Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   PUP.Optional.DefaultSearch | Malwarebytes findet immer wieder die selbe Bedrohung (https://www.trojaner-board.de/201736-pup-optional-defaultsearch-malwarebytes-findet-immer-selbe-bedrohung.html)

Maxecute 07.05.2021 21:05
Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build:    03-22-2021
# Database: 2021-04-28.3 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    05-07-2021
# Duration: 00:00:00
# OS:      Windows 10 Pro
# Cleaned:  0
# Failed:  0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4375 octets] - [02/05/2021 10:35:45]
AdwCleaner[C00].txt - [4019 octets] - [02/05/2021 10:36:01]
AdwCleaner[S01].txt - [1527 octets] - [07/05/2021 22:03:23]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

cosinus 08.05.2021 13:33
Dann jetzt bitte neue FRST Logs.

Maxecute 08.05.2021 18:18
FRST
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05-2021 01
durchgeführt von Max (Administrator) auf DESKTOP-DHA2F6H (Micro-Star International Co., Ltd. MS-7A38) (08-05-2021 19:15:09)
Gestartet von C:\Users\Max\Downloads
Geladene Profile: Max
Platform: Windows 10 Pro Version 2004 19041.928 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\89.0.4389.25\remoting_host.exe <2>
(Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.925_none_e76d4f6f260a683e\TiWorker.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\Display.NvContainer\NVDisplay.Container.exe <2>
(Pulse Secure, LLC -> Pulse Secure, LLC) C:\Program Files (x86)\Common Files\Pulse Secure\JUNS\PulseSecureService.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bb0c442560f99618\RtkAudUService64.exe <2>
(Skutta, Kristjan -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bb0c442560f99618\RtkAudUService64.exe [1253232 2021-03-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3951968 2019-07-09] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353408 2021-04-27] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7991528 2021-04-24] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [PulseSecure] => C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\Pulse.exe [4500096 2020-10-16] (Pulse Secure, LLC -> )
HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [648328 2020-03-09] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\Run: [Discord] => C:\Users\Max\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [123792288 2021-05-06] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\Run: [WallpaperEngine] => C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [2769000 2021-03-08] (Skutta, Kristjan -> )
HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-04-21] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\Software\...\Authentication\Credential Providers: [{4B9CAC01-6732-40d0-8B8F-B5B340F9D44F}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2020-10-16] (Pulse Secure, LLC -> )
HKLM\Software\...\Authentication\Credential Providers: [{4EFD0F35-BFBA-44eb-8F25-2B3530203C1D}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2020-10-16] (Pulse Secure, LLC -> )
HKLM\Software\...\Authentication\Credential Providers: [{C1258FBC-F04F-4862-B78A-DDAAEF4A9707}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2020-10-16] (Pulse Secure, LLC -> )
HKLM\Software\...\Authentication\Credential Providers: [{EAB1A79F-DFAA-4faf-A7B9-A6652E97EE16}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2020-10-16] (Pulse Secure, LLC -> )
HKLM\Software\...\Authentication\Credential Provider Filters: [{3884BCAA-C611-4e2d-9105-E11B1203294E}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2020-10-16] (Pulse Secure, LLC -> )
Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2020-01-16] ()

