Problemschilderung:
Hallo,
ich nutze derzeitig Windows 11, jedoch begann die Problematik bereits mit Windows 10.
Ich spiele aktiv IRACING und bestreite auch jeweilige E-Sport Rennen.
Vor kurzer Zeit kam ein neues Mitglied in unser Team, dieser hat nach kurzer Zeit mir Worte vorgelesen, welche ich gerade am Eintippen war innerhalb der Chat-Kommunikation über Discord.
Innerhalb des Rennens hatte ich sporadisch extreme und unerklärliche CPU und GPU Auslastungen, die das allgemeine Vergnügen stark beeinträchtigt haben.
Ebenso ist während dem Fahren meine Software ausgefallen, er unterhielt sich dabei im Hintergrund mit einem anderen Menschen und sagte "Scheiße ich habe den falschen Knopf gedrückt", der Prozess wurde auch "gekillt", war kein bekanntes abstürzen.
Mehrere meiner Teamkollegen vermeldeten auch in dieser Zeit Virenbefall auf Ihrem Computer.
Die Person habe ich darauf angesprochen, streitet jedoch bis heute alles ab.
Während dem Fahren wechselte das Force Feedback als würde ich auf Eis fahren, über die Ereignisberichte konnte ich erkennen das meine USB-Geräte sporadisch abgemeldet und angemeldet werden.
Der PC fuhr auch mitten in der Nacht mehrmalig von allein hoch, obwohl Wake on Lan nach besagtem auftreten abgeschaltet wurde, sowie auch die Reaktivierung ausschließlich über das BIOS gesetzt war.
PC startete auch von allein ohne aktive Internetleitung, bzw. ohne aktiven Internetanschluss.
Ein Backup, welches ich geladen hatte, hat auch nicht den gewünschten Erfolg gebracht, das Spiel hat sich von selbst innerhalb eines E-Sport Rennens geschlossen, ein Crash DUMP wurde nicht erzeugt.
Ich habe den PC zwischenzeitlich komplett formatiert (auch alle externen Platten, Router zurückgesetzt, und alle weitere PC´s im Haus) und Windows 11 aufgespielt sowie die Treiber.
Derzeitig nur das nötigste Installiert, heute wieder ein E-Sport Rennen innerhalb der Liga bestritten. Während dem Fahren wurde der Bildschirm kurz schwarz, als würde ich blinzeln oder ein Screenshot erstellt werden.
Kurzzeitig höhere Auslastung gehabt, welche kurz darauf nicht weiter auffällig war.
Fahre jeden Tag circa 4-8 Stunden, ohne Probleme dieser Art, diese Probleme treten immer nur innerhalb des Liga Rennens auf.
Mittlerweile EXPRESS VPN im Betrieb, auch über die Mobile Datenverbindung gleiches Fehlerbild.
Ereignisbericht für mich unauffällig, keine Viren von vorinstalliertem Windows Anti Viren System gefunden.
Ich habe die Vermutung das unsere PC´s manipuliert/angegriffen werden, um uns ausscheiden zu lassen.
Innerhalb der Liga, auch außerhalb unseres Teams gab es einen weiteren Fahrer, der über das sporadische Beenden des Spiels berichtete. Rückschlusse konnte er keine ziehen.
Wie dieser Angriff stattfindet, kann ich mir auch nicht erklären. Entweder als direkten Windows Angriff oder eventuelle Sicherheitslücke auf den IRACING Servern selbst?
Ich benötige Hilfe bei der Feststellung, bzw. Auswertung ob solch ein Angriff erfolgt während eines E-Sport Rennens. Falls ja, welche Möglichkeiten mich dagegen zu sichern.
Vielen Dank im Voraus.
