:09 - 2021-08-18 07:59 - 000000000 ____D C:\Windows\ServiceProfiles
2021-08-15 21:09 - 2021-08-18 04:18 - 000012288 ___SH C:\DumpStack.log.tmp
2021-08-15 21:09 - 2021-08-16 15:54 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-08-15 21:09 - 2021-08-15 21:09 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-08-15 20:47 - 2021-08-15 20:47 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2021-08-15 20:47 - 2021-08-15 20:47 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-08-15 20:47 - 2021-08-15 20:47 - 000000000 ____D C:\Program Files\MSBuild
2021-08-15 20:47 - 2021-08-15 20:47 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-08-15 20:47 - 2021-08-15 20:47 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-08-15 20:41 - 2021-08-15 20:41 - 000021047 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2021-08-15 20:40 - 2021-08-15 20:40 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\rendezvousSession.tlb
2021-08-15 20:40 - 2021-08-15 20:40 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
2021-08-15 20:40 - 2021-08-15 20:40 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb
2021-08-15 20:40 - 2021-08-15 20:40 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rendezvousSession.tlb
2021-08-15 20:35 - 2021-08-18 15:07 - 000352576 _____ C:\Windows\system32\vp9fs.dll
2021-08-15 20:35 - 2021-08-18 15:07 - 000250176 _____ C:\Windows\system32\cmdiag.exe
2021-08-15 20:35 - 2021-08-15 20:35 - 002764800 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2021-08-15 20:35 - 2021-08-15 20:35 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2021-08-15 20:35 - 2021-08-15 20:35 - 001745736 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-08-15 20:35 - 2021-08-15 20:35 - 000659456 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2021-08-15 20:35 - 2021-08-15 20:35 - 000491008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2021-08-15 20:35 - 2021-08-15 20:35 - 000377136 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2021-08-15 20:35 - 2021-08-15 20:35 - 000269112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2021-08-15 20:35 - 2021-08-15 20:35 - 000267264 _____ C:\Windows\SysWOW64\Windows.Internal.UI.Dialogs.dll
2021-08-15 20:35 - 2021-08-15 20:35 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\ssText3d.scr
2021-08-15 20:35 - 2021-08-15 20:35 - 000014690 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-08-15 20:35 - 2021-08-15 20:35 - 000009522 _____ C:\Windows\system32\ResPriUHMImageList
2021-08-15 20:35 - 2021-08-15 20:35 - 000009522 _____ C:\Windows\system32\ResPriImageList
2021-08-15 20:35 - 2021-08-15 20:35 - 000009522 _____ C:\Windows\system32\ResPriHMImageList
2021-08-15 20:35 - 2021-08-15 20:35 - 000009402 _____ C:\Windows\system32\ResPriHMImageListLowCost
2021-08-15 20:35 - 2021-08-15 20:35 - 000008964 _____ C:\Windows\system32\ResPriLMImageList
2021-08-15 20:35 - 2021-08-15 20:35 - 000008870 _____ C:\Windows\system32\ResPriImageListLowCost
2021-08-15 20:34 - 2021-08-15 20:34 - 002310384 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-08-15 20:34 - 2021-08-15 20:34 - 001856848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-08-15 20:34 - 2021-08-15 20:34 - 000617136 _____ C:\Windows\SysWOW64\TextShaping.dll
2021-08-15 20:34 - 2021-08-15 20:34 - 000425984 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-08-15 20:34 - 2021-08-15 20:34 - 000360448 _____ C:\Windows\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-08-15 20:34 - 2021-08-15 20:34 - 000335872 _____ C:\Windows\system32\Windows.Internal.UI.Dialogs.dll
2021-08-15 20:34 - 2021-08-15 20:34 - 000221184 _____ C:\Windows\SysWOW64\Microsoft.Internal.FrameworkUdk.System.dll
2021-08-15 20:34 - 2021-08-15 20:34 - 000180224 _____ C:\Windows\system32\CloudExperienceHostRedirection.dll
2021-08-15 20:34 - 2021-08-15 20:34 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmview.ocx
2021-08-15 20:34 - 2021-08-15 20:34 - 000099560 _____ C:\Windows\system32\wow64con.dll
2021-08-15 20:34 - 2021-08-15 20:34 - 000077824 _____ C:\Windows\system32\runexehelper.exe
2021-08-15 20:34 - 2021-08-15 20:34 - 000041594 _____ C:\Windows\SysWOW64\ctac.json
2021-08-15 20:34 - 2021-08-15 20:34 - 000036864 _____ C:\Windows\system32\umpodev.dll
2021-08-15 20:34 - 2021-08-15 20:34 - 000003366 _____ C:\Windows\SysWOW64\AppxProvisioning.xml
2021-08-15 20:34 - 2021-08-15 20:34 - 000003366 _____ C:\Windows\system32\AppxProvisioning.xml