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {3307FBD1-9A74-4353-8688-11375DE57C1A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {408B50CB-F98D-4EA8-8BFA-528E29B1A599} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4EAEDFE0-FEC2-4ACA-8FBC-61D753B7BF4B} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {5450DD0E-87ED-48AC-969B-30826F9F1071} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {58BE253D-7E37-4F66-B1C1-C617C35B7B9F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {61F22846-E2AB-4A5B-B4D1-EFA7F0D6E69F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {9084EBF6-A213-40E4-8A91-21C71A108D3D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {97AB08BB-1048-4827-B395-025ABFC4F5F2} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9BD85B5E-1768-4704-AD73-075E7C68251A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BAD41C75-A840-4ED3-A9B5-D888B1B7B254} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {C247FDC7-DA6E-4842-8C93-F1C7D3799CB6} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-05-20] (Dropbox, Inc -> Dropbox, Inc.)
Task: {D64C505B-F27B-4D10-A9C4-0B21AB5BAC3D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DB266B37-18F7-4089-9662-AF3AE1E871EB} - System32\Tasks\Mozilla\Firefox Default Browser Agent CDFCF4B7528A39A6 => D:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-12-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {F1BAAA2E-056A-44B7-BC36-907A5831895D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-05-20] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F7AE6CC1-7CAB-43F9-9955-2977717CD914} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{10eb58ff-534e-4d43-9b25-3b3e203536a5}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{19cb2e09-30dd-40d3-b56e-c00aee98ea2f}: [NameServer] 132.195.249.13,132.195.20.13
Tcpip\..\Interfaces\{8d559033-aa29-4301-916a-906f4e0d4fc6}: [NameServer] 132.195.249.13,132.195.20.13
Tcpip\..\Interfaces\{f380a77b-200e-4177-b271-a49a9b2fff31}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Profile: C:\Users\Max\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-16]
Edge StartupUrls: Default -> "hxxps://www.google.de/"
Edge DefaultSearchURL: Default -> hxxps://www.google.de/search?q={searchTerms}&ie={inputEncoding?}&oe={outputEncoding?}
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: kcp1ykde.default
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\iguxhc92.default-release-1 [2021-04-28]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\iguxhc92.default-release-1\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-04-28]
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\kcp1ykde.default [2020-05-01]
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\8zxz0q4w.default-release [2021-05-08]
FF Homepage: Mozilla\Firefox\Profiles\8zxz0q4w.default-release -> hxxps://www.ecosia.org/
FF NewTab: Mozilla\Firefox\Profiles\8zxz0q4w.default-release -> hxxps://defaultsearch.co/homepage?hp=1&pId=IC150206&iDate=2020-05-01 01:44:31&bName=&bitmask=0600
FF Notifications: Mozilla\Firefox\Profiles\8zxz0q4w.default-release -> hxxps://www.chess.com; hxxps://chat.uni-wuppertal.de
FF Extension: (BetterTTV) - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\8zxz0q4w.default-release\Extensions\firefox@betterttv.net.xpi [2021-04-25]
FF Extension: (Chrome Remote Desktop) - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\8zxz0q4w.default-release\Extensions\remotedesktop@google.com.xpi [2021-03-15] [UpdateUrl:hxxps://www.gstatic.com/chromoting/firefox_extension/update.json]
FF Extension: (Ecosia – Die Suchmaschine, die Bäume pflanzt) - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\8zxz0q4w.default-release\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2020-10-09]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\8zxz0q4w.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-01-29]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
StartMenuInternet: Firefox-CDFCF4B7528A39A6 - D:\Program Files\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe [440368 2019-12-11] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\89.0.4389.25\remoting_host.exe [72808 2021-01-27] (Google LLC -> Google LLC)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-05-20] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-05-20] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-04-24] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818288 2020-06-10] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [409456 2021-03-30] (NVIDIA Corporation -> NVIDIA)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10605472 2021-05-06] (Logitech Inc -> Logitech, Inc.)
R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [499336 2020-05-18] (Logitech Inc -> Logitech)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-04-28] (Malwarebytes Inc -> Malwarebytes)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [9513760 2020-12-06] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 PulseSecureService; C:\Program Files (x86)\Common Files\Pulse Secure\JUNS\PulseSecureService.exe [380544 2020-10-16] (Pulse Secure, LLC -> Pulse Secure, LLC)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bb0c442560f99618\RtkAudUService64.exe [1253232 2021-03-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5361256 2021-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182328 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10301672 2021-04-27] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [33832 2019-12-11] (ASUSTeK Computer Inc. -> )
S3 csravrcp; C:\WINDOWS\System32\drivers\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 CsrBthAudioHF; C:\WINDOWS\System32\drivers\CsrBthAudioHF.sys [39120 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 CsrBtPort; C:\WINDOWS\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrhfgcc; C:\WINDOWS\System32\drivers\csrhfgcc.sys [38080 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrpan; C:\WINDOWS\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrserial; C:\WINDOWS\System32\drivers\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusb; C:\WINDOWS\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusbfilter; C:\WINDOWS\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csr_bthav; C:\WINDOWS\system32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [19968 2019-10-17] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-04-28] (Malwarebytes Inc -> Malwarebytes)
R1 GLCKIO2; C:\WINDOWS\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
R1 jnprns; C:\WINDOWS\system32\DRIVERS\jnprns.sys [507192 2020-10-16] (Juniper Networks, Inc. -> Juniper Networks)
S4 jnprTdi_919_4983; C:\WINDOWS\system32\Drivers\jnprTdi_919_4983.sys [98280 2020-10-16] (Pulse Secure, LLC -> Pulse Secure, LLC)
R3 JnprVaMgr; C:\WINDOWS\System32\drivers\jnprvamgr.sys [45352 2020-10-16] (Juniper Networks, Inc. -> Juniper Networks, Inc.)
R2 LGHUBTemperatureService; C:\Program Files\LGHUB\logi_core_temp.sys [22864 2021-05-06] (Logitech Inc -> Logitech)
S3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2018-05-07] (Logitech Inc -> Logitech Inc.)
S3 LGJoyHidLo; C:\WINDOWS\system32\drivers\LGJoyHidLo.sys [47256 2018-05-07] (Logitech Inc -> Logitech Inc.)
S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-05-07] (Logitech Inc -> Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\System32\drivers\LGSHidFilt.Sys [64280 2018-05-07] (Logitech -> Logitech Inc.)
S3 LGSUsbFilt; C:\WINDOWS\System32\drivers\LGSUsbFilt.Sys [41752 2018-05-07] (Logitech -> Logitech Inc.)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [37200 2021-03-17] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [25928 2021-03-17] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66896 2021-03-17] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-04-28] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-04-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-05-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-05-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-28] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-05-08] (Malwarebytes Inc -> Malwarebytes)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [25616 2018-02-12] (MICSYS Technology Co., Ltd. -> )
S3 PulseSAM; C:\WINDOWS\system32\Drivers\PulseSAM.sys [149904 2020-10-16] (Pulse Secure, LLC. -> Pulse Secure, LLC)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43368 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [6438816 2021-04-27] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-05-08 19:02 - 2021-05-08 19:02 - 000267894 _____ C:\Users\Max\Downloads\Zusammenfassung Kontowechsel.pdf
2021-05-08 17:23 - 2021-05-08 17:23 - 000000000 ____D C:\Users\Max\Downloads\FRST-OlderVersion
2021-05-08 17:15 - 2021-05-08 17:15 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-05-08 17:15 - 2021-05-08 17:15 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-05-08 17:15 - 2021-05-08 17:15 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-05-07 23:21 - 2021-05-07 23:21 - 000020216 _____ C:\Users\Max\AppData\Local\recently-used.xbel
2021-05-07 22:02 - 2021-05-07 22:02 - 008534696 _____ (Malwarebytes) C:\Users\Max\Downloads\adwcleaner_8.2.exe
2021-05-07 16:02 - 2021-05-07 16:03 - 000000000 ____D C:\Users\Max\Desktop\Unzipped
2021-05-07 15:02 - 2021-05-07 15:02 - 000000686 _____ C:\Users\Public\Desktop\Style Builder 2021.lnk
2021-05-07 15:02 - 2021-05-07 15:02 - 000000686 _____ C:\ProgramData\Desktop\Style Builder 2021.lnk
2021-05-07 15:02 - 2021-05-07 15:02 - 000000640 _____ C:\Users\Public\Desktop\LayOut 2021.lnk
2021-05-07 15:02 - 2021-05-07 15:02 - 000000640 _____ C:\ProgramData\Desktop\LayOut 2021.lnk
2021-05-07 15:02 - 2021-05-07 15:02 - 000000557 _____ C:\Users\Public\Desktop\SketchUp Pro 2021.lnk
2021-05-07 15:02 - 2021-05-07 15:02 - 000000557 _____ C:\ProgramData\Desktop\SketchUp Pro 2021.lnk
2021-05-07 15:02 - 2021-05-07 15:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2021
2021-05-07 15:01 - 2021-05-07 15:01 - 000000000 ____D C:\Users\Max\AppData\Local\Downloaded Installations
2021-05-07 15:01 - 2021-05-07 15:01 - 000000000 ____D C:\ProgramData\SketchUp
2021-05-07 14:58 - 2021-05-07 14:59 - 225340496 _____ (Trimble, Inc.) C:\Users\Max\Downloads\SketchUpPro-2021-0-1.exe
2021-05-07 14:53 - 2021-05-07 18:55 - 000000000 ____D C:\Users\Max\AppData\Roaming\texstudio
2021-05-07 14:49 - 2021-05-07 14:49 - 000000615 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXstudio.lnk
2021-05-07 14:46 - 2021-05-07 14:47 - 170058008 _____ C:\Users\Max\Downloads\texstudio-3.1.1-win-qt5.exe
2021-05-07 14:44 - 2021-05-07 14:44 - 000000022 _____ C:\Users\Max\miktex-console.lock
2021-05-07 14:42 - 2021-05-07 14:44 - 000000000 ____D C:\Users\Max\AppData\Local\MiKTeX
2021-05-07 14:42 - 2021-05-07 14:42 - 000000000 ____D C:\Users\Max\AppData\Roaming\MiKTeX
2021-05-07 14:42 - 2021-05-07 14:42 - 000000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiKTeX
2021-05-07 14:17 - 2021-05-07 14:40 - 255676168 _____ (MiKTeX.org) C:\Users\Max\Downloads\basic-miktex-21.2-x64.exe
2021-05-07 13:02 - 2021-05-07 13:02 - 000465121 _____ C:\Users\Max\Documents\Kiraz, Gülseren Stundenzettel April 2021[2094].pdf
2021-05-07 12:10 - 2021-05-07 12:10 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2021-05-07 12:10 - 2021-05-07 12:10 - 000000650 _____ C:\ProgramData\Desktop\Logitech G HUB.lnk
2021-05-07 12:10 - 2021-05-07 12:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2021-05-07 12:10 - 2021-05-07 12:10 - 000000000 ____D C:\Program Files\LGHUB
2021-05-05 20:59 - 2021-05-05 20:59 - 000001130 _____ C:\Users\Max\Desktop\Adobe Premiere Pro 2020.lnk
2021-05-05 16:18 - 2021-05-05 16:18 - 000000300 _____ C:\Users\Max\Desktop\Fortnite.url
2021-05-05 13:00 - 2021-05-08 19:09 - 000057570 _____ C:\Users\Max\Downloads\Shortcut.txt
2021-05-05 12:59 - 2021-05-08 19:09 - 000055066 _____ C:\Users\Max\Downloads\Addition.txt
2021-05-05 12:58 - 2021-05-08 19:15 - 000024807 _____ C:\Users\Max\Downloads\FRST.txt
2021-05-05 12:57 - 2021-05-08 19:15 - 000000000 ____D C:\FRST
2021-05-05 12:57 - 2021-05-08 17:23 - 002298880 _____ (Farbar) C:\Users\Max\Downloads\FRST64.exe
2021-05-04 13:53 - 2021-05-05 21:00 - 000001419 _____ C:\Users\Max\Desktop\Adobe After Effects 2020.lnk
2021-05-02 12:24 - 2021-05-02 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxon
2021-05-02 12:23 - 2021-05-02 12:25 - 000000000 ____D C:\Program Files\Maxon Cinema 4D R21
2021-05-02 12:22 - 2021-05-02 12:22 - 000001250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2020.lnk
2021-05-02 10:52 - 2021-05-02 10:52 - 2323535189 _____ C:\Users\Max\Downloads\Adobe After Effects 2020.rar
2021-05-02 10:35 - 2021-05-02 10:35 - 000000000 ____D C:\AdwCleaner
2021-04-29 20:53 - 2021-04-29 20:53 - 000000000 ____D C:\WINDOWS\system32\lxss
2021-04-29 20:48 - 2021-04-24 03:08 - 000038640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-04-29 20:44 - 2021-04-27 23:16 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-04-29 20:44 - 2021-04-27 23:16 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-04-29 20:44 - 2021-04-27 23:16 - 001453344 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-04-29 20:44 - 2021-04-27 23:16 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-04-29 20:44 - 2021-04-27 23:16 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-04-29 20:44 - 2021-04-27 23:16 - 001192736 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-04-29 20:44 - 2021-04-27 23:16 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-04-29 20:44 - 2021-04-27 23:16 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-04-29 20:44 - 2021-04-27 23:16 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-04-29 20:44 - 2021-04-27 23:16 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-04-29 20:44 - 2021-04-27 23:13 - 000715544 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-04-29 20:44 - 2021-04-27 23:13 - 000626976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-04-29 20:44 - 2021-04-27 23:13 - 000575760 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-04-29 20:44 - 2021-04-27 23:12 - 002106144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-04-29 20:44 - 2021-04-27 23:12 - 001590560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-04-29 20:44 - 2021-04-27 23:12 - 001514784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-04-29 20:44 - 2021-04-27 23:12 - 001166112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-04-29 20:44 - 2021-04-27 23:12 - 000689952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-04-29 20:44 - 2021-04-27 23:12 - 000675104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-04-29 20:44 - 2021-04-27 23:12 - 000656160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-04-29 20:44 - 2021-04-27 23:12 - 000564000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-04-29 20:44 - 2021-04-27 23:11 - 008317232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-04-29 20:44 - 2021-04-27 23:11 - 007434032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-04-29 20:44 - 2021-04-27 23:11 - 004795152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-04-29 20:44 - 2021-04-27 23:11 - 002823472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-04-29 20:44 - 2021-04-27 23:11 - 000445744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-04-29 20:44 - 2021-04-27 23:10 - 000848664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-04-29 20:44 - 2021-04-27 23:09 - 006159176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-04-29 20:44 - 2021-04-24 03:08 - 000087164 _____ C:\WINDOWS\system32\nvinfo.pb
2021-04-29 20:37 - 2021-04-29 20:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-04-28 22:37 - 2021-04-28 22:37 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-04-28 22:37 - 2021-04-28 22:37 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-04-28 22:37 - 2021-04-28 22:37 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-04-28 22:37 - 2021-04-28 22:37 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-04-28 22:37 - 2021-04-28 22:37 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-04-28 22:37 - 2021-04-28 22:37 - 000000000 ____D C:\Users\Max\AppData\Local\mbam
2021-04-28 22:37 - 2021-04-28 22:36 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-04-28 22:37 - 2021-04-28 22:36 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-04-28 22:36 - 2021-04-28 22:36 - 002078632 _____ (Malwarebytes) C:\Users\Max\Downloads\MBSetup.exe
2021-04-28 22:36 - 2021-04-28 22:36 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-04-28 22:36 - 2021-04-28 22:36 - 000000000 ____D C:\Program Files\Malwarebytes
2021-04-28 21:49 - 2021-04-28 21:49 - 003483480 _____ (Alexander Roshal) C:\Users\Max\Downloads\winrar-x64-601d.exe
2021-04-28 21:49 - 2021-04-28 21:49 - 000000000 ____D C:\Users\Max\AppData\Roaming\WinRAR
2021-04-28 21:49 - 2021-04-28 21:49 - 000000000 ____D C:\Program Files\WinRAR
2021-04-26 10:19 - 2021-04-26 10:19 - 000069642 _____ C:\Users\Max\Downloads\Blatt_02.pdf
2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-04-24 12:55 - 2021-04-24 12:55 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-04-23 14:44 - 2021-04-23 14:44 - 000194175 _____ C:\Users\Max\Downloads\ProseminarImportantDatesSummer21.pdf
2021-04-23 14:23 - 2021-04-23 14:23 - 000178483 _____ C:\Users\Max\Downloads\GuidelinesScientificWriting_Screencast_SS2021.pdf
2021-04-20 12:25 - 2021-05-06 22:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-17 12:43 - 2021-04-17 12:43 - 000000000 ____D C:\ProgramData\Logishrd
2021-04-16 09:59 - 2021-04-16 09:59 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-16 09:59 - 2021-04-16 09:59 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-16 09:59 - 2021-04-16 09:59 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-14 23:26 - 2020-08-14 09:59 - 000043416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys
2021-04-13 13:20 - 2021-04-13 13:20 - 049411051 _____ C:\Users\Max\Downloads\DigitalTutor.zip
2021-04-09 22:16 - 2021-04-09 22:16 - 000150938 _____ C:\Users\Max\Downloads\Instagram_logo_2016.svg.webp
2021-04-09 21:53 - 2021-04-09 21:53 - 004956194 _____ C:\Users\Max\Downloads\_lol__death_sworn_katarina___twitch_banner_by_psychomilla_dbtd2xt.zip
2021-04-09 21:49 - 2021-04-09 21:49 - 000000946 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.24.lnk
2021-04-09 21:46 - 2021-04-09 21:46 - 247382056 _____ (The GIMP Team ) C:\Users\Max\Downloads\gimp-2.10.24-setup-2.exe
2021-04-09 21:22 - 2021-04-09 21:22 - 003173711 _____ C:\Users\Max\Downloads\Logo Blue Ai new.ai
2021-04-09 21:21 - 2021-04-09 21:21 - 000165930 _____ C:\Users\Max\Downloads\Logo Blue Ai.ai