Shortcut:
Code:
Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 14-08-2021
durchgeführt von ***** (20-08-2021 22:45:50)
Gestartet von C:\Users\*****\Downloads
Start-Modus: Normal
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\TP Updater.lnk -> C:\Program Files (x86)\Rhinode LLC\Trading Paints\TP Updater.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Trading Paints.lnk -> C:\Program Files (x86)\Rhinode LLC\Trading Paints\Trading Paints.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk -> C:\Program Files\Adobe\Adobe Photoshop 2021\Photoshop.exe (Adobe)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExpressVPN.lnk -> C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe (ExpressVPN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVCleanstall.lnk -> C:\Program Files\NVCleanstall\NVCleanstall.exe (TechPowerUp)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Program Files\Microsoft OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Sandbox.lnk -> C:\Windows\System32\WindowsSandbox.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winaero Tweaker\EULA.lnk -> C:\Program Files\Winaero Tweaker\Winaero EULA.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winaero Tweaker\Winaero Tweaker.lnk -> C:\Program Files\Winaero Tweaker\WinaeroTweaker.exe (hxxps://winaero.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winaero Tweaker\Winaero Website.lnk -> C:\Program Files\Winaero Tweaker\Winaero.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Digital Race Engineer\The Digital Race Engineer.lnk -> C:\Program Files (x86)\Steam\steamapps\common\VoiceAttack\Apps\The Digital Race Engineer\DRE Launcher.exe (Escapisim)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Digital Race Engineer\Uninstall The Digital Race Engineer.lnk -> C:\Program Files (x86)\Steam\steamapps\common\VoiceAttack\Apps\The Digital Race Engineer\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Power Automate Desktop\Desktop flows.lnk -> C:\Program Files (x86)\Power Automate Desktop\Microsoft.Flow.RPA.Notifier.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Power Automate Desktop\Power Automate Desktop.lnk -> C:\Program Files (x86)\Power Automate Desktop\PAD.Console.Host.exe (Microsoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office-Spracheinstellungen.lnk -> C:\Program Files\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN\FRITZ!WLAN Hilfe.lnk -> C:\Program Files (x86)\avmwlanstick\FRITZ!WLAN_N.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN\FRITZ!WLAN Readme.lnk -> C:\Program Files (x86)\avmwlanstick\readme.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Endor Fanatec\FanaLab.lnk -> C:\Program Files (x86)\Fanatec\FanaLab\Control\FanaLab.exe (Endor Fanatec)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e2eSoft iVCam\iVCam entfernen.lnk -> C:\Program Files\e2eSoft\iVCam\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e2eSoft iVCam\iVCam.lnk -> C:\Program Files\e2eSoft\iVCam\iVCam.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z MSI\CPU-Z MSI.lnk -> C:\Program Files\CPUID\CPU-Z MSI\cpuz.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z MSI\Edit CPU-Z MSI Config File.lnk -> C:\Program Files\CPUID\CPU-Z MSI\cpuz.ini ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z MSI\Uninstall CPU-Z MSI.lnk -> C:\Program Files\CPUID\CPU-Z MSI\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BCUninstaller\BCUninstaller entfernen.lnk -> C:\Program Files\BCUninstaller\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BCUninstaller\BCUninstaller.lnk -> C:\Program Files\BCUninstaller\BCUninstaller.exe (Marcin Szeniak)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Ryzen Master\Ryzen Master\Ryzen Master Help Guide.lnk -> C:\Program Files\AMD\RyzenMaster\Documentation\Userguide.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Ryzen Master\Ryzen Master\Ryzen Master.lnk -> C:\Program Files\AMD\RyzenMaster\bin\AMD Ryzen Master.exe (Advanced Micro Devices, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD\StoreMI\StoreMI.lnk -> C:\Program Files\AMD\StoreMI\bin\AMD StoreMI.EXE (Advanced Micro Devices, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files\7-Zip\7zFM.exe (Igor Pavlov)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files\7-Zip\7-zip.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\Links\Desktop.lnk -> C:\Users\*****\OneDrive\Desktop ()
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\Links\Downloads.lnk -> C:\Users\*****\Downloads ()
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth File Transfer.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\Links\Desktop.lnk -> C:\Users\*****\OneDrive\Desktop ()
Shortcut: C:\Users\*****\Links\Downloads.lnk -> C:\Users\*****\Downloads ()
Shortcut: C:\Users\*****\Creative Cloud Files\_Cloud-Dokumente.lnk -> C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe ()
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YouTube Music.lnk -> C:\Users\*****\AppData\Local\Programs\youtube-music\YouTube Music.exe (th-ch)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SnoreToast\0.7.0\SnoreToast.lnk -> C:\Users\*****\AppData\Local\Programs\youtube-music\resources\app.asar.unpacked\node_modules\node-notifier\vendor\snoreToast\snoretoast-x64.exe ()
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iRacing\iRacing Member Website.lnk -> C:\Program Files (x86)\iRacing\iracingbeta.ico ()
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iRacing\iRacing UI.lnk -> C:\Program Files (x86)\iRacing\ui\iRacingUI.exe (iRacing)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iRacing UI.lnk -> C:\Program Files (x86)\iRacing\ui\iRacingUI.exe (iRacing)
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\SetupDev2021.lnk -> C:\Program Files (x86)\Steam\steamapps\common\Setup Developer Tool 2021\SetupDev2021.exe ()
Shortcut: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube Music.lnk -> C:\Users\*****\AppData\Local\Programs\youtube-music\YouTube Music.exe (th-ch)
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Windows Terminal.lnk -> Tile and icon assets
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\AMD Ryzen Master.lnk -> C:\Program Files\AMD\RyzenMaster\bin\AMD Ryzen Master.exe (Advanced Micro Devices, Inc.)
