![]() |
|
Alles rund um Windows: Plötzlich hohe CPU-Auslastung durch seltsame Prozesse (UtcSvc, Windows Driver Foundation)Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
![]() | #1 |
![]() ![]() | ![]() Problem: Plötzlich hohe CPU-Auslastung durch seltsame Prozesse (UtcSvc, Windows Driver Foundation) Guten Abend zusammen, bei meinem Laptop mit Windows 11 lastet vor allem ein Dienst namens "Diensthost: UtcSvc, Benutzererfahrungen und Telemetrie im verbundenen Modus" die CPU mit 30% permanent aus. Ab und an schaltet sich "Windows Driver Foundation" mit ebenfalls ordentlicher CPU-Auslastung dazu und bremst das System zusätzlich. Hier die Vorab-Logs: FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 06-05-2025 durchgeführt von DELL (Administrator) auf DESKTOP-FLR7RSH (Dell Inc. Latitude 7370) (06-05-2025 20:02:12) Gestartet von C:\Users\DELL\Desktop\Bereinigung\FRST64.exe Geladene Profile: DELL Plattform: Microsoft Windows 11 Pro Version 22H2 22621.4317 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: FF Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe (C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe ->) (Expressco Services LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe (C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.SystemService.exe ->) (Expressco Services LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe (C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe (C:\Program Files\DellTPad\Apoint.exe ->) (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (C:\Program Files\DellTPad\Apoint.exe ->) (ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.) C:\Program Files\DellTPad\hidfind.exe (C:\Program Files\DellTPad\HidMonitorSvc.exe ->) (ALPS ALPINE CO.,LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (C:\Program Files\Google\Drive File Stream\107.0.3.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\107.0.3.0\crashpad_handler.exe (C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3> (C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe (DriverStore\FileRepository\cui_dch.inf_amd64_e6d6f5a306002a89\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e6d6f5a306002a89\igfxEM.exe (explorer.exe ->) (Google LLC -> Google LLC.) C:\Program Files\Google\Drive File Stream\107.0.3.0\GoogleDriveFS.exe <7> (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2501.31.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <3> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10> (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (services.exe ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe (services.exe ->) (Expressco Services LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.AppService.exe (services.exe ->) (Expressco Services LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.SystemService.exe (services.exe ->) (Expressco Services LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.VpnService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e6d6f5a306002a89\igfxCUIService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_141eb88527011137\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d0b39b11619fd0c4\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d0b39b11619fd0c4\IntelCpHeciSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WSL\wslservice.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\UshUpgradeService.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation) C:\Windows\System32\HostControlService.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation) C:\Windows\System32\HostStorageService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe (services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (services.exe ->) (Sierra Wireless, Inc -> Sierra Wireless, Inc.) C:\Windows\Sierra Wireless Inc\bin\SwiService.exe (services.exe ->) (voidtools -> voidtools) C:\Program Files\Everything\Everything.exe (services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe (sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe (sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25032.52.0_x64__cw5n1h2txyewy\CrossDeviceService.exe (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2517.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe (svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe (svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa\iCloud\iCloudOutlookConfig64.exe (svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa\iCloud\secd.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mmgaserver.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [767480 2021-09-02] (ALPS ALPINE CO.,LTD. -> ALPSALPINE Co., Ltd.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9230280 2017-06-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489384 2017-06-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.) HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2265104 2024-08-01] (voidtools -> voidtools) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [384808 2024-12-23] (Expressco Services LLC -> ExpressVPN) HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\107.0.3.0\GoogleDriveFS.exe [65821280 2025-04-23] (Google LLC -> Google LLC.