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-05-08 18:52 - 2021-02-10 01:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-08 18:52 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-08 17:22 - 2021-02-10 14:53 - 001722792 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-08 17:22 - 2019-12-07 16:51 - 000743714 _____ C:\WINDOWS\system32\perfh007.dat
2021-05-08 17:22 - 2019-12-07 16:51 - 000150136 _____ C:\WINDOWS\system32\perfc007.dat
2021-05-08 17:22 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-08 17:20 - 2020-04-28 20:18 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-08 17:20 - 2018-06-10 12:52 - 000000000 ____D C:\Users\Max\AppData\LocalLow\Mozilla
2021-05-08 17:18 - 2020-07-05 11:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-08 17:18 - 2020-05-11 18:38 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-05-08 17:18 - 2020-04-28 19:28 - 000000000 ____D C:\ProgramData\NVIDIA
2021-05-08 17:18 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-08 17:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-08 17:15 - 2021-02-10 01:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-08 17:15 - 2021-02-10 01:10 - 000266768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-08 17:15 - 2021-02-10 01:10 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-08 17:15 - 2020-06-17 18:05 - 000000000 ____D C:\Users\Max\AppData\Roaming\LGHUB
2021-05-08 17:15 - 2020-06-17 18:05 - 000000000 ____D C:\Users\Max\AppData\Local\LGHUB
2021-05-08 17:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-05-08 03:13 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-05-08 03:12 - 2020-06-13 11:55 - 000000000 ____D C:\Users\Max\AppData\Roaming\Blitz
2021-05-08 02:54 - 2020-04-28 20:41 - 000000000 ____D C:\Users\Max\AppData\Local\Spotify
2021-05-08 02:46 - 2020-04-28 20:40 - 000000000 ____D C:\Users\Max\AppData\Roaming\Spotify
2021-05-08 01:10 - 2020-04-28 20:18 - 000000000 ____D C:\ProgramData\Riot Games
2021-05-08 00:40 - 2020-05-01 14:44 - 000000000 ____D C:\Users\Max\AppData\Roaming\obs-studio
2021-05-07 23:28 - 2020-06-13 11:50 - 000000000 ____D C:\Users\Max\AppData\Local\CrashDumps
2021-05-07 23:22 - 2020-05-26 15:41 - 000000000 ____D C:\Users\Max\AppData\Local\babl-0.1
2021-05-07 23:20 - 2020-05-26 17:11 - 000000000 ____D C:\Users\Max\AppData\Local\gtk-2.0
2021-05-07 23:18 - 2020-10-28 12:58 - 000000000 ____D C:\Users\Max\Desktop\Gimp
2021-05-07 15:02 - 2020-06-14 22:20 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-05-07 14:44 - 2021-02-10 00:19 - 000000000 ____D C:\Users\Max
2021-05-07 14:40 - 2020-09-30 16:06 - 000000000 ____D C:\Users\Max\Desktop\Uni
2021-05-07 14:40 - 2018-06-19 15:38 - 000000000 ____D C:\Users\Max\Desktop\YouTube
2021-05-07 12:19 - 2020-04-28 20:22 - 000000000 ____D C:\ProgramData\Package Cache
2021-05-07 12:14 - 2020-04-28 19:24 - 000000352 _____ C:\WINDOWS\BRRBCOM.INI
2021-05-06 22:26 - 2020-04-28 20:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-05-06 16:11 - 2020-12-02 12:54 - 000000000 ____D C:\Users\Max\AppData\Local\log
2021-05-06 16:10 - 2021-02-10 01:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-05-06 16:10 - 2020-04-28 20:18 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-05-05 23:23 - 2020-05-01 19:57 - 000000000 ____D C:\Users\Max\AppData\Roaming\discord
2021-05-05 22:38 - 2020-05-01 19:57 - 000000000 ____D C:\Users\Max\AppData\Local\Discord
2021-05-05 21:43 - 2020-04-28 23:06 - 000000000 ____D C:\Users\Max\AppData\Local\D3DSCache
2021-05-05 21:00 - 2021-03-14 21:55 - 000001693 _____ C:\Users\Max\Desktop\League of Legends.lnk
2021-05-05 20:59 - 2020-05-26 15:20 - 000001115 _____ C:\Users\Max\Desktop\GIMP 2.10.18.lnk
2021-05-05 20:58 - 2020-05-01 19:57 - 000002223 _____ C:\Users\Max\Desktop\Discord.lnk
2021-05-05 20:58 - 2020-04-13 12:42 - 000001840 _____ C:\Users\Max\Desktop\Spotify.lnk
2021-05-05 20:57 - 2020-05-20 16:17 - 000001240 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-05-05 20:57 - 2020-05-20 16:17 - 000001236 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-05-05 16:42 - 2020-04-28 20:15 - 000000000 ____D C:\Users\Max\AppData\Roaming\Adobe
2021-05-05 16:41 - 2020-10-07 13:18 - 000000000 ____D C:\Users\Max\Desktop\Twitch
2021-05-05 16:39 - 2018-06-10 12:23 - 000000000 ____D C:\Users\Max\Desktop\Familie
2021-05-05 14:43 - 2021-03-16 21:38 - 000000000 ____D C:\ProgramData\Epic
2021-05-05 10:40 - 2021-02-10 01:17 - 000004300 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-05-05 10:40 - 2021-02-10 01:17 - 000004068 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-05-04 23:29 - 2020-04-28 20:23 - 000000000 ____D C:\Users\Max\AppData\Roaming\TS3Client
2021-05-02 12:32 - 2020-05-01 14:28 - 000000000 ____D C:\Users\Max\AppData\Local\Adobe
2021-05-02 12:32 - 2020-04-29 20:30 - 000000000 ____D C:\Users\Max\AppData\Local\NVIDIA
2021-05-02 12:32 - 2020-04-02 12:16 - 000000000 ____D C:\Users\Max\Documents\Adobe
2021-05-02 12:22 - 2020-05-01 14:31 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-05-02 12:22 - 2020-05-01 14:31 - 000000000 ____D C:\Program Files\Adobe
2021-05-02 12:22 - 2020-04-02 12:01 - 000000000 ____D C:\Users\Public\Documents\Adobe
2021-05-02 12:22 - 2020-04-02 12:01 - 000000000 ____D C:\ProgramData\Documents\Adobe
2021-05-02 12:13 - 2020-05-01 14:28 - 000000000 ____D C:\ProgramData\Adobe
2021-05-02 10:36 - 2020-05-01 15:44 - 000000000 ____D C:\Users\Max\AppData\Roaming\Lavasoft
2021-05-02 10:36 - 2020-05-01 15:44 - 000000000 ____D C:\Users\Max\AppData\Local\Lavasoft
2021-05-02 10:36 - 2020-05-01 15:44 - 000000000 ____D C:\ProgramData\Lavasoft
2021-05-02 10:36 - 2020-05-01 15:44 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2021-05-02 10:36 - 2020-04-02 11:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2021-04-29 20:53 - 2020-04-28 19:28 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-04-29 20:46 - 2021-02-10 01:17 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2956124056-3800980870-852740744-1001
2021-04-29 20:46 - 2021-02-10 00:19 - 000002373 _____ C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-29 20:46 - 2018-04-24 06:45 - 000000000 ___RD C:\Users\Max\OneDrive
2021-04-29 20:37 - 2020-05-20 16:16 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-04-29 20:36 - 2021-03-29 21:04 - 000000000 ____D C:\Program Files\Riot Vanguard
2021-04-28 22:37 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-28 21:49 - 2018-06-19 14:19 - 000000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-04-28 21:49 - 2018-06-19 14:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-04-27 23:12 - 2021-02-07 22:36 - 000811808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-04-27 23:09 - 2021-02-07 22:36 - 007212232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-04-27 10:55 - 2020-05-18 12:25 - 000000000 ____D C:\Users\Max\AppData\Local\PlaceholderTileLogoFolder
2021-04-26 11:22 - 2020-10-28 21:45 - 000000000 ____D C:\Users\Max\AppData\Roaming\WhatsApp
2021-04-26 10:57 - 2021-02-11 21:46 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6ff39a30a6aea
2021-04-26 10:57 - 2021-02-10 01:17 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-24 03:08 - 2021-02-07 22:36 - 000135408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-04-23 16:56 - 2021-02-06 21:56 - 000000000 ____D C:\Users\Max\AppData\Local\WhatsApp
2021-04-22 19:02 - 2021-03-24 20:49 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-04-17 16:24 - 2020-04-28 20:14 - 000000000 ____D C:\Users\Max\AppData\Local\Packages
2021-04-16 20:01 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-16 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-16 10:01 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-16 09:59 - 2021-02-10 01:12 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-16 09:46 - 2021-02-09 01:11 - 000000000 ___HD C:\$WinREAgent
2021-04-16 09:46 - 2020-04-29 01:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-16 09:45 - 2020-04-29 01:02 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-14 23:27 - 2021-02-10 01:17 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 23:27 - 2021-02-10 01:17 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 23:27 - 2021-02-10 01:17 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 23:27 - 2021-02-10 01:17 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 23:27 - 2021-02-10 01:17 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 23:27 - 2021-02-10 01:17 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 23:27 - 2021-02-10 01:17 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 23:27 - 2021-02-10 01:17 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 23:27 - 2021-02-10 01:17 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 23:27 - 2021-02-10 01:17 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 23:27 - 2020-06-13 11:51 - 000001443 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2021-04-14 23:27 - 2020-06-13 11:51 - 000001443 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2021-04-14 23:27 - 2020-04-28 19:28 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-04-14 23:27 - 2020-04-28 19:28 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-04-14 23:27 - 2020-04-28 19:28 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-04-13 13:04 - 2020-04-28 20:15 - 000000000 ____D C:\ProgramData\Packages
2021-04-11 12:59 - 2020-04-28 19:47 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2020-05-01 15:43 - 2020-05-01 15:43 - 000284338 _____ () C:\Users\Max\AppData\Roaming\93h_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2021-05-07 23:21 - 2021-05-07 23:21 - 000020216 _____ () C:\Users\Max\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
Addition
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-05-2021 01
durchgeführt von Max (08-05-2021 19:16:06)
Gestartet von C:\Users\Max\Downloads
Windows 10 Pro Version 2004 19041.928 (X64) (2021-02-09 23:17:39)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2956124056-3800980870-852740744-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2956124056-3800980870-852740744-503 - Limited - Disabled)
Gast (S-1-5-21-2956124056-3800980870-852740744-501 - Limited - Disabled)
locma (S-1-5-21-2956124056-3800980870-852740744-1006 - Limited - Enabled) => C:\Users\locma
Max (S-1-5-21-2956124056-3800980870-852740744-1001 - Administrator - Enabled) => C:\Users\Max
WDAGUtilityAccount (S-1-5-21-2956124056-3800980870-852740744-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.001.20150 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_0) (Version: 17.0 - Adobe Systems Incorporated)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_1) (Version: 14.1 - Adobe Systems Incorporated)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.3.11.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{96f500e7-aac6-40c8-aa25-d223f373d8dd}) (Version: 2.3.11.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.0.19 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{1b15ca41-2671-4685-ab55-b8c814c4942a}) (Version: 1.0.19 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.25 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32\...\{94267bd0-fa8a-4aa4-925d-ec3e0d130fba}) (Version: 1.1.25 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.16 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{e46f527f-1e64-4554-abc1-115f3429c25c}) (Version: 1.0.16 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.02.12 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{b96dabae-c7ef-45f2-95ab-1a4d917262a3}) (Version: 1.02.12 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{D800D836-DE15-4B00-8273-521F022CD837}) (Version: 1.0.58 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{d00daf18-4c78-4fc6-bb05-376a06c79c48}) (Version: 1.0.58 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM\...\{B5E322FB-C191-463E-BDDD-4F22290EDFDB}) (Version: 1.0.8 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM-x32\...\{277875e0-972c-4705-b09c-ca5acf5b2f7c}) (Version: 1.0.8 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.2.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{2977b6c2-6523-42f4-8f52-bf4f7fc7a840}) (Version: 0.0.2.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{3507c756-a80f-4b0e-8475-975d8b432176}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.50 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{52400cff-4628-4ca3-a922-3767b198c1fd}) (Version: 1.0.50 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.32 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{243ceb39-3b77-43ab-9135-fddab4ac7caf}) (Version: 1.0.32 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.53 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{3dcded5b-10da-4d98-9c1f-c33d25288ebd}) (Version: 1.0.53 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM\...\{723B40A4-5BF2-4DC6-834A-2ADF75F3CF7E}) (Version: 1.0.1.2 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM-x32\...\{0ebcd5fb-7bf9-45b4-a0b6-0932d728e289}) (Version: 1.0.1.2 - ASUSTek COMPUTER INC.) Hidden
AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.37 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{60d8d6b5-0ec5-420a-a407-a42e19346d46}) (Version: 1.0.37 - ASUS) Hidden
Blitz 1.14.10 (HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.14.10 - Blitz, Inc.)
Chrome Remote Desktop Host (HKLM-x32\...\{2E2C5B04-0539-43B0-BC16-EF1B7DFF03A5}) (Version: 89.0.4389.25 - Google LLC)
Corsair AURA DRAM Component (HKLM\...\{376E0869-A4F1-4DC7-A1FD-EBF3AFFEB832}) (Version: 1.0.13 - CORSAIR COMPONENTS INC.) Hidden
Corsair AURA DRAM Component (HKLM-x32\...\{8fce5ea9-d56f-4f89-a363-830eceb72c72}) (Version: 1.0.13 - CORSAIR COMPONENTS INC.) Hidden
Discord (HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 121.4.4267 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden
ENE RGB HAL (HKLM\...\{BBEB79B8-472B-44E6-B0BA-157909EFE7D6}) (Version: 1.00.12 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{e0fa04a3-0593-40a3-8eea-c45cf5d09062}) (Version: 1.00.12 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM\...\{BC5E0A82-C638-44CB-8129-20C8ED70DE7A}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM-x32\...\{f3d7fb09-b93f-4c01-a765-0b0adc5bc746}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_EHD_ASM_HAL (HKLM\...\{CB19FBA3-7A4F-4D2A-A231-F580B5DCD203}) (Version: 1.00.05 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_ASM_HAL (HKLM-x32\...\{3532d794-73d7-42bd-af02-9f00623dd567}) (Version: 1.00.05 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{455E34DD-5F26-431E-B542-72F73A8FEED8}) (Version: 1.00.02 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{24a265a5-9f90-4090-904f-5ed9fa4414b8}) (Version: 1.00.02 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{07D9F8F3-EC99-4133-919D-DA341C62937C}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{0B736177-814A-4ADE-81D1-66A0FDD55BB4}) (Version: 1.1.11.0 - Epic Games, Inc.)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
GALAX GAMER RGB (HKLM\...\{06A16AA8-BBA7-4362-962E-16651962D87C}) (Version: 1.00.02 - Galaxy Microsystems Ltd.) Hidden
GALAX GAMER RGB (HKLM-x32\...\{1257fdeb-ffa3-4e17-9d4b-189075ea3656}) (Version: 1.00.02 - Galaxy Microsystems Ltd.)
Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.7.3.0 - miHoYo Co.,Ltd)
GIMP 2.10.24 (HKLM\...\GIMP-2_is1) (Version: 2.10.24 - The GIMP Team)
Ground Control (HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\ground_control) (Version: 1.0.0 - StreamElements)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.20 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{c0c65c06-e79e-44b5-bd66-85099364afeb}) (Version: 1.0.20 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
LibreOffice 7.1.0.3 (HKLM\...\{FF0BB16C-BD95-497C-BCE6-4B567668AF1B}) (Version: 7.1.0.3 - The Document Foundation)
Logitech Capture (HKLM\...\Capture) (Version: 2.02.155 - Logitech)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2021.3.9205 - Logitech)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Maxon Cinema 4D R21 (HKLM\...\Maxon Cinema 4D R21) (Version: R21 - Maxon)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.56 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\OneDriveSetup.exe) (Version: 21.062.0328.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2956124056-3800980870-852740744-1006\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
MiKTeX (HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\MiKTeX) (Version: 21.2 - MiKTeX.org)
Minecraft Launcher (HKLM-x32\...\{E15F69FA-660D-45CC-B28F-6CBC4CAD2091}) (Version: 1.0.0.0 - Mojang)
MiniTool Partition Wizard Free 9.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Mozilla Firefox 83.0 (x64 de) (HKLM\...\Mozilla Firefox 83.0 (x64 de)) (Version: 83.0 - Mozilla)
Mozilla Firefox 88.0.1 (x64 de) (HKLM\...\Mozilla Firefox 88.0.1 (x64 de)) (Version: 88.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 75.0 - Mozilla)
NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation)
NVIDIA Grafiktreiber 466.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.27 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.8 - OBS Project)
Pulse Secure (HKLM\...\{ABAEAD38-AD9E-4444-B587-9284A22F877E}) (Version: 9.1.4983 - Pulse Secure, LLC) Hidden
Pulse Secure 9.1 (HKLM-x32\...\Pulse Secure 9.1) (Version: 9.1.4983 - Pulse Secure, LLC)
Pulse Secure Setup Client (HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\Pulse_Setup_Client) (Version: 9.1.9.4983 - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Pulse_Setup_Client Activex Control) (Version: 3.1.1.1 - Pulse Secure, LLC)
Pulse Secure Setup Client Activex Control (HKLM-x32\...\Pulse_Setup_Client Activex Control) (Version: 3.1.1.1 - Pulse Secure, LLC)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
Rocket.Chat 3.0.6 (HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\9b73a9fb-f1d5-59ee-b41e-e1dd393a748a) (Version: 3.0.6 - Rocket.Chat Support)
SketchUp 2021 (HKLM-x32\...\{09480c81-5458-4d69-ab73-ee488fe8c297}) (Version: 21.0.391 - Trimble, Inc.)
SketchUp Language Pack [de] (HKLM\...\{23f0081c-2615-5ebf-7b79-c787e0e5b5bd}) (Version: 21.0.391.128 - Ihr Firmenname) Hidden
SketchUpPro (HKLM\...\{d355be80-c8d8-9076-14e8-5ae3c8f487b0}) (Version: 21.0.391.128 - Ihr Firmenname) Hidden
Spotify (HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\Spotify) (Version: 1.1.58.820.g2ae50076 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StreamElements OBS.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 21.3.8.729 - StreamElements)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.2 - TeamSpeak Systems GmbH)
TeXstudio - TeXstudio is a fully featured LaTeX editor. (HKLM\...\TeXstudio) (Version: 3.1.1 - Benito van der Zander)
VALORANT (HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WhatsApp (HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\WhatsApp) (Version: 2.2114.9 - WhatsApp)
WinRAR 6.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\ZoomUMX) (Version: 5.3.1 (52879.0927) - Zoom Video Communications, Inc.)

