Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Antiviren-, Firewall- und andere Schutzprogramme (https://www.trojaner-board.de/antiviren-firewall-andere-schutzprogramme/)
-   -   Win10, Avira, TR/Bagle.zip (https://www.trojaner-board.de/202593-win10-avira-tr-bagle-zip.html)

Viktor Barth 18.09.2021 07:12
Win10, Avira, TR/Bagle.zip
 
Liste der Anhänge anzeigen (Anzahl: 7)
Hallo Zusammen,

ich habe mir vor einigen Tagen einen Virus eingefangen.
Er äußert sich durch durch viele Meldungen im Informationsfenster (s. Bildschirmscreen "Benachrichtigungen20210914-1448")

Avira erkennt ihn, schiebt ihn in Quarantäne, löscht ihn aber nicht endgültig.
Die Avira-Log-Datei "Avira-Logfile20210914" ist im Anhang.

Die gewünschten FRST-Dateien sind ebenfalls im Anhang.
Die Shortcut-Datei habe ich in 3 Dateien gesplittet.
Mit dem Hinweis zu "Code-Tags" kann ich leider nichts anfangen.
Ich habe keine Ahnung was das sein soll, bzw. Notepad hat kein #-Symbol

Vielen Dank vorab für Ihre Unterstützung

cosinus 18.09.2021 14:01
Zitat:
Mit dem Hinweis zu "Code-Tags" kann ich leider nichts anfangen.
Posten in CODE-Tags

Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

M-K-D-B 18.09.2021 14:06
:hallo:


ich verschiebe das Thema in den AV-Bereich, weil kein direktes Problem mit Malware, sondern mit AV-Programmen vorliegt.


Dein Fehler "Viktor Barth" - zwei AV-Programme werden gleichzeitig verwendet:
Zitat:
AV: Avira Antivirus (Enabled - Up to date) {8A154ED8-4428-DB2D-0E3F-BD82C448FD94}

AV: McAfee VirusScan (Disabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}

Avira meckerte eine Datei in der Quarantäne von McAfee an:
Zitat:
C:\ProgramData\McAfee\VirusScan\Quarantine\quarantine\ce858cc9-7c5d-42fe-87ff-21c9fd3a3ecb.zip
[FUND] Ist das Trojanische Pferd TR/Bagle.Zip
:lach:


Du weißt, was eine Quarantäne ist? Dateien, die sich dort befinden, können keinen Schaden mehr anrichten. Warum Avira hier überhaupt scannt/anschlägt, ist daher mehr als sinnfrei. :stirn:


Tipps für die Zukunft:
Avira und McAfee deinstallieren. Stattdessen einfach den Windows Defender verwenden.
Dazu noch diese Tipps beachten.

Viktor Barth 20.09.2021 09:41
TBCleanUpTool
 
Liste der Anhänge anzeigen (Anzahl: 1)
Hallo,

danke für die schnelle Antwort und die vielen Tipps.

Avira und McAfee sind deinstalliert, Windows Defender aktiviert.
Leider ist das Problem mit den ausufernden Nachrichten im Benachrichtigungsfenster immer noch akut (s. Screen20210920-1).
Im 1o-Minuten-Takt kommt dieser Unsinn rein.
Windows Defender findet beim Scannen leider auch nichts.

Das in den Tipps vorgeschlagene TBCleanUpTool startet nicht und die bat-Datei kann ich auch nicht finden.

Ich brauche wohl noch weitere Hilfe.
Vielen Dank vorab.

cosinus 20.09.2021 10:14
Neue FRST.txt und Addition.txt erstellen, diese dann in CODE-Tags posten.

M-K-D-B 20.09.2021 14:56
Zitat:
Leider ist das Problem mit den ausufernden Nachrichten im Benachrichtigungsfenster immer noch akut
Auch das hat nichts mit Malware zu tun.

Deaktiviere die Benachrichtigungen in Google Chrome, dann hat sich das auch erledigt.
Einstellungen > Datenschutz und Sicherheit > Website-Einstellungen > Benachrichtigungen



Zitat:
Das in den Tipps vorgeschlagene TBCleanUpTool startet nicht und die bat-Datei kann ich auch nicht finden.
Hier funktioniert alles einwandfrei.
Du müsstest schon ganz genau im Detail beschreiben, was passiert, wenn du es herunterlädst und ausführen möchtest.

Der Windows Defender lässt das Tool bei mir passieren, an dem kann es nicht liegen.

Viktor Barth 21.09.2021 07:20
TBCleanUpTool
 
Hallo,

zunächst vielen Dank für die umfangreiche Hilfe.
Der Virus, der eigentlich keiner war, ist weg.
Die Meldungen sind verschwunden. :applaus:

Noch kurz zum Verhalten des TBCleanUpTool:
Wenn ich auf den Link klicke flackert der Bildschirm kurz weiß auf.
Es wird in grau, links unten, noch der Pfad
m-k-d-b.trojaner-board.de/tools/TBCeanUpTool/TBCleanUp.bat angezeigt
Mehr geschieht nicht.
Die Bat-Datei ist anschließend, weder auf dem Desktop,
noch im Download-Bereich, zu finden.

Mit freundlichen Grüßen
Viktor Barth

schlawack 21.09.2021 18:33
Wenn du Lust dazu hast, kannst du zur Kontrolle Scans mit Adwcleaner und Malwarebytes Free machen um evtl. Reste einer Schadsoftware damit gelöscht zu bekomen.

BeRealm 21.09.2021 20:31
Bevor wir weiter Orakeln, bitte diesen Beitrag beherzigen!
Zitat:
Zitat von cosinus (Beitrag 1757055)
Neue FRST.txt und Addition.txt erstellen, diese dann in CODE-Tags posten.
Mach mal zur Sicherheit eine Datensicherung deiner wichtigen Daten (Bilder, Musik, Dokumente, etc.) auf einem externen Medium (USB-Stick, Festplatte,...)

webwatcher 21.09.2021 20:54
Im Board taucht TR/Bagle.zip seit zig Jahren immer als Meldung von avira auf
https://www.google.de/search?q=TR/Ba...h=630&dpr=1.25

Viktor Barth 22.09.2021 06:36
CODE-Tags?
 
Zitat:
Zitat von BeRealm (Beitrag 1757101)
Bevor wir weiter Orakeln, bitte diesen Beitrag beherzigen!


Mach mal zur Sicherheit eine Datensicherung deiner wichtigen Daten (Bilder, Musik, Dokumente, etc.) auf einem externen Medium (USB-Stick, Festplatte,...)
Hallo BeRealm,

das mit den CODE-Tags klappt nicht.
Ich weiß nicht was ich da eigentlich produzieren soll, und wie es dann aussehen soll.
Bitte nicht nochmal die Standardbeschreibung schicken. Die habe ich natürlich gelesen.
Das ist mir zu viel "Foren-Chinesisch".

cosinus 22.09.2021 08:34
OMG Ist das so schwierig mal den Text durchzulesen zu den CODE Tags und den Screenshot zu betrachten? :balla:

Viktor Barth 22.09.2021 08:54
Addition
 
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-09-2021
durchgeführt von vikto (22-09-2021 07:13:34)
Gestartet von C:\Users\vikto\Downloads
Windows 10 Home Version 21H1 19043.1237 (X64) (2021-04-05 16:55:44)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-1248095887-2662135662-3120224517-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1248095887-2662135662-3120224517-503 - Limited - Disabled)
Gast (S-1-5-21-1248095887-2662135662-3120224517-501 - Limited - Disabled)
vikto (S-1-5-21-1248095887-2662135662-3120224517-1001 - Administrator - Enabled) => C:\Users\vikto
WDAGUtilityAccount (S-1-5-21-1248095887-2662135662-3120224517-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 21.02 alpha (x64) (HKLM\...\7-Zip) (Version: 21.02 alpha - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.007.20091 - Adobe Systems Incorporated)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.30.1.52 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.5.3 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.3.0 - Canon Inc.)
Canon TS5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5300_series) (Version: 1.04 - Canon Inc.)
ExpressVPN (HKLM-x32\...\{c71f5fbb-6f04-47bc-9f8a-9ad70443970e}) (Version: 7.9.1.69 - ExpressVPN)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8465D8876}) (Version: 7.9.1.69 - ExpressVPN) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 93.0.4577.82 - Google LLC)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.17.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
Intel XTU SDK (HKLM-x32\...\{43A58350-CB99-4F4E-9BB6-F058D7B27985}) (Version: 1.0.17 - HP Inc.) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{b666e502-9089-483b-9816-0774ccc9cb61}) (Version: 10.1.18295.8201 - Intel(R) Corporation)
Intel(R) Dynamic Tuning (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.7.10200.12510 - Intel Corporation)
IrfanView 4.56 (64-bit) (HKLM\...\IrfanView64) (Version: 4.56 - Irfan Skiljan)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.14326.20404 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14326.20404 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.52 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 93.0.961.52 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1248095887-2662135662-3120224517-1001\...\OneDriveSetup.exe) (Version: 21.160.0808.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 471.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.41 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenTTD (HKLM-x32\...\OpenTTD) (Version: 1.11.0 - OpenTTD)
Paradox Launcher v2 (HKLM\...\{66DA3501-823A-4F07-A20D-C64495A59DC8}) (Version: 2.1.0 - Paradox Interactive)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.113 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.39.212.2020 - Realtek)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VLC Plus Player (HKLM\...\VLC Plus Player) (Version: 3.0.12 - Aller Media e.K.) <==== ACHTUNG
WildTangent Helper (HKLM-x32\...\{A39303AB-4898-4F12-BAA0-0B8630F86DB4}) (Version: 1.0.0.449 - WildTangent) Hidden
WildTangent ShortcutProvider (HKLM-x32\...\{80831F60-19D7-43B3-A60C-5CAF8C478DF6}) (Version: 7.0.0.402 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.1.47 - WildTangent)
WinRAR 6.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)

Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2021-04-05] (Amazon.com)
Booking.com EMEA: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comEMEABigsavingso_2.0.5.0_x64__mgae2k3ys4ra0 [2021-04-05] (Priceline Partner Network)
HEVC-Videoerweiterungen -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_1.0.42094.0_x64__8wekyb3d8bbwe [2021-08-26] (Microsoft Corporation)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.26.249.0_x64__v10z8vjag6ke6 [2021-09-11] (HP Inc.)
HP JumpStarts -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6 [2021-05-25] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.7.0.0_x64__v10z8vjag6ke6 [2021-07-08] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.42.0_x64__v10z8vjag6ke6 [2021-04-11] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_130.1.323.0_x64__v10z8vjag6ke6 [2021-08-19] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.8.27.0_x64__v10z8vjag6ke6 [2021-09-01] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.11.0_x64__v10z8vjag6ke6 [2021-08-07] (HP Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1020.0_x64__8j3eq9eme6ctt [2021-09-04] (INTEL CORP)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-05] (Microsoft Studios) [MS Ad]
MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-26] (Microsoft Corporation)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-04-05] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-27] (NVIDIA Corp.)
OMEN Gaming Hub -> C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6 [2021-08-28] (HP Inc.) [Startup Task]
Solitär -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.3.1.0_x64__kx24dqmazqk8j [2021-09-11] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.628.0_x86__zpdnekdrzrea0 [2021-09-19] (Spotify AB) [Startup Task]
WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.84.0_x64__qt5r5pa5dyg8m [2021-04-05] (WildTangent Games)
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2021-06-02] (New Work SE)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_9ae4acbb135f923e\OptaneShellExt.dll [2021-02-22] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_9ae4acbb135f923e\OptaneShellExt.dll [2021-02-22] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhdc.inf_amd64_75e4d75cf672cb89\nvshext.dll [2021-08-19] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2021-08-12 22:25 - 2021-08-12 22:25 - 000138240 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\d0807ebc8e3e882a7e75f3d1f9ee6260\Interop.IWshRuntimeLibrary.ni.dll
2021-08-12 22:25 - 2021-08-12 22:25 - 000134656 _____ (hardcodet.net) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\c68928e097030774f6c9e2157f4c7416\Hardcodet.Wpf.TaskbarNotification.ni.dll
2020-08-19 21:25 - 2020-08-19 21:25 - 000014336 _____ (HP Inc.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.11.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2021-08-26 23:09 - 2021-08-26 23:09 - 008411648 _____ (HP Inc.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\OmenCommandCenterApp_UWP.dll
2021-03-10 19:08 - 2021-03-10 19:08 - 000014848 _____ (HP Inc.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\win32\NativeRpcClient.DLL
2021-08-12 22:25 - 2021-08-12 22:25 - 001701888 _____ (Mark Heath & Contributors) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\7233742e772e854e4ce0b8e1d34fe76b\NAudio.ni.dll
2020-08-19 20:52 - 2020-08-19 20:52 - 000000000 ____L (Microsoft Corporation) <==== ACHTUNG (Null Byte Datei/Ordner) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-08-19 20:52 - 2020-08-19 20:52 - 000000000 ____L (Microsoft Corporation) <==== ACHTUNG (Null Byte Datei/Ordner) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2021-08-12 22:25 - 2021-08-12 22:25 - 003060736 _____ (Newtonsoft) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\ea646a6cff017d83137f66f7a81e13a2\Newtonsoft.Json.ni.dll
2021-03-10 19:08 - 2021-03-10 19:09 - 001662976 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\win32\SQLite.Interop.dll
2021-08-12 22:25 - 2021-08-12 22:25 - 000793088 _____ (The Apache Software Foundation) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\b8de1ef0e4aafb29b26a74fc02c0175c\log4net.ni.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=HCTE
HKU\S-1-5-21-1248095887-2662135662-3120224517-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1248095887-2662135662-3120224517-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=HCTE
SearchScopes: HKLM -> {70187002-326C-40C8-AEEC-E425E264EBFF} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {70187002-326C-40C8-AEEC-E425E264EBFF} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2020-08-19] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2020-08-19] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-08] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2021-09-18 22:16 - 2021-09-18 22:16 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1248095887-2662135662-3120224517-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\HP Backgrounds\backgroundDefault.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
 ist aktiviert.

Network Binding:
=============
Ethernet 2: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
WLAN: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{CDEAD3C1-25A9-406D-8666-7B274645D700}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{27EC99B0-20DC-45F7-8138-CE58332C7A5D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{79377360-7E22-41BB-A345-03FE9EF27F2E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6CBE1ADD-0135-4033-9C1F-26A76AC448CA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FC3C7E19-4C12-4F4E-8743-E93A62D3B89E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{BF792BBA-81C4-4514-8FA7-88A49C1A5DBB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E89AF457-FFBB-456F-A636-6750825E6933}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NIMBY Rails\NIMBYRails.exe () [Datei ist nicht signiert]
FirewallRules: [{C40DC5BC-847B-4481-A22E-E94836292B8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NIMBY Rails\NIMBYRails.exe () [Datei ist nicht signiert]
FirewallRules: [{0317C0B6-9935-4F65-9698-B637851D802F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Industry Giant 2\ig2_AddOn.exe (United Independent Entertainment GmbH) [Datei ist nicht signiert]
FirewallRules: [{0C8EB59B-B840-46CD-A8A4-1C3DF95C8D91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Industry Giant 2\ig2_AddOn.exe (United Independent Entertainment GmbH) [Datei ist nicht signiert]
FirewallRules: [{6FF1B119-EEE9-4026-B8C6-77942DB0D33D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{1366C228-D476-4290-9763-854820302389}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{7F5567D0-DE50-471E-874D-713558948189}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{310C2339-0F94-48E9-84CB-07EDF6DDCF29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{4E2A85B1-EE9A-4C8B-AFD8-7E6EE2FC295D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VoxelTycoon\VoxelTycoon.exe () [Datei ist nicht signiert]
FirewallRules: [{C51FD9CF-E024-4B76-B0FC-2FF5BD004B1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VoxelTycoon\VoxelTycoon.exe () [Datei ist nicht signiert]
FirewallRules: [{62CDF87F-A898-4437-9E97-3D98968E54D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{0E504CC2-386B-4DDD-963F-E0E1C359C52F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{BCDECAC5-C031-4528-AD9F-954157B6CBDB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9708FE15-1191-4C6E-83CB-87A998E75464}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{50C3D6AC-5695-4913-8CA8-8DA3FB8EED59}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BAB8DDAE-86E9-42CD-AB7C-ECD9EE71F109}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A1E82464-0883-4858-99F6-C942F53669E4}] => (Allow) C:\Users\vikto\AppData\Local\Temp\win-ts5300-1_1-n_mcd\win\MSetup64.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{8547E3D7-537B-4B07-80DF-8A21F2FDE458}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D086471E-9ADB-4746-86E2-FAE4385D0108}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FF6BC49B-1E3D-406B-92F3-D7A52C993325}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{375C2ED9-2485-40BA-8080-B6F294EEF45E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{38A80E6A-5778-42CE-8075-1F4DA545A9BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Humankind\Humankind.exe () [Datei ist nicht signiert]
FirewallRules: [{6E1AABB9-C943-4AE0-9A65-9829B438B656}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Humankind\Humankind.exe () [Datei ist nicht signiert]
FirewallRules: [{153570F3-C1B9-489E-B2F3-5A5C15984FD6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe (HP Inc. -> HP Inc)
FirewallRules: [{60997B5A-5E48-47BD-8954-BC70133A8647}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe (HP Inc. -> HP Inc)
FirewallRules: [{80AE0140-EFBE-4BF3-90E0-189928E119AA}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe (HP Inc. -> HP Inc)
FirewallRules: [{0C12F85F-614D-48C7-A35A-6DA5E5751A1D}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe (HP Inc. -> HP Inc)
FirewallRules: [{DE6DA2FD-8109-48E4-B4C6-3995500230CC}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{49C583B0-DECD-4DEF-AA9E-C7198B6F8A06}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{1B25194F-9BFD-49CA-A550-D45DC8B544D1}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{9236D1BB-DEE0-44CB-B89D-376D1338C07D}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{22A3ADF1-790D-4C27-B25E-7E7958380A36}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{824999FC-8683-46F7-A673-AFC387796D7B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{B955D48E-441B-4E44-94A4-0ACDDB8E446B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{EE53B4F7-424E-4C71-9A7C-61234DD2049A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{296DC79F-0D49-484D-ABD1-7D102FC32397}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{0A5B56BF-CCE0-4473-874E-E704F076A098}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{560223DF-43C5-425E-8DE3-DDF1D7AD1CBF}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{1AFCE1AD-E995-4E46-8DB6-74B30E6381E0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{836F86CD-469C-4076-8BBC-D49BD9B2959B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{433A704B-657D-4A0A-95AA-F707A61D89F6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{592A2591-2882-4209-AC2D-FE8A858B3C86}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [{4C21C5CA-C356-4F25-A2C2-8E1068A07316}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [{79F4EE71-7880-4D7C-B4F4-9C82AD920456}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei
FirewallRules: [{1040D6FA-F706-4777-9DAD-E6A3C71D707D}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei
FirewallRules: [{C16F289F-8E5D-4FF0-8B14-1F77BD709DCC}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei
FirewallRules: [{26E00863-2FC7-4D27-BF99-CD6E16D46EDC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{20D71900-35B4-42B6-9A62-DA251E77FA18}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C445BBEA-BB7D-42E0-8DD0-44F80837DD54}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\93.0.961.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E0F25047-41EA-4C1D-B7B9-475317FCA4C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.628.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DD747049-68A1-4C88-B0AF-69864B23A9F4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.628.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3D76795A-744E-4A7F-AF8D-AF9145BD4000}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.628.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{90C85E85-F418-4F06-9588-C6D90B8B415B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.628.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{643049F9-97A6-4514-81CB-30C8E2E98082}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.628.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4D8C697B-00B8-4A47-BF77-96A97BB15E3E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.628.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{54FE128E-302A-4E90-AA8E-23A747453AEE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.628.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FBE7EA76-7A89-4EA2-B0D2-DF5C9039D39D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.628.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Wiederherstellungspunkte =========================