Shortcut: C:\Users\Public\Desktop\CPUID CPU-Z MSI.lnk -> C:\Program Files\CPUID\CPU-Z MSI\cpuz.exe (CPUID)
Shortcut: C:\Users\Public\Desktop\ExpressVPN.lnk -> C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe (ExpressVPN)
Shortcut: C:\Users\Public\Desktop\FanaLab.lnk -> C:\Windows\Installer\{9EFAE929-6D90-4BB2-8879-D521786D874C}\ShortCutIcon.exe ()
Shortcut: C:\Users\Public\Desktop\Fanatec Control Panel.lnk -> C:\Windows\Installer\{1CD17EF4-2A50-4D98-B9D1-1763A74813D5}\IconIdCplV2.exe ()
Shortcut: C:\Users\Public\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Power Automate Desktop.lnk -> C:\Program Files (x86)\Power Automate Desktop\PAD.Console.Host.exe (Microsoft)
Shortcut: C:\Users\Public\Desktop\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\Users\Public\Desktop\StoreMI.lnk -> C:\Program Files\AMD\StoreMI\bin\AMD StoreMI.EXE (Advanced Micro Devices, Inc.)
Shortcut: C:\Users\Public\Desktop\The DRE Launcher.lnk -> C:\Program Files (x86)\Steam\steamapps\common\VoiceAttack\Apps\The Digital Race Engineer\DRE Launcher.exe (Escapisim)
Shortcut: C:\Users\Public\Desktop\Trading Paints.lnk -> C:\Program Files (x86)\Rhinode LLC\Trading Paints\Trading Paints.exe ()
Shortcut: C:\Users\Public\Desktop\Winaero Tweaker.lnk -> C:\Program Files\Winaero Tweaker\WinaeroTweaker.exe (hxxps://winaero.com)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VE 5.4 American English Nathan\Uninstall Nathan.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {F108161B-AB4E-43CF-94BE-78A04BAF89EA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN\FRITZ!WLAN Client.lnk -> C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe (AVM Berlin) -> -1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAbout
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAbout
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAbout
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAbout
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DRE Launcher.exe(elevated).lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation) -> /run /tn "DRE Launcher.exe_1642829084"
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord.lnk -> C:\Users\*****\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) -> /recycle
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAbout
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\*****\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Containers\BaseImages\cd8939f4-506c-4b72-abfd-3cd0e6f5a42a\BaseLayer\Files\Users\WDAGUtilityAccount\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\*****\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Setup Developer Tool 2021.url -> URL: steam://rungameid/1617090
InternetURL: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\VoiceAttack.url -> URL: steam://rungameid/583010
==================== Ende vom Shortcut.txt =============================
Addition:
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-08-2021
durchgeführt von ***** (20-08-2021 22:45:17)
Gestartet von C:\Users\*****\Downloads
Windows 10 Pro Version 21H2 22000.132 (X64) (2021-08-15 19:11:13)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-487585160-604149877-1877980533-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-487585160-604149877-1877980533-503 - Limited - Disabled)
Gast (S-1-5-21-487585160-604149877-1877980533-501 - Limited - Disabled)
***** (S-1-5-21-487585160-604149877-1877980533-1001 - Administrator - Enabled) => C:\Users\*****
WDAGUtilityAccount (S-1-5-21-487585160-604149877-1877980533-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.5.0.617 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_5) (Version: 22.5.0.384 - Adobe Inc.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.17.25.506 - Advanced Micro Devices, Inc.)