Packages:
=========
Excel Mobile -> C:\Program Files\WindowsApps\Microsoft.Office.Excel_16001.13801.20454.0_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-06-26] (Microsoft Corporation)
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.43.41241.0_x64__8wekyb3d8bbwe [2021-05-06] (Microsoft Corporation) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-09-17] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-04-29] (NVIDIA Corp.)
QR Code for Windows 10 -> C:\Program Files\WindowsApps\17036IYIA.QRCodeforWindows10_6.4.2.0_x64__dggz0n4pnn0ge [2021-04-17] (IYIA)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.40392.0_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-04-13] (Adobe Systems Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.25.245.0_x64__dt26b99r8h8gj [2021-05-03] (Realtek Semiconductor Corp)
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.13.154.0_x64__43tkc6nmykmb6 [2021-04-14] (Ookla)
Word Mobile -> C:\Program Files\WindowsApps\Microsoft.Office.Word_16001.13801.20454.0_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2956124056-3800980870-852740744-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Max\Dropbox [2019-05-14 10:39]
ShellIconOverlayIdentifiers: [  DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-28] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\nvshext.dll [2021-04-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-28] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============


==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2956124056-3800980870-852740744-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
DPF: HKLM-x32 {8E375A63-C616-46F1-AC77-59DF78F3A826} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient.cab

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\localhost -> localhost

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2020-04-28 19:56 - 2020-04-28 19:53 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\Pulse Secure\VC142.CRT\X64\;C:\Program Files (x86)\Pulse Secure\VC142.CRT\X86\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-2956124056-3800980870-852740744-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Max\Desktop\Background Images\Attack on Titan\Mikasa and Levi.jpg
HKU\S-1-5-21-2956124056-3800980870-852740744-1006\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
 ist aktiviert.