2021-08-15 20:33 - 2021-08-15 20:33 - 000727584 _____ C:\Windows\system32\TextShaping.dll
2021-08-15 20:33 - 2021-08-15 20:33 - 000614400 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-08-15 20:33 - 2021-08-15 20:33 - 000311296 _____ C:\Windows\system32\Microsoft.Internal.FrameworkUdk.System.dll
2021-08-15 20:33 - 2021-08-15 20:33 - 000258048 _____ C:\Windows\system32\CoreMas.dll
2021-08-15 20:33 - 2021-08-15 20:33 - 000172032 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-08-15 20:33 - 2021-08-15 20:33 - 000155648 _____ (Microsoft Corporation) C:\Windows\system32\dmview.ocx
2021-08-15 20:33 - 2021-08-15 20:33 - 000041594 _____ C:\Windows\system32\ctac.json
2021-08-15 20:28 - 2021-08-19 22:06 - 103546880 _____ C:\Windows\system32\config\SOFTWARE
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-08-20 22:38 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-20 20:47 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SystemTemp
2021-08-20 19:08 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-20 19:08 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\AppReadiness
2021-08-20 19:02 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-08-20 17:03 - 2021-06-05 14:09 - 000000000 ____D C:\Windows\INF
2021-08-20 17:02 - 2021-06-05 19:52 - 000799286 _____ C:\Windows\system32\perfh007.dat
2021-08-20 17:02 - 2021-06-05 19:52 - 000174222 _____ C:\Windows\system32\perfc007.dat
2021-08-19 22:06 - 2021-06-05 14:01 - 000524288 _____ C:\Windows\system32\config\BBI
2021-08-18 22:29 - 2021-06-05 14:01 - 000000000 ____D C:\Windows\CbsTemp
2021-08-18 15:19 - 2021-06-05 14:10 - 000000000 ___SD C:\Windows\SysWOW64\lxss
2021-08-18 15:19 - 2021-06-05 14:10 - 000000000 ___SD C:\Windows\system32\lxss
2021-08-18 15:19 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SystemResources
2021-08-18 15:07 - 2021-06-05 14:21 - 000143672 _____ (Microsoft Corporation) C:\Windows\system32\rdp4vs.dll
2021-08-18 15:07 - 2021-06-05 14:21 - 000049464 _____ (Microsoft Corporation) C:\Windows\system32\UtilityVmSysprep.dll
2021-08-18 15:07 - 2021-06-05 14:20 - 000065864 _____ (Microsoft Corporation) C:\Windows\system32\NvAgent.dll
2021-08-18 15:07 - 2021-06-05 14:19 - 001126728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lxcore.sys
2021-08-18 15:07 - 2021-06-05 14:19 - 000934224 _____ (Microsoft Corporation) C:\Windows\system32\WindowsSandbox.exe
2021-08-18 15:07 - 2021-06-05 14:19 - 000504144 _____ (Microsoft Corporation) C:\Windows\system32\NetMgmtIF.dll
2021-08-18 15:07 - 2021-06-05 14:19 - 000323896 _____ (Microsoft Corporation) C:\Windows\system32\HvsiSettingsProvider.dll
2021-08-18 15:07 - 2021-06-05 14:19 - 000311632 _____ (Microsoft Corporation) C:\Windows\system32\WindowsSandboxClient.exe
2021-08-18 15:07 - 2021-06-05 14:19 - 000213328 _____ C:\Windows\system32\IsolatedWindowsEnvironmentUtils.dll
2021-08-18 15:07 - 2021-06-05 14:19 - 000192848 _____ C:\Windows\system32\HvsiSettingsWorker.exe
2021-08-18 15:07 - 2021-06-05 14:19 - 000155984 _____ (Microsoft Corporation) C:\Windows\system32\madrid.dll
2021-08-18 15:07 - 2021-06-05 14:19 - 000143360 _____ (Microsoft Corporation) C:\Windows\system32\CCG.exe
2021-08-18 15:07 - 2021-06-05 14:19 - 000139600 _____ C:\Windows\system32\nmscrub.exe
2021-08-18 15:07 - 2021-06-05 14:19 - 000122880 _____ (Microsoft Corporation) C:\Windows\system32\wslconfig.exe
2021-08-18 15:07 - 2021-06-05 14:19 - 000122880 _____ (Microsoft Corporation) C:\Windows\system32\bash.exe
2021-08-18 15:07 - 2021-06-05 14:19 - 000119120 _____ (Microsoft Corporation) C:\Windows\system32\nmbind.exe
2021-08-18 15:07 - 2021-06-05 14:19 - 000114688 _____ C:\Windows\system32\hvsiproxyapp.exe
2021-08-18 15:07 - 2021-06-05 14:19 - 000094536 _____ (Microsoft Corporation) C:\Windows\system32\CmAgent.dll
2021-08-18 15:07 - 2021-06-05 14:19 - 000082256 _____ C:\Windows\system32\HvsiMachinePolicies.dll
2021-08-18 15:07 - 2021-06-05 14:19 - 000082248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\l2bridge.sys
2021-08-18 15:07 - 2021-06-05 14:19 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\CCGLaunchPad.dll
2021-08-18 15:07 - 2021-06-05 14:19 - 000073728 _____ C:\Windows\system32\cmimageworker.exe
2021-08-18 15:07 - 2021-06-05 14:19 - 000069944 _____ C:\Windows\system32\AuditSettingsProvider.dll
2021-08-18 15:07 - 2021-06-05 14:19 - 000049488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hnswfpdriver.sys
