Zurück   Trojaner-Board > Web/PC > Alles rund um Windows

Alles rund um Windows: Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund

Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 - als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows.

Antwort
Alt 26.04.2022, 21:49   #1
visiosan
 
Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund - Standard

Problem: Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund



Hallo zusammen,

seit einigen Wochen kommt es ab und zu mal zu einem automatischen Neustart bei meinem PC (nicht zum Updaten!!!). Zuvor war dies nie der Fall.

Zudem habe ich im Taskmanager gesehen, dass "Runtime Broker" im Hintergrund läuft. Laut meiner Internetrecherche könnte es verdächtig sein, muss es aber nicht sein:






Um sicher zu gehen, bitte ich um die Auswertung meiner Logfiles und ggf. Hilfe bei der Entfernung von Schadsoftware.

Vielen Dank im Voraus

Viele Grüße
visi

FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2022
durchgeführt von durma (Administrator) auf DESKTOP-10OLOT9 (Micro-Star International Co., Ltd MS-7C02) (26-04-2022 22:42:51)
Gestartet von C:\Users\durma\Desktop
Geladene Profile: durma
Plattform: Microsoft Windows 10 Pro Version 21H2 19044.1645 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files (x86)\SKILLER SGK4\Monitor.exe ->) (Sharkoon Technologies) [Datei ist nicht signiert] C:\Program Files (x86)\SKILLER SGK4\OSD.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\57.0.5.0\crashpad_handler.exe <5>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe <7>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <37>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (HP Inc. -> ) C:\Windows\SysWOW64\spdsvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\target\x86_64-pc-windows-msvc\release\service.exe
(services.exe ->) (Palo Alto Networks -> Palo Alto Networks) C:\Program Files\Palo Alto Networks\GlobalProtect\PanGPS.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Sharkoon Technologies) [Datei ist nicht signiert] C:\Program Files (x86)\SKILLER SGK4\Monitor.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2203.4603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [GlobalProtect] => C:\Program Files\Palo Alto Networks\GlobalProtect\PanGPA.exe [10677096 2021-11-29] (Palo Alto Networks -> Palo Alto Networks)
HKLM-x32\...\Run: [SKILLER SGK4] => C:\Program Files (x86)\SKILLER SGK4\Monitor.exe [503808 2018-06-23] (Sharkoon Technologies) [Datei ist nicht signiert]
HKLM-x32\...\Run: [REDRAGON M711 Gaming Mouse] => C:\Program Files (x86)\REDRAGON M711 Gaming Mouse\hid.exe [965120 2019-03-25] () [Datei ist nicht signiert]
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [122427152 2021-07-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe [53934992 2022-04-14] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe [53934992 2022-04-14] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2016218803-1963785635-2145039490-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-05-19] (Valve -> Valve Corporation)
HKU\S-1-5-21-2016218803-1963785635-2145039490-1001\...\Run: [NZXT.CAM] => C:\Program Files\NZXT CAM\NZXT CAM.exe [110761152 2021-11-03] (NZXT, Inc. -> NZXT, Inc.)
HKU\S-1-5-21-2016218803-1963785635-2145039490-1001\...\Run: [Windscribe] => "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart (Keine Datei)
HKU\S-1-5-21-2016218803-1963785635-2145039490-1001\...\Run: [AltServer] => C:\Program Files (x86)\AltServer\AltServer.exe (Keine Datei)
HKU\S-1-5-21-2016218803-1963785635-2145039490-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\durma\AppData\Local\Microsoft\Teams\Update.exe [2489016 2022-02-05] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2016218803-1963785635-2145039490-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe [53934992 2022-04-14] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2016218803-1963785635-2145039490-1001\...\MountPoints2: {a2120353-678a-11ea-a349-00d861588bae} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\DVR/AutoRun.exe start.exe
HKU\S-1-5-21-2016218803-1963785635-2145039490-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630552 2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2016218803-1963785635-2145039490-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\durma_jvkf1i4\AppData\Local\Microsoft\Teams\Update.exe [2323232 2020-03-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2016218803-1963785635-2145039490-1002\...\RunOnce: [Application Restart #0] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKU\S-1-5-21-2016218803-1963785635-2145039490-1002\...\RunOnce: [Application Restart #1] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKU\S-1-5-21-2016218803-1963785635-2145039490-1002\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630552 2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2016218803-1963785635-2145039490-1005\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630552 2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2016218803-1963785635-2145039490-1005\...\Run: [com.squirrel.Teams.Teams] => C:\Users\kador\AppData\Local\Microsoft\Teams\Update.exe [2492176 2022-03-25] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2016218803-1963785635-2145039490-1005\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe --startup_mode (Keine Datei)
HKU\S-1-5-21-2016218803-1963785635-2145039490-1011\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630552 2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2016218803-1963785635-2145039490-1011\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe --startup_mode (Keine Datei)
HKU\S-1-5-21-2016218803-1963785635-2145039490-1011\...\Run: [MicrosoftEdgeAutoLaunch_A164CAE07C48A7A082431BAADD11AB50] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3540408 2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2016218803-1963785635-2145039490-1011\...\MountPoints2: {a2120353-678a-11ea-a349-00d861588bae} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\DVR/AutoRun.exe start.exe
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe [53934992 2022-04-14] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\ssi5mPC: C:\Windows\System32\spool\prtprocs\x64\ssi5mpc.dll [52088 2019-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\us015PC: C:\Windows\System32\spool\prtprocs\x64\us015pc.dll [52088 2019-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\EPSON ET-2750 Series 64MonitorBE: C:\Windows\system32\E_YLMBSLE.DLL [184832 2017-07-14] (Seiko Epson Corporation) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\EPSON WF-3620 Series 64MonitorBE: C:\Windows\system32\E_YLMBKEE.DLL [179712 2013-10-21] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\ssi5m Langmon: C:\Windows\system32\ssi5mlm.dll [31096 2019-09-17] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us015 Langmon: C:\Windows\system32\us015lm.dll [31096 2019-08-26] (Microsoft Windows Hardware Compatibility Publisher -> )

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05D4333B-494D-4F54-BAFE-8BBFB4BDFA5E} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61336 2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {088AA906-1742-49B1-8BD7-C101A50803A9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138608 2022-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {0969F3EB-AB42-46FB-BB7B-ABFEF49425EE} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {16D9B1B6-3968-45B2-B6EF-E30F1697D4AE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {176E696B-1F38-49A7-A9F9-7A3012D8DFAE} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2016218803-1963785635-2145039490-1005 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4200848 2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {17AAA002-CFCC-42C5-B8C6-BE0F16F0E865} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {1E7585C1-42E1-40E5-B59A-0E79F34AAC3C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {296A6BEB-8E14-4AA8-B2E8-6A0F6D27B7CE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3C4FC2A8-992D-4B2C-830A-B389E4F70F30} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2021-11-23] (Google Inc -> Google Inc.)
Task: {4304515A-BEB4-47DB-83CF-887F5672A412} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1775440 2021-11-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {600FA13E-E34B-4CB9-8482-2ACE5295C031} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6B28DB59-DEC2-4CC3-9D1A-23C4EF150EC4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22866896 2022-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {72E7FA49-1EBB-4CE3-8033-E68D01FD9B5D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22866896 2022-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {7324906E-B586-4998-9C81-DA719E2CC83A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138608 2022-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {7358B4AE-6EFA-4C88-BFBD-16688E8BDFCF} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [752200 2018-05-21] (HP Inc. -> )
Task: {75D99F27-CBD2-460C-BAFD-01C677838197} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7A61C24A-743C-4A45-B483-A3B7C92765F5} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2016218803-1963785635-2145039490-1011 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4200848 2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {7da7c152-d457-4661-ae7c-b2f885e63e39} - kein Dateipfad
Task: {8176C774-7A1F-4706-A562-A82DC2583020} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {824CDC79-ED9A-4FF9-A71A-B2AE5C2AAFD8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (Keine Datei)
Task: {84B093C4-4440-4C2B-A90F-D59F9E11316D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {858F19EB-50E7-461B-A7C7-1BF5CB0D7413} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8B9BCE2E-5684-4927-9C3E-29D700F2A201} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {9005F515-4025-4CA8-AFE3-28EAAA6185B6} - System32\Tasks\MSI Task Host - MSI.True Color => C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe [47416 2021-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {943F1D0F-3588-4C58-A750-41F3AB2D41A0} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {977FFB98-CE68-4773-9159-89BAC42A358B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2021-11-23] (Google Inc -> Google Inc.)
Task: {AC628AE4-3636-4739-94F5-1346B0072B37} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B6FA20F3-82F4-4BF1-BCE5-99905D6B28A3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {C680F4C8-9961-454B-9919-90063E1326DE} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {D4DF51B1-7FA3-46E0-8E24-676678ED456F} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {D85B0157-62B1-4E65-9D6C-DF88F8E6E6C7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8729F1F-FC93-4A3E-8A4D-A9FDB9BD03C6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DD09BB42-AAE3-40BF-85B5-71368720B0AC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (Keine Datei)
Task: {DD4F2C14-720E-482C-BAB5-08BD5FD37F9F} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4200848 2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {E710643A-043F-46B7-AC2F-4190A3C951A2} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2016218803-1963785635-2145039490-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4200848 2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {E7E0BE42-E49E-4CFA-9708-6467E8EE64CD} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {EA55F102-405D-4975-93B5-C1AF53E8B7C5} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4102784 2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {EAF0CC10-B148-4EF7-BDF4-73B8246F686E} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2016218803-1963785635-2145039490-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4200848 2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3DCC403-0D46-418E-9DD6-15F8D3682EC2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8338880 2022-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {FE584739-E157-4DB7-9AFB-0032088B1F55} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8338880 2022-04-22] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{626e3393-9c6c-465a-9e69-1949ba31b9dd}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{89e563af-8bfb-4090-a1b5-de44e8b57f03}: [NameServer] 141.75.40.250,141.75.40.251
Tcpip\..\Interfaces\{fc5715fc-8efc-4942-ae35-ff1255d43ff2}: [DhcpNameServer] 172.20.10.1