Network Binding:
=============
Ethernet 2: Juniper Network Service -> jnprns (enabled)

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\Run: => "CSRHarmonySkypePlugin"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "PulseSecure"
HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2956124056-3800980870-852740744-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [UDP Query User{6332DC13-88F9-4D15-B20A-E0A5091534FE}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => Keine Datei
FirewallRules: [TCP Query User{8CBA35EF-09FF-48FD-AACA-1A267E866697}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => Keine Datei
FirewallRules: [{4EEF746B-BDB7-4C48-BDAE-B033BA408991}] => (Allow) D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7D481149-628B-460E-AB1C-B34891A412BA}] => (Allow) D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{E87D1A38-9A39-424F-87F8-DB5DC6B33120}C:\users\max\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\max\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [TCP Query User{665704DA-59C1-4867-BD5B-5BEFC0358E28}C:\users\max\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\max\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [{15A3A66B-061A-4C8A-B445-B6C56FFF4816}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe => Keine Datei
FirewallRules: [{0DF1F9C0-14E2-45D7-BF49-028DC3997F11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe => Keine Datei
FirewallRules: [{2140DE2C-A666-4A93-9606-1672088E70F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe => Keine Datei
FirewallRules: [{71FCBA8D-D42B-4360-997F-0739FA1901A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe => Keine Datei
FirewallRules: [{967BF865-9A69-4AAF-82A4-45A32636B358}] => (Allow) C:\Users\Max\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{5D477B40-D22F-4A22-BC3C-3B56AE600CB7}] => (Allow) C:\Users\Max\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{1326595E-2ED9-4CC6-8B76-D05141B7B4D7}] => (Allow) C:\Users\Max\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{3ED79C23-43A5-4C9B-B5AC-6A6D67CC17F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe => Keine Datei
FirewallRules: [{6E602F52-DC12-44BA-A8E9-FAAB8BDFEDCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe => Keine Datei
FirewallRules: [{EBC128BF-5BAD-42ED-AB34-3D0ED7E7F685}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{46DA7428-1C8B-4642-8880-F287E7760C48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [UDP Query User{486387BB-A87D-4BC9-91A9-73B05CE9FDC4}C:\users\max\appdata\roaming\twitch studio\bin\twitchstudioagent.exe] => (Allow) C:\users\max\appdata\roaming\twitch studio\bin\twitchstudioagent.exe => Keine Datei
FirewallRules: [TCP Query User{F065509E-3A02-4629-88CC-F26451E82A83}C:\users\max\appdata\roaming\twitch studio\bin\twitchstudioagent.exe] => (Allow) C:\users\max\appdata\roaming\twitch studio\bin\twitchstudioagent.exe => Keine Datei
FirewallRules: [{6AE65522-C2B7-46A3-802F-4DE82103097D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Elsword (Anime MMO)\data\x2.exe => Keine Datei
FirewallRules: [{0F039F76-1E3A-48DF-A39D-CDB65AF97E4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Elsword (Anime MMO)\data\x2.exe => Keine Datei
FirewallRules: [{97B6734F-C399-4095-BDD7-EAD869D6462D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Elsword (Anime MMO)\steam_launcher.exe => Keine Datei
FirewallRules: [{EC054513-30F1-498A-AA4E-19A17B990B3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Elsword (Anime MMO)\steam_launcher.exe => Keine Datei
FirewallRules: [{CED1A6C1-4B41-4908-AA87-1640E383D198}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4F4EA02F-B6C1-4446-8A5B-09257D81CA7E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{360C5139-9457-4BFD-9C2B-746D341506AB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{696C2293-30EE-42B7-94E1-A185FA40F66A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{74D9911B-6F48-4C43-8151-363CD1F464FF}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{4ED9BD7D-F7BB-4BE6-98A8-DDB61626DCD9}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{37A2552A-9BB4-466C-BDD2-0F004A5AAAE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4A66088A-8A0A-455E-BC65-840A1B55B275}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{9F0D180E-2AA5-4466-8DE9-6FF34D24A9DA}C:\program files\epic games\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) C:\program files\epic games\spellbreak\g3\binaries\win64\spellbreak.exe => Keine Datei
FirewallRules: [TCP Query User{C7158FFC-2623-4021-AE01-AE4D001CDC71}C:\program files\epic games\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) C:\program files\epic games\spellbreak\g3\binaries\win64\spellbreak.exe => Keine Datei
FirewallRules: [UDP Query User{E1096331-D20F-40C2-B9C3-0F5587219A10}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{2FC9AE9A-A5B5-435B-963E-11E67ECDC69D}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4B13ADD4-D09A-47EC-ABC1-4F71D27216FB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6E116884-43A9-4075-9778-97889310A4A5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{26BEBABD-2B16-43C2-86B1-545BB0FF8F19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Keine Datei
FirewallRules: [{4DB4027C-E0D0-495E-834D-748A668977E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Keine Datei
FirewallRules: [UDP Query User{0696F6C2-61A5-4642-AA03-BA3877026A82}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{B6D052D3-693A-4D60-B05A-6A7576A8A24B}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{68AFFE9E-381E-4796-8A11-0F755ACDD2A4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E63797AD-F844-46E9-B5EF-30DA7798BE3A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{9F191AD5-2D86-46CF-AA14-45D4E3FD5FD5}C:\users\max\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\max\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{148BBD54-8C31-45FD-AD79-7D6742CDA17E}C:\users\max\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\max\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{37C7140B-990C-435A-B3FD-8BDAD0A395FF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8FF9C97B-6B5F-4E52-A9D2-3E0F26A3BDBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{466C0765-BFB9-4BD6-9CD2-D3C70FE80553}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D942A690-E0BD-4385-8BBD-C394FF6C2E45}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{79C6B325-398E-46A4-917D-3E7592E7D05B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{64E35AA1-E74F-4967-AF0E-8B1B2693241A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{FA082E8B-10D5-4A1E-9E1E-89AFD97063D2}D:\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe] => (Allow) D:\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe => Keine Datei
FirewallRules: [UDP Query User{FE3FDDD7-1CCD-41A0-85A7-FD018AC3243C}D:\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe] => (Allow) D:\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe => Keine Datei
FirewallRules: [{351605D1-421D-4072-8801-68CFEA936D4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{DE73D175-3185-4532-AD22-6EEFC1D88CA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{922CABF4-3613-47CF-9EEF-A5B1048F967D}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\89.0.4389.25\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{F2E1B228-CD4E-4211-962D-4AF6D207F650}] => (Allow) D:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe () [Datei ist nicht signiert]
FirewallRules: [{32DB5F90-66D1-4A85-8898-3707B2EF0DBC}] => (Allow) D:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe () [Datei ist nicht signiert]
FirewallRules: [{FE53B7B3-8268-4A44-8F00-34D2BDE254BB}] => (Allow) D:\SteamLibrary\steamapps\common\Smash Legends\Smash_Legends.exe (LINE Games Corporation -> )
FirewallRules: [{BBBDE75B-20A7-4798-9B79-DE5086A8951C}] => (Allow) D:\SteamLibrary\steamapps\common\Smash Legends\Smash_Legends.exe (LINE Games Corporation -> )
FirewallRules: [{A3500EA8-E502-47F8-956F-2F95905D7E4B}] => (Allow) D:\SteamLibrary\steamapps\common\VRChat\VRChat.exe () [Datei ist nicht signiert]
FirewallRules: [{2381EA17-FCF9-4F7A-860B-F7D3DBCDDCE4}] => (Allow) D:\SteamLibrary\steamapps\common\VRChat\VRChat.exe () [Datei ist nicht signiert]
FirewallRules: [{2E84FF59-7AA1-467F-A8BB-96C917EE01DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D0772715-7562-42C4-8A5E-3FC19E4828F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B0A48308-2D7E-437C-B59B-1CDE67CCA61F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2D481034-1F7D-4C75-9E18-474EE0A5E336}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5DE6032D-2A7C-4F0F-85E7-3B221B13661D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

25-04-2021 22:46:05 Geplanter Prüfpunkt
04-05-2021 11:55:54 Geplanter Prüfpunkt
05-05-2021 16:30:17 OpenOffice 4.1.7 wird entfernt
07-05-2021 15:01:27 IS_{AC8E8882-E64A-4D0A-A02C-C13D222C27B3}

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (05/08/2021 05:15:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Name des fehlerhaften Moduls: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001c132
ID des fehlerhaften Prozesses: 0x1094
Startzeit der fehlerhaften Anwendung: 0x01d7441cf467ee47
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Berichtskennung: f1d62b24-b878-44ab-9501-a48083373df1
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/07/2021 11:28:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: obs64.exe, Version: 26.1.1.0, Zeitstempel: 0x5ff48658
Name des fehlerhaften Moduls: obs-browser.dll, Version: 0.0.0.0, Zeitstempel: 0x6046357b
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000229bd9
ID des fehlerhaften Prozesses: 0x265c
Startzeit der fehlerhaften Anwendung: 0x01d743873e59f9bf
Pfad der fehlerhaften Anwendung: C:\Program Files\obs-studio\bin\64bit\obs64.exe
Pfad des fehlerhaften Moduls: C:\Program Files\obs-studio\obs-plugins\64bit\obs-browser.dll
Berichtskennung: bfd2817f-841e-4b9b-8e19-305e6d767f96
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/07/2021 09:57:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Name des fehlerhaften Moduls: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001c132
ID des fehlerhaften Prozesses: 0x1304
Startzeit der fehlerhaften Anwendung: 0x01d7437b25d07482
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Berichtskennung: 8a9d9d57-e2e7-40a0-89e9-009531887695
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/07/2021 12:20:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 4.0.0.974, Zeitstempel: 0x60786110
Name des fehlerhaften Moduls: Qt5Qml.dll, Version: 5.14.1.0, Zeitstempel: 0x60398085
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00000000001aa2b7
ID des fehlerhaften Prozesses: 0xafc
Startzeit der fehlerhaften Anwendung: 0x01d7432a8e032068
Pfad der fehlerhaften Anwendung: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
Berichtskennung: dd2f4e34-397c-49b6-87a8-46854b16b510
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/07/2021 12:20:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 4.0.0.974, Zeitstempel: 0x60786110
Name des fehlerhaften Moduls: Qt5Qml.dll, Version: 5.14.1.0, Zeitstempel: 0x60398085
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000001aa2b7
ID des fehlerhaften Prozesses: 0xafc
Startzeit der fehlerhaften Anwendung: 0x01d7432a8e032068
Pfad der fehlerhaften Anwendung: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
Berichtskennung: 4dbaaff3-1de1-463a-82f6-4d21fa6c30a8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/07/2021 12:19:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.