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.8.0.1937 - Advanced Micro Devices, Inc.)
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.7.0.1725 - Advanced Micro Devices, Inc.)
AMD StoreMI (HKLM\...\AMD_StoreMI) (Version: 2.1.0.191 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{9bbdaa84-1315-4bcf-ac55-57449b4228f1}) (Version: 2.17.25.506 - Advanced Micro Devices, Inc.) Hidden
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 06.20.10 - AVM Berlin)
BCUninstaller (HKLM\...\{f4fef76c-1aa9-441c-af7e-d27f58d898d1}_is1) (Version: 5.1.0.0 - Marcin Szeniak)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
cFosSpeed 12.01 (HKLM\...\cFosSpeed) (Version: 12.01 - cFos Software GmbH, Bonn)
CPUID CPU-Z MSI 1.96 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.96 - CPUID, Inc.)
Discord (HKU\S-1-5-21-487585160-604149877-1877980533-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.)
ENE_DRAM_GSKILL_SE (HKLM\...\{5A6AC577-F8F8-4B6A-B684-13FD7E306CA2}) (Version: 1.0.1.0 - Ene Tech.) Hidden
ENE_DRAM_GSKILL_SE (HKLM-x32\...\{bf49eb2f-f2fb-4631-a95a-1f0cadd21eac}) (Version: 1.0.1.0 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.2.33 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{5d801c90-9d81-4c67-be5b-07e5855dc22e}) (Version: 1.0.2.33 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.8.13 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{54d3d2b5-db16-446d-b6dd-f4964b166b3b}) (Version: 1.0.8.13 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
ExpressVPN (HKLM-x32\...\{336616d6-abef-4ff8-9afd-43ceb249ff9a}) (Version: 10.4.1.2 - ExpressVPN)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8760D8833}) (Version: 10.4.1.2 - ExpressVPN) Hidden
FanaLab (HKLM-x32\...\{9EFAE929-6D90-4BB2-8879-D521786D874C}) (Version: 1.57.2 - Endor AG)
FANATEC driver package (HKLM\...\{1CD17EF4-2A50-4D98-B9D1-1763A74813D5}) (Version: 8.42.0 - Endor AG Fanatec)
iRacing.com Race Simulation (HKLM-x32\...\{2CB193B9-1B9D-4A84-BC70-0948145BA4BA}_is1) (Version: 2021.08.10.03 - iRacing.com)
iVCam 6.2 (HKLM\...\iVCam_is1) (Version: 6.2.2 - e2eSoft)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.14228.20250 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.73 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 92.0.902.73 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.160.0808.0001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29910 (HKLM-x32\...\{53f1dc9d-ed94-4650-a079-129785ce7905}) (Version: 14.28.29910.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2021.0628.01 - MSI)
Nuance VE 5.4 American English Nathan (HKLM\...\{F108161B-AB4E-43CF-94BE-78A04BAF89EA}) (Version: 5.4 - Arctodus)
NVCleanstall (HKLM\...\{B422A5B9-1671-4E8B-BD8B-1E76A2ABFF57}}_is1) (Version: 1.10.0 - TechPowerUp)
NVIDIA Grafiktreiber 471.68 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.68 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.14228.20222 - Microsoft Corporation) Hidden
Power Automate Desktop (HKLM-x32\...\{00123800-d164-43e9-9af7-752d39a6c7e1}) (Version: 2.11.51.21196 - Microsoft Corporation)