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\107.0.3.0\GoogleDriveFS.exe [65821280 2025-04-23] (Google LLC -> Google LLC.) HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\107.0.3.0\GoogleDriveFS.exe [65821280 2025-04-23] (Google LLC -> Google LLC.) HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler (Keine Datei) HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\Run: [MicrosoftEdgeAutoLaunch_6B770857D9B81538FA9524CBB2D560C5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4045880 2025-05-01] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\Run: [ExpressVPN] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe [855336 2024-12-23] (Expressco Services LLC -> ExpressVPN) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\107.0.3.0\GoogleDriveFS.exe [65821280 2025-04-23] (Google LLC -> Google LLC.) HKLM\...\Windows x64\Print Processors\Canon TS6200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDEO.DLL [482816 2018-07-17] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\Canon TS9500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDER.DLL [529408 2020-06-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor TS6200 series: C:\WINDOWS\system32\CNMLMEO.DLL [1303040 2018-07-17] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor TS9500 series: C:\WINDOWS\system32\CNMLMER.DLL [950272 2020-06-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\FRITZ!fax Color Port Monitor: C:\WINDOWS\system32\FritzColorPort64.dll [20480 2006-02-23] () [Datei ist nicht signiert] HKLM\...\Print\Monitors\FRITZ!fax Port Monitor: C:\WINDOWS\system32\FritzPort64.dll [20480 2006-02-22] () [Datei ist nicht signiert] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\135.0.7049.116\Installer\chrmstp.exe [2025-05-01] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> Startup: C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\UltraSearch.lnk [2024-08-13] ShortcutTarget: UltraSearch.lnk -> C:\Program Files\JAM Software\UltraSearch\UltraSearch.exe (JAM Software GmbH -> JAM Software) Startup: C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wsl.exe.lnk [2023-03-03] ShortcutTarget: wsl.exe.lnk -> C:\Windows\System32\wsl.exe (Microsoft Windows -> Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {56C0E9D4-5FF8-4800-9528-E6B474C9E327} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.) Task: {1C088204-91D7-42CE-9FB8-BBB904E50CA8} - System32\Tasks\cron => C:\Windows\System32\wsl.exe [200704 2024-06-27] (Microsoft Windows -> Microsoft Corporation) Task: {9B21F81D-8914-4ECF-BD3F-CAF0C44E6341} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem138.0.7156.0{444BE4D4-3E4C-4459-BACF-68FB4D1193EF} => C:\Program Files (x86)\Google\GoogleUpdater\138.0.7156.0\updater.exe [7096416 2025-05-02] (Google LLC -> Google LLC) Task: {E6980EEB-29B1-4C76-A429-73F9121BB48E} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [307384 2025-05-06] (Microsoft Corporation -> Microsoft Corporation) Task: {EE6BED0E-F266-4E36-80E4-FFC32B20F371} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [307384 2025-05-06] (Microsoft Corporation -> Microsoft Corporation) Task: {A838DD24-EA2E-4CB6-98C5-E08A9C16EA24} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29102296 2025-04-27] (Microsoft Corporation -> Microsoft Corporation) Task: {57681E76-AAC1-4EBC-9DA1-17B71AC5BB56} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\opushutil.exe [68344 2025-05-06] (Microsoft Corporation -> Microsoft Corporation) Task: {DAAAB4D2-618C-43BB-A423-6D3469C0B6A9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29102296 2025-04-27] (Microsoft Corporation -> Microsoft Corporation) Task: {CD357957-83B3-4567-AB7F-14BA7CE158FB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [307384 2025-05-06] (Microsoft Corporation -> Microsoft Corporation) Task: {81510B79-FBE4-42D6-9D11-0FECBA5D62F5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [307384 2025-05-06] (Microsoft Corporation -> Microsoft Corporation) Task: {8D95F1D5-BB79-49A1-8556-1E474C30663F} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [213216 2025-05-06] (Microsoft Corporation -> Microsoft Corporation) Task: {CAB898C9-2EB7-4D1B-9872-23979FCB5C82} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Keine Datei) Task: {56AB6536-F726-41D0-9524-A2A256A6C9C2} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (Keine Datei) Task: {EFF4A8D7-E1CA-40DF-B699-BC125A0C46A0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (Keine Datei) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei) Task: {0F34717B-AFDF-4523-91D7-569E3E771B90} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {1F860D2F-BB8C-4F02-832A-D063D7CD2723} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6343E625-5D26-4223-9514-BAD88B7C4FD4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E75345E5-3B14-4693-8596-2BEB1704C354} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D39894DC-F56D-416F-A1E2-A01DA99D7E2A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-05-02] (Mozilla Corporation -> Mozilla Foundation) Task: {B3EE11FC-DF5C-4187-8CAC-DCEA112C13B4} - System32\Tasks\OneDrive Startup Task-S-1-5-21-4188264911-3070158168-183260160-1002 => C:\Users\DELL\AppData\Local\Microsoft\OneDrive\25.065.0406.0002\OneDriveLauncher.exe [679232 2025-05-01] (Microsoft Corporation -> Microsoft Corporation) Task: {E4A75A80-08D5-4DDF-81E6-7528D6A31240} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489384 2017-06-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {5B10C080-2EEB-46B5-A2F9-D9ABD30F4FBF} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-4188264911-3070158168-183260160-1002 => C:\Users\DELL\AppData\Roaming\Zoom\bin\Zoom.exe [434488 2025-03-08] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) ProxyServer: [S-1-5-21-4188264911-3070158168-183260160-1002] => http=127.0.0.1:8888;https=127.0.0.1:8888 Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{30ed16cb-6eb1-4ae9-8971-c1af6465e341}: [DhcpNameServer] 10.30.128.1 Tcpip\..