Vorgang:
  Asynchroner Vorgang wird ausgeführt

Kontext:
  Aktueller Status: DoSnapshotSet

Error: (05/07/2021 12:10:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Name des fehlerhaften Moduls: atkexComSvc.exe, Version: 1.0.0.1, Zeitstempel: 0x5cac59e5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001c132
ID des fehlerhaften Prozesses: 0x13c8
Startzeit der fehlerhaften Anwendung: 0x01d743292499fbce
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
Berichtskennung: d263a84f-4288-4e61-914f-81022f0a9dec
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/06/2021 10:47:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf (D:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)


Systemfehler:
=============
Error: (05/08/2021 05:15:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (45000 ms) wurde beim Verbindungsversuch mit dem Dienst asComSvc erreicht.

Error: (05/08/2021 03:13:04 AM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "wuauserv" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (05/08/2021 03:13:04 AM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "wuauserv" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (05/08/2021 03:13:04 AM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "wuauserv" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (05/08/2021 03:12:58 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DHA2F6H)
Description: Der Server "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/08/2021 03:12:58 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DHA2F6H)
Description: Der Server "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/08/2021 03:12:58 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DHA2F6H)
Description: Der Server "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/08/2021 03:12:58 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DHA2F6H)
Description: Der Server "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


Windows Defender:
================
Date: 2021-04-28 22:34:08
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Ransom:MSIL/Crawl&threatid=2147768618&enterprise=0
Name: Ransom:MSIL/Crawl
Schweregrad: Schwerwiegend
Kategorie: Ransomware
Pfad: file:_C:\Users\Max\Downloads\Spyware112TerminatorSetup.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DESKTOP-DHA2F6H\Max
Prozessname: C:\Program Files\Mozilla Firefox\firefox.exe
Sicherheitsversion: AV: 1.337.117.0, AS: 1.337.117.0, NIS: 1.337.117.0
Modulversion: AM: 1.1.18100.5, NIS: 1.1.18100.5

Date: 2021-04-28 22:31:41
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=App:Chip_Updater_BundleInstaller&threatid=268628&enterprise=0
Name: App:Chip_Updater_BundleInstaller
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\Users\Max\Downloads\Malwarebytes Malware Scanner - CHIP-Installer vom 28.04.2021 64fb9770db3271f3eee3698473e57f52.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DESKTOP-DHA2F6H\Max
Prozessname: C:\Program Files\Mozilla Firefox\firefox.exe
Sicherheitsversion: AV: 1.337.117.0, AS: 1.337.117.0, NIS: 1.337.117.0
Modulversion: AM: 1.1.18100.5, NIS: 1.1.18100.5

Date: 2021-04-28 22:02:43
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {5326F850-A9A4-4CEA-A21A-AA6F57BD4FF0}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-04-27 18:49:09
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {B6DE24EA-B236-4ABD-A107-8C8BCCE9EACE}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-04-20 15:55:43
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {AC033489-363B-476C-B2BB-B70CE5DF7553}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-05-05 18:09:38
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.337.117.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.18100.5
Fehlercode: 0x80072f8f
Fehlerbeschreibung: Es ist ein Sicherheitsfehler aufgetreten.

Date: 2021-05-05 18:09:38
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.337.117.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.18100.5
Fehlercode: 0x80072f8f
Fehlerbeschreibung: Es ist ein Sicherheitsfehler aufgetreten.

Date: 2021-05-05 18:09:38
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.337.117.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.18100.5
Fehlercode: 0x80072f8f
Fehlerbeschreibung: Es ist ein Sicherheitsfehler aufgetreten.

Date: 2021-05-05 18:09:38
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.337.117.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.18100.5
Fehlercode: 0x80072f8f
Fehlerbeschreibung: Es ist ein Sicherheitsfehler aufgetreten.

Date: 2021-05-05 18:09:38
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.337.117.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.18100.5
Fehlercode: 0x80072f8f
Fehlerbeschreibung: Es ist ein Sicherheitsfehler aufgetreten.

CodeIntegrity:
===============
Date: 2021-05-08 02:49:04
Description:
Windows blocked file \Device\HarddiskVolume4\Windows\System32\scrobj.dll which has been disallowed for protected processes.


==================== Speicherinformationen ===========================

BIOS: American Megatrends Inc. B.70 06/10/2020
Hauptplatine: Micro-Star International Co., Ltd. B450M PRO-VDH MAX (MS-7A38)
Prozessor: AMD Ryzen 5 3600 6-Core Processor
Prozentuale Nutzung des RAM: 36%
Installierter physikalischer RAM: 16333.29 MB
Verfügbarer physikalischer RAM: 10339.52 MB
Summe virtueller Speicher: 18765.29 MB
Verfügbarer virtueller Speicher: 9676.65 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:222.62 GB) (Free:31.85 GB) NTFS
Drive d: () (Fixed) (Total:930.44 GB) (Free:707.15 GB) NTFS

\\?\Volume{67b79e30-1fca-01d6-18cf-db33e50feb00}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{bfde7ce0-1fce-01d6-703a-e45be70feb00}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{790920d1-5781-479b-8f7f-edafec533855}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{8bfebfbd-009e-45d1-aaa4-8eccf38519f6}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{00034367-4240-69ac-cabf-d601ce860600}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
\\?\Volume{b0e14cab-f013-41d0-9267-8cdf66e721ab}\ () (Fixed) (Total:0 GB) (Free:0 GB)

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 223.6 GB) (Disk ID: 33B9DBB0)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================

Maxecute 08.05.2021 18:19
Shortcut
Code:
Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 08-05-2021 01
durchgeführt von Max (08-05-2021 19:16:43)
Gestartet von C:\Users\Max\Downloads
Start-Modus: Normal