16-09-2021 22:51:18 Windows Modules Installer
19-09-2021 18:56:07 Windows Modules Installer
20-09-2021 20:12:05 HPSF Applying updates

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (09/21/2021 08:23:52 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Das Sicherheitscenter konnte den Aufrufer nicht überprüfen. Der Fehler %1 ist aufgetreten.

Error: (09/21/2021 08:17:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm mbuns.exe Version 4.4.6.231 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 413c

Startzeit: 01d7af14bb543581

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files\Malwarebytes\Anti-Malware\mbuns.exe

Bericht-ID: 146dffb4-21ca-444b-a3c3-cbfbf1920fee

Vollständiger Name des fehlerhaften Pakets:

Relative Anwendungs-ID des fehlerhaften Pakets:

Absturztyp: Top level window is idle

Error: (09/21/2021 08:15:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm mbam.exe Version 4.0.0.1117 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1da8

Startzeit: 01d7af143efa90f7

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe

Bericht-ID: 5a6a0e01-1669-4408-a937-190263058c88

Vollständiger Name des fehlerhaften Pakets:

Relative Anwendungs-ID des fehlerhaften Pakets:

Absturztyp: Cross-process

Error: (09/20/2021 07:42:01 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-2R3VNG7)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (09/20/2021 07:28:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Humankind.exe, Version: 2020.3.7.38898, Zeitstempel: 0x608d8859
Name des fehlerhaften Moduls: UnityPlayer.dll, Version: 2020.3.7.38898, Zeitstempel: 0x608d89b7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000004332a3
ID des fehlerhaften Prozesses: 0x2248
Startzeit der fehlerhaften Anwendung: 0x01d7ad356144457a
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\Humankind\Humankind.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Steam\steamapps\common\Humankind\UnityPlayer.dll
Berichtskennung: f15a34e1-f5b2-4643-899b-b99b04f2af49
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/19/2021 10:13:00 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Windows kann die erweiterbare Leistungsindikator-DLL "C:\WINDOWS\system32\sysmain.dll" nicht laden (Win32-Fehlercode 126).

Error: (09/19/2021 10:12:57 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-2R3VNG7)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (09/19/2021 10:11:56 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.


Systemfehler:
=============
Error: (09/21/2021 08:21:16 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Malwarebytes Service konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (09/20/2021 10:14:41 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ComboCleaner.Guard" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/20/2021 10:14:41 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ComboCleaner.WinService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/20/2021 07:41:23 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎20.‎09.‎2021 um 07:03:48 unerwartet heruntergefahren.

Error: (09/20/2021 07:27:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/20/2021 07:27:49 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde mit folgendem Fehler beendet:
Für einen allgemeinen Befehl wurde ein Ergebnis zurückgegeben, das auf einen Fehler hinweist.

Error: (09/19/2021 10:13:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/19/2021 10:13:10 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (45000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.


Windows Defender:
================
Date: 2021-09-19 18:56:04
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {C391B387-8794-48B1-8F69-C64AFB89271F}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

CodeIntegrity:
===============
Date: 2021-09-19 14:22:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-09-19 10:06:07
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\McAfee.com\Agent\WSCLLCGlobalSign.exe that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-09-19 10:06:07
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\McAfee\Platform\Core\vtploader.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

BIOS: AMI F.40 07/29/2021
Hauptplatine: HP 8767
Prozessor: Intel(R) Core(TM) i5-10400F CPU @ 2.90GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 16251.37 MB
Verfügbarer physikalischer RAM: 9790.79 MB
Summe virtueller Speicher: 32123.37 MB
Verfügbarer virtueller Speicher: 22408.05 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:237.69 GB) (Free:65.2 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:930.18 GB) NTFS
Drive e: (XXX) (Fixed) (Total:931.51 GB) (Free:926.11 GB) NTFS
Drive f: (Seagate) (Fixed) (Total:3725.78 GB) (Free:1998.18 GB) exFAT

\\?\Volume{12ce8941-92ba-4528-bd01-f93366c55e1b}\ (Windows RE tools) (Fixed) (Total:0.51 GB) (Free:0.06 GB) NTFS
\\?\Volume{2c45e148-eef9-41de-baca-34bfdda8c11a}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 3FC3D0A4)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 6FADBCB5)

Partition: GPT.

==========================================================
Disk: 2 (Size: 3726 GB) (Disk ID: 71012BF8)

Partition: GPT.