\Interfaces\{53439dba-5d82-482d-b110-ab9f1e337e23}: [DhcpNameServer] 10.30.128.1 Tcpip\..\Interfaces\{9f570ee7-188e-42b0-8e0e-9fc1014df8c1}: [NameServer] 100.64.100.1 Tcpip\..\Interfaces\{cd1f2afe-fce5-4bdd-be78-dca0869f7398}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{cd1f2afe-fce5-4bdd-be78-dca0869f7398}: [DhcpDomain] fritz.box Tcpip\..\Interfaces\{cd1f2afe-fce5-4bdd-be78-dca0869f7398}\64B4B40234C65726: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{cd1f2afe-fce5-4bdd-be78-dca0869f7398}\64B4B40234C65726: [DhcpDomain] fritz.box Tcpip\..\Interfaces\{cd1f2afe-fce5-4bdd-be78-dca0869f7398}\74C65696370293: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{cd1f2afe-fce5-4bdd-be78-dca0869f7398}\74C65696370293: [DhcpDomain] fritz.box Tcpip\..\Interfaces\{cd1f2afe-fce5-4bdd-be78-dca0869f7398}\960586F6E656: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{cd1f2afe-fce5-4bdd-be78-dca0869f7398}\D4167656E6471675C414E4D2333525B4: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{cd1f2afe-fce5-4bdd-be78-dca0869f7398}\D4167656E6471675C414E4D2333525B4: [DhcpDomain] speedport.ip Tcpip\..\Interfaces\{fb9199cb-b79b-49d1-8c36-4cf47cbe360e}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{fb9199cb-b79b-49d1-8c36-4cf47cbe360e}: [DhcpDomain] fritz.box Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\DELL\AppData\Local\Microsoft\Edge\User Data\Default [2025-05-06] Edge Extension: (Google Docs Offline) - C:\Users\DELL\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-05-01] Edge Extension: (Edge relevant text changes) - C:\Users\DELL\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-04-18] FireFox: ======== FF DefaultProfile: 08x1q7h1.default FF ProfilePath: C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\tvktevs8.Test [2025-02-11] FF ProfilePath: C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\08x1q7h1.default [2022-07-18] FF ProfilePath: C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\0wam7xn9.default-release-1714733047451 [2025-05-06] FF NetworkProxy: Mozilla\Firefox\Profiles\0wam7xn9.default-release-1714733047451 -> backup.ssl", "192.168.178.26" FF Extension: (Tab Session Manager) - C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\0wam7xn9.default-release-1714733047451\Extensions\Tab-Session-Manager@sienori.xpi [2025-04-08] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-04-08] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-04-24] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-04-08] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default [2025-03-13] CHR Notifications: Default -> hxxps://www.reddit.com CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-02-09] CHR Extension: (Tab Session Manager) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaiomicjabeggjcfkbimgmglanimpnae [2024-06-07] CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-04-23] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-10] CHR HKU\S-1-5-21-4188264911-3070158168-183260160-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKU\S-1-5-21-4188264911-3070158168-183260160-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.) R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [114976 2021-09-02] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) R2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [144784 2018-04-18] (Canon Inc. -> CANON INC.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13824208 2025-04-27] (Microsoft Corporation -> Microsoft Corporation) R2 Everything; C:\Program Files\Everything\Everything.exe [2265104 2024-08-01] (voidtools -> voidtools) R2 ExpressVPN App Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.AppService.exe [440616 2024-12-23] (Expressco Services LLC -> ExpressVPN) R2 ExpressVPN System Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.SystemService.exe [440616 2024-12-23] (Expressco Services LLC -> ExpressVPN) R2 ExpressVPN VPN Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.VpnService.exe [440616 2024-12-23] (Expressco Services LLC -> ExpressVPN) R2 hostcontrolsvc; C:\WINDOWS\System32\HostControlService.exe [824424 2019-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation) R2 hoststoragesvc; C:\WINDOWS\System32\HostStorageService.exe [170088 2019-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [446328 2023-09-13] (Canon Inc. -> ) S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123320 2024-07-11] (The Document Foundation -> The Document Foundation) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe [2009608 2025-04-15] (Microsoft Windows Publisher -> Microsoft Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [530448 