Power Automate Desktop (HKLM-x32\...\{07F084CC-D027-4C58-811F-7680741303EF}) (Version: 2.11.00051.21196 - Microsoft Corporation) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9202.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.46.1231.2020 - Realtek)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Digital Race Engineer version 3.3.5.7 (HKLM-x32\...\{490EC064-009E-4E95-8A17-873F490D90F7}_is1) (Version: 3.3.5.7 - Escapisim)
Trading Paints (HKLM-x32\...\{7DD94BA7-5DB1-43C3-8D5E-97F9634E4531}) (Version: 2.0.35 - Rhinode LLC)
UXP WebView Support (HKLM-x32\...\UXPW_1_0_0) (Version: 1.0.0 - Adobe Inc.)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Winaero Tweaker (HKLM\...\Winaero Tweaker_is1) (Version: 1.31.0.0 - Winaero)
WindowManager (HKLM-x32\...\WindowManager) (Version: 8.1.3 - DeskSoft)
Windows Subsystem for Linux Update (HKLM\...\{DCA984CD-203C-4747-A6EC-B7CCC56C7DD0}) (Version: 5.10.43 - Microsoft Corporation)
Windows Subsystem for Linux WSLg Preview (HKLM\...\{E04B0005-A349-4BCC-9662-CA0132007E14}) (Version: 1.0.26 - Microsoft Corporation)
YouTube Music 1.12.2 (HKU\S-1-5-21-487585160-604149877-1877980533-1001\...\352e3c04-9f15-58b2-adec-0057f1f82f70) (Version: 1.12.2 - th-ch)
Packages:
=========
Adobe Lightroom -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeLightroom_4.4.13983.0_x64__ynb6jyjzte8ga [2021-08-18] (Adobe Inc.)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2021-08-17] (Adobe Systems Incorporated)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.9.253.0_x64__rz1tebttyb220 [2021-08-18] (Dolby Laboratories)
EarTrumpet -> C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.1.8.0_x86__1sdd7yawvg6ne [2021-08-18] (File-New-Project) [Startup Task]
FeedLab -> C:\Program Files\WindowsApps\ClevLab.FeedLab_3.1.4.0_x64__qdcg6xvbhrn16 [2021-08-18] (ClevLab) [MS Ad]
HEVC-Videoerweiterungen -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_1.0.42094.0_x64__8wekyb3d8bbwe [2021-08-18] (Microsoft Corporation)
Lively Wallpaper -> C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.67.0_x86__97hta09mmv6hy [2021-08-18] (rocksdanister) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-08-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-08-18] (Microsoft Corporation) [MS Ad]
Microsoft Teams (Preview) -> C:\Program Files\WindowsApps\MicrosoftTeams_21217.300.928.2028_x64__8wekyb3d8bbwe [2021-08-15] (Microsoft) [Startup Task]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_0.50.42141.0_x64__8wekyb3d8bbwe [2021-08-17] (Microsoft Corporation)
Microsoft.UI.Xaml.CBS -> C:\Windows\SystemApps\Microsoft.UI.Xaml.CBS_8wekyb3d8bbwe [2021-08-19] (Microsoft Platform Extensions)
MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_1.0.24.0_x64__kzh8wxbdkxb8p [2021-08-16] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-08-19] (Netflix, Inc.)
OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_19.23.16.0_x64__8wekyb3d8bbwe [2021-08-20] (Microsoft Corporation)
Paint -> C:\Program Files\WindowsApps\Microsoft.Paint_10.2108.1.0_x64__8wekyb3d8bbwe [2021-08-17] (Microsoft Corporation)
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_1.0.89.0_x64__8wekyb3d8bbwe [2021-08-18] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.27.253.0_x64__dt26b99r8h8gj [2021-08-17] (Realtek Semiconductor Corp)
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.13.156.0_x64__43tkc6nmykmb6 [2021-08-19] (Ookla)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm [2021-08-17] (WhatsApp Inc.)