Edge: 
=======
DownloadDir: C:\Users\durma\Downloads
Edge Notifications: HKU\S-1-5-21-2016218803-1963785635-2145039490-1001 -> hxxps://www.sn.at
Edge Profile: C:\Users\durma\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-26]
Edge DownloadDir: Default -> C:\Users\durma\Downloads
Edge Notifications: Default -> hxxps://web.skype.com; hxxps://www.sn.at
Edge HomePage: Default -> hxxp://hp15-comm.msn.com/?pc=HRTE

FireFox:
========
FF DefaultProfile: ivl8ixzf.default-release-1601299222849
FF ProfilePath: C:\Users\durma\AppData\Roaming\Mozilla\Firefox\Profiles\vyy1l0it.Anonym-1623160736937 [2022-04-26]
FF NetworkProxy: Mozilla\Firefox\Profiles\vyy1l0it.Anonym-1623160736937 -> type", 1
FF Notifications: Mozilla\Firefox\Profiles\vyy1l0it.Anonym-1623160736937 -> hxxps://www.veryansintv.com; hxxps://www.binance.com
FF Extension: (Hoxx VPN Proxy) - C:\Users\durma\AppData\Roaming\Mozilla\Firefox\Profiles\vyy1l0it.Anonym-1623160736937\Extensions\@hoxx-vpn.xpi [2022-03-19]
FF Extension: (AdBlocker Ultimate) - C:\Users\durma\AppData\Roaming\Mozilla\Firefox\Profiles\vyy1l0it.Anonym-1623160736937\Extensions\adblockultimate@adblockultimate.net.xpi [2022-03-10]
FF ProfilePath: C:\Users\durma\AppData\Roaming\Mozilla\Firefox\Profiles\ivl8ixzf.default-release-1601299222849 [2021-06-07]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Datei ist nicht signiert]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Datei ist nicht signiert]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe [440368 2019-05-23] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 CAMService; C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\target\x86_64-pc-windows-msvc\release\service.exe [521408 2021-11-03] (NZXT, Inc. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11666384 2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncHelper.exe [3395992 2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe [143160 2021-03-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [36152 2021-08-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [39760 2021-05-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-02-21] (Microsoft Windows -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.065.0412.0004\OneDriveUpdaterService.exe [3868568 2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
R2 PanGPS; C:\Program Files\Palo Alto Networks\GlobalProtect\PanGPS.exe [7503208 2021-11-29] (Palo Alto Networks -> Palo Alto Networks)
R2 Samsung Printer Dianostics Service; C:\Windows\SysWOW64\\spdsvc.exe [508488 2018-05-24] (HP Inc. -> )
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2020-06-24] (Samsung Electronics CO., LTD. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254352 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [33832 2019-04-26] (ASUSTeK Computer Inc. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2021-09-16] (Microsoft Corporation) [Datei ist nicht signiert]
S3 cpuz150; C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [44832 2021-11-12] (CPUID S.A.R.L.U. -> CPUID)
R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [29224 2022-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 gdrv2; C:\Windows\gdrv2.sys [32600 2019-07-25] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 gpfltdrv; C:\WINDOWS\system32\DRIVERS\gpfltdrv.sys [90224 2021-11-29] (Palo Alto Networks -> Palo Alto Networks)
S3 ipadtst; C:\ProgramData\MSI\Super_Charger\ipadtst_64.sys [20464 2013-11-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Windows (R) Win 7 DDK provider)
S3 ipadtst2; C:\ProgramData\MSI\Super_Charger\ipadtst2_64.sys [16336 2016-07-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 MpKsl3439e73a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D93F2445-89EB-436D-855A-522F4F8AF33E}\MpKslDrv.sys [137464 2022-04-26] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\One Dragon Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\One Dragon Center\Lib\SYS\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 PanGpd; C:\WINDOWS\system32\DRIVERS\pangpd.sys [71968 2021-11-29] (Palo Alto Networks -> Palo Alto Networks Inc.)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
S3 GPUZ-v2; \??\C:\WINDOWS\TEMP\GPUZ-v2.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2022-04-26 22:40 - 2022-04-26 22:43 - 000034347 _____ C:\Users\durma\Desktop\FRST.txt
2022-04-26 22:28 - 2022-04-26 22:28 - 002366976 _____ (Farbar) C:\Users\durma\Desktop\FRST64.exe
2022-04-26 22:09 - 2022-04-26 22:11 - 000000000 ____D C:\Users\durma\Desktop\Steuern
2022-04-26 22:02 - 2022-04-26 22:02 - 002808036 _____ C:\WINDOWS\Minidump\042622-9656-01.dmp
2022-04-14 17:05 - 2022-04-18 21:17 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-04-12 22:25 - 2022-04-26 22:02 - 000000000 ____D C:\WINDOWS\Minidump
2022-04-12 22:25 - 2022-04-12 22:25 - 002819556 _____ C:\WINDOWS\Minidump\041222-9750-01.dmp
2022-04-12 22:02 - 2022-04-12 22:02 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-04-12 22:02 - 2022-04-12 22:02 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-12 22:02 - 2022-04-12 22:02 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-04-12 22:02 - 2022-04-12 22:02 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-12 21:58 - 2022-04-12 21:58 - 000000000 ___HD C:\$WinREAgent
2022-04-05 23:15 - 2022-03-24 07:54 - 000384584 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3758.sys

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2022-04-26 22:43 - 2021-06-07 19:08 - 000000000 ____D C:\FRST
2022-04-26 22:32 - 2022-01-27 22:47 - 000000000 ____D C:\Users\durma\Desktop\SGK
2022-04-26 22:31 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-26 22:20 - 2022-02-09 04:35 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-04-26 22:19 - 2019-07-26 11:12 - 000000000 ____D C:\Users\durma\AppData\LocalLow\Mozilla
2022-04-26 22:13 - 2021-10-04 18:16 - 000000000 ____D C:\Users\durma\Desktop\WS 2122
2022-04-26 22:12 - 2020-03-26 16:47 - 000000000 ____D C:\Users\durma\Desktop\comd
2022-04-26 22:09 - 2021-02-21 11:32 - 001713042 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-26 22:09 - 2019-12-07 16:51 - 000739414 _____ C:\WINDOWS\system32\perfh007.dat
2022-04-26 22:09 - 2019-12-07 16:51 - 000149046 _____ C:\WINDOWS\system32\perfc007.dat
2022-04-26 22:09 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-26 22:04 - 2019-07-27 12:47 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-26 22:02 - 2021-10-06 23:33 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-04-26 22:02 - 2021-02-21 11:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-26 22:02 - 2021-02-21 11:25 - 000000000 ____D C:\Users\durma
2022-04-26 22:02 - 2021-02-21 11:25 - 000000000 ____D C:\Users\akind
2022-04-26 22:02 - 2021-02-21 11:24 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-26 22:02 - 2021-02-21 11:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-26 22:02 - 2020-09-19 14:07 - 1168736869 _____ C:\WINDOWS\MEMORY.DMP
2022-04-26 22:02 - 2019-07-25 21:43 - 000000000 ____D C:\ProgramData\NVIDIA
2022-04-26 21:56 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-26 21:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-26 21:55 - 2020-10-07 14:58 - 000000000 ___RD C:\Users\akind\OneDrive
2022-04-25 19:02 - 2021-06-07 23:36 - 000000000 ____D C:\Users\durma\AppData\Roaming\.minecraft
2022-04-25 19:01 - 2019-07-26 15:23 - 000000000 ____D C:\Users\durma\AppData\Local\D3DSCache
2022-04-25 18:59 - 2021-11-23 21:40 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-04-25 18:59 - 2021-11-23 21:40 - 000001863 _____ C:\Users\durma\Desktop\Google Drive.lnk
2022-04-25 18:15 - 2021-06-13 15:31 - 000000000 ____D C:\Users\durma\AppData\Roaming\lunarclient
2022-04-23 12:50 - 2020-08-02 12:11 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-23 12:50 - 2020-08-02 12:11 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-04-22 19:07 - 2021-10-03 19:43 - 000000000 ____D C:\Program Files\Microsoft Office
2022-04-21 18:52 - 2021-11-23 21:40 - 000003632 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-04-21 18:52 - 2021-11-23 21:40 - 000003508 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-04-19 10:16 - 2021-12-11 14:21 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2016218803-1963785635-2145039490-1011
2022-04-19 10:16 - 2021-12-11 14:21 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2016218803-1963785635-2145039490-1005
2022-04-19 10:16 - 2021-12-11 14:21 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2016218803-1963785635-2145039490-1002
2022-04-19 10:16 - 2021-12-11 14:21 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2016218803-1963785635-2145039490-1001
2022-04-19 10:16 - 2021-10-03 19:48 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-04-19 10:16 - 2021-10-03 19:48 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-18 21:17 - 2020-09-28 15:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-18 10:43 - 2020-12-01 22:17 - 000000000 ____D C:\Users\kador\AppData\LocalLow\Mozilla
2022-04-15 13:08 - 2021-03-23 19:17 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-04-15 13:00 - 2019-07-26 10:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-15 12:59 - 2019-07-26 10:21 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-15 12:05 - 2022-01-29 00:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-04-15 12:05 - 2020-09-28 15:19 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-04-14 15:35 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-13 02:01 - 2019-12-07 11:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2022-04-12 22:26 - 2021-02-21 11:24 - 000460376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-12 22:25 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-04-12 22:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-04-12 22:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-12 22:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-12 22:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-04-12 22:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-12 22:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-04-12 22:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-04-12 22:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-12 22:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-12 12:15 - 2019-07-25 20:27 - 000000000 ____D C:\Users\durma\AppData\Local\PlaceholderTileLogoFolder
2022-04-11 20:50 - 2019-07-25 20:25 - 000000000 ____D C:\Users\durma\AppData\Local\Packages
2022-04-09 19:46 - 2022-01-18 16:19 - 002262504 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-04-09 19:46 - 2022-01-18 16:19 - 000353760 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-04-09 19:46 - 2022-01-18 16:19 - 000218600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-04-09 19:46 - 2022-01-18 16:19 - 000198112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-04-09 19:46 - 2022-01-18 16:19 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-04-09 19:46 - 2022-01-18 16:19 - 000120296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-04-09 19:46 - 2022-01-18 16:19 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-04-08 19:45 - 2019-07-26 02:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-04-06 19:29 - 2020-10-01 16:41 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-06 19:25 - 2021-03-04 10:10 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d708341cfb1933
2022-04-06 19:25 - 2021-02-21 11:31 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-05 23:14 - 2019-08-02 23:01 - 000000000 ____D C:\Users\durma\AppData\Local\CrashDumps