2024-09-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 SwiService; C:\WINDOWS\Sierra Wireless Inc\bin\SwiService.exe [1630184 2018-01-30] (Sierra Wireless, Inc -> Sierra Wireless, Inc.) R2 ushupgradesvc; C:\WINDOWS\System32\UshUpgradeService.exe [274536 2019-12-16] (Microsoft Windows Hardware Compatibility Publisher -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe [4538400 2025-04-15] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe [278320 2025-04-15] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AX88772; C:\WINDOWS\System32\DriverStore\FileRepository\netax88772.inf_amd64_f1efe88b4f90c639\ax88772.sys [116736 2022-05-07] (Microsoft Windows -> ASIX Electronics Corp.) S3 bcmnfcusb; C:\WINDOWS\System32\drivers\bcmnfcusb.sys [58632 2019-12-16] (Broadcom Corporation -> Broadcom Corporation.) S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2022-11-23] (Microsoft Corporation) [Datei ist nicht signiert] S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Datei ist nicht signiert] R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.) S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\driver\expressvpnsplittunnel.sys [46712 2024-12-23] (ExprsVPN LLC -> ExpressVPN) R3 expressvpntun; C:\WINDOWS\System32\drivers\expressvpn-tun.sys [56552 2023-02-06] (Express VPN International Ltd. -> ExpressVPN) R2 googledrivefs31626; C:\Program Files\Google\Drive File Stream\Drivers\31626\googledrivefs31626.sys [384096 2024-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-15] (Microsoft Windows -> Microsoft Corporation) R3 swmbbser05; C:\WINDOWS\system32\DRIVERS\swmbbser05.sys [296488 2018-02-02] (Sierra Wireless, Inc -> Sierra Wireless Incorporated) S3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [61496 2023-02-06] (ExprsVPN LLC -> The OpenVPN Project) S3 UsbNcm; C:\WINDOWS\System32\drivers\UsbNcm.sys [167936 2024-04-20] (Microsoft Windows -> ) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-04-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [605576 2025-04-15] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-15] (Microsoft Windows -> Microsoft Corporation) S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2025-05-06 17:39 - 2025-05-06 17:39 - 000723674 _____ C:\WINDOWS\system32\perfh007.dat 2025-05-06 17:39 - 2025-05-06 17:39 - 000149714 _____ C:\WINDOWS\system32\perfc007.dat 2025-05-06 17:28 - 2025-05-06 17:43 - 000000000 ____D C:\Users\DELL\Desktop\Bereinigung 2025-05-06 17:28 - 2025-05-06 17:28 - 000000000 ____D C:\Users\DELL\Downloads\Neuer Ordner (2) 2025-05-04 23:32 - 2025-05-04 23:32 - 000001292 _____ C:\Users\DELL\Downloads\DESKTOP-FLR7RSH.C21FAA7C-8555-2A44-BC54-43FFB5CA8CC5.mobileconfig 2025-05-04 22:56 - 2025-05-05 00:20 - 000000000 ____D C:\Users\DELL\AppData\Roaming\iMazing 2025-05-04 22:56 - 2025-05-04 23:20 - 000000000 ____D C:\Users\DELL\AppData\Local\DigiDNA 2025-05-04 22:51 - 2025-05-04 22:51 - 000000000 ____D C:\Program Files\iPod 2025-05-04 22:50 - 2025-05-04 22:50 - 000000000 ____D C:\Program Files\Bonjour 2025-05-04 22:50 - 2025-05-04 22:50 - 000000000 ____D C:\Program Files (x86)\Bonjour 2025-05-04 22:39 - 2025-05-04 22:39 - 000001870 _____ C:\Users\Public\Desktop\iMazing.lnk 2025-05-04 22:39 - 2025-05-04 22:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMazing 2025-05-04 22:39 - 2025-05-04 22:39 - 000000000 ____D C:\ProgramData\DigiDNA 2025-05-04 22:36 - 2025-05-04 22:36 - 000000000 ____D C:\Program Files\DigiDNA 2025-05-04 22:14 - 2025-05-04 22:14 - 000000000 ____D C:\Tenorshare 2025-05-04 14:44 - 2025-05-04 14:46 - 199341360 _____ (DigiDNA ) C:\Users\DELL\Downloads\iMazing3forWindows.exe 2025-05-04 14:38 - 2025-05-04 14:38 - 000000000 ____D C:\Users\DELL\Downloads\1832 2025-05-04 14:37 - 2025-05-04 23:00 - 000000000 ____D C:\Users\DELL\Downloads\183 2025-05-04 14:37 - 2025-05-04 14:37 - 000000000 ____D C:\Users\DELL\Downloads\1831 2025-05-04 13:28 - 2025-05-04 13:28 - 000000000 ____D C:\Users\DELL\.openjfx 2025-05-04 13:27 - 2025-05-04 13:27 - 000000884 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\blobsaver.lnk 2025-05-04 13:27 - 2025-05-04 13:27 - 000000872 _____ C:\Users\Public\Desktop\blobsaver.lnk 2025-05-04 13:27 - 2025-05-04 13:27 - 000000000 ____D C:\Program Files\blobsaver 2025-05-04 13:26 - 2025-05-04 13:26 - 045554213 _____ (airsquared ) C:\Users\DELL\Downloads\blobsaver-3.6.0.exe 2025-05-02 23:54 - 2025-05-02 23:54 - 000000000 ____D C:\Users\DELL\AppData\Roaming\Apple 2025-05-02 23:21 - 2025-05-04 22:57 - 000000000 ____D C:\Users\DELL\AppData\Roaming\Apple Computer 2025-05-02 23:20 - 2025-05-02 23:20 - 000000000 ____D C:\Users\DELL\AppData\Roaming\TSMonitor 2025-05-02 23:17 - 2025-05-04 22:14 - 000000000 ____D C:\Program Files (x86)\Tenorshare ReiBoot 2025-05-02 23:15 - 2025-05-02 23:15 - 073106528 _____ (Tenorshare ) C:\Users\DELL\Downloads\reiboot_11746220508479024601.exe 2025-05-02 23:10 - 2025-05-02 23:10 - 002959824 _____ C:\Users\DELL\Downloads\wootechy-imaster_setup.exe 2025-05-02 11:07 - 2025-05-06 17:30 - 000000000 ____D C:\Program Files\Mozilla Firefox 2025-05-01 17:02 - 2025-05-01 17:02 - 000000000 ____D C:\Users\DELL\Apple 2025-04-20 17:59 - 2025-04-20 17:59 - 000078122 _____ C:\Users\DELL\Downloads\Rechnung_Entwurf_enderle_Veranstaltungstechnik_2025-04-20-3.pdf 2025-04-20 17:58 - 2025-04-20 