Windows Notepad -> C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_10.2103.6.0_x64__8wekyb3d8bbwe [2021-08-17] (Microsoft Corporation)
Windows Terminal -> C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.9.1942.0_x64__8wekyb3d8bbwe [2021-08-17] (Microsoft Corporation) [Startup Task]
Windows Web Experience Pack -> C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.19701.0.0_x64__cw5n1h2txyewy [2021-08-18] (Microsoft Windows)
Windows-Sicherheit -> C:\Program Files\WindowsApps\Microsoft.SecHealthUI_1000.22000.1.0_neutral__8wekyb3d8bbwe [2021-08-16] (Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-487585160-604149877-1877980533-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-E6BD8442C481} -> [Creative Cloud Files] => C:\Users\*****\Creative Cloud Files [2021-08-17 22:52]
CustomCLSID: HKU\S-1-5-21-487585160-604149877-1877980533-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-487585160-604149877-1877980533-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-487585160-604149877-1877980533-1001_Classes\CLSID\{eb1fdd5b-8f70-4b5a-b230-998a2dc19303}\localserver32 -> C:\Users\*****\AppData\Local\Programs\youtube-music\resources\app.asar.unpacked\node_modules\node-notifier\vendor\snoreToast\snoretoast-x64.exe (K Desktop Environment e.V. -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-17] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-17] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-17] (Adobe Inc. -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-17] (Adobe Inc. -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.160.0808.0001\FileSyncShell64.dll [2021-08-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2021-08-05] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-17] (Adobe Inc. -> )
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [VIDC.WVC1] => C:\Windows\system32\d3dgeardecoder64.dll [158592 2021-06-01] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.WMV3] => C:\Windows\system32\d3dgeardecoder64.dll [158592 2021-06-01] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.MJPG] => C:\Windows\system32\d3dgeardecoder64.dll [158592 2021-06-01] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.M4S2] => C:\Windows\system32\d3dgeardecoder64.dll [158592 2021-06-01] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.FVFW] => C:\Windows\system32\d3dgeardecoder64.dll [158592 2021-06-01] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.MP4V] => C:\Windows\system32\d3dgeardecoder64.dll [158592 2021-06-01] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.FFVH] => C:\Windows\system32\d3dgeardecoder64.dll [158592 2021-06-01] (D3DGear Technologies -> D3DGear Technologies.)
HKLM\...\Drivers32: [VIDC.H264] => C:\Windows\system32\d3dgeardecoder64.dll [158592 2021-06-01] (D3DGear Technologies -> D3DGear Technologies.)
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2021-08-17 20:22 - 2021-08-17 20:22 - 000269824 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm\app\resources\app.asar.unpacked\node_modules\electron-panel-window\build\Release\NativeExtension.node
2021-08-17 20:22 - 2021-08-17 20:22 - 000149504 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm\app\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2021-08-17 20:22 - 2021-08-17 20:22 - 000145920 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm\app\resources\app.asar.unpacked\node_modules\node-shared-mem\build\Release\node_shared_mem.node
2021-08-17 20:22 - 2021-08-17 20:22 - 004204032 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm\app\resources\app.asar.unpacked\node_modules\wavoip\build\Release\binding.node
2021-08-17 20:22 - 2021-08-17 20:22 - 000150528 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm\app\resources\app.asar.unpacked\node_modules\windows-focus-assist\build\Release\focus-assist.node
2021-08-17 20:22 - 2021-08-17 20:22 - 000097792 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm\app\resources\app.asar.unpacked\node_modules\windows-notification-state\build\Release\notificationstate.node
2021-08-17 20:22 - 2021-08-17 20:22 - 000101376 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm\app\resources\app.asar.unpacked\node_modules\windows-quiet-hours\build\Release\quiethours.node
2021-08-20 22:44 - 2021-08-20 22:44 - 000659456 _____ () [Datei ist nicht signiert] \\?\C:\Users\*****\AppData\Local\Temp\3485d4dc-5f23-4434-b76e-6fd1db7caecb.tmp.node
2021-08-20 22:44 - 2021-08-20 22:44 - 000195072 _____ () [Datei ist nicht signiert] \\?\C:\Users\*****\AppData\Local\Temp\ecab4951-733a-447d-8f74-a5d2d75d0913.tmp.node
2021-08-17 13:50 - 2021-07-15 10:26 - 002821120 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\iRacing\ui\ffmpeg.dll
2021-08-17 13:51 - 2021-07-15 10:26 - 000446464 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\iRacing\ui\libegl.dll
2021-08-17 13:51 - 2021-07-15 10:26 - 007900160 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\iRacing\ui\libglesv2.dll
2021-08-17 20:22 - 2021-08-17 20:22 - 002772480 _____ () [Datei ist nicht signiert] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm\app\ffmpeg.dll
2021-08-17 20:22 - 2021-08-17 20:22 - 000379904 _____ () [Datei ist nicht signiert] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm\app\libegl.dll
2021-08-17 20:22 - 2021-08-17 20:22 - 007863296 _____ () [Datei ist nicht signiert] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2130.9.0_x64__cv1g1gvanyjgm\app\libglesv2.dll
2021-08-16 15:54 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [Datei ist nicht signiert] C:\Program Files\7-Zip\7-zip.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\nvdimm.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{53966cb1-4d46-4166-bf23-c522403cd495} => ""="ScmDisk"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nvdimm.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{53966cb1-4d46-4166-bf23-c522403cd495} => ""="ScmDisk"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2021-06-05 14:08 - 2021-06-05 14:08 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
2021-08-18 16:59 - 2021-08-18 18:47 - 000000514 _____ C:\Windows\system32\drivers\etc\hosts.ics
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-487585160-604149877-1877980533-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\*****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-80-3017052307-2994996872-1615411526-3164924635-3391446484\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.184.96
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
ist aktiviert.