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2020.lnk -> C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\AfterFX.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2020.lnk -> C:\Program Files\Adobe\Adobe Premiere Pro 2020\Adobe Premiere Pro.exe (Adobe)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.24.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.10.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXstudio.lnk -> D:\TexStudio\texstudio.exe (TeXstudio)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2021\LayOut 2021.lnk -> D:\SketchUp\LayOut\LayOut.exe (Trimble, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2021\SketchUp Pro 2021.lnk -> D:\SketchUp\SketchUp.exe (Trimble, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2021\Style Builder 2021.lnk -> D:\SketchUp\Style Builder\Style Builder.exe (Trimble, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pulse Secure\Deinstallation Pulse.lnk -> C:\Program Files (x86)\Pulse Secure\Pulse\PulseUninstall.exe (${NEO_COMPANY_FULL_NAME})
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (64bit).lnk -> C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\Uninstall.lnk -> C:\Program Files\obs-studio\uninstall.exe (obsproject.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.0\MiniTool Partition Wizard Free.lnk -> C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0\loader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.0\MiniTool Partition Wizard Help.lnk -> C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0\pw.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.0\Uninstall MiniTool Partition Wizard Free.lnk -> C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher\Minecraft Launcher.lnk -> C:\Program Files (x86)\Minecraft Launcher\MinecraftLauncher.exe (Mojang)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxon\Maxon Cinema 4D\Commandline R21.lnk -> C:\Program Files\Maxon Cinema 4D R21\Commandline.exe (MAXON Computer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxon\Maxon Cinema 4D\Maxon Cinema 4D R21.lnk -> C:\Program Files\Maxon Cinema 4D R21\Cinema 4D.exe (MAXON Computer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxon\Maxon Cinema 4D\Team Render Client R21.lnk -> C:\Program Files\Maxon Cinema 4D R21\Cinema 4D Team Render Client.exe (MAXON Computer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxon\Maxon Cinema 4D\Team Render Server R21.lnk -> C:\Program Files\Maxon Cinema 4D R21\Cinema 4D Team Render Server.exe (MAXON Computer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Capture.lnk -> C:\Program Files\Logitech\LogiCapture\bin\LogiCapture.exe (Logitech)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi\Logitech G HUB.lnk -> C:\Program Files\LGHUB\lghub.exe (Logitech, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1\LibreOffice Base.lnk -> C:\Program Files\LibreOffice\program\sbase.exe (The Document Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1\LibreOffice Calc.lnk -> C:\Program Files\LibreOffice\program\scalc.exe (The Document Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1\LibreOffice Draw.lnk -> C:\Program Files\LibreOffice\program\sdraw.exe (The Document Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1\LibreOffice Impress.lnk -> C:\Program Files\LibreOffice\program\simpress.exe (The Document Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1\LibreOffice Math.lnk -> C:\Program Files\LibreOffice\program\smath.exe (The Document Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1\LibreOffice Writer.lnk -> C:\Program Files\LibreOffice\program\swriter.exe (The Document Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1\LibreOffice.lnk -> C:\Program Files\LibreOffice\program\soffice.exe (The Document Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 20.lnk -> C:\Program Files\Image-Line\FL Studio 20\FL64.exe (Image-Line)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genshin Impact\DeinstallierenGenshin Impact.lnk -> C:\Program Files\Genshin Impact\uninstall.exe (miHoYo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genshin Impact\Genshin Impact.lnk -> C:\Program Files\Genshin Impact\launcher.exe (miHoYo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CLIP STUDIO\CLIP STUDIO.lnk -> C:\Program Files\CELSYS\CLIP STUDIO 1.5\CLIP STUDIO\CLIPStudio.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Max\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\Links\Desktop.lnk -> C:\Users\locma\Desktop ()
Shortcut: C:\Users\locma\Links\Downloads.lnk -> C:\Users\locma\Downloads ()
Shortcut: C:\Users\locma\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\locma\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge (2).lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\max3004dinh@gmail.com Creative Cloud Files\_Cloud-Dokumente.lnk -> C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe (Keine Datei)
Shortcut: C:\Users\Max\Links\Desktop.lnk -> C:\Users\Max\Desktop ()
Shortcut: C:\Users\Max\Links\Downloads.lnk -> C:\Users\Max\Downloads ()
Shortcut: C:\Users\Max\Links\iCloud Drive.lnk -> C:\Users\Max\iCloudDrive ()
Shortcut: C:\Users\Max\Documents\Adobe\After Effects 2020\User Presets\(Adobe).lnk -> C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\Presets ()
Shortcut: C:\Users\Max\Desktop\Adobe After Effects 2020.lnk -> C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\AfterFX.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Max\Desktop\Adobe Premiere Pro 2020.lnk -> C:\Program Files\Adobe\Adobe Premiere Pro 2020\Adobe Premiere Pro.exe (Adobe)
Shortcut: C:\Users\Max\Desktop\Blitz.lnk -> C:\Users\Max\AppData\Local\Programs\Blitz\Blitz.exe (Blitz, Inc.)
Shortcut: C:\Users\Max\Desktop\Genshin Impact.lnk -> C:\Program Files\Genshin Impact\launcher.exe (miHoYo)
Shortcut: C:\Users\Max\Desktop\GIMP 2.10.18.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.10.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team)
Shortcut: C:\Users\Max\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\Desktop\Premiere Pro - Verknüpfung.lnk -> C:\Users\Max\Documents\Adobe\Premiere Pro ()
Shortcut: C:\Users\Max\Desktop\Rocket.Chat.lnk -> C:\Users\Max\AppData\Local\Programs\Rocket.Chat\Rocket.Chat.exe (Rocket.Chat Support)
Shortcut: C:\Users\Max\Desktop\Spotify.lnk -> C:\Users\Max\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\Max\Desktop\Start Tor Browser.lnk -> C:\Users\Max\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Max\Desktop\StreamElements OBS.Live.lnk -> C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS)
Shortcut: C:\Users\Max\Desktop\WhatsApp.lnk -> C:\Users\Max\AppData\Local\WhatsApp\WhatsApp.exe (WhatsApp)
Shortcut: C:\Users\Max\Desktop\Zoom.lnk -> C:\Users\Max\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\Max\Desktop\Twitch\Ground Control.lnk -> C:\Users\Max\AppData\Local\ground_control\Ground Control.exe (StreamElements)
Shortcut: C:\Users\Max\Desktop\Twitch\StreamElements OBS.Live.lnk -> C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS)
Shortcut: C:\Users\Max\Desktop\Tor Browser\Start Tor Browser.lnk -> C:\Users\Max\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Max\Creative Cloud Files\_Cloud-Dokumente.lnk -> C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe (Keine Datei)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz.lnk -> C:\Users\Max\AppData\Local\Programs\Blitz\Blitz.exe (Blitz, Inc.)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Max\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rocket.Chat.lnk -> C:\Users\Max\AppData\Local\Programs\Rocket.Chat\Rocket.Chat.exe (Rocket.Chat Support)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Users\Max\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk -> C:\Users\Max\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Start Zoom.lnk -> C:\Users\Max\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Zoom.lnk -> C:\Users\Max\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp\WhatsApp.lnk -> C:\Users\Max\AppData\Local\WhatsApp\WhatsApp.exe (WhatsApp)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StreamElements\Ground Control.lnk -> C:\Users\Max\AppData\Local\ground_control\Ground Control.exe (StreamElements)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiKTeX\MiKTeX Console.lnk -> D:\Latex\miktex\bin\x64\miktex-console.exe (MiKTeX.org)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiKTeX\TeXworks.lnk -> D:\Latex\miktex\bin\x64\miktex-texworks.exe (TeX Users Group)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 20.lnk -> C:\Program Files\Image-Line\FL Studio 20\FL64.exe (Image-Line)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\More....lnk -> C:\Program Files\Image-Line\Shared\Start ()
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud Drive.lnk -> C:\Users\Max\iCloudDrive ()
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2\ASIO4ALL v2 Instruction Manual.lnk -> C:\Program Files (x86)\ASIO4ALL v2\ASIO4ALL v2 Instruction Manual.pdf ()
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2\ASIO4ALL Web Site.lnk -> C:\Program Files (x86)\ASIO4ALL v2\ASIO4ALL Web Site.url ()
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2\Uninstall.lnk -> C:\Program Files (x86)\ASIO4ALL v2\uninstall.exe ()
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe After Effects 2020.lnk -> C:\Program Files\Adobe\Adobe After Effects 2020\Support Files\AfterFX.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Premiere Pro 2020.lnk -> C:\Program Files\Adobe\Adobe Premiere Pro 2020\Adobe Premiere Pro.exe (Adobe)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GIMP 2.10.18.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.10.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\LibreOffice Writer.lnk -> C:\Program Files\LibreOffice\program\swriter.exe (The Document Foundation)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\OBS Studio.lnk -> C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Spotify.lnk -> C:\Users\Max\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TeXstudio.lnk -> D:\TexStudio\texstudio.exe (TeXstudio)
Shortcut: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\81f60f1222210b45\League of Legends.lnk -> C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc.)
Shortcut: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Epic Games, Inc.)
Shortcut: C:\Users\Public\Desktop\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\FL Studio 20.lnk -> C:\Program Files\Image-Line\FL Studio 20\FL64.exe (Image-Line)
Shortcut: C:\Users\Public\Desktop\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation)
Shortcut: C:\Users\Public\Desktop\LayOut 2021.lnk -> D:\SketchUp\LayOut\LayOut.exe (Trimble, Inc.)
Shortcut: C:\Users\Public\Desktop\LibreOffice 7.1.lnk -> C:\Program Files\LibreOffice\program\soffice.exe (The Document Foundation)
Shortcut: C:\Users\Public\Desktop\Logitech G HUB.lnk -> C:\Program Files\LGHUB\lghub.exe (Logitech, Inc.)
Shortcut: C:\Users\Public\Desktop\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\Users\Public\Desktop\OBS Studio.lnk -> C:\Program Files\obs-studio\bin\64bit\obs64.exe (OBS)
Shortcut: C:\Users\Public\Desktop\SketchUp Pro 2021.lnk -> D:\SketchUp\SketchUp.exe (Trimble, Inc.)
Shortcut: C:\Users\Public\Desktop\Style Builder 2021.lnk -> D:\SketchUp\Style Builder\Style Builder.exe (Trimble, Inc.)
Shortcut: C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games\League of Legends.lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=league_of_legends --launch-patchline=live
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games\VALORANT.lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=valorant --launch-patchline=live
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pulse Secure\Pulse Secure.lnk -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\Pulse.exe () -> -show
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pulse Secure\Reparieren Pulse.lnk -> C:\Program Files (x86)\Pulse Secure\Pulse\PulseUninstall.exe (${NEO_COMPANY_FULL_NAME}) -> /repair=1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1\LibreOffice (abgesicherter Modus).lnk -> C:\Program Files\LibreOffice\program\soffice.exe (The Document Foundation) -> --safe-mode
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends\League of Legends.lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=league_of_legends --launch-patchline=live
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\locma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\locma\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\locma\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\locma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\locma\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\locma\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Max\Desktop\Discord.lnk -> C:\Users\Max\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\Max\Desktop\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\Max\Desktop\League of Legends.lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=league_of_legends --launch-patchline=live
ShortcutWithArgument: C:\Users\Max\Desktop\Pulse Secure.lnk -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\Pulse.exe () -> -show
ShortcutWithArgument: C:\Users\Max\Desktop\VALORANT.lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=valorant --launch-patchline=live
ShortcutWithArgument: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\Max\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Video Communications, Inc.) -> /uninstall
ShortcutWithArgument: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games\Legends of Runeterra (2).lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=bacon --launch-patchline=live
ShortcutWithArgument: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord.lnk -> C:\Users\Max\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\Max\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Max\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Discord (2).lnk -> C:\Users\Max\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Discord.lnk -> C:\Users\Max\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\League of Legends.lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=league_of_legends --launch-patchline=live
ShortcutWithArgument: C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\4ac866364817f10c\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Max\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Max\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.0\MiniTool Partition Wizard Free on the Web.url -> URL: hxxp://www.partitionwizard.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot\Learn More.url -> URL: hxxp://app.prntscr.com/learnmore.html
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot\Screenshot history.url -> URL: hxxp://app.prntscr.com/about-gallery.html
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Besuchen Sie Java.com.url -> URL: hxxps://java.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Hilfe aufrufen.url -> URL: hxxps://java.com/help
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL ->
InternetURL: C:\Users\locma\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Max\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Max\Favorites\Links\Apple.url -> URL: hxxps://www.apple.com/de/
InternetURL: C:\Users\Max\Favorites\Links\Bing.url -> URL: hxxps://www.bing.com/
InternetURL: C:\Users\Max\Favorites\Links\Google.url -> URL: hxxps://www.google.com/?client=safari&channel=iphone_bm
InternetURL: C:\Users\Max\Favorites\Links\Yahoo.url -> URL: hxxps://de.yahoo.com/
InternetURL: C:\Users\Max\Dropbox\Get Started with Dropbox Paper.url -> URL: hxxps://www.dropbox.com/login?_tk=dropbox_desktop_urlfile&cont=https%3A%2F%2Fpaper.dropbox.com%2Fpad%2Fopen-or-create-sample%2Fintro&register_cont=https%3A%2F%2Fpaper.dropbox.com%2Fpad%2Fopen-or-create-sample%2Fintro
InternetURL: C:\Users\Max\Desktop\Fortnite.url -> URL: com.epicgames.launcher://apps/Fortnite?action=launch&silent=true
InternetURL: C:\Users\Max\Desktop\Phasmophobia.url -> URL: steam://rungameid/739630
InternetURL: C:\Users\Max\Desktop\VRChat.url -> URL: steam://rungameid/438100
InternetURL: C:\Users\Max\Desktop\Wallpaper Engine.url -> URL: steam://rungameid/431960
InternetURL: C:\Users\Max\Desktop\Unterlagen\Bewerbung\lebenslaufmuster1\Premium Bewerbungsvorlagen*-*BewerbungsDesigns.de.URL -> URL: hxxps://www.bewerbungsdesigns.de/
InternetURL: C:\Users\Max\Desktop\Twitch\Minimal Alert Maker - Nerd or Die\Minimal Alert Maker - Nerd or Die\Quick Setup Alert Maker - Streamlabs.url -> URL: hxxps://streamlabs.com/profile/share/alert_box/15968183/32740b3ba2325363d291a5dfebacf560?s=1
InternetURL: C:\Users\Max\Desktop\Twitch\Minimal Alert Maker - Nerd or Die\Minimal Alert Maker - Nerd or Die\Video Guide\Free Alert Maker - Minimal Design for Twitch, YouTube Gaming, and Mixer - YouTube.url -> URL: hxxps://www.youtube.com/watch?v=amkW-GGpZdc
InternetURL: C:\Users\Max\Desktop\Twitch\Minimal Alert Maker - Nerd or Die\Minimal Alert Maker - Nerd or Die\Setup Guide\Free Minimal Alert Maker - Nerd or Die.url -> URL: hxxps://nerdordie.com/free-minimal-alert-maker/
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\WAProd_Free_Tech_House_Tools\25% DISCOUNT -Buy More Samples Here.url -> URL: hxxp://waproduction-samples.com/
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\WAProd_Free_Tech_House_Tools\FREE Downloads From W. A. Production.url -> URL: hxxps://soundcloud.com/w-a-production/sets/free-downloads
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\WAProd_FREE_Progressive_House_drums2\25% DISCOUNT - Buy More Samples Here.url -> URL: hxxp://waproduction-samples.com/
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\WAProd_FREE_Progressive_House_drums2\FREE Downloads From W. A. Production.url -> URL: hxxps://soundcloud.com/w-a-production/sets/free-downloads
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\WAProd_Free_Hybrid_Trap_Drums\25% DISCOUNT -Buy More Samples Here.url -> URL: hxxp://waproduction-samples.com/
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\WAProd_Free_Hybrid_Trap_Drums\FREE Downloads From W. A. Production.url -> URL: hxxps://www.facebook.com/waproductioncz
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\WAProd_Free_Future_Bass_Drums\25% DISCOUNT -Buy More Samples Here.url -> URL: hxxp://waproduction-samples.com/
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\WAProd_Free_Future_Bass_Drums\FREE Downloads From W. A. Production.url -> URL: hxxps://www.facebook.com/waproductioncz
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\Sounds of KSHMR Vol. 1 (Splice)\Sounds of KSHMR Vol. 1 (Splice)\Splice Sounds of KSHMR Presets\sounds-of-kshmr-vol-1.url -> URL: hxxps://splice.com/sounds/splice/sounds-of-kshmr-vol-1
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\Fl Studio Sample Packs\Julians Premium Samples\WAProd_Free_Tech_House_Tools\25% DISCOUNT -Buy More Samples Here.url -> URL: hxxp://waproduction-samples.com/
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\Fl Studio Sample Packs\Julians Premium Samples\WAProd_Free_Tech_House_Tools\FREE Downloads From W. A. Production.url -> URL: hxxps://soundcloud.com/w-a-production/sets/free-downloads
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\Fl Studio Sample Packs\Julians Premium Samples\WAProd_FREE_Progressive_House_drums2\25% DISCOUNT - Buy More Samples Here.url -> URL: hxxp://waproduction-samples.com/
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\Fl Studio Sample Packs\Julians Premium Samples\WAProd_FREE_Progressive_House_drums2\FREE Downloads From W. A. Production.url -> URL: hxxps://soundcloud.com/w-a-production/sets/free-downloads
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\Fl Studio Sample Packs\Julians Premium Samples\WAProd_Free_Hybrid_Trap_Drums\25% DISCOUNT -Buy More Samples Here.url -> URL: hxxp://waproduction-samples.com/
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\Fl Studio Sample Packs\Julians Premium Samples\WAProd_Free_Hybrid_Trap_Drums\FREE Downloads From W. A. Production.url -> URL: hxxps://www.facebook.com/waproductioncz
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\Fl Studio Sample Packs\Julians Premium Samples\WAProd_Free_Future_Bass_Drums\25% DISCOUNT -Buy More Samples Here.url -> URL: hxxp://waproduction-samples.com/
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\Fl Studio Sample Packs\Julians Premium Samples\WAProd_Free_Future_Bass_Drums\FREE Downloads From W. A. Production.url -> URL: hxxps://www.facebook.com/waproductioncz
InternetURL: C:\Users\Max\Desktop\FL Studio\Sample Packs\Fl Studio Sample Packs\Julians Premium Samples\Sounds of KSHMR Vol. 1 (Splice)\Sounds of KSHMR Vol. 1 (Splice)\Splice Sounds of KSHMR Presets\sounds-of-kshmr-vol-1.url -> URL: hxxps://splice.com/sounds/splice/sounds-of-kshmr-vol-1
InternetURL: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Wallpaper Engine.url -> URL: steam://rungameid/431960