17:58 - 000072133 _____ C:\Users\DELL\Downloads\Rechnung_Entwurf_enderle_Veranstaltungstechnik_2025-04-20-2.pdf 2025-04-20 17:57 - 2025-04-20 17:57 - 000070817 _____ C:\Users\DELL\Downloads\Rechnung_Entwurf_enderle_Veranstaltungstechnik_2025-04-20-1.pdf 2025-04-20 17:36 - 2025-04-20 17:36 - 000061312 _____ C:\Users\DELL\Downloads\Rechnung_Entwurf_enderle_Veranstaltungstechnik_2025-04-20.pdf 2025-04-20 17:33 - 2025-04-20 17:33 - 000055081 _____ C:\Users\DELL\Downloads\vorlage_rechnung.pdf 2025-04-16 19:45 - 2025-04-16 19:45 - 000479825 _____ C:\Users\DELL\Documents\IMG_20250416_0003.pdf 2025-04-16 19:45 - 2025-04-16 19:45 - 000476751 _____ C:\Users\DELL\Documents\Erste Rechnung_20250416_0001.pdf 2025-04-16 19:22 - 2025-04-16 19:22 - 000471070 _____ C:\Users\DELL\Documents\IMG_20250416_0001.pdf 2025-04-16 19:22 - 2025-04-16 19:22 - 000468973 _____ C:\Users\DELL\Documents\Erste Rechnung unterschrieben_20250416_0001.pdf 2025-04-09 14:20 - 2025-05-06 17:30 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2025-04-08 16:28 - 2025-04-08 16:28 - 000002599 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WSL.lnk 2025-04-08 16:28 - 2025-04-08 16:28 - 000002546 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WSL Settings.lnk 2025-04-08 16:28 - 2025-04-08 16:28 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2025-04-08 16:27 - 2025-04-08 16:28 - 000000000 ____D C:\Program Files\WSL ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2025-05-06 20:03 - 2024-07-28 14:09 - 000000000 ____D C:\FRST 2025-05-06 20:02 - 2022-07-18 17:44 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2025-05-06 20:01 - 2022-11-24 00:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2025-05-06 20:01 - 2022-07-12 15:29 - 000000000 ___SD C:\Users\DELL\AppData\Roaming\Microsoft\Credentials 2025-05-06 20:01 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2025-05-06 17:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2025-05-06 17:43 - 2023-01-06 02:23 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2025-05-06 17:42 - 2023-01-06 02:23 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2025-05-06 17:42 - 2023-01-06 02:23 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk 2025-05-06 17:39 - 2022-11-24 00:44 - 001662892 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2025-05-06 17:39 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF 2025-05-06 17:35 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps 2025-05-06 17:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2025-05-06 17:31 - 2022-07-12 15:29 - 000000000 __SHD C:\Users\DELL\IntelGraphicsProfiles 2025-05-06 17:31 - 2021-01-19 09:10 - 000175043 _____ C:\WINDOWS\system32\CVFirmwareUpgradeLog.txt 2025-05-06 17:31 - 2020-07-24 14:28 - 000000000 ____D C:\Program Files\Microsoft Office 2025-05-06 17:30 - 2022-11-24 00:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2025-05-06 17:30 - 2022-07-18 17:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2025-05-06 17:30 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState 2025-05-06 17:30 - 2022-05-07 07:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2025-05-06 17:30 - 2021-01-19 09:08 - 000000000 ____D C:\Intel 2025-05-06 17:30 - 2020-07-24 13:20 - 000012288 ___SH C:\DumpStack.log.tmp 2025-05-06 17:29 - 2022-11-24 00:28 - 000000000 ____D C:\Users\DELL 2025-05-06 16:58 - 2022-07-12 16:07 - 000000000 ____D C:\Users\DELL\AppData\Local\D3DSCache 2025-05-06 01:25 - 2022-07-18 18:15 - 000000000 ____D C:\Users\DELL\AppData\Roaming\vlc 2025-05-06 01:06 - 2022-11-24 00:47 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2025-05-06 01:06 - 2022-11-24 00:47 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2025-05-04 22:51 - 2023-02-23 03:48 - 000000000 ____D C:\ProgramData\Apple Inc 2025-05-04 22:22 - 2022-07-12 16:12 - 000000000 ____D C:\Users\DELL\AppData\Roaming\Microsoft\MMC 2025-05-04 14:06 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2025-05-03 22:25 - 2024-04-18 19:24 - 000000000 ____D C:\ProgramData\CanonIJPLM 2025-05-03 14:32 - 2022-07-12 15:29 - 000000000 ____D C:\Users\DELL\AppData\Local\Packages 2025-05-03 14:25 - 2022-07-18 18:36 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2025-05-03 14:25 - 2022-07-18 18:36 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2025-05-03 00:52 - 2024-05-03 12:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2025-05-03 00:52 - 2022-07-18 17:44 - 000001072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2025-05-01 17:46 - 2025-02-06 16:46 - 000003568 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-4188264911-3070158168-183260160-1002 2025-05-01 17:46 - 2022-11-24 00:47 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4188264911-3070158168-183260160-1002 2025-05-01 17:46 - 2022-11-24 00:47 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4188264911-3070158168-183260160-1002 2025-05-01 17:46 - 2022-07-12 15:34 - 000002399 _____ C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2025-05-01 16:57 - 2023-02-23 03:48 - 000000000 ____D C:\ProgramData\Apple 2025-05-01 16:57 - 2022-07-12 15:38 - 000000000 ____D C:\Users\DELL\AppData\Local\Publishers 2025-05-01 16:57 - 2020-07-24 13:35 - 000000000 ____D C:\ProgramData\Packages 2025-05-01 16:52 - 2022-07-12 15:35 - 000000000 ____D C:\Users\DELL\AppData\Local\PlaceholderTileLogoFolder 2025-05-01 16:51 - 2023-03-10 19:26 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2025-05-01 16:51 - 2023-03-10 19:26 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2025-04-24 00:24 - 2023-01-05 23:51 - 000000000 ____D C:\Users\DELL\AppData\Roaming\audacity 2025-04-23 14:47 - 2023-03-24 19:29 - 000002180 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2025-04-23 14:47 - 2023-03-24 19:29 - 000002051 _____ C:\Users\DELL\Desktop\Google Drive.lnk 2025-04-20 18:25 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth 2025-04-15 22:52 - 2020-07-24 13:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2025-04-09 14:21 - 2022-11-22 16:41 - 000001062 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk 2025-04-08 15:55 - 2023-02-07 19:26 - 000000000 ____D C:\Users\DELL\AppData\Local\Zoom ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2024-08-24 12:35 - 2024-08-24 12:35 - 000000477 _____ () C:\Users\DELL\AppData\Local\kdeglobals 2024-08-16 00:59 - 2024-08-16 00:59 - 000008337 _____ () C:\Users\DELL\AppData\Local\kdenlive-layoutsrc 2024-08-16 00:59 - 2025-02-19 18:41 - 000004823 _____ () C:\Users\DELL\AppData\Local\kdenliverc 2024-08-18 00:27 - 2024-08-18 00:27 - 000000052 _____ () C:\Users\DELL\AppData\Local\klanguageoverridesrc 2024-11-03 14:32 - 2024-11-03 14:32 - 000013341 _____ () C:\Users\DELL\AppData\Local\recently-used.xbel 2024-08-18 00:29 - 2024-08-18 00:29 - 000005016 _____ () C:\Users\DELL\AppData\Local\user-places.xbel 2024-08-16 00:59 - 2024-08-16 00:59 - 000004735 _____ () C:\Users\DELL\AppData\Local\user-places.xbel.bak 2024-08-18 00:29 - 2024-08-18 00:29 - 000000000 _____ () C:\Users\DELL\AppData\Local\user-places.xbel.tbcache ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 06-05-2025 durchgeführt von DELL (06-05-2025 20:05:09) Gestartet von C:\Users\DELL\Desktop\Bereinigung Microsoft Windows 11 Pro Version 22H2 22621.4317 (X64) (2022-11-23 22:47:35) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-4188264911-3070158168-183260160-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-4188264911-3070158168-183260160-503 - Limited - Disabled) DELL (S-1-5-21-4188264911-3070158168-183260160-1002 - Administrator - Enabled) => C:\Users\DELL Gast (S-1-5-21-4188264911-3070158168-183260160-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-4188264911-3070158168-183260160-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 24.09 (x64) (HKLM\...\7-Zip) (Version: 24.09 - Igor Pavlov) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 25.001.20474 - Adobe) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601110}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden Audacity 3.0.0 (HKLM-x32\...\Audacity_is1) (Version: 3.0.0 - Audacity Team) Audacity 3.6.1 (64 Bit) (HKLM\...\Audacity_is1) (Version: 3.6.1 - Audacity Team) AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version: - AVM Berlin) blobsaver version 3.6.0 (HKLM\...\{F5EAE50A-1E3A-4DA5-B2F0-4D29968E59CD}_is1) (Version: 3.6.0 - airsquared) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.10.2 - Canon Inc.) Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.10.2.51 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.0.69 - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.5.2 - Canon Inc.) Canon TS6200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS6200_series) (Version: 1.02 - Canon Inc.) Canon TS9500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS9500_series) (Version: 1.03 - Canon Inc.) ChamSys MagicQ (HKLM\...\MagicQ) (Version: 1.9.6.0 - ChamSys Limited) Charles 4.6.7 (HKLM\...\{CE0AF30E-47A4-44D2-A8E5-453A5048E26F}) (Version: 4.6.7.0 - XK72 Ltd) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.216 - ALPSALPINE CO., LTD.) Dell WLAN Radio Switch Driver (HKLM\...\Dell WLAN Radio Switch Driver) (Version: 1.0.0.9 - Dell Inc) Everything 1.4.1.1026 (x64) (HKLM\...\Everything) (Version: 1.4.1.1026 - voidtools) ExpressVPN (HKLM-x32\...\{4904d2c4-f0e4-4ec2-ba32-7c8d7438ec22}) (Version: 12.88.0.36 - ExpressVPN) ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B89B4D7855}) (Version: 12.88.0.36 - ExpressVPN) Hidden Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden FreifunkMeet 2024.3.0 (HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\a8637bf9-ca4c-588c-9e85-5a4f2068a371) (Version: 2024.3.0 - Freifunk Muenchen) GIMP 2.10.38 (HKLM\...\GIMP-2_is1) (Version: 2.10.38 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 135.0.7049.116 - Google LLC) Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 107.0.3.0 - Google LLC) iCloud Outlook (HKLM\...\{11727D12-D910-486F-9B36-B496F4AB334D}) (Version: 14.1.0.108 - Apple Inc.) iMazing (HKLM\...\iMazing_is1) (Version: 3.1.2.0 - DigiDNA) iPod-Unterstützung (HKLM\...\{5530CCC4-99F6-4198-BB1B-F1F78D6BCA76}) (Version: 12.11.3.7 - Apple Inc.) LibreOffice 24.2.5.2 (HKLM\...\{7519E50A-1B31-4EAE-9AB3-DEB5C0F764F9}) (Version: 24.2.5.2 - The Document Foundation) Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden Microsoft .NET Host - 6.0.36 (x64) (HKLM\...\{D6932D97-36F1-40B8-9CDC-CA8365B21000}) (Version: 48.144.23141 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.36 (x64) (HKLM\...