==========================================================
Disk: 3 (Size: 931.5 GB) (Disk ID: ADDB3FC7)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt =======================
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2021
durchgeführt von vikto (Administrator) auf DESKTOP-2R3VNG7 (HP HP Pavilion Gaming Desktop TG01-1xxx) (22-09-2021 07:12:39)
Gestartet von C:\Users\vikto\Downloads
Geladene Profile: vikto
Platform: Windows 10 Home Version 21H1 19043.1237 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <27>
(HON HAI PRECISION INDUSTRY CO.LTD. -> ) C:\Program Files\FanControlApp\FanControlApp.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_35df954651b1f88f\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a12b4806152ca26b\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a12b4806152ca26b\x64\BridgeCommunication.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a12b4806152ca26b\x64\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a12b4806152ca26b\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a12b4806152ca26b\x64\SysInfoCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_f70676215ebef294\x64\OmenCap.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.11.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.8.5.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_2ca0a47853f51398\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_78a6016d246f965a\RstMwService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\MSACCESS.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.56.11001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.56.11001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhdc.inf_amd64_75e4d75cf672cb89\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtAudioServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c3f6cdb5c1120dad\RtkAudUService64.exe <2>
(Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(WildTangent Inc -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [471432 2020-05-15] (Express Vpn LLC -> ExpressVPN)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1248095887-2662135662-3120224517-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [525312 2021-08-03] (HP Inc.) [Datei ist nicht signiert]
HKU\S-1-5-21-1248095887-2662135662-3120224517-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282600 2021-09-17] (Valve -> Valve Corporation)
HKU\S-1-5-21-1248095887-2662135662-3120224517-1001\...\Run: [Update Plus Player] => C:\Program Files\VLC Plus Player\vlc.exe [157808 2021-01-25] (Aller Media e.K. -> VideoLAN) <==== ACHTUNG
HKU\S-1-5-21-1248095887-2662135662-3120224517-1001\...\Run: [] => [X]
HKLM\...\Windows x64\Print Processors\Canon TS5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDFO.DLL [529408 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5300 series: C:\windows\system32\CNMLMFO.DLL [959488 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\93.0.4577.82\Installer\chrmstp.exe [2021-09-16] (Google LLC -> Google LLC)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0CEB28B4-5AD5-4FAF-9B71-D858F4E07C45} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2ACB1B57-350B-4E02-B018-FB4E3FD109C8} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {46DFDF97-C7BC-4B20-AA15-1225534B6B8F} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {4BB8ED2B-35EC-4783-BEA4-C827F0ABCFE5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5FD6C87B-2B0D-441F-88D5-3D633EE35C3E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1553328 2021-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {61419380-D578-4C14-9B4A-1707F87D2C22} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {6278E2DD-4101-4942-80AC-3E0C29F99497} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1122992 2021-09-01] (HP Inc. -> HP Inc.)
Task: {66F04F9A-1759-4725-8BF4-B1E3F9BB9D9B} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {6CBEF361-EE00-46F9-B3B8-D803788F07C8} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> Keine Datei <==== ACHTUNG
Task: {70F59616-339A-4C70-B689-94A33C88BE3B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7537555A-EA79-4EA3-B67E-D28FEFC42EBE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1122992 2021-09-01] (HP Inc. -> HP Inc.)
Task: {763664CC-6A04-4FCC-862C-5FA9E6C0F4AE} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {771B4514-52A8-4A5B-8319-B43C90D7C785} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {83AD32C9-EC94-4A04-9282-2FE00165C144} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {86E8832F-A214-4676-9B00-0D163A42EBE2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2021-09-01] (HP Inc. -> HP Inc.)
Task: {8AAB6EAE-BACB-4869-8E03-DE4ECD4EA347} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-05] (Google LLC -> Google LLC)
Task: {8E5ADEE4-E157-44FA-9A36-F495014D7135} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c3f6cdb5c1120dad\RtkAudUService64.exe [1258568 2021-06-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {A3FE206A-AAC1-4334-A3C4-BB3AFC8FA1A6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {AAF41A62-1C71-4CF6-B388-957F5888E2FC} - \HPAudioSwitch -> Keine Datei <==== ACHTUNG
Task: {B37AF1F7-85A2-4E2F-B210-27DA14E413CF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB1C0427-9452-488A-BFD2-9A25348034E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-05] (Google LLC -> Google LLC)
Task: {BE98512B-81EC-4C1A-8C16-5A9C04B13764} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CBDF0BCA-7411-4FD8-81B2-DF91D3CD33E2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D1F6CC93-8E86-4047-BC8C-C3B1F0552260} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E718D044-8F6E-48E7-953D-85D8F0FF19E2} - \OneDrive Standalone Update Task-S-1-5-21-1919970918-1047282644-541330882-500 -> Keine Datei <==== ACHTUNG
Task: {FE7B741F-A925-48A9-95EF-37A6445BE4E6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-16] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ACHTUNG (Beschränkung - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{79addd82-487c-4d7d-9f0f-74cb30e784e8}: [DhcpNameServer] 192.168.2.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\vikto\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-22]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @vlc.de/vlc,version=3.0.12 -> C:\Program Files\VLC Plus Player\npvlc.dll [2021-01-25] (Aller Media e.K. -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default [2021-09-22]
CHR DefaultSearchURL: Default -> hxxps://www.gstatic.com/youtube/img/branding/favicon/favicon_144x144.png
CHR Extension: (Präsentationen) - C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-04-05]
CHR Extension: (YouTube) - C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnkijcaahngcdmfeangaknmldooml [2021-04-29]
CHR Extension: (Docs) - C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-04-05]
CHR Extension: (Google Drive) - C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-04-05]
CHR Extension: (YouTube) - C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-04-05]
CHR Extension: (Avira Password Manager) - C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-09-17]
CHR Extension: (Tabellen) - C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-04-05]
CHR Extension: (Avira Browserschutz) - C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-09-21]
CHR Extension: (Google Docs Offline) - C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-01]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-09-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-05]
CHR Extension: (Google Mail) - C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-04-05]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9179528 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [438664 2020-05-15] (Express Vpn LLC -> ExpressVPN)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2020-03-18] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a12b4806152ca26b\x64\AppHelperCap.exe [744000 2021-08-09] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a12b4806152ca26b\x64\DiagsCap.exe [742976 2021-08-09] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a12b4806152ca26b\x64\NetworkCap.exe [742992 2021-08-09] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_f70676215ebef294\x64\OmenCap.exe [688160 2021-05-10] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_a12b4806152ca26b\x64\SysInfoCap.exe [742992 2021-08-09] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_35df954651b1f88f\x64\TouchpointAnalyticsClientService.exe [489584 2021-06-18] (HP Inc. -> HP Inc.)
R2 ID19 HP Fan Control Service; C:\Program Files\FanControlApp\FanControlApp.exe [283168 2020-04-29] (HON HAI PRECISION INDUSTRY CO.LTD. -> )
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> )
R2 RtkBtAudioServ; C:\WINDOWS\RtkBtAudioServ.exe [234064 2020-12-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1638448 2021-09-14] (WildTangent Inc -> )
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdc.inf_amd64_75e4d75cf672cb89\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhdc.inf_amd64_75e4d75cf672cb89\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2021-02-26] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [28440 2020-05-15] (ExprsVPN LLC -> ExpressVPN)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [24096 2020-04-08] (HP Inc. -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [23888 2020-04-21] (HP Inc. -> HP Inc.)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [70560 2018-09-04] (Realtek Semiconductor Corp. -> Realtek)
S3 RtkAvrcp; C:\WINDOWS\System32\drivers\RtkAvrcp.sys [96984 2020-04-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [44304 2020-05-15] (ExprsVPN LLC -> The OpenVPN Project)
R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_8a927fc43d8a7838\x64\ViGEmBus.sys [91432 2020-04-21] (HP Inc. -> Benjamin Hoeglinger-Stelzer)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-09-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [433384 2021-09-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-19] (Microsoft Windows -> Microsoft Corporation)
U3 aspnet_state; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-09-22 07:12 - 2021-09-22 07:12 - 002304512 _____ (Farbar) C:\Users\vikto\Downloads\FRST64 (2).exe
2021-09-21 20:12 - 2021-09-21 20:12 - 000000000 ____D C:\Users\vikto\AppData\Local\mbam
2021-09-21 20:11 - 2021-09-21 20:11 - 002101944 _____ (Malwarebytes) C:\Users\vikto\Downloads\MBSetup.exe
2021-09-21 20:11 - 2021-09-21 20:11 - 000000000 ____D C:\Program Files\Malwarebytes
2021-09-21 14:28 - 2021-09-21 14:28 - 000054907 _____ C:\Users\vikto\Downloads\what_if_-_humankind_on_mars_v12.zip
2021-09-21 14:26 - 2021-09-21 14:26 - 000097165 _____ C:\Users\vikto\Downloads\the_lord_of_the_rings_1.2.zip
2021-09-21 14:25 - 2021-09-21 14:25 - 000106116 _____ C:\Users\vikto\Downloads\map_detailed_fantasy_warhammer_v_1.6.6_-_by_tyrant_lord.zip
2021-09-21 14:23 - 2021-09-21 14:23 - 000106535 _____ C:\Users\vikto\Downloads\tamriel_by_dimonoider_1_1.zip
2021-09-21 14:22 - 2021-09-21 14:22 - 000089008 _____ C:\Users\vikto\Downloads\taintededen1.0.2.zip
2021-09-21 14:20 - 2021-09-21 14:20 - 000079323 _____ C:\Users\vikto\Downloads\planet_auriga.1.zip
2021-09-21 14:19 - 2021-09-21 14:19 - 000061942 _____ C:\Users\vikto\Downloads\francekai.zip
2021-09-21 14:18 - 2021-09-21 14:18 - 000325700 _____ C:\Users\vikto\Downloads\giant_earth_map_v1.0.5.zip
2021-09-21 14:17 - 2021-09-21 14:17 - 000068703 _____ C:\Users\vikto\Downloads\africa_cradle_of_humankind.zip
2021-09-20 20:12 - 2021-09-20 20:12 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2021-09-20 12:18 - 2021-09-20 12:18 - 002304000 _____ (Farbar) C:\Users\vikto\Downloads\FRST64 (1).exe
2021-09-20 07:28 - 2021-09-20 07:28 - 000000000 ____D C:\Users\vikto\AppData\Local\CrashDumps
2021-09-20 07:27 - 2021-09-20 07:27 - 000000000 ____D C:\WINDOWS\system32\lxss
2021-09-20 07:26 - 2021-08-19 21:30 - 001858672 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-09-20 07:26 - 2021-08-19 21:30 - 001858672 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-09-20 07:26 - 2021-08-19 21:30 - 001474688 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-09-20 07:26 - 2021-08-19 21:30 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-09-20 07:26 - 2021-08-19 21:30 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-09-20 07:26 - 2021-08-19 21:30 - 001212544 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-09-20 07:26 - 2021-08-19 21:30 - 001097840 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-09-20 07:26 - 2021-08-19 21:30 - 001097840 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-09-20 07:26 - 2021-08-19 21:30 - 000951920 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-09-20 07:26 - 2021-08-19 21:30 - 000951920 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-09-20 07:26 - 2021-08-19 21:27 - 037420664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2021-09-20 07:26 - 2021-08-19 21:27 - 000716928 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-09-20 07:26 - 2021-08-19 21:27 - 000645264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-09-20 07:26 - 2021-08-19 21:27 - 000577152 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-09-20 07:26 - 2021-08-19 21:26 - 002112144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-09-20 07:26 - 2021-08-19 21:26 - 001595512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-09-20 07:26 - 2021-08-19 21:26 - 001520760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-09-20 07:26 - 2021-08-19 21:26 - 001171088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-09-20 07:26 - 2021-08-19 21:26 - 000919160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-09-20 07:26 - 2021-08-19 21:26 - 000750224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-09-20 07:26 - 2021-08-19 21:26 - 000706192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-09-20 07:26 - 2021-08-19 21:26 - 000676472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-09-20 07:26 - 2021-08-19 21:26 - 000564344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-09-20 07:26 - 2021-08-19 21:26 - 000046264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-09-20 07:26 - 2021-08-19 21:25 - 008854128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-09-20 07:26 - 2021-08-19 21:25 - 007920760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-09-20 07:26 - 2021-08-19 21:25 - 005680760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-09-20 07:26 - 2021-08-19 21:25 - 004987536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-09-20 07:26 - 2021-08-19 21:25 - 002925688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-09-20 07:26 - 2021-08-19 21:25 - 000447096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-09-20 07:26 - 2021-08-19 21:24 - 000849024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-09-20 07:26 - 2021-08-19 21:23 - 006215800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-09-20 07:26 - 2021-08-19 20:56 - 000083062 _____ C:\WINDOWS\system32\nvinfo.pb
2021-09-19 14:23 - 2021-09-19 14:23 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2021-09-18 22:16 - 2021-09-18 22:16 - 000000375 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-09-18 08:50 - 2021-09-18 08:50 - 000222637 _____ C:\Users\vikto\Downloads\STADTRADELN 2021_Urkunde.pdf
2021-09-18 08:49 - 2021-09-18 08:49 - 000385361 _____ C:\Users\vikto\Downloads\STADTRADELN 2021_Brief des 1. Bürgermeister.pdf
2021-09-18 08:08 - 2021-09-18 08:08 - 000000641 _____ C:\Users\vikto\Downloads\Trojaner-Bord.txt
2021-09-18 08:01 - 2021-09-18 08:01 - 000061745 _____ C:\Users\vikto\Downloads\Shortcut3.txt
2021-09-18 08:00 - 2021-09-18 08:00 - 000098979 _____ C:\Users\vikto\Downloads\Shortcut2.txt
2021-09-18 07:59 - 2021-09-18 07:59 - 000057486 _____ C:\Users\vikto\Downloads\Shortcut1.txt
2021-09-18 07:41 - 2021-09-20 12:21 - 000217234 _____ C:\Users\vikto\Downloads\Shortcut.txt
2021-09-18 07:39 - 2021-09-20 12:21 - 000041671 _____ C:\Users\vikto\Downloads\Addition.txt
2021-09-18 07:37 - 2021-09-22 07:13 - 000023776 _____ C:\Users\vikto\Downloads\FRST.txt
2021-09-18 07:35 - 2021-09-18 07:35 - 000000000 ____D C:\Users\vikto\Downloads\FRST-OlderVersion
2021-09-17 05:49 - 2021-09-17 05:49 - 000149028 _____ C:\Users\vikto\Downloads\2021.22  Spiele SKC.pdf
2021-09-17 05:45 - 2021-09-17 05:45 - 000078959 _____ C:\Users\vikto\Downloads\Anwesenheitsliste SKC , für Gastmannschaft.xlsx
2021-09-16 23:00 - 2021-09-16 23:00 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-16 23:00 - 2021-09-16 23:00 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-16 23:00 - 2021-09-16 23:00 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-16 23:00 - 2021-09-16 23:00 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-16 23:00 - 2021-09-16 23:00 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-16 23:00 - 2021-09-16 23:00 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-16 22:59 - 2021-09-16 22:59 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-16 22:59 - 2021-09-16 22:59 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-16 22:59 - 2021-09-16 22:59 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-16 22:59 - 2021-09-16 22:59 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-16 22:59 - 2021-09-16 22:59 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-16 22:59 - 2021-09-16 22:59 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-16 22:59 - 2021-09-16 22:59 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-16 22:59 - 2021-09-16 22:59 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-16 22:59 - 2021-09-16 22:59 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-16 22:59 - 2021-09-16 22:59 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-16 22:59 - 2021-09-16 22:59 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-16 22:59 - 2021-09-16 22:59 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-16 22:59 - 2021-09-16 22:59 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-16 22:59 - 2021-09-16 22:59 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-16 22:51 - 2021-09-16 22:51 - 000000000 ___HD C:\$WinREAgent
2021-09-16 10:38 - 2021-09-16 10:38 - 000153025 _____ C:\Users\vikto\Downloads\2021_09rechnung_4973532889.pdf
2021-09-14 14:38 - 2021-09-14 13:57 - 000042953 _____ C:\Users\vikto\Downloads\Avira-Logfile20210914.txt
2021-09-14 14:33 - 2021-09-22 07:12 - 000000000 ____D C:\FRST
2021-09-14 14:32 - 2021-09-18 07:35 - 002304000 _____ (Farbar) C:\Users\vikto\Downloads\FRST64.exe
2021-09-13 15:53 - 2021-09-13 15:53 - 000000000 ____D C:\Users\vikto\AppData\Local\RCS_LT
2021-09-13 15:52 - 2021-09-13 15:52 - 003591880 _____ (RCS LT) C:\Users\vikto\Downloads\CCSetup.exe
2021-09-11 04:57 - 2021-06-30 00:15 - 045915128 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-09-10 14:34 - 2021-09-10 14:34 - 000487566 _____ C:\Users\vikto\Downloads\MKV_Tdm_klassisch_2021_Finale_Erg (1).pdf
2021-09-07 18:48 - 2021-09-07 18:48 - 000188778 _____ C:\Users\vikto\Downloads\huge_earth_oscar_v2.zip
2021-09-04 16:45 - 2021-09-04 16:45 - 000093637 _____ C:\Users\vikto\Downloads\the_lord_of_the_rings_1.0.zip
2021-09-04 16:44 - 2021-09-04 16:44 - 000065364 _____ C:\Users\vikto\Downloads\this_is_sparta_v1.0.1.zip
2021-09-04 16:43 - 2021-09-04 16:43 - 000076766 _____ C:\Users\vikto\Downloads\pangaea_proxima_-_the_next_pangaea_2.1.2.1.zip
2021-09-04 16:42 - 2021-09-04 16:42 - 000106392 _____ C:\Users\vikto\Downloads\tamriel_by_dimonoider.zip
2021-09-04 16:41 - 2021-09-04 16:42 - 000050107 _____ C:\Users\vikto\Downloads\map_detailed_fantasy_westeros_v1.4.0_-_by_tyrant_lord.zip
2021-09-04 16:37 - 2021-09-04 16:37 - 000052881 _____ C:\Users\vikto\Downloads\azeroth_full_maps_v_1.1.zip
2021-08-28 11:21 - 2021-08-28 11:21 - 000085824 _____ C:\Users\vikto\Downloads\population section tables.xlsx
2021-08-23 17:07 - 2021-08-23 17:07 - 000487566 _____ C:\Users\vikto\Downloads\MKV_Tdm_klassisch_2021_Finale_Erg.pdf
2021-08-23 17:05 - 2021-08-23 17:05 - 000492163 _____ C:\Users\vikto\Downloads\MKV_Tdm_klassisch_2021_Halbfinale_Erg.pdf
2021-08-23 17:04 - 2021-08-23 17:04 - 000176456 _____ C:\Users\vikto\Downloads\MKV_BOL_F_V3.pdf
2021-08-23 17:00 - 2021-08-23 17:00 - 000146041 _____ C:\Users\vikto\Downloads\SKC  Hygienekonzept 23.8.2021.pdf