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2022-01-14 16:19 - 2022-01-14 16:19 - 000000016 _____ () C:\Users\durma\AppData\Roaming\obs-virtualcam.txt
2021-03-06 14:41 - 2021-03-07 23:02 - 001065984 _____ () C:\Users\durma\AppData\Local\file__0.localstorage

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         
Addition

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 22-04-2022
durchgeführt von durma (26-04-2022 22:43:32)
Gestartet von C:\Users\durma\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.1645 (X64) (2021-02-21 09:32:01)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-2016218803-1963785635-2145039490-500 - Administrator - Disabled)
akind (S-1-5-21-2016218803-1963785635-2145039490-1011 - Administrator - Enabled) => C:\Users\akind
DefaultAccount (S-1-5-21-2016218803-1963785635-2145039490-503 - Limited - Disabled)
durma (S-1-5-21-2016218803-1963785635-2145039490-1001 - Administrator - Enabled) => C:\Users\durma
durma_jvkf1i4 (S-1-5-21-2016218803-1963785635-2145039490-1002 - Administrator - Disabled) => C:\Users\durma_jvkf1i4
Gast (S-1-5-21-2016218803-1963785635-2145039490-501 - Limited - Disabled)
kador (S-1-5-21-2016218803-1963785635-2145039490-1005 - Administrator - Enabled) => C:\Users\kador
WDAGUtilityAccount (S-1-5-21-2016218803-1963785635-2145039490-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 22.001.20117 - Adobe Systems Incorporated)
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.7.0.1725 - Advanced Micro Devices, Inc.)
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.2.17.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{2435bb94-1021-436a-966c-cccbc0b0b475}) (Version: 2.2.17.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.23 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32\...\{b8af8e27-5c72-412c-bab7-dc6430e70f1b}) (Version: 1.1.23 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.15 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{5de51d27-119d-42ac-83bf-648658ea3b46}) (Version: 1.0.15 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.2.4 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{7f23d3ea-a821-4293-b7f7-34383bf06437}) (Version: 1.2.4 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{D800D836-DE15-4B00-8273-521F022CD837}) (Version: 1.0.47 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{9b6fe683-3e6a-474f-af47-930ceeca08a1}) (Version: 1.0.47 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM\...\{B5E322FB-C191-463E-BDDD-4F22290EDFDB}) (Version: 1.0.8 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM-x32\...\{277875e0-972c-4705-b09c-ca5acf5b2f7c}) (Version: 1.0.8 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.2.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{55c3ae30-56f9-48ea-a96d-1fad2739e1a2}) (Version: 0.0.2.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{3507c756-a80f-4b0e-8475-975d8b432176}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.35 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{2b3baa1f-6f8c-4693-bef2-4eb3f0967c5b}) (Version: 1.0.35 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.30 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{a3a1beb0-9f5b-4b4e-8cfa-ef25842faf55}) (Version: 1.0.30 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.35 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{e11f125e-e93e-4318-a8c1-f502449d3dcf}) (Version: 1.0.35 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM\...\{723B40A4-5BF2-4DC6-834A-2ADF75F3CF7E}) (Version: 1.0.1.1 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM-x32\...\{3fb92594-5d14-44b6-aa83-5e9823daa7e8}) (Version: 1.0.1.1 - ASUSTek COMPUTER INC.) Hidden
AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.30 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{e6f373bb-3881-463c-bd1a-3c948b067041}) (Version: 1.0.30 - ASUS) Hidden
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
Corsair AURA DRAM Component (HKLM\...\{376E0869-A4F1-4DC7-A1FD-EBF3AFFEB832}) (Version: 1.0.12 - CORSAIR COMPONENTS INC.) Hidden
Corsair AURA DRAM Component (HKLM-x32\...\{7f2fddab-1f7d-4301-b534-6723e6315fe1}) (Version: 1.0.12 - CORSAIR COMPONENTS INC.) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dragon Center (HKLM-x32\...\{B252FABF-9582-4824-B02B-6D2DC93685C7}}_is1) (Version: 1.0.0.52 - MSI)
ENE RGB HAL (HKLM\...\{2914DF72-932B-4DF2-9696-C2821EDA1CA9}) (Version: 1.00.09 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{7e29b346-b9be-457c-8c9e-07903e8ef8cb}) (Version: 1.00.09 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.9 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{bee27b2f-e41b-4dd1-9c1d-fddb3c155727}) (Version: 1.0.3.9 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{d6c7bfc9-8ecb-45a5-967b-f1c3c04cc972}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.56.1.0 - Seiko Epson Corporation)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC13154E5A00}) (Version: 19.021.20058 - Adobe Systems Incorporated)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GlobalProtect (HKLM\...\{2CEED52F-2CB7-4A63-AE90-934F86064E08}) (Version: 5.2.9 - Palo Alto Networks)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 57.0.5.0 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM-x32\...\{0BE7C639-ED46-4C58-A027-955C60409EFD}) (Version: 12.18.34.21 - HP Inc.)
Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.15 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{83d4c398-3b93-4ab0-95f0-6091b0a2f601}) (Version: 1.0.15 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.15028.20228 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.50 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 100.0.1185.50 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.065.0412.0004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2016218803-1963785635-2145039490-1001\...\Teams) (Version: 1.5.00.2164 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2016218803-1963785635-2145039490-1002\...\Teams) (Version: 1.2.00.32462 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2016218803-1963785635-2145039490-1005\...\Teams) (Version: 1.5.00.5967 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{4ffaf7b8-a84a-4813-840c-8b1f1343ae54}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{dd1e9bde-2ad6-4e92-8c07-7d4723eab8b8}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 99.0.1 (x64 de)) (Version: 99.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 81.0 - Mozilla)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.1110.01 - MSI)
NVIDIA 3D Vision Controller-Treiber 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Grafiktreiber 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NZXT CAM 4.30.2 (HKLM\...\ac0666ae-ee66-5310-ac01-9d6348133b2d) (Version: 4.30.2 - NZXT, Inc.)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.1.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15028.20050 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15028.20228 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.15028.20094 - Microsoft Corporation) Hidden
PureVPN (HKLM-x32\...\{640ebb2a-b88a-4a1c-8b3c-18fb11bf1cce}) (Version: 1.1.74.0 - ) Hidden
REDRAGON M711 (HKLM-x32\...\{308D16D5-04D3-4581-A245-3B53AEF0AF36}}_is1) (Version:  - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.5 - Rockstar Games)
Samsung M332x 382x 402x Series (HKLM-x32\...\Samsung M332x 382x 402x Series) (Version: 1.36.01 (09.09.2019) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
SetIP (HKLM-x32\...\SetIP) (Version: 1.05.08.00 - Samsung Electronics Co., Ltd.)
Shotcut (HKLM-x32\...\Shotcut) (Version: 19.04.30 - Meltytech, LLC)
SKILLER SGK4 (HKLM-x32\...\{B1B8775B-8449-4F04-9773-C34384AE405F}_is1) (Version: 1.3.18.6 - Sharkoon Technologies)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.19572 - Microsoft Corporation)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.93 - Samsung Electronics CO., LTD.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{68C9C2A4-C212-4310-AB68-12F97050A416}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-2016218803-1963785635-2145039490-1001\...\ZoomUMX) (Version: 5.8.6 (2048) - Zoom Video Communications, Inc.)
Zoom (HKU\S-1-5-21-2016218803-1963785635-2145039490-1005\...\ZoomUMX) (Version: 5.4.3 (58891.1115) - Zoom Video Communications, Inc.)