Network Binding:
=============
Ethernet 2: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
Ethernet: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
Ethernet 4: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AVMWlanClient"
HKLM\...\StartupApproved\Run32: => "Power Automate Desktop notifier"
HKU\S-1-5-21-487585160-604149877-1877980533-1001\...\StartupApproved\Run: => "ExpressVPN4"
HKU\S-1-5-21-487585160-604149877-1877980533-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-487585160-604149877-1877980533-1001\...\StartupApproved\Run: => "DRE Launcher"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{B3390969-CEDF-4086-831C-F2ECCF8054B3}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21217.300.928.2028_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EFF3F018-F294-4A42-B007-79F7D9199030}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21217.300.928.2028_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0F2C46A4-2753-4637-9A37-28AF830590F6}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\92.0.902.73\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D1E8D5F0-8DD3-48C0-94FD-AA86A406E04C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D57BB272-2519-40EA-8414-93659137A564}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4F83FEAA-25BA-4BF5-BF71-5462B43402DA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{62A33B66-AF08-471D-ACE4-94D0C1B8BA1E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1567DC52-7D22-416B-9F3F-FC4B4DAF0E8A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AEB6F6E3-6F22-4FF3-8D85-83A979D85461}C:\users\*****\onedrive\dokumente\iracing\tools\ircorners\ircorners.exe] => (Allow) C:\users\*****\onedrive\dokumente\iracing\tools\ircorners\ircorners.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{5825105A-6C5A-4A7C-BA3F-2ACD3D0C36CF}C:\users\*****\onedrive\dokumente\iracing\tools\ircorners\ircorners.exe] => (Allow) C:\users\*****\onedrive\dokumente\iracing\tools\ircorners\ircorners.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{5100B091-5C2B-477E-9983-EE26D3BAC94C}C:\program files\e2esoft\ivcam\ivcam.exe] => (Allow) C:\program files\e2esoft\ivcam\ivcam.exe (Shanghai Yitu Information Technology Co., Ltd. -> )
FirewallRules: [UDP Query User{F89B5BE2-6855-45AA-8F0F-51BB61E3084F}C:\program files\e2esoft\ivcam\ivcam.exe] => (Allow) C:\program files\e2esoft\ivcam\ivcam.exe (Shanghai Yitu Information Technology Co., Ltd. -> )
FirewallRules: [{426CE265-9ED4-4769-9F18-96A445647179}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1009C473-0226-4924-BBE9-7FEB7DCAD8C6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{528112F8-DAF1-4A2A-907C-FC596052464C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5B958B6E-6216-4250-AD97-B3407ADF6B84}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4BEF0DC7-2110-497D-82CB-A13DC2ECE72A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VoiceAttack\VoiceAttack.exe (VoiceAttack.com -> VoiceAttack.com)
FirewallRules: [{6BB9E220-D1B2-4FC9-9F05-5A70CB66ADFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VoiceAttack\VoiceAttack.exe (VoiceAttack.com -> VoiceAttack.com)
FirewallRules: [{08BC8058-BA35-459A-A550-6DDE88BF2D51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Setup Developer Tool 2021\SetupDev2021.exe () [Datei ist nicht signiert]
FirewallRules: [{AA6CBDE1-A95F-4EED-8770-D927E12FC1BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Setup Developer Tool 2021\SetupDev2021.exe () [Datei ist nicht signiert]
FirewallRules: [{B90A85BC-E575-46A6-80CF-EF74FC27FB52}] => (Allow) LPort=26822
FirewallRules: [{5FA66C46-4808-4BDC-BDE7-7B1DE36BA307}] => (Allow) LPort=32682
==================== Wiederherstellungspunkte =========================
18-08-2021 07:59:09 Power Automate Desktop
18-08-2021 15:39:19 Windows Modules Installer
18-08-2021 22:28:56 Windows Modules Installer
19-08-2021 03:17:33 Installed AMD_Chipset_Drivers.