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-09-22 07:11 - 2021-04-06 04:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-22 07:05 - 2021-04-05 19:11 - 000000000 ____D C:\Program Files (x86)\Steam
2021-09-22 06:29 - 2021-04-05 19:07 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-22 06:19 - 2021-04-06 04:24 - 000000000 ____D C:\WINDOWS\INF
2021-09-22 06:19 - 2021-04-05 18:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-21 20:29 - 2021-04-06 04:26 - 000780968 _____ C:\WINDOWS\system32\perfh007.dat
2021-09-21 20:29 - 2021-04-06 04:26 - 000166094 _____ C:\WINDOWS\system32\perfc007.dat
2021-09-21 20:29 - 2021-04-05 18:54 - 001818822 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-21 20:25 - 2021-03-17 18:49 - 000000000 ____D C:\Users\vikto\OneDrive\Dokumente\Geografiedaten
2021-09-21 20:23 - 2020-08-19 21:16 - 000000000 ____D C:\ProgramData\NVIDIA
2021-09-21 20:22 - 2021-04-06 07:54 - 000000000 ____D C:\Users\vikto\AppData\Roaming\vlc
2021-09-21 20:22 - 2021-04-06 04:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-09-21 20:22 - 2021-02-23 12:53 - 000000000 ___RD C:\Users\vikto\OneDrive
2021-09-21 20:21 - 2021-04-06 04:24 - 000000000 ____D C:\WINDOWS\ServiceState
2021-09-21 20:21 - 2021-04-06 04:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-09-21 20:21 - 2021-04-05 18:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-21 20:21 - 2020-05-06 10:58 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-21 20:10 - 2021-02-23 13:48 - 000000000 ____D C:\Users\vikto\AppData\LocalLow\Mozilla
2021-09-21 16:06 - 2021-04-06 04:22 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-21 15:40 - 2021-08-20 09:59 - 000000000 ____D C:\Users\vikto\OneDrive\Dokumente\Humankind
2021-09-20 20:12 - 2021-04-05 18:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2021-09-20 20:12 - 2021-02-24 02:06 - 000000000 ____D C:\hpswsetup
2021-09-20 10:14 - 2021-04-05 18:47 - 000000000 ____D C:\Users\vikto
2021-09-20 10:14 - 2020-08-19 20:51 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-09-20 07:41 - 2021-04-05 19:04 - 000000000 ____D C:\Program Files (x86)\Avira
2021-09-20 07:28 - 2020-08-19 21:16 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-09-20 07:27 - 2021-04-08 07:43 - 000000000 ____D C:\Users\vikto\AppData\Local\NVIDIA
2021-09-19 14:33 - 2021-04-06 04:24 - 000000000 ____D C:\Program Files\Windows Defender
2021-09-19 14:33 - 2021-04-05 18:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-09-19 14:25 - 2021-04-17 17:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-09-19 14:25 - 2021-04-05 19:04 - 000000000 ____D C:\ProgramData\Avira
2021-09-19 14:23 - 2021-07-07 10:20 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-09-19 10:07 - 2021-04-06 04:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-19 10:07 - 2021-04-05 18:47 - 000000000 ____D C:\Users\vikto\AppData\Local\Packages
2021-09-19 10:06 - 2021-04-06 04:21 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-09-19 07:26 - 2021-04-06 04:24 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-18 04:25 - 2021-04-05 18:37 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-18 04:25 - 2021-04-05 18:37 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-09-17 06:55 - 2021-06-16 14:38 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-09-17 06:55 - 2021-06-16 14:38 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-09-17 06:41 - 2020-08-19 20:52 - 000000000 ____D C:\Program Files\Microsoft Office
2021-09-17 06:40 - 2021-04-05 18:30 - 000541360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-17 06:39 - 2021-04-06 04:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-17 06:39 - 2021-04-06 04:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-17 06:39 - 2021-04-06 04:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-17 06:39 - 2021-04-06 04:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-17 06:39 - 2021-04-06 04:24 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-17 06:39 - 2021-04-06 04:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-17 06:39 - 2021-04-06 04:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-17 06:39 - 2021-04-06 04:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-17 06:39 - 2021-04-06 04:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-17 06:39 - 2021-04-06 04:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-17 06:39 - 2021-04-06 04:24 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-17 06:39 - 2021-04-06 04:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-17 06:39 - 2021-04-06 04:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-17 06:39 - 2021-04-06 04:24 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-17 06:39 - 2021-04-06 04:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-17 06:39 - 2021-04-06 04:21 - 000000000 ____D C:\WINDOWS\servicing
2021-09-17 05:51 - 2021-06-23 16:46 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-09-16 22:51 - 2021-04-07 21:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-16 22:49 - 2021-04-07 21:01 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-16 01:30 - 2021-04-05 19:08 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-16 01:30 - 2021-04-05 19:08 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-09-11 07:19 - 2021-04-05 19:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2021-09-11 04:57 - 2021-04-05 18:35 - 000003366 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2021-09-09 19:56 - 2021-04-05 18:57 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1248095887-2662135662-3120224517-1001
2021-09-09 19:56 - 2021-04-05 18:47 - 000002406 _____ C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-03 05:17 - 2021-04-05 19:00 - 000000000 ____D C:\Users\vikto\AppData\Local\D3DSCache
2021-09-01 13:20 - 2021-04-08 03:45 - 000000000 ____D C:\Users\vikto\AppData\Local\NVIDIA Corporation
2021-09-01 13:20 - 2021-04-05 18:31 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-08-27 18:02 - 2021-04-07 21:03 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-26 23:09 - 2021-07-08 20:51 - 002163152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2021-08-26 23:09 - 2021-07-08 20:51 - 000307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2021-08-26 23:09 - 2021-07-08 20:51 - 000213456 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2021-08-26 23:09 - 2021-07-08 20:51 - 000188856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2021-08-26 23:09 - 2021-07-08 20:51 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2021-08-26 23:09 - 2021-07-08 20:51 - 000061904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