Packages:
=========
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p [2021-12-20] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-04-11] (Microsoft Corporation)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-12-20] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-02-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-02-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-29] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10404.374.0_x64__8wekyb3d8bbwe [2022-04-06] (Microsoft Corporation)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-17] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-02-12] (NVIDIA Corp.)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2020-06-24] (Samsung Electronics Co. Ltd.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2016218803-1963785635-2145039490-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\durma\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21348.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\57.0.5.0\drivefsext.dll [2022-04-14] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\57.0.5.0\drivefsext.dll [2022-04-14] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\57.0.5.0\drivefsext.dll [2022-04-14] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\57.0.5.0\drivefsext.dll [2022-04-14] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [     OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\57.0.5.0\drivefsext.dll [2022-04-14] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\57.0.5.0\drivefsext.dll [2022-04-14] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.065.0412.0004\FileSyncShell64.dll [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\57.0.5.0\drivefsext.dll [2022-04-14] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\nvshext.dll [2020-10-07] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\durma\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2019-07-26 11:37 - 2018-01-31 14:52 - 000045056 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\SKILLER SGK4\hiddriver.dll
2019-07-26 11:37 - 2018-06-23 15:39 - 000061440 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\SKILLER SGK4\lan.dll
2020-06-24 15:06 - 2016-08-10 13:07 - 002847744 _____ () [Datei ist nicht signiert] C:\WINDOWS\system32\DlgSearchEngine.dll
2021-06-19 14:18 - 2018-11-15 15:08 - 002200784 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [Datei ist nicht signiert] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\IcMSIDll.dll
2021-06-19 14:18 - 2018-08-31 08:26 - 000053760 _____ (MS) [Datei ist nicht signiert] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MsIo32_Galax.dll
2017-11-08 08:35 - 2017-11-08 08:35 - 000123904 _____ (Samsung Electronics Co., Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Easy Printer Manager\SmartScreenPrint\CDAKEYMonitor64.dll
2019-07-27 13:07 - 2013-10-21 12:04 - 000179712 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\WINDOWS\System32\E_YLMBKEE.DLL
2020-06-19 20:45 - 2017-07-14 04:13 - 000184832 _____ (Seiko Epson Corporation) [Datei ist nicht signiert] C:\WINDOWS\System32\E_YLMBSLE.DLL
2022-03-19 12:24 - 2016-10-04 05:43 - 000399872 _____ (TODO: <公司名稱>) [Datei ist nicht signiert] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\SDKDLL.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKU\S-1-5-21-2016218803-1963785635-2145039490-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2016218803-1963785635-2145039490-1001\...\sharepoint.com -> hxxps://technischehochschulen-files.sharepoint.com

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2021-02-24 17:49 - 2021-06-07 21:05 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2016218803-1963785635-2145039490-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\durma\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
HKU\S-1-5-21-2016218803-1963785635-2145039490-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2016218803-1963785635-2145039490-1005\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2016218803-1963785635-2145039490-1011\Control Panel\Desktop\\Wallpaper -> C:\Users\akind\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\Run: => "CDAServer"
HKLM\...\StartupApproved\Run: => "GlobalProtect"
HKLM\...\StartupApproved\Run32: => "Nike+ Connect"
HKLM\...\StartupApproved\Run32: => "REDRAGON M711 Gaming Mouse"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKU\S-1-5-21-2016218803-1963785635-2145039490-1001\...\StartupApproved\Run: => "CAM"
HKU\S-1-5-21-2016218803-1963785635-2145039490-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2016218803-1963785635-2145039490-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2016218803-1963785635-2145039490-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2016218803-1963785635-2145039490-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-2016218803-1963785635-2145039490-1001\...\StartupApproved\Run: => "Nike+ Connect"
HKU\S-1-5-21-2016218803-1963785635-2145039490-1001\...\StartupApproved\Run: => "NZXT.CAM"
HKU\S-1-5-21-2016218803-1963785635-2145039490-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-2016218803-1963785635-2145039490-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_27CFA978203970C57DF746A969580ED2"
HKU\S-1-5-21-2016218803-1963785635-2145039490-1001\...\StartupApproved\Run: => "Windscribe"
HKU\S-1-5-21-2016218803-1963785635-2145039490-1001\...\StartupApproved\Run: => "BlueJeans.Detector"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{F93EF88C-EC3B-45C7-8877-6D0E08DA67BF}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe (HP Inc. -> )
FirewallRules: [UDP Query User{99011BBF-49DA-4D42-B7AF-695E5A944AC3}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe (HP Inc. -> )
FirewallRules: [TCP Query User{1BD8E5D2-CF71-46C8-92BA-255296336CC4}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{A42EA43C-FFBA-4000-B3F6-629250C6D5C8}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => Keine Datei
FirewallRules: [{8C4FC046-369E-4601-B798-ACC09F353A50}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7DA9F420-BBAD-4D03-8A75-A1E6B4565CF3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2076E70C-1FA5-4381-92A4-2B14ED409A8E}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{806E85D5-808C-4894-83FA-508F44D2170E}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{0CA398C0-021F-437E-BF54-F7CB081CC76E}C:\users\durma\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe] => (Allow) C:\users\durma\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{06A39CDE-D145-4221-BADA-90A341BF332D}C:\users\durma\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe] => (Allow) C:\users\durma\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{3274972F-62AE-4B22-B8D3-6E0E678AB713}C:\users\durma\appdata\local\bluejeans\current\bluejeans.exe] => (Allow) C:\users\durma\appdata\local\bluejeans\current\bluejeans.exe => Keine Datei
FirewallRules: [UDP Query User{DC041EA6-CAD3-45F9-98CA-EF2848895F53}C:\users\durma\appdata\local\bluejeans\current\bluejeans.exe] => (Allow) C:\users\durma\appdata\local\bluejeans\current\bluejeans.exe => Keine Datei
FirewallRules: [TCP Query User{B2113731-020F-4CEB-8B19-ACF986C8C2A2}C:\users\durma\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\durma\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{557A433F-261C-4064-9949-6DA3AF86599D}C:\users\durma\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\durma\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe
FirewallRules: [{FD30FB81-C24B-4C21-BF73-24D2AD57CEF1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{85B4AD36-91A8-4277-9234-42E9D5708F66}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BC56F700-21DC-4BC2-ADAB-1803EA6DE57D}] => (Allow) LPort=26820
FirewallRules: [{B29ECCC3-8ECF-4EFF-8F84-E842A61F8FE4}] => (Allow) LPort=26822
FirewallRules: [TCP Query User{C097622B-2771-4D76-AD56-5D91B108ACA9}C:\users\durma\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\durma\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{D8BF74A0-1950-45FD-82EC-F1CC5F92FB69}C:\users\durma\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\durma\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AE2FACDA-2B78-49F3-A280-E6FA9F53585F}C:\program files (x86)\altserver\altserver.exe] => (Allow) C:\program files (x86)\altserver\altserver.exe => Keine Datei
FirewallRules: [UDP Query User{B003156B-729E-4C24-B5D2-8D4AC9C6AC53}C:\program files (x86)\altserver\altserver.exe] => (Allow) C:\program files (x86)\altserver\altserver.exe => Keine Datei
FirewallRules: [{7022DAD8-768B-4249-98FF-8372CF9A360E}] => (Allow) C:\Users\durma\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{9AD29A7B-A2EA-461B-B156-F76C91363C89}] => (Allow) C:\Users\durma\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{E964653C-4BA5-416C-A60C-0AC8166BE1C3}] => (Allow) C:\Users\durma\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{3199B294-85E0-49BA-B9C9-88921BAA5488}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{1132F469-D1F7-4873-A157-948E5A9A9620}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{F3C0E817-D091-49D2-B9E5-01B751F8FCA1}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{4E0A95CE-DE5A-4F0F-BC7C-C50EE5EE8E3E}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D9FBCDFB-24E5-4E47-A059-AB4E14A16980}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{881648B8-C3CF-4EC9-878C-0FB5A90BA786}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C8DF8607-99E4-4ADE-BBD1-51D2CA49C7EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5147B8CE-0B37-4F07-9613-64F6A0C503A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{97F32EB7-1494-44BE-9DB8-5375EF29BF37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{44CA5752-99AC-4490-8326-98CBB675129C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{1FA35FFA-C127-4C3A-9428-AFF9940662CD}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe (HP Inc. -> )
FirewallRules: [UDP Query User{432BDB11-9233-425D-9F5F-87EAB591934D}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe (HP Inc. -> )
FirewallRules: [TCP Query User{ECCAF01D-A879-4F58-B8F7-DBA28DCEE306}C:\users\durma\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\durma\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{3285A0D2-B21E-4C64-8490-A2C891C305B0}C:\users\durma\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\durma\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{73510406-8372-402F-AEBF-BFF7F46F2B2F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BDE3F851-9568-4029-B13A-29207929E54A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D34DB292-5ADD-4AEF-ADEA-7124D3791122}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{29CF0327-A65A-4095-8F48-121A49A18C69}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{B6A19065-28D4-4C59-81F4-0CBD0C001C47}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{4AD51690-A2BF-4D42-A773-CCF84AFFA784}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{5D782EDA-49B5-469A-9CD4-242259394FB2}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{4AAAA8F1-13E4-4FF0-8AF6-E04FBD84BF56}C:\users\durma\.lunarclient\jre\1.18.2\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\durma\.lunarclient\jre\1.18.2\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{8875D2DF-519F-4CAB-AF37-032E6A236955}C:\users\durma\.lunarclient\jre\1.18.2\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\durma\.lunarclient\jre\1.18.2\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [TCP Query User{51CBF900-DDBC-437A-BE02-2F2D5B9AF185}C:\users\durma\.lunarclient\jre\1.18.1\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\durma\.lunarclient\jre\1.18.1\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{D96E7FC1-1964-4CB8-B652-8AD833F6E5EE}C:\users\durma\.lunarclient\jre\1.18.1\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\durma\.lunarclient\jre\1.18.1\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [TCP Query User{2C8A7764-22C0-46F2-A46C-32BD0086742A}C:\users\durma\.lunarclient\jre\1.18.2\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\durma\.lunarclient\jre\1.18.2\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{B4655B51-167A-438F-8ECB-E3D37D7D5C67}C:\users\durma\.lunarclient\jre\1.18.2\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\durma\.lunarclient\jre\1.18.2\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [{B0052E78-5CC4-4CE2-8134-A91459ED421C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8D9F6E87-61C8-449F-A47D-C4A77AE9A682}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8F681433-03B5-4D13-B9E5-354161400E90}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5BD9B900-8B22-4721-BED2-5EDEFE6D06D0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FB877391-B533-42A0-A3F1-7C63DE9D1A57}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F9D924F3-F0F1-4CBC-8DAA-D7B5DA2FDCF2}] => (Allow) LPort=32682