2021-08-18 15:07 - 2021-06-05 14:19 - 000049464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lxss.sys
2021-08-18 15:07 - 2021-06-05 14:19 - 000032768 _____ C:\Windows\system32\hnsproxy.dll
2021-08-18 15:07 - 2021-06-05 14:18 - 000401736 _____ (Microsoft Corporation) C:\Windows\system32\VmSynthNic.dll
2021-08-18 15:07 - 2021-06-05 14:18 - 000368952 _____ (Microsoft Corporation) C:\Windows\system32\nvspinfo.exe
2021-08-18 15:07 - 2021-06-05 14:18 - 000360784 _____ (Microsoft Corporation) C:\Windows\system32\vmiccore.dll
2021-08-18 15:07 - 2021-06-05 14:18 - 000356680 _____ (Microsoft Corporation) C:\Windows\system32\hcsdiag.exe
2021-08-18 15:07 - 2021-06-05 14:18 - 000327992 _____ (Microsoft Corporation) C:\Windows\system32\vmsif.dll
2021-08-18 15:07 - 2021-06-05 14:18 - 000311616 _____ (Microsoft Corporation) C:\Windows\system32\vmflexio.dll
2021-08-18 15:07 - 2021-06-05 14:18 - 000270672 _____ (Microsoft Corporation) C:\Windows\system32\CExecSvc.exe
2021-08-18 15:07 - 2021-06-05 14:18 - 000258384 _____ (Microsoft Corporation) C:\Windows\system32\vmbusvdev.dll
2021-08-18 15:07 - 2021-06-05 14:18 - 000250184 _____ (Microsoft Corporation) C:\Windows\system32\gpupvdev.dll
2021-08-18 15:07 - 2021-06-05 14:18 - 000233808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcivsp.sys
2021-08-18 15:07 - 2021-06-05 14:18 - 000229688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
2021-08-18 15:07 - 2021-06-05 14:18 - 000209232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmsvcext.sys
2021-08-18 15:07 - 2021-06-05 14:18 - 000172360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmclr.sys
2021-08-18 15:07 - 2021-06-05 14:18 - 000164176 _____ (Microsoft Corporation) C:\Windows\system32\vmvirtio.dll
2021-08-18 15:07 - 2021-06-05 14:18 - 000143672 _____ (Microsoft Corporation) C:\Windows\system32\vmsifcore.dll
2021-08-18 15:07 - 2021-06-05 14:18 - 000123208 _____ (Microsoft Corporation) C:\Windows\system32\vmwpevents.dll
2021-08-18 15:07 - 2021-06-05 14:18 - 000122880 _____ C:\Windows\system32\vmhbmgmt.dll
2021-08-18 15:07 - 2021-06-05 14:18 - 000119104 _____ (Microsoft Corporation) C:\Windows\system32\vmwpctrl.dll
2021-08-18 15:07 - 2021-06-05 14:18 - 000110904 _____ (Microsoft Corporation) C:\Windows\system32\wcsetupagent.exe
2021-08-18 15:07 - 2021-06-05 14:18 - 000090440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pvhdparser.sys
2021-08-18 15:07 - 2021-06-05 14:18 - 000090112 _____ C:\Windows\system32\Drivers\vmbusproxy.sys
2021-08-18 15:07 - 2021-06-05 14:18 - 000078144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdparser.sys
2021-08-18 15:07 - 2021-06-05 14:18 - 000069968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\passthruparser.sys
2021-08-18 15:07 - 2021-06-05 14:18 - 000069960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vkrnlintvsc.sys
2021-08-18 15:07 - 2021-06-05 14:18 - 000069952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vkrnlintvsp.sys
2021-08-18 15:07 - 2021-06-05 14:18 - 000069944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VmsProxyHNic.sys
2021-08-18 15:07 - 2021-06-05 14:18 - 000065872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VmsProxy.sys
2021-08-18 15:07 - 2021-06-05 14:18 - 000061776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvsocketcontrol.sys
2021-08-18 15:07 - 2021-06-05 14:18 - 000049480 _____ (Microsoft Corporation) C:\Windows\system32\VrdUmed.dll
2021-08-18 15:07 - 2021-06-05 14:18 - 000049464 _____ (Microsoft Corporation) C:\Windows\system32\vmsifproxystub.dll
2021-08-18 15:07 - 2021-06-05 14:18 - 000045840 _____ (Microsoft Corporation) C:\Windows\system32\sbresources.dll
2021-08-18 15:07 - 2021-06-05 14:18 - 000041288 _____ (Microsoft Corporation) C:\Windows\system32\vmcomputeeventlog.dll
2021-08-18 15:07 - 2021-06-05 14:18 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\VmComputeProxy.dll
2021-08-18 15:07 - 2021-06-05 14:18 - 000024904 _____ (Microsoft Corporation) C:\Windows\system32\f989b52d-f928-44a3-9bf1-bf0c1da6a0d6_HyperV-DeviceVirtualization.dll
2021-08-18 15:07 - 2021-06-05 14:18 - 000024904 _____ (Microsoft Corporation) C:\Windows\system32\f1db7d81-95be-4911-935a-8ab71629112a_HyperV-IsolatedVM.dll
2021-08-18 15:07 - 2021-06-05 14:18 - 000024904 _____ (Microsoft Corporation) C:\Windows\system32\c4d66f00-b6f0-4439-ac9b-c5ea13fe54d7_HyperV-ComputeCore.dll
2021-08-18 15:07 - 2021-06-05 14:18 - 000024904 _____ (Microsoft Corporation) C:\Windows\system32\c28c7a4e-a619-4463-82b7-0fc9cc7187f5_HyperV-ComputeStorage.dll