Viktor Barth 22.09.2021 08:58
Shortcut Teil 1
 
Code:
Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 20-09-2021
durchgeführt von vikto (22-09-2021 07:14:23)
Gestartet von C:\Users\vikto\Downloads
Start-Modus: Normal

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExpressVPN.lnk -> C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe (ExpressVPN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Audio Switch.lnk -> C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe (HP Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass.lnk -> C:\Program Files\HP\Shared\lp.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games\Free Games by wild.lnk -> C:\ProgramData\WildTangent\WildTangent Games\ShortcutProvider\free-to-play\free-to-play.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games\Hidden Object Games.lnk -> C:\ProgramData\WildTangent\WildTangent Games\ShortcutProvider\hidden-object\hidden-object.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games\Mahjong Games.lnk -> C:\ProgramData\WildTangent\WildTangent Games\ShortcutProvider\mahjong-games\mahjong-games.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games\New Games .lnk -> C:\ProgramData\WildTangent\WildTangent Games\ShortcutProvider\new-games\new-games.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games\RPG.lnk -> C:\ProgramData\WildTangent\WildTangent Games\ShortcutProvider\role-playing-games\role-playing-games.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games\Solitaire, Poker & More.lnk -> C:\ProgramData\WildTangent\WildTangent Games\ShortcutProvider\cards-games\cards-games.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games\Strategy Games.lnk -> C:\ProgramData\WildTangent\WildTangent Games\ShortcutProvider\strategy-games\strategy-games.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games\Time Management Games.lnk -> C:\ProgramData\WildTangent\WildTangent Games\ShortcutProvider\time-management-games\time-management-games.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Plus Player\Aller Media e.K. Website.lnk -> C:\Program Files\VLC Plus Player\Aller Media e.K. Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Plus Player\Documentation.lnk -> C:\Program Files\VLC Plus Player\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Plus Player\Release Notes.lnk -> C:\Program Files\VLC Plus Player\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Plus Player\VLC Plus Player.lnk -> C:\Program Files\VLC Plus Player\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenTTD\OpenTTD.lnk -> C:\Program Files\OpenTTD\openttd.exe (OpenTTD Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenTTD\Uninstall.lnk -> C:\Program Files\OpenTTD\Uninstall.exe (OpenTTD Developers)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office Language Preferences.lnk -> C:\Program Files\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Scan Utility\IJ Scan Utility.lnk -> C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Printer Assistant Tool\IJ Printer Assistant Tool.lnk -> C:\Program Files\Canon\Canon IJ Printer Assistant Tool\cnmpaui.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files\7-Zip\7zFM.exe (Igor Pavlov)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files\7-Zip\7-zip.chm ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser100000\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser100000\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser100001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser100001\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser100001\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30