==================== Wiederherstellungspunkte =========================

01-04-2022 21:17:13 Geplanter Prüfpunkt
11-04-2022 21:53:50 Geplanter Prüfpunkt
12-04-2022 21:58:12 Windows Modules Installer
12-04-2022 21:58:31 Windows Modules Installer
12-04-2022 21:58:49 Windows Modules Installer
24-04-2022 17:54:08 Geplanter Prüfpunkt
26-04-2022 22:15:21 Removed Minecraft Launcher

==================== Fehlerhafte Geräte im Gerätemanager ============

Name: PANGP Virtual Ethernet Adapter #2
Description: PANGP Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: PaloAltoNetworks
Service: PanGpd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI-Ver-/Entschlüsselungscontroller
Description: PCI-Ver-/Entschlüsselungscontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (04/26/2022 10:02:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Name des fehlerhaften Moduls: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001c132
ID des fehlerhaften Prozesses: 0xecc
Startzeit der fehlerhaften Anwendung: 0x01d859a88d66e86f
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Berichtskennung: 5c2c0afa-2d93-48c8-90aa-5b5ca7cc3791
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/19/2022 10:17:26 AM) (Source: Microsoft Office 16) (EventID: 2000) (User: )
Description: Microsoft Word: Accepted Safe Mode action : Word konnte beim letzten Mal nicht gestartet werden. Der abgesicherte Modus kann Ihnen bei der Problembehandlung behilflich sein. Einige Features sind aber in diesem Modus möglicherweise nicht verfügbar.

Möchten Sie im abgesicherten Modus starten?.

Error: (04/19/2022 10:16:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WINWORD.EXE, Version: 16.0.15028.20204, Zeitstempel: 0x6250e5a3
Name des fehlerhaften Moduls: mso20win32client.dll, Version: 0.0.0.0, Zeitstempel: 0x6248435f
Ausnahmecode: 0x23789560
Fehleroffset: 0x0000000000250fbd
ID des fehlerhaften Prozesses: 0x33cc
Startzeit der fehlerhaften Anwendung: 0x01d853c5d05c9ca0
Pfad der fehlerhaften Anwendung: C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
Pfad des fehlerhaften Moduls: C:\Program Files\Common Files\Microsoft Shared\Office16\mso20win32client.dll
Berichtskennung: 33a8857c-a050-41b9-8b91-b8dab43a4699
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/19/2022 10:12:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Name des fehlerhaften Moduls: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001c132
ID des fehlerhaften Prozesses: 0xe9c
Startzeit der fehlerhaften Anwendung: 0x01d853c52b781e79
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Berichtskennung: 4629f81e-bee0-4c84-8b96-df8a6c0e951b
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/18/2022 09:17:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Name des fehlerhaften Moduls: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001c132
ID des fehlerhaften Prozesses: 0xf34
Startzeit der fehlerhaften Anwendung: 0x01d85358e4369f10
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Berichtskennung: d62220fd-06ca-442e-85e2-4f412b4d2cfe
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/15/2022 12:05:56 PM) (Source: Firefox Default Browser Agent) (EventID: 5) (User: )
Description: Event-ID 5

Error: (04/13/2022 02:01:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Name des fehlerhaften Moduls: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001c132
ID des fehlerhaften Prozesses: 0xe60
Startzeit der fehlerhaften Anwendung: 0x01d84ec9aaef9c26
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Berichtskennung: 19c176e9-3464-4f1a-bd25-f2e7a47eb798
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/12/2022 10:27:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Name des fehlerhaften Moduls: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001c132
ID des fehlerhaften Prozesses: 0xed0
Startzeit der fehlerhaften Anwendung: 0x01d84eabb8a39678
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Berichtskennung: 2f6e3044-2185-4848-9054-d128aa38c229
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (04/26/2022 10:02:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (45000 ms) wurde beim Verbindungsversuch mit dem Dienst asComSvc erreicht.

Error: (04/26/2022 10:02:30 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "025041000001", um die Schnittstelle zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die 
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung 
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar 
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.

Error: (04/26/2022 10:02:30 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "025041000001", um die Schnittstelle zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die 
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung 
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar 
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.

Error: (04/26/2022 10:02:30 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Der Computer wurde nach einem schwerwiegenden Fehler neu gestartet. Der Fehlercode war: 0x0000009f (0x0000000000000003, 0xffffc906aa279b60, 0xfffff80181871850, 0xffffc906a6ef62a0). Ein volles Abbild wurde gespeichert in: C:\WINDOWS\MEMORY.DMP. Berichts-ID: 65767a7f-6b33-41f4-a3d3-6c7b3fdba183.

Error: (04/26/2022 10:02:18 PM) (Source: volmgr) (EventID: 161) (User: )
Description: Erstellung einer Abbilddatei aufgrund eines Fehlers beim Erstellen der Abbildkopie fehlgeschlagen.

Error: (04/26/2022 10:02:25 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎26.‎04.‎2022 um 21:55:56 unerwartet heruntergefahren.

Error: (04/26/2022 04:40:43 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-10OLOT9)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/26/2022 04:40:43 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-10OLOT9)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


Windows Defender:
================
Date: 2022-04-25 22:53:01
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {BE8F7D24-2611-4201-A1AF-521D96C1D6AF}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2022-04-25 14:04:50
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {0AA823C6-177F-4F19-815F-E47E713C5F25}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2022-04-24 15:51:15
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {FB6A700C-4142-4D3E-BAE9-4D22790521A3}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2022-04-19 01:16:47
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {F54680F3-B070-49F5-92EA-76014F67CB50}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2022-04-17 22:34:40
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {4FF73508-5AA0-42CB-BEDC-F9F0158596EA}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Event[0]:

Date: 2022-03-09 17:43:03
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.359.1519.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.18900.3
Fehlercode: 0x8024402c
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support". 

Date: 2022-02-24 20:52:27
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.359.781.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.18900.3
Fehlercode: 0x80072efd
Fehlerbeschreibung: Die Serververbindung konnte nicht hergestellt werden. 

Date: 2022-02-06 21:21:47
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.357.150.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.18900.2
Fehlercode: 0x8024402c
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support". 