==================== Ende vom Shortcut.txt =============================

cosinus 09.05.2021 19:33
Kontrollscans mit MBAM und RK

Wir sind fast fertig. Jetzt ist es an der Zeit für Kontrollscans mit
Poste nach Abschluss der beiden Scans die Logs in CODE-Tags.

Maxecute 10.05.2021 15:01
Malwarebytes
Code:
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 10.05.21
Scan-Zeit: 15:44
Protokolldatei: c718d548-b195-11eb-a44a-001a7dda7115.json

-Softwaredaten-
Version: 4.3.0.98
Komponentenversion: 1.0.1273
Version des Aktualisierungspakets: 1.0.40286
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 19041.928)
CPU: x64
Dateisystem: NTFS
Benutzer: System

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Zeitplaner
Ergebnis: Abgeschlossen
Gescannte Objekte: 332088
Erkannte Bedrohungen: 2
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 5 Min., 10 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 2
PUP.Optional.DefaultSearch, C:\USERS\MAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8ZXZ0Q4W.DEFAULT-RELEASE\PREFS.JS, Keine Aktion durch Benutzer, 330, 932426, 1.0.40286, , ame, , CB72B6B25593B9D5B67B7EE4AB2EAA44, AC94F5122465131F5564172D7DF15D9355DF4B03DBEF7295A9FF39FF70CDE122
PUP.Optional.DefaultSearch, C:\USERS\MAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8ZXZ0Q4W.DEFAULT-RELEASE\PREFS.JS, Keine Aktion durch Benutzer, 330, 932427, 1.0.40286, , ame, , CB72B6B25593B9D5B67B7EE4AB2EAA44, AC94F5122465131F5564172D7DF15D9355DF4B03DBEF7295A9FF39FF70CDE122

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)
RogueKiller
Code:
RogueKiller Anti-Malware V14.8.6.0 (x64) [Mar 24 2021] (Free) von Adlice Software
Mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Betriebssystem : Windows 10 (10.0.19041) 64 bits
Gestartet in : Normaler Modus
Benutzer : Max [Administrator]
Gestartet von : C:\Program Files\RogueKiller\RogueKiller64.exe
Signaturen : 20210510_064037, Treiber : Geladen
Modus : Standard-Scan, Scannen -- Datum : 2021/05/10 15:46:51 (Dauer : 00:05:01)
Switches : -minimize

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Prozesse ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Prozessmodule ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Dienste ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> XX - Software
  [PUP.Gen1 (Potenziell bösartig)] (X64) HKEY_USERS\S-1-5-21-2956124056-3800980870-852740744-1001\Software\OCS -- N/A -> Gefunden
>>>>>> O87 - Firewall
  [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{486387BB-A87D-4BC9-91A9-73B05CE9FDC4}C:\users\max\appdata\roaming\twitch studio\bin\twitchstudioagent.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\max\appdata\roaming\twitch studio\bin\twitchstudioagent.exe|Name=twitchstudioagent.exe|Desc=twitchstudioagent.exe|Defer=User| (C:\users\max\appdata\roaming\twitch studio\bin\twitchstudioagent.exe) (missing) -> Gefunden
  [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{F065509E-3A02-4629-88CC-F26451E82A83}C:\users\max\appdata\roaming\twitch studio\bin\twitchstudioagent.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\max\appdata\roaming\twitch studio\bin\twitchstudioagent.exe|Name=twitchstudioagent.exe|Desc=twitchstudioagent.exe|Defer=User| (C:\users\max\appdata\roaming\twitch studio\bin\twitchstudioagent.exe) (missing) -> Gefunden

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts-Datei ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Dateien ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Webbrowser ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> Firefox Config
  [PUM.SearchEngine (Potenziell bösartig)] browser.search.defaultenginename (C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\8zxz0q4w.default-release\prefs.js) -- Bing Default Search -> Gefunden
  [PUM.SearchEngine (Potenziell bösartig)] browser.search.selectedEngine (C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\8zxz0q4w.default-release\prefs.js) -- Bing Default Search -> Gefunden

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Anti-Rootkit : 0 (Driver: Geladen) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

cosinus 10.05.2021 21:42
Zitat:
PUP.Optional.DefaultSearch, C:\USERS\MAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8ZXZ0Q4W.DEFAULT-RELEASE\PREFS.JS, Keine Aktion durch Benutzer
Findet der den immer noch bzw immer wieder?
Falls ja, musst du wohl mal ein neues Firefox Profil erstellen. Dann aus dem alten Profil die Lesezeichen/Passwörter exportieren und ins neue importieren. Konsultiere dazu Mozilla: Mithilfe der Profilverwaltung Firefox-Profile erstellen, löschen oder zwischen ihnen wechseln

Maxecute 10.05.2021 22:40
Hmmm, muss ich denn überhaupt etwas machen? Ist das harmlos was ich da im Browser habe oder ist das irgend so ein Virus?

cosinus 11.05.2021 08:10
Du musst nicht. Ich würde aber das Profil neu machen.

Maxecute 11.05.2021 11:18
Alles klar, dann ist alles erledigt oder?
Danke für deine Hilfe und Geduld ^^

cosinus 11.05.2021 11:40
Dann wären wir durch! :daumenhoc

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

Abschließend bitte noch einen Cleanup mit unserem TB-Cleanup-Script durchführen und unbedingt die Sicherheitsmaßnahmen lesen und umsetzen - beides ist in folgendem Lesestoff verlinkt:

Anleitung: Cleanup & Maßnahmen zur Absicherung des Rechners

M-K-D-B 12.05.2021 12:58
Wir sind froh, dass wir helfen konnten :abklatsch:

Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema.

Jeder andere bitte hier klicken und ein eigenes Thema erstellen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 08:41 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131