2021-08-18 15:07 - 2021-06-05 14:18 - 000024896 _____ (Microsoft Corporation) C:\Windows\system32\d4d78066-e6db-44b7-b5cd-2eb82dce620c_HyperV-ComputeLegacy.dll
2021-08-18 15:07 - 2021-06-05 14:18 - 000006658 _____ C:\Windows\system32\VmFirmware Third-Party Notices.txt
2021-08-18 13:47 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-08-18 00:15 - 2021-06-05 14:10 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2021-08-18 00:15 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2021-08-17 19:32 - 2021-06-05 14:10 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-08-16 15:54 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\appcompat
2021-08-16 15:53 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files\Windows Defender
2021-08-16 15:52 - 2021-06-05 14:10 - 000000000 ___RD C:\Windows\PrintDialog
2021-08-15 22:09 - 2021-06-05 14:08 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2021-08-15 21:55 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\OCR
2021-08-15 21:55 - 2021-06-05 14:01 - 000000000 ____D C:\Windows\servicing
2021-08-15 21:11 - 2021-06-05 19:59 - 000000000 ____D C:\Windows\system32\FxsTmp
2021-08-15 21:11 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2021-08-15 21:11 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\spool
2021-08-15 21:11 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\ServiceState
2021-08-15 21:11 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\USOPrivate
2021-08-15 21:11 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files\Windows NT
2021-08-15 21:10 - 2021-06-05 14:01 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-08-15 20:47 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\MUI
2021-08-15 20:47 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\MUI
2021-08-15 20:42 - 2021-06-05 20:00 - 000000000 ___SD C:\Windows\system32\AppV
2021-08-15 20:42 - 2021-06-05 20:00 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ___SD C:\Windows\system32\F12
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\vi-VN
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\id-ID
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\gl-ES
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\eu-ES
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\ca-ES
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\WinMetadata
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\vi-VN
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\ShellExperiences
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\oobe
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\lv-LV
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\lt-LT
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\id-ID
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\gl-ES
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\eu-ES
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\et-EE
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\es-MX
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\Dism
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\ca-ES
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\appraiser
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\ShellExperiences
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\ShellComponents
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\Provisioning
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\DiagTrack
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\bcastdvr
2021-08-15 20:42 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files\Common Files\System
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2021-08-18 17:25 - 2021-08-18 17:25 - 000000000 _____ () C:\Users\*****\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
27.08.2021, 21:29
| #3 |
| /// TB-Ausbilder   | Windows 11: Computer verhält sich merkwürdig ausschließlich innerhalb einer E-Sport Liga Vorab-Versionen werden nicht unterstützt.
__________________ |
| Themen zu Windows 11: Computer verhält sich merkwürdig ausschließlich innerhalb einer E-Sport Liga |
| adobe, angriffe, auswertung, bildschirm, bios, computer, cpu, defender, desktop, firewall, help, hintergrund, internet explorer, iracing, lan, microsoft, microsoft defender, performance, photoshop, prozess, registry, router, server, software, stick, system, windows, windows 11, wlan |
Linear-Darstellung