\{A9E32B25-994B-4856-A12B-0EBED3050410}) (Version: 48.144.23141 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.36 (x64) (HKLM\...\{C912E33F-956A-4921-9F55-CC11AE8F09AF}) (Version: 48.144.23141 - Microsoft Corporation) Hidden Microsoft 365 - da-dk (HKLM\...\O365HomePremRetail - da-dk) (Version: 16.0.18730.20122 - Microsoft Corporation) Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.18730.20122 - Microsoft Corporation) Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.18730.20122 - Microsoft Corporation) Microsoft 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.18730.20122 - Microsoft Corporation) Microsoft 365 - fi-fi (HKLM\...\O365HomePremRetail - fi-fi) (Version: 16.0.18730.20122 - Microsoft Corporation) Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.18730.20122 - Microsoft Corporation) Microsoft 365 - it-it (HKLM\...\O365HomePremRetail - it-it) (Version: 16.0.18730.20122 - Microsoft Corporation) Microsoft 365 - nb-no (HKLM\...\O365HomePremRetail - nb-no) (Version: 16.0.18730.20122 - Microsoft Corporation) Microsoft 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.18730.20122 - Microsoft Corporation) Microsoft 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 16.0.18730.20122 - Microsoft Corporation) Microsoft 365 - pt-pt (HKLM\...\O365HomePremRetail - pt-pt) (Version: 16.0.18730.20122 - Microsoft Corporation) Microsoft 365 - sv-se (HKLM\...\O365HomePremRetail - sv-se) (Version: 16.0.18730.20122 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 136.0.3240.50 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.98 - Microsoft Corporation) Hidden Microsoft OneDrive (HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\OneDriveSetup.exe) (Version: 25.065.0406.0002 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30156 (HKLM-x32\...\{692e16a0-c886-466d-91db-706f6f99ac96}) (Version: 14.29.30156.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30156 (HKLM-x32\...\{7ACE9888-9B5B-4041-90BA-6A5B470B21EB}) (Version: 14.29.30156 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30156 (HKLM-x32\...\{1F91919D-04A6-4A8C-8B81-FAF84FDB93F0}) (Version: 14.29.30156 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM\...\{61D4736B-3325-4D4A-BD41-8BD206C6A86E}) (Version: 48.144.23186 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM-x32\...\{0532b8f2-12d7-43de-95fc-7b87006758a8}) (Version: 6.0.36.34217 - Microsoft Corporation) MiKTeX (HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\MiKTeX) (Version: 24.1 - MiKTeX.org) Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 138.0.1 (x64 de)) (Version: 138.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 125.0.3 - Mozilla) Mozilla Thunderbird (x64 de) (HKLM\...\Mozilla Thunderbird 128.9.1 (x64 de)) (Version: 128.9.1 - Mozilla) MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles) Novation USB Midi 2.27.0.66 (HKLM\...\Novation USB Midi Driver_is1) (Version: 2.27.0.66 - Novation DMS, Ltd.) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18730.20122 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0406-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12527.20482 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040B-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0410-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0414-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-041D-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0816-1000-0000000FF1CE}) (Version: 16.0.12527.20482 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden Photo Common (HKLM-x32\...\{87DABDEA-47A4-4182-AA7C-2C90DAAE3117}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6122 - Realtek Semiconductor Corp.) rekordbox 7.0.4 64bit (HKLM\...\Pioneer rekordbox 7.0.4) (Version: 7.0.4.0021 - AlphaTheta) Sierra Wireless Dell Mobile Broadband INF Package (HKLM\...\SWIDellDrvInstaller) (Version: 7.54.4799.0502 - Sierra Wireless, Inc.) Telegram Desktop (HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 5.5.4 - Telegram FZ-LLC) Texmaker 6.0.0 (64-bit) (HKLM-x32\...\{BDB36DD0-C209-4716-A9AD-8EAC74C31716}) (Version: 6.0.0.0 - Texmaker) UltraSearch V4.3 (64 bit) (HKLM\...\UltraSearch_is1) (Version: 4.3 - JAM Software) VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.92.0 - Winamp SA) Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\{66233218-CA57-4AB2-BA43-A97AA4635960}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (HKLM-x32\...\{FC071B45-4A5F-408F-92F8-4D9D693E866F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Subsystem for Linux (HKLM\...\{1D48774E-EC31-48BA-ABEE-EF92019BAC42}) (Version: 2.4.13.0 - Microsoft Corporation) Hidden Windows Subsystem for Linux Update (HKLM\...\{F8474A47-8B5D-4466-ACE3-78EAB3BF21A8}) (Version: 5.10.102.1 - Microsoft Corporation) Windows Subsystem for Linux WSLg Preview (HKLM\...\{3CBDE512-7510-4F90-B1C0-7C4EB9DD7C26}) (Version: 1.0.27 - Microsoft Corporation) Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation) zebNet Windows Keyfinder (HKLM\...\{BE5CE69C-C48B-4F67-8E42-BB9A41A5395B}_is1) (Version: 6.1.0.0 - zebNet Ltd) Zoom Workplace (HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\ZoomUMX) (Version: 6.3.11 (60501) - Zoom Communications, Inc.) Packages: ========= AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2025-04-22] (INTEL CORP) [Startup Task] Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2023-03-05] (Canon Inc.) Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_2024.3.211.0_neutral__6rarf9sa4v8jt [2024-10-09] (Disney) iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa [2025-05-06] (Apple Inc.) [Startup Task] Instagram -> C:\Program Files\WindowsApps\www.instagram.com-3D2AAE46_42.0.23.1_neutral__ysfa6mcnwr1rw [2024-10-09] (www.instagram.com) iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa [2025-05-01] (Apple Inc.) [Startup Task] JAMSoftware.UltraSearchContextMenu -> C:\Program Files\JAM Software\UltraSearch [2024-08-13] (JAM Software) Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_55.20331.573.0_x64__8wekyb3d8bbwe [2025-04-15] (Microsoft Corporation) Net Speed Meter -> C:\Program Files\WindowsApps\4789ZeroByte.NetSpeedMeter_4.0.8.0_neutral__gvheqymwk6zrr [2025-04-15] (Zero Byte) [Startup Task] OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16 [2025-05-06] () Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.150.3125.0_x64__kzf8qxf38zg5c [2025-05-06] (Skype) Ubuntu 22.04.5 LTS -> C:\Program Files\WindowsApps\CanonicalGroupLimited.Ubuntu22.04LTS_2204.5.10021.0_x64__79rhkp1fndgsc [2025-02-23] (Canonical Group Limited) WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2517.4.0_x64__cv1g1gvanyjgm [2025-05-06] (WhatsApp Inc.) [Startup Task] ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-4188264911-3070158168-183260160-1002_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-4188264911-3070158168-183260160-1002_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-4188264911-3070158168-183260160-1002_Classes\CLSID\{8136A429-5EB1-4F19-ABBB-BC5EF06A0DFD}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation) CustomCLSID: HKU\S-1-5-21-4188264911-3070158168-183260160-1002_Classes\CLSID\{daa67aa1-26c7-428f-9e3a-11cf2cc6144e}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation) ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\107.0.3.0\drivefsext.dll [2025-04-23] (Google LLC -> Google LLC.) ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\107.0.3.0\drivefsext.dll [2025-04-23] (Google LLC -> Google LLC.) ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\107.0.3.0\drivefsext.dll [2025-04-23] (Google LLC -> Google LLC.) ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\107.0.3.0\drivefsext.dll [2025-04-23] (Google LLC -> Google LLC.) ShellIconOverlayIdentifiers-x32: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\107.0.3.0\drivefsext.dll [2025-04-23] (Google LLC -> Google LLC.) ShellIconOverlayIdentifiers-x32: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\107.0.3.0\drivefsext.dll [2025-04-23] (Google LLC -> Google LLC.) ShellIconOverlayIdentifiers-x32: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\107.0.3.0\drivefsext.dll [2025-04-23] (Google LLC -> Google LLC.) ShellIconOverlayIdentifiers-x32: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\107.0.3.0\drivefsext.dll [2025-04-23] (Google LLC -> Google LLC.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\107.0.3.0\drivefsext.dll [2025-04-23] (Google LLC -> Google LLC.) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\107.0.3.0\drivefsext.dll [2025-04-23] (Google LLC -> Google LLC.) ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\107.0.3.0\drivefsext.dll [2025-04-23] (Google LLC -> Google LLC.) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [Datei ist nicht signiert] ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\DELL\Desktop\Ausbalanciert.lnk -> C:\Ausbalanciert.bat () Shortcut: C:\Users\DELL\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat () Shortcut: C:\Users\DELL\Desktop\Höchstleistung.lnk -> C:\Höchstleistung.bat () ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2024-07-28 15:35 - 2006-02-23 11:35 - 000020480 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\FritzColorPort64.dll 2024-07-28 15:35 - 2006-02-22 10:39 - 000020480 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\FritzPort64.dll 2023-03-02 04:09 - 2016-10-21 17:06 - 000318976 _____ (CANON INC) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\scchmpm.dll 2023-03-02 04:09 - 2017-06-27 11:59 - 000219648 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnmpu2.dll 2023-03-02 04:09 - 2017-11-02 16:36 - 000008704 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_DEU.DLL 2023-03-02 04:09 - 2017-11-02 16:36 - 000104960 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll 2024-12-30 20:27 - 2024-11-29 20:00 - 000101376 _____ (Igor Pavlov) [Datei ist nicht signiert] C:\Program Files\7-Zip\7-zip.dll 2024-07-29 08:11 - 2024-07-29 08:11 - 001654784 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\Fusion\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_none_758c8a477f89a995\8.0\8.0.50727.6195\MFC80U.DLL 2024-07-29 08:11 - 2024-07-29 08:11 - 000054272 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\Fusion\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_none_eeb8165fbcb9c171\8.0\8.0.50727.6195\MFC80DEU.DLL 2020-07-24 14:28 - 2020-07-24 14:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppvIsvSubsystems64.dll 2020-07-24 14:28 - 2020-07-24 14:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll 2024-07-28 15:35 - 2006