CodeIntegrity:
===============
Date: 2022-04-26 22:15:14
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume6\Program Files\Google\Drive File Stream\57.0.5.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2022-04-24 15:51:16
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-03-27 23:42:33
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-06-14 19:12:39
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\WindowManagementAPI.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. 1.90 07/05/2019
Hauptplatine: Micro-Star International Co., Ltd B450 TOMAHAWK (MS-7C02)
Prozessor: AMD Ryzen 5 3600 6-Core Processor 
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 16333.51 MB
Verfügbarer physikalischer RAM: 9694.91 MB
Summe virtueller Speicher: 19021.51 MB
Verfügbarer virtueller Speicher: 10441.59 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:465.13 GB) (Free:303.11 GB) NTFS
Drive d: (SSD 2) (Fixed) (Total:223.55 GB) (Free:222.65 GB) NTFS
Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:14.92 GB) FAT32

\\?\Volume{f5344691-0c88-48b1-ad09-53258f8e561a}\ (Wiederherstellung) (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS
\\?\Volume{0c3673e3-25b1-4a98-a9f0-a23fdf0f9321}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================
         

Alt 26.04.2022, 21:50   #2
visiosan
 
Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund - Standard

Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund Anleitung / Hilfe



Shortcut

Code:
ATTFilter
Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 22-04-2022
durchgeführt von durma (26-04-2022 22:44:11)
Gestartet von C:\Users\durma\Desktop
Start-Modus: Normal

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\Users\durma\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()


Shortcut: C:\Users\akind\Links\Desktop.lnk -> C:\Users\akind\Desktop (Keine Datei)
Shortcut: C:\Users\akind\Links\Downloads.lnk -> C:\Users\akind\Downloads ()
Shortcut: C:\Users\akind\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\akind\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\akind\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\akind\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\akind\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\akind\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\akind\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\akind\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\akind\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\akind\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\akind\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\akind\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\akind\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\akind\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\akind\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Keine Datei)
Shortcut: C:\Users\akind\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\akind\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\akind\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\akind\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\akind\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\akind\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\akind\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\akind\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\akind\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\akind\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\akind\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\akind\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\akind\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe (Google, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NZXT CAM.lnk -> C:\Program Files\NZXT CAM\NZXT CAM.exe (NZXT, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Program Files\Microsoft OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk -> C:\Program Files\PCHealthCheck\PCHealthCheck.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shotcut.lnk -> C:\Program Files\Shotcut\shotcut.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk -> C:\Program Files\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Samsung Drucker-Diagnose.lnk -> C:\Program Files (x86)\Samsung\Samsung Printer Diagnostics\SEInstall\SPD\ESM.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Samsung Printer Center.lnk -> C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics Co., Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\SetIP.lnk -> C:\Program Files (x86)\Samsung Printers\SetIP\SetIp.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Grand Theft Auto V\GTA Online.lnk -> C:\Program Files\Rockstar Games\Grand Theft Auto V\PlayGTAV.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Grand Theft Auto V\GTAV-Sprachauswahl.lnk -> C:\Program Files\Rockstar Games\Grand Theft Auto V\GTAVLanguageSelect.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REDRAGON M711\REDRAGON M711 Gaming Mouse.lnk -> C:\Program Files (x86)\REDRAGON M711 Gaming Mouse\ldcfg.exe (TODO: <Company name>)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REDRAGON M711\Uninstall  .lnk -> C:\Windows\unins001.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Palo Alto Networks\GlobalProtect\GlobalProtect.lnk -> C:\Windows\Installer\{2CEED52F-2CB7-4A63-AE90-934F86064E08}\_C1F788F2BB506B131CCB7C.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Palo Alto Networks\GlobalProtect\PanGPSupport.lnk -> C:\Windows\Installer\{2CEED52F-2CB7-4A63-AE90-934F86064E08}\_0346654236C526101BF002.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (64bit).lnk -> C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\Uninstall.lnk -> C:\Program Files\obs-studio\uninstall.exe (obsproject.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\Dragon Center\Dragon Center entfernen.lnk -> C:\Program Files (x86)\MSI\Dragon Center\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\Dragon Center\Dragon Center.lnk -> C:\Program Files (x86)\MSI\Dragon Center\DragonCenter.exe (Micro-Star Int'l Co., Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Aufzeichnungs-Manager von Skype for Business.lnk -> C:\Program Files\Microsoft Office\root\Office16\OcPubMgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office-Spracheinstellungen.lnk -> C:\Program Files\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetriedashboard für Office.lnk -> C:\Program Files\Microsoft Office\root\Office16\msotd.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetrieprotokoll für Office.lnk -> C:\Program Files\Microsoft Office\root\Office16\msoev.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software\EPSON-Handbücher.lnk -> C:\Program Files (x86)\Epson Software\Epson Manual\Launcher\EPSMLAN.EXE (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\durma\OneDrive\Downloads - Verknüpfung.lnk -> C:\Users\durma\Downloads ()
Shortcut: C:\Users\durma\Links\Desktop.lnk -> C:\Users\durma\Desktop ()
Shortcut: C:\Users\durma\Links\Downloads.lnk -> C:\Users\durma\Downloads ()
Shortcut: C:\Users\durma\Desktop\Zoom.lnk -> C:\Users\durma\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\durma\Desktop\RGB\NZXT CAM.lnk -> C:\Program Files\NZXT CAM\NZXT CAM.exe (NZXT, Inc.)
Shortcut: C:\Users\durma\Desktop\RGB\REDRAGON M711.lnk -> C:\Program Files (x86)\REDRAGON M711 Gaming Mouse\ldcfg.exe (TODO: <Company name>)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall PureVPN.lnk -> C:\Program Files (x86)\GZ Systems\PureVPN\Uninstaller\Uninstaller.exe (Keine Datei)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk -> [LFx@_dP/N1SPSU(Ly9K-e)::{645FF040-5081-101B-9F08-00AA002F954E}]
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk -> C:\Users\durma\Desktop\Tor Browser\Browser\firefox.exe (Keine Datei)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Zoom.lnk -> C:\Users\durma\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\UbisoftConnect\Ubisoft Connect.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftConnect.exe (Keine Datei)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\UbisoftConnect\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Keine Datei)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GlobalProtect.lnk -> C:\Windows\Installer\{2CEED52F-2CB7-4A63-AE90-934F86064E08}\_C1F788F2BB506B131CCB7C.exe ()
Shortcut: C:\Users\durma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Zoom.lnk -> C:\Users\durma\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\durma\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\durma\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\durma\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\durma\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\durma\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\durma\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\durma\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\durma\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\durma\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\durma_jvkf1i4\Links\Desktop.lnk -> C:\Users\durma_jvkf1i4\Desktop ()
Shortcut: C:\Users\durma_jvkf1i4\Links\Downloads.lnk -> C:\Users\durma_jvkf1i4\Downloads ()
Shortcut: C:\Users\durma_jvkf1i4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\durma_jvkf1i4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\durma_jvkf1i4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\durma_jvkf1i4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\durma_jvkf1i4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\durma_jvkf1i4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\durma_jvkf1i4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\durma_jvkf1i4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\durma_jvkf1i4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\durma_jvkf1i4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\durma_jvkf1i4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\durma_jvkf1i4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\durma_jvkf1i4\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\durma_jvkf1i4\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Keine Datei)
Shortcut: C:\Users\durma_jvkf1i4\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\durma_jvkf1i4\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\durma_jvkf1i4\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\durma_jvkf1i4\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Keine Datei)
Shortcut: C:\Users\durma_jvkf1i4\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\durma_jvkf1i4\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\durma_jvkf1i4\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\durma_jvkf1i4\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\durma_jvkf1i4\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\durma_jvkf1i4\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\durma_jvkf1i4\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\durma_jvkf1i4\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\durma_jvkf1i4\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\kador\Links\Desktop.lnk -> C:\Users\kador\Desktop (Keine Datei)
Shortcut: C:\Users\kador\Links\Downloads.lnk -> C:\Users\kador\Downloads ()
Shortcut: C:\Users\kador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Zoom.lnk -> C:\Users\kador\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\kador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\kador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\kador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\kador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\kador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\kador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\kador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\kador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\kador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\kador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\kador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\kador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\kador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\kador\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\kador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Keine Datei)
Shortcut: C:\Users\kador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\kador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\kador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\kador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\kador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\kador\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\kador\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\kador\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\kador\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\kador\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\kador\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\kador\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\kador\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\kador\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation)
Shortcut: C:\Users\Public\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\TEMP\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\TEMP\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)


ShortcutWithArgument: C:\Users\akind\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\akind\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\akind\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\akind\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge (2).lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\akind\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\akind\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\akind\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\akind\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\akind\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\akind\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\akind\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\akind\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\akind\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\akind\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\akind\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SKILLER SGK4\SKILLER SGK4.lnk -> C:\Program Files (x86)\SKILLER SGK4\Monitor.exe (Sharkoon Technologies) ->  1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SKILLER SGK4\Uninstall.lnk -> C:\Program Files (x86)\SKILLER SGK4\unins000.exe () -> 1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Datenerfassungseinstellungen.lnk -> C:\Program Files (x86)\Samsung\Samsung M332x 382x 402x Series\Setup\setup.exe () -> /GDPR
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Order Supplies.lnk -> C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe () -> /ordersupplies
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Samsung Easy Printer Manager.lnk -> C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe () -> /epm
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Samsung Easy Wireless Setup.lnk -> C:\Program Files (x86)\Samsung\Samsung Printer Diagnostics\SEInstall\SPD\ESM.exe () -> /Wireless
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Uninstall Samsung Printer Software.lnk -> C:\Program Files (x86)\Samsung\TotalUninstaller\TotalUninstaller.exe () -> /N"Samsung" /REMOVE_ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Update Software.lnk -> C:\Program Files (x86)\Samsung\Samsung Printer Diagnostics\SEInstall\SPD\ESM.exe () -> /J_Update /Target "PRINT_COMMON_SW"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /show
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Database Compare.lnk -> C:\Program Files\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Office16\DCF\DATABASECOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Spreadsheet Compare.lnk -> C:\Program Files\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Office16\DCF\SPREADSHEETCOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\durma\Desktop\Microsoft Teams.lnk -> C:\Users\durma\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe"
ShortcutWithArgument: C:\Users\durma\Desktop\RGB\SKILLER SGK4.lnk -> C:\Program Files (x86)\SKILLER SGK4\Monitor.exe (Sharkoon Technologies) ->  1
ShortcutWithArgument: C:\Users\durma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk -> C:\Users\durma\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe"
ShortcutWithArgument: C:\Users\durma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\durma\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Video Communications, Inc.) -> /uninstall
ShortcutWithArgument: C:\Users\durma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\durma\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\durma\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\durma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Teams.lnk -> C:\Users\durma\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe" --process-start-args "--profile=AAD"
ShortcutWithArgument: C:\Users\durma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\4ac866364817f10c\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\durma\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\durma\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\durma\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\durma\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\durma\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\durma\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\durma\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\durma\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\durma\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\durma\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\durma_jvkf1i4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk -> C:\Users\durma_jvkf1i4\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe"
ShortcutWithArgument: C:\Users\durma_jvkf1i4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\durma_jvkf1i4\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\durma_jvkf1i4\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\durma_jvkf1i4\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\durma_jvkf1i4\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\durma_jvkf1i4\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\durma_jvkf1i4\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\durma_jvkf1i4\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\durma_jvkf1i4\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\durma_jvkf1i4\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\durma_jvkf1i4\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\durma_jvkf1i4\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\durma_jvkf1i4\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\kador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk -> C:\Users\kador\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation) -> --processStart "Teams.exe"
ShortcutWithArgument: C:\Users\kador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\kador\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Video Communications, Inc.) -> /uninstall
ShortcutWithArgument: C:\Users\kador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\kador\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\kador\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\kador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\kador\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\kador\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\kador\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\kador\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\kador\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\kador\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\kador\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\kador\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\kador\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\kador\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\kador\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\TEMP\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\TEMP\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\TEMP\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\TEMP\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\TEMP\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\TEMP\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\TEMP\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\TEMP\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\TEMP\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\TEMP\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\TEMP.DESKTOP-10OLOT9.000\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}


InternetURL: C:\Users\akind\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\akind\Favorites\ASUS E-Service\ASUS Homepage.url -> URL: hxxp://www.asus.com/
InternetURL: C:\Users\akind\Favorites\ASUS E-Service\ASUS Member.url -> URL: hxxp://member.asus.com/
InternetURL: C:\Users\akind\Favorites\ASUS E-Service\ASUS Software Download.url -> URL: hxxp://support.asus.com/download
InternetURL: C:\Users\akind\Favorites\ASUS E-Service\ASUS Technical Support.url -> URL: hxxp://support.asus.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EpsonLink\Epson Connect Site.url -> URL: hxxps://www.epsonconnect.com/?p=0
InternetURL: C:\Users\durma\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\durma\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=de_de&pf=all&s=amazon&tp=iefavs
InternetURL: C:\Users\durma\Favorites\Links\Booking.com.url -> URL: hxxp://www.booking.com/index.html?aid=398438&label=webslice
InternetURL: C:\Users\durma\Favorites\Links\TripAdvisor.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=all&pf=cnnb&s=tripadvisor_W10_iefavsbar&tp=iefavs
InternetURL: C:\Users\durma\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=de_de&pf=all&s=amazon&tp=iefavs
InternetURL: C:\Users\durma\Favorites\HP\Booking.com.url -> URL: hxxp://www.booking.com/index.html?aid=398438&label=iefav
InternetURL: C:\Users\durma\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=de_de&pf=cnnb&s=stemea_consumer_ie_nb&tp=iefavs
InternetURL: C:\Users\durma\Favorites\HP\TripAdvisor.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=all&pf=cnnb&s=TripAdvisor_W10_iefav&tp=iefavs
InternetURL: C:\Users\durma\Favorites\HP\WildTangent Games for HP.url -> URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cnnb&locale=de_de&bd=all&c=161
InternetURL: C:\Users\durma_jvkf1i4\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\kador\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142

==================== Ende vom Shortcut.txt =============================
         
__________________


Alt 26.04.2022, 21:53   #3
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund - Standard

Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund Details



Wieso denkst du sofort an Malware? Welche Funde gabe es denn? Gab es denn überhaupt welche?
__________________
__________________

Alt 26.04.2022, 21:56   #4
visiosan
 
Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund - Standard

Lösung: Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund



Zitat:
Zitat von cosinus Beitrag anzeigen
Wieso denkst du sofort an Malware? Welche Funde gabe es denn? Gab es denn überhaupt welche?
Hallo cosinus,

es gab keine Befunde. Ich habe keine Antivirus-Software außer die von Windows selbst.

Die plötzlichen "Neustarts" des PCs haben mich stutzig gemacht.

VG
visi

Alt 26.04.2022, 22:00   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund - Standard

Wie Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund



Dann verschiebe ich jetzt nach Windows. Schädlinge sind kein Wunschkonzert. Und es macht keinen Sinn irgendwelche Phantome zu jagen, wenn unklar ist, ob Windows und die Hardware intakt sind.

__________________
Logs bitte immer in CODE-Tags posten

Alt 26.04.2022, 22:37   #6
visiosan
 
Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund - Standard

Wo Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund Lösung!



Hallo cosinus,

alles klar. Vielen Dank.

Ich habe mal AdwCleaner, Malwarebytes und RogueKiller heruntergeladen und durchgeführt.




AdwCleaner, Befunde in Quarantäne geschoben:

Code:
ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build:    03-23-2022
# Database: 2022-03-15.3 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-26-2022
# Duration: 00:00:01
# OS:       Windows 10 Pro
# Cleaned:  9
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\SecuritySuite
Deleted       C:\ProgramData\TotalAV
Deleted       C:\Users\durma\Documents\TotalAV

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\SSProtect
Deleted       HKLM\SOFTWARE\Classes\*\shell\TotalAV
Deleted       HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted       HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted       HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted       HKLM\Software\Classes\totalav

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2059 octets] - [26/04/2022 23:10:21]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
         
Malwarebytes, keine Befunde
Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 26.04.22
Scan-Zeit: 23:21
Protokolldatei: de569c74-c5a6-11ec-939a-00d861588bae.json

-Softwaredaten-
Version: 4.5.8.191
Komponentenversion: 1.0.1666
Version des Aktualisierungspakets: 1.0.54229
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 19044.1645)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-10OLOT9\durma

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 479686
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 3 Min., 37 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)
         
RogueKiller, 6 Befunde entfernt
Code:
ATTFilter
Program            : RogueKiller Anti-Malware
Version            : 15.4.0.0
x64                : Yes
Program Date       : Mar  7 2022
Location           : C:\Program Files\RogueKiller\RogueKiller64.exe
Premium            : No
Company            : Adlice Software
Website            : https://www.adlice.com/
Contact            : https://adlice.com/contact/
Website            : https://adlice.com/download/roguekiller/
Operating System   : Windows 10 (10.0.19044) 64-bit
64-bit OS          : Yes
Startup            : 0
WindowsPE          : No
User               : durma
User is Admin      : Yes
Date               : 2022/04/26 21:32:29
Type               : Removal
Aborted            : No
Scan Mode          : Standard
Duration           : 299
Found items        : 6
Total scanned      : 71372
Signatures Version : 20220425_082113
Truesight Driver   : Yes
Updates Count      : 2
Arguments          : -minimize

************************* Warnings *************************

************************* Removal *************************
[PUP.WinZipDiskTools (Potenziell bösartig)] HKEY_USERS\.DEFAULT\Software\Nico Mak Computing --  -> Gelöscht
  [+] scan_what       : 2
  [+] vendors         : PUP.WinZipDiskTools
  [+] Name            : HKEY_USERS\.DEFAULT\Software\Nico Mak Computing
  [+] Type            : Registry
  [+] file_vtscore    : 0
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 0
  [+] status          : 3
  [+] status_str      : Gelöscht
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : 0

[PUP.Gen1 (Potenziell bösartig)] HKEY_USERS\S-1-5-21-2016218803-1963785635-2145039490-1001\Software\OCS --  -> Gelöscht
  [+] scan_what       : 2
  [+] vendors         : PUP.Gen1
  [+] Name            : HKEY_USERS\S-1-5-21-2016218803-1963785635-2145039490-1001\Software\OCS
  [+] Type            : Registry
  [+] file_vtscore    : 0
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 1
  [+] status          : 3
  [+] status_str      : Gelöscht
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : 0

[PUP.WinZipDiskTools (Potenziell bösartig)] HKEY_USERS\S-1-5-18\Software\Nico Mak Computing --  -> Gelöscht
  [+] scan_what       : 2
  [+] vendors         : PUP.WinZipDiskTools
  [+] Name            : HKEY_USERS\S-1-5-18\Software\Nico Mak Computing
  [+] Type            : Registry
  [+] file_vtscore    : 0
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 2
  [+] status          : 3
  [+] status_str      : Gelöscht
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : 0

[Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{3274972F-62AE-4B22-B8D3-6E0E678AB713}C:\users\durma\appdata\local\bluejeans\current\bluejeans.exe -- [%localappdata%\bluejeans\current\bluejeans.exe] -> Gelöscht
  [+] scan_what       : 1
  [+] vendors         : Suspicious.Path
  [+] Name            : HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{3274972F-62AE-4B22-B8D3-6E0E678AB713}C:\users\durma\appdata\local\bluejeans\current\bluejeans.exe
  [+] value           : [%localappdata%\bluejeans\current\bluejeans.exe]
  [+] Type            : Registry
  [+] file_vtscore    : 0
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 3
  [+] status          : 3
  [+] status_str      : Gelöscht
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : -1

[Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{DC041EA6-CAD3-45F9-98CA-EF2848895F53}C:\users\durma\appdata\local\bluejeans\current\bluejeans.exe -- [%localappdata%\bluejeans\current\bluejeans.exe] -> Gelöscht
  [+] scan_what       : 1
  [+] vendors         : Suspicious.Path
  [+] Name            : HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{DC041EA6-CAD3-45F9-98CA-EF2848895F53}C:\users\durma\appdata\local\bluejeans\current\bluejeans.exe
  [+] value           : [%localappdata%\bluejeans\current\bluejeans.exe]
  [+] Type            : Registry
  [+] file_vtscore    : 0
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 4
  [+] status          : 3
  [+] status_str      : Gelöscht
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : -1

[PUM.Proxy (Potenziell bösartig)] network.proxy.type -- 1 -> Ersetzt ()
  [+] scan_what       : 2
  [+] vendors         : PUM.Proxy
  [+] Name            : network.proxy.type
  [+] value           : 1
  [+] Type            : Browser
  [+] file_vtscore    : 0
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 4
  [+] id              : 5
  [+] status          : 3
  [+] status_str      : Ersetzt ()
  [+] removed         : No
  [+] status_choice   : 2
  [+] malpe_score     : 0
         

Geändert von visiosan (26.04.2022 um 22:40 Uhr) Grund: malware

Alt 27.04.2022, 00:30   #7
mmk
 
Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund - Standard

Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund



Keine Malware als Ursache. Deine "Malware" ist... Trommelwirbel...

Zitat:
Error: (04/26/2022 10:02:30 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "025041000001", um die Schnittstelle zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.

Error: (04/26/2022 10:02:30 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Der Computer wurde nach einem schwerwiegenden Fehler neu gestartet. Der Fehlercode war: 0x0000009f (0x0000000000000003, 0xffffc906aa279b60, 0xfffff80181871850, 0xffffc906a6ef62a0). Ein volles Abbild wurde gespeichert in: C:\WINDOWS\MEMORY.DMP. Berichts-ID: 65767a7f-6b33-41f4-a3d3-6c7b3fdba183.
...dieser Kram (die beiden Fehlermeldungen gehören zusammen bzw. haben den Auslöser in eben dieser Software, siehe obige Markierungen in Fettschrift):
https://www.paloaltonetworks.com/products/globalprotect
Zitat:
GlobalProtect™ is more than a VPN. It extends consistent security from Prisma Access and Next Generation Firewalls (NGFWs) to all users, everywhere.
Siehe auch:
https://knowledgebase.paloaltonetwor...g000000CmAOCA0
Zitat:
The default MAC address of the Palo Alto Networks GlobalProtect Virtual Ethernet Adapter is 02-50-41-00-00-01 and this MAC address cannot be changed.
Vergleiche mit obiger erster Fehlermeldung.

Zudem auch noch drauf:
Zitat:
PureVPN (HKLM-x32\...\{640ebb2a-b88a-4a1c-8b3c-18fb11bf1cce}) (Version: 1.1.74.0 - ) Hidden
Einfach weglassen, sowas. Außerdem ist bei Dir einige veraltete Software drauf (System ungepflegt). UEFI ebenfalls veraltet, wichtige Stabilitätsupdates fehlen. Hier besteht insgesamt dringender Veränderungsbedarf.

Geändert von mmk (27.04.2022 um 00:39 Uhr)

Alt 27.04.2022, 08:17   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund - Standard

Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund



Der ganze Krempel von ASUS tut auch nicht not.
__________________
Logs bitte immer in CODE-Tags posten

Alt 29.04.2022, 01:28   #9
mmk
 
Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund - Standard

Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund



Ja, das ist insgesamt völlig überladen. Viel unnötige bis unsinnige Software dabei. Vergrößert natürlich das Konfliktpotential erheblich.

Alt 29.04.2022, 16:23   #10
visiosan
 
Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund - Standard

Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund [gelöst]



Zitat:
Zitat von mmk Beitrag anzeigen
Keine Malware als Ursache. Deine "Malware" ist... Trommelwirbel...



...dieser Kram (die beiden Fehlermeldungen gehören zusammen bzw. haben den Auslöser in eben dieser Software, siehe obige Markierungen in Fettschrift):
https://www.paloaltonetworks.com/products/globalprotect


Siehe auch:
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CmAOCA0

Vergleiche mit obiger erster Fehlermeldung.

Zudem auch noch drauf:


Einfach weglassen, sowas. Außerdem ist bei Dir einige veraltete Software drauf (System ungepflegt). UEFI ebenfalls veraltet, wichtige Stabilitätsupdates fehlen. Hier besteht insgesamt dringender Veränderungsbedarf.
Danke, habe GlobalProtect entfernt.

HiddenVPN sehe ich nicht mehr unter den installierten Apps. Genauso wenig wie die Software von ASUS.

UEFI versuche ich upzudaten und melde mich nochmal

Alt 29.04.2022, 17:22   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund - Standard

Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund [gelöst]



Hast du diesen ganzen unnötigen Ballast von ASUS entfernt? Wie kam der da überhaupt drauf?
__________________
Logs bitte immer in CODE-Tags posten

Alt 30.04.2022, 10:16   #12
visiosan
 
Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund - Standard

Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund [gelöst]



Sehe die ASUS und HiddenVPN Software nicht unter den installierten Programmen. Konnte es dementsprechend nicht entfernen.

Ich glaube, dass ich mal ASUS Software zur Steuerung der RGB auf dem Mainboard oder des RAMs heruntergeladen hatte.

Antwort

Themen zu Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund
auswertung, automatisch, automatische, automatischen, automatischer, einiger, entfernung, hallo zusammen, hilfe, hintergrund, https, interne, logfiles, neu, neustart, runbroker, runtime, starte, startet, taskma, taskmanager, verdächtig, windows, woche, wochen, zusammen, zuvor



Ähnliche Themen: Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund


  1. Windows 10: Internetverbindung seit einiger Zeit verlangsamt
    Log-Analyse und Auswertung - 11.06.2021 (6)
  2. Pc ist seit einiger Zeit langsamer geworden.
    Plagegeister aller Art und deren Bekämpfung - 09.10.2017 (20)
  3. Laptop seit einiger Zeit entsetzlich langsam geworden
    Alles rund um Windows - 17.08.2017 (6)
  4. System seit einiger Zeit instabil und langsam
    Log-Analyse und Auswertung - 28.10.2016 (13)
  5. Windows 10: Programme hängen sich seit einiger Zeit auf. Infiziert?
    Log-Analyse und Auswertung - 10.12.2015 (6)
  6. System ist seit einiger Zeit unendlich langsam, Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 08.04.2015 (9)
  7. Seit einiger Zeit ist der Arbeitspeicher komplett belegt.
    Alles rund um Windows - 06.11.2014 (8)
  8. Windows 7: PC bootet seit einiger Zeit sehr langsam
    Alles rund um Windows - 29.10.2014 (21)
  9. Windows 8.1 - seit einiger Zeit sehr langsame Downloadgeschwindigkeit (Upload i.O)
    Log-Analyse und Auswertung - 03.04.2014 (9)
  10. Seit einiger Zeit haengt sich der Laptop
    Plagegeister aller Art und deren Bekämpfung - 08.02.2013 (3)
  11. Schwache Internetverbindung seit einiger Zeit
    Alles rund um Windows - 07.10.2012 (3)
  12. Internet seit einiger Zeit sehr langsam
    Log-Analyse und Auswertung - 04.07.2012 (11)
  13. MSN meldet sich seit einiger zeit automatisch ab
    Alles rund um Windows - 07.09.2010 (5)
  14. Logitech M305 seit einiger Zeit furchtbar langsam
    Netzwerk und Hardware - 25.05.2010 (1)
  15. Laptop seit einiger Zeit sehr langsam! :(
    Log-Analyse und Auswertung - 26.10.2009 (1)
  16. Pc läuft seit einiger zeit langsamer
    Log-Analyse und Auswertung - 16.03.2008 (5)
  17. Kaspersky seit einiger zeit probs mit updaten
    Antiviren-, Firewall- und andere Schutzprogramme - 11.06.2005 (4)

Zum Thema Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund - Hallo zusammen, seit einigen Wochen kommt es ab und zu mal zu einem automatischen Neustart bei meinem PC (nicht zum Updaten!!!). Zuvor war dies nie der Fall. Zudem habe ich - Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund...
Archiv
Du betrachtest: Windows 10: PC startet seit einiger Zeit automatisch neu / Runtime Broker im Hintergrund auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.