Viktor Barth 22.09.2021 09:04
Shortcut Teil 2
 
Code:
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Public\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\Users\Public\Desktop\VLC Plus Player.lnk -> C:\Program Files\VLC Plus Player\vlc.exe (VideoLAN)
Shortcut: C:\Users\vikto\Links\Desktop.lnk -> C:\Users\vikto\OneDrive\Desktop ()
Shortcut: C:\Users\vikto\Links\Downloads.lnk -> C:\Users\vikto\Downloads ()
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\vikto\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk -> C:\Users\vikto\OneDrive\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView 64 4.56.lnk -> C:\Program Files\IrfanView\i_view64.exe (Irfan Skiljan)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView Hilfe.lnk -> C:\Program Files\IrfanView\Help\i_view32_deutsch.chm ()
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Kommandozeilen-Optionen.lnk -> C:\Program Files\IrfanView\i_options.txt ()
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Verfügbare PlugIns.lnk -> C:\Program Files\IrfanView\i_plugins.txt ()
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Verfügbare Sprachen.lnk -> C:\Program Files\IrfanView\i_languages.txt ()
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Was ist neu.lnk -> C:\Program Files\IrfanView\i_changes.txt ()
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Über IrfanView.lnk -> C:\Program Files\IrfanView\i_about.txt ()
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Access.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\OpenTTD.lnk -> C:\Program Files\OpenTTD\openttd.exe (OpenTTD Development Team)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Start Tor Browser.lnk -> C:\Users\vikto\OneDrive\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\Users\vikto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Word.lnk -> C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\vikto\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\vikto\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\vikto\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Documentation.lnk -> C:\Program Files\HP\Documentation\platform_guides\languages\index.html () -> /Arguments:Shortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games\Hearts.lnk -> C:\ProgramData\WildTangent\WildTangent Games\ShortcutProvider\heartshtml5\heartshtml5.ico () -> /src=gamesmenu /id=heartshtml5
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games\Mahjong Classic.lnk -> C:\ProgramData\WildTangent\WildTangent Games\ShortcutProvider\mahjongclassichtml5\mahjongclassichtml5.ico () -> /src=gamesmenu /id=mahjongclassichtml5
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games\Solitaire with Themes.lnk -> C:\ProgramData\WildTangent\WildTangent Games\ShortcutProvider\solitairehtml5\solitairehtml5.ico () -> /src=gamesmenu /id=solitairehtml5
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Plus Player\VLC Plus Player - reset preferences and cache files.lnk -> C:\Program Files\VLC Plus Player\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Plus Player\VLC Plus Player skinned.lnk -> C:\Program Files\VLC Plus Player\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100000\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser100000\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser100000\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser100000\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser100000\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser100000\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100000\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100000\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser100000\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser100000\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser100001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser100001\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser100001\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser100001\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser100001\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser100001\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser100001\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser100001\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser100001\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView - Thumbnails.lnk -> C:\Program Files\IrfanView\i_view64.exe (Irfan Skiljan) -> /thumbs
ShortcutWithArgument: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\vikto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) -> /recycle
ShortcutWithArgument: C:\Users\vikto\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\vikto\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\vikto\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\vikto\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\vikto\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\vikto\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\vikto\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\vikto\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\vikto\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\vikto\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\vikto\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Documentation\OpenVPN HOWTO.url -> URL: hxxps://openvpn.net/howto.html
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Documentation\OpenVPN Support.url -> URL: hxxps://community.openvpn.net/openvpn/wiki/GettingHelp
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Documentation\OpenVPN Web Site.url -> URL: hxxps://openvpn.net/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Documentation\OpenVPN Wiki.url -> URL: hxxps://community.openvpn.net/openvpn/wiki/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL ->
InternetURL: C:\Users\Default\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\Default\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\Default\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\Default\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\Default\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\defaultuser100000\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100000\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\defaultuser100000\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100000\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\defaultuser100000\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.000\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.001\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.002\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.003\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.004\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.005\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.006\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\defaultuser100000.DESKTOP-2R3VNG7.009\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\defaultuser100001\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\defaultuser100001\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\defaultuser100001\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.000\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.001\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.002\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.003\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.004\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.005\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.006\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.007\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.008\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\defaultuser100001.DESKTOP-2R3VNG7.009\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\vikto\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\vikto\Favorites\Links\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\vikto\Favorites\Links\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=webslice1819
InternetURL: C:\Users\vikto\Favorites\HP\Amazon.de – online einkaufen.url -> URL: hxxp://www.amazon.de/gp/bit/amazonbookmark.html?tag=hp2-brobookmark-de-21&partner=HP
InternetURL: C:\Users\vikto\Favorites\HP\Booking.com.url -> URL: hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=iefav1819
InternetURL: C:\Users\vikto\Favorites\HP\HP Store.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=*&c=*&locale=de_de&pf=*&s=Hpstore&tp=*&TYPE=3
InternetURL: C:\Users\vikto\Dropbox\Get Started with Dropbox Paper.url -> URL: hxxps://www.dropbox.com/login?_tk=dropbox_desktop_urlfile&cont=https%3A%2F%2Fpaper.dropbox.com%2Fpad%2Fopen-or-create-sample%2Fintro&register_cont=https%3A%2F%2Fpaper.dropbox.com%2Fpad%2Fopen-or-create-sample%2Fintro
InternetURL: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\HUMANKIND™.url -> URL: steam://rungameid/1124300
InternetURL: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Industry Giant 2.url -> URL: steam://rungameid/271360
InternetURL: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\NIMBY Rails.url -> URL: steam://rungameid/1134710
InternetURL: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Sid Meier's Civilization VI.url -> URL: steam://rungameid/289070
InternetURL: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Stellaris.url -> URL: steam://rungameid/281990
InternetURL: C:\Users\vikto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Voxel Tycoon.url -> URL: steam://rungameid/732050

==================== Ende vom Shortcut.txt =============================

BeRealm 22.09.2021 17:32
Super das es mit dem Posten der Logs so gut geklappt hat. Es erscheint auf den ersten Blick nach Fach-Chinesisch aber das Lesen der Anleitung Schritt für Schritt führt hier im Forum immer ans Ziel.

Ich bin kein Profi daher sollte cosinus oder MKDB nochmal über Log´s schauen aber mir sind folgende Punkte aufgefallen:
-ExpressVPN scheint an deinem Rechner installiert zu sein. Schau dir dazu bitte dieses Video an. Über Sinn und Unsinn von VPN´s will ich gar nicht streiten aber wertvolle Tipps dazu gibt´s hier.
-Im Chrome befinden sich noch Avira Erweiterungen, bitte weg damit. Avira nistet sich in verschiedene Programme/Komponenten ein wie eine Zecke.
Zitat:
CHR Extension: (Avira Password Manager) - C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-09-17]
CHR Extension: (Avira Browserschutz) - C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-09-21]
-Du hast den VLC Plus Player installiert! Das ist eine schädliche Nachmache des originalen VLC Player. Unter Umständen werden deine Daten gesammelt und verkauft oder Werbung macht sich am PC breit. Bitte sofort deinstallieren und bleib bei sauberen Downloadquellen! Lies dir dazu bitte den Absatz Downloadquellen in dieser Anleitung vom Board gründlich durch.
Zitat:
VLC Plus Player (HKLM\...\VLC Plus Player) (Version: 3.0.12 - Aller Media e.K.) <==== ACHTUNG
Mach bitte noch vollständige Scan mit Malwarebytes und AdwCleaner. Die Log-Dateien beider Scans bitte auch wieder in Code-Tags einfügen wie zuvor mit FRST.

Bei Fragen oder Problemen melde dich bitte, bevor Missverständnisse oder ungewollte Aktionen auftreten.:daumenhoc

cosinus 22.09.2021 21:21
Danke für deine erste Expertise BeRealm, vllt finden wir da noch was.

schlawack 22.09.2021 23:41
Zitat:
Zitat von cosinus (Beitrag 1757178)
Danke für deine erste Expertise BeRealm, vllt finden wir da noch was.
cosinus, nix gegen BeRealm, aber die Idee mit Adwcleaner und Malwarebytes hatte ich vor BeRealm auch schon: https://www.trojaner-board.de/202593...ml#post1757100
Ich würde an der Stelle von Viktor Barth auch nochmal die Uninstall Tools von Avira und McAfee ausführen, idealerweise im Abgesicherten Modus ob die noch Reste von Avira bzw McAfee finden und löschen.

cosinus 23.09.2021 07:56
Danke für deine erste Expertise schlawack, vllt finden wir da noch was. :lach:

Viktor Barth 23.09.2021 14:44
Neue Logfiles
 
Hallo BeRealm,

danke für Deine Mail.
Ich habe den Rechner soweit gesäubert.
Avira, VLC-plus komplett entfernt.
Nach Neustart mit Malwarebytes und Adwcleaner gescannt.
Die Logfiles hier im Anschluss.

Noch eine Frage:
Warum erhalte ich hier im Portal und auf anderen Seiten auf einmal Werbung.
Hatte ich bisher nicht, und möchte ich auch künftig nicht.

v.G.

Code:
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 23.09.21
Scan-Zeit: 15:18
Protokolldatei: c96e7596-1c70-11ec-a0dc-28cdc464727e.json

-Softwaredaten-
Version: 4.4.6.132
Komponentenversion: 1.0.1453
Version des Aktualisierungspakets: 1.0.45256
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 19043.1237)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-2R3VNG7\vikto

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 768004
Erkannte Bedrohungen: 16
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 0 Min., 49 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 2
PUP.Optional.StartFenster, C:\USERS\VIKTO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Keine Aktion durch Benutzer, 502, 455286, , , , , ,
PUP.Optional.StartFenster, C:\USERS\VIKTO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Keine Aktion durch Benutzer, 502, 455286, , , , , ,

Datei: 14
PUP.Optional.ChipDe, C:\USERS\VIKTO\DOWNLOADS\VLC MEDIA PLAYER (64 BIT) - INSTALLER _1AF0.EXE, Keine Aktion durch Benutzer, 636, 562568, 1.0.45256, , ame, , 4AD14F8F15E3A4C6575C4C15912087D9, D4635DD7665F14636ABBAA1BED97D381A5C82351AD7B5E93D36D25455F3FB48B
PUP.Optional.StartFenster, C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, Keine Aktion durch Benutzer, 502, 455286, , , , , 91B2F7F866FF63AC9958286158FC25C9, 9367EAE05AB6CC5F9434572D20670E6A41535E6DE1A4A765051B2C4C018E4AB3
PUP.Optional.StartFenster, C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\002591.ldb, Keine Aktion durch Benutzer, 502, 455286, , , , , 61E2B4C20DDF9A04168207B93A17B54F, 0B7831957D95887DFF25920FCA504EEAB4E31EE61405F204045CEFF4D4D2C4D1
PUP.Optional.StartFenster, C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\002593.ldb, Keine Aktion durch Benutzer, 502, 455286, , , , , 94332380D4C1F718C2CFFAB0392F4C71, EA251918A101DE5F22698E2CB3EA72157139EBDA3E3AB3E1818D95F0494783EE
PUP.Optional.StartFenster, C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\002595.ldb, Keine Aktion durch Benutzer, 502, 455286, , , , , C73E70C6741D593B68AFF803DE4F30E8, 40115824B7E82C79F1B84493FFA8BE241BDCEAB064B410E1D72FAAF50ECBE171
PUP.Optional.StartFenster, C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\002596.log, Keine Aktion durch Benutzer, 502, 455286, , , , , B34EBAD53D6137F0CB66A79EC6B7F443, 0423E21CA78C7EBE6A0675172F38BFE035E1F9AD0DB3E1DA54EE9C651B4174D8
PUP.Optional.StartFenster, C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\002597.ldb, Keine Aktion durch Benutzer, 502, 455286, , , , , A865DD3518DC5649220EE13B2F748922, 559E0199075586120B07385AFD9F9B938B6E101E34D0FB441315CD7D306C6BC5
PUP.Optional.StartFenster, C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, Keine Aktion durch Benutzer, 502, 455286, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.StartFenster, C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, Keine Aktion durch Benutzer, 502, 455286, , , , , ,
PUP.Optional.StartFenster, C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, Keine Aktion durch Benutzer, 502, 455286, , , , , 20C2AA4D1DE097CAE690C5C54920F65F, 925CEB78833AAFDB9ED08BBD78386BE551A90A71133F6E0154FB9F1D062A6CE1
PUP.Optional.StartFenster, C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, Keine Aktion durch Benutzer, 502, 455286, , , , , A002B1B276E7188775895D27CF51416D, 31686954431547164A45F531F6DB836E32AF252343031F21C10A72E75B79E3B2
PUP.Optional.StartFenster, C:\Users\vikto\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, Keine Aktion durch Benutzer, 502, 455286, , , , , DCEC838026B453427FCADE89C0396B4A, 8665344A44C46854D801DB3586AA18CF8182990286CB803204C6414671D11FE4
PUP.Optional.StartFenster, C:\USERS\VIKTO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Keine Aktion durch Benutzer, 502, 455286, 1.0.45256, , ame, , 0BF2F7273BCE07193B91572AB9CB5A45, A44D3CED5509186DFE370BF7080A636046CB2D66D47C632A6F70F9CA391980FA
PUP.Optional.StartFenster, C:\USERS\VIKTO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Keine Aktion durch Benutzer, 502, 455286, 1.0.45256, , ame, , 0BF2F7273BCE07193B91572AB9CB5A45, A44D3CED5509186DFE370BF7080A636046CB2D66D47C632A6F70F9CA391980FA