19-08-2021 16:24:25 Installed FANATEC driver package
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (08/20/2021 10:44:10 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: SIMULATOR-PC)
Description: Windows kann die erweiterbare Leistungsindikator-DLL "C:\Windows\system32\sysmain.dll" nicht laden (Win32-Fehlercode 126).
Error: (08/20/2021 07:13:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname SIMULATOR-PC.local already in use; will try SIMULATOR-PC-2.local instead
Error: (08/20/2021 07:13:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 SIMULATOR-PC.local. Addr 192.168.184.56
Error: (08/20/2021 07:13:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.184.56:5353 16 SIMULATOR-PC.local. AAAA 2A01:0598:A12F:C6EA:C575:7F9F:D67C:A62E
Error: (08/20/2021 07:13:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 SIMULATOR-PC.local. AAAA FE80:0000:0000:0000:B103:59DF:9588:70C9
Error: (08/20/2021 07:13:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.184.56:5353 16 SIMULATOR-PC.local. AAAA 2A01:0598:A12F:C6EA:C575:7F9F:D67C:A62E
Error: (08/20/2021 07:13:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 SIMULATOR-PC.local. AAAA 2A01:0598:A12F:C6EA:1D05:4ED0:64AD:BBA0
Error: (08/20/2021 07:13:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.184.56:5353 16 SIMULATOR-PC.local. AAAA 2A01:0598:A12F:C6EA:C575:7F9F:D67C:A62E
Systemfehler:
=============
Error: (08/20/2021 10:38:24 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{E4C6581F-355E-44A3-8E17-CB3751D64E0A} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (08/20/2021 08:16:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/20/2021 08:12:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ExpressVPN Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/20/2021 08:12:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dienst "Bonjour"" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/20/2021 08:11:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Fanatec Wheel Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/20/2021 05:42:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iRacing.com Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/20/2021 05:41:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/20/2021 04:50:47 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{79145C84-36D3-4C01-9A22-F2AD86882812} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Windows Defender:
================Event[0]
Date: 2021-08-17 16:19:21
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {B148D72B-03C2-429D-9BF8-54318397967E}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Event[0]
Date: 2021-08-18 20:12:32
Description:
Das Microsoft Defender Antivirus-Modul wurde aufgrund eines unerwarteten Fehlers beendet.
Fehlertyp: Absturz
Ausnahmecode: 0xc0000005
Ressource:
Event[1]
Date: 2021-08-16 16:05:41
Description:
N/A
CodeIntegrity:
===============
Date: 2021-08-20 22:44:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends International, LLC. A.E0 06/22/2021
Hauptplatine: Micro-Star International Co., Ltd. MPG X570 GAMING PLUS (MS-7C37)
Prozessor: AMD Ryzen 9 3900X 12-Core Processor
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 32688.98 MB
Verfügbarer physikalischer RAM: 22436.76 MB
Summe virtueller Speicher: 32688.98 MB
Verfügbarer virtueller Speicher: 18382.13 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:953.24 GB) (Free:838.61 GB) (Protected) NTFS
Drive d: (HDD_PLATTE_3TB) (Fixed) (Total:2794.52 GB) (Free:2794.33 GB) (Protected) NTFS
Drive e: (WINDOWS-11_BACKUP) (Fixed) (Total:1861.02 GB) (Free:1846.27 GB) NTFS
Drive f: (WIN11_MBR) (Removable) (Total:29.41 GB) (Free:24.71 GB) NTFS
\\?\Volume{c92f151f-6713-4e11-af31-2dd243c3a6a8}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{717c6873-a90c-4b9a-8181-b32ea1ff9ad6}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 2794.5 GB) (Disk ID: 887C7BDD)
Partition: GPT.
==========================================================
Disk: 1 (Size: 953.9 GB) (Disk ID: DD4EAF9C)
Partition: GPT.
==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 3 (Size: 29.4 GB) (Disk ID: 008ED5FA)
Partition 1: (Active) - (Size=29.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt =======================