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)
Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build:    06-29-2021
# Database: 2021-09-09.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    09-23-2021
# Duration: 00:00:08
# OS:      Windows 10 Home
# Scanned:  31964
# Detected: 32


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy            HKLM\Software\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
PUP.Optional.Legacy            HKLM\Software\Classes\AppID\{BAB04997-93AD-4C13-805A-0409199700BB}
PUP.Optional.Legacy            HKLM\Software\Classes\CLSID\{947217BD-E967-400A-B14A-BA851A8EDCBB}
PUP.Optional.Legacy            HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{947217BD-E967-400A-B14A-BA851A8EDCBB}
PUP.Optional.Legacy            HKLM\Software\Wow6432Node\\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
PUP.Optional.Legacy            HKLM\Software\Wow6432Node\\Classes\AppID\{BAB04997-93AD-4C13-805A-0409199700BB}
PUP.Optional.VLCPlusPlayer.DE  HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Update Plus Player

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

PUP.Optional.StartFenster      Websuche

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.HPAudioSwitch  Folder  C:\Program Files (x86)\HP\HPAUDIOSWITCH
Preinstalled.HPAudioSwitch  Registry  HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAF41A62-1C71-4CF6-B388-957F5888E2FC} 
Preinstalled.HPAudioSwitch  Registry  HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPAudioSwitch
Preinstalled.HPCleanFLC  Registry  HKCU\Software\Microsoft\Windows\CurrentVersion\Run|HPSEU_Host_Launcher
Preinstalled.HPRegistrationService  Folder  C:\ProgramData\HP\HP REGISTRATION SERVICE
Preinstalled.HPSupportAssistant  Folder  C:\HP\SUPPORT
Preinstalled.HPSupportAssistant  Folder  C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant  Folder  C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant  Folder  C:\Users\vikto\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant  Registry  HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant  Registry  HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant  Registry  HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSureConnect  Folder  C:\Program Files\HPCOMMRECOVERY
Preinstalled.HPSureConnect  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6}
Preinstalled.HPTouchpointAnalyticsClient  Folder  C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Preinstalled.HPTouchpointAnalyticsClient  Registry  HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}
Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDGAMES
Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDTANGENT GAMES
Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDTANGENT GAMES\SHORTCUTPROVIDER
Preinstalled.WildTangentGamesBundle  Folder  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WILDTANGENT GAMES
Preinstalled.WildTangentGamesBundle  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Preinstalled.WildTangentGamesBundle  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{80831F60-19D7-43B3-A60C-5CAF8C478DF6}
Preinstalled.WildTangentGamesBundle  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A39303AB-4898-4F12-BAA0-0B8630F86DB4}



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

cosinus 23.09.2021 15:43
Den gnazn Müll von Junkware hast du im Prinzip alles selbst installiert. Siehe auch VLC Plus Player - das passiert wenn man einfach von irgendwo lädt und nicht von der Orginalseite des Videolan-Projekts.

Downloadquellen

Lade keine Software von Chip.de, Softonic.de, sourceforge.net, openoffice.de, VLC.de, audacity.de, gimp24.de oder updatestar.com.
Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software (Potentially unwanted programs, kurz PUP) oder Adware installiert.
Auf manchen Seiten wird direkt PUP / Adware zum Download angeboten.

Für Windows gibt es seit einiger Zeit einen brauchbaren Paketmanager, der mit einfachen Befehlen es erlaubt, automatisiert Software herunterzuladen und zu installieren. Das erspart eine Menge Arbeit, denn ohne einen Paketmanager muss man jedes Programm selbst prüfen und separat manuell updaten, vorher manuell noch runterladen etc. pp. - siehe auch --> chocolatey Paketmanager für Windows

Wir empfehlen dringend, alle Programme, sofern verfügbar, über chocolatey zu installieren. Falls du schon mit Linux zu tun hattest, wird dir die Syntax sehr vertraut sein.
Die FAQs zu choco findest du da --> Chocolatey: Häufig gestellte Fragen (englisch)
Selbstverständlich darfst du auch Fragen zu chocolatey im o.g. Thread zu chocolatey stellen.

Für den seltenen Fall, dass du das benötigte Programm nicht im repository von chocolatey findest: Lade diese Software direkt beim jeweiligen Hersteller / Entwickler.

schlawack 23.09.2021 16:02
Zitat:
Noch eine Frage:
Warum erhalte ich hier im Portal und auf anderen Seiten auf einmal Werbung.
Hatte ich bisher nicht, und möchte ich auch künftig nicht.
Falls du es noch nicht getan hast, installiere mal für deine Browser uBlock Origin: https://www.google.com/search?client=firefox-b-d&q=uBlock+Origin und gib dann Bitte Rückmeldung ob es mit uBlock Origin dann mit Werbung in den Browsern vorbei ist.

BeRealm 23.09.2021 17:51
Hallo Viktor,

Wie man in den Log´s sehen kann hast du einiges PUP (=potenziell unerwünschte Programme) am Computer. Das kommt vorallem durch unseriöse Webseiten und deren Geschäftsmodelle. Um Geld zu kassieren, wird auf deinem Rechner, durch den Download auf deren Seiten wird Werbung mit in deinen PC geschleust:pfui:

Chrome ist ein stabiler und kommerzieller Browser von Google. Leider werden durch Chrome auch Daten (Surfverhalten, Klicks, etc.) gesammelt. Ich will dir nichts auf´s Auge drücken und die Meinungen gehen, wie immer im Leben, teilweise auseinander. Wenn du mehr darüber wissen willst kannst du hier viele Informationen erhalten. Bei Fragen dazu stehe ich gerne zur Verfügung.

Lösch bitte noch die Datei im Downloadbereich:
Zitat:
PUP.Optional.ChipDe, C:\USERS\VIKTO\DOWNLOADS\VLC MEDIA PLAYER (64 BIT) - INSTALLER _1AF0.EXE, Keine Aktion durch Benutzer, 636, 562568, 1.0.45256, , ame, , 4AD14F8F15E3A4C6575C4C15912087D9, D4635DD7665F14636ABBAA1BED97D381A5C82351AD7B5E93D36D25455F3FB48B
Zurück zum Problem mit der Werbung:
-Deinstallier Chrome bitte vollständig, da scheint auch PUP übrig geblieben zu sein.
-Bei Bedarf kannst du Chrome wieder installieren
-Im Firefox/Chrome bitte uBlock Origin (bitte auf die genaue Bezeichnung achten. Auch hier gibt´s wieder unseriöse Trittbrettfahrer) aus dem jeweiligen Add-on store. (Wie mein Vorredner auch vorgeschlagen hat:daumenhoc)

Als seriöse Downloadquelle kannst du Heise Download nutzen, wenn du dich später mit chocolatey beschäftigen willst.

Solltest du noch Probleme haben, dann beschreib es bitte so genau wie möglich und in welchem Programm und auf welchen Webseiten du es hast.

schlawack 23.09.2021 21:09
uBlock Origin gibt es auch für den Edge Chromium Browser(hab das da auch installiert): https://www.deskmodder.de/blog/2019/06/04/ublock-origin-fuer-den-microsoft-edge-chromium-herunterladen/

Viktor Barth 23.09.2021 21:34
uBlock
 
Zitat:
Zitat von schlawack (Beitrag 1757218)
Falls du es noch nicht getan hast, installiere mal für deine Browser uBlock Origin: https://www.google.com/search?client=firefox-b-d&q=uBlock+Origin und gib dann Bitte Rückmeldung ob es mit uBlock Origin dann mit Werbung in den Browsern vorbei ist.
Habe ich raufgespielt.
Scheint erstmal zu wirken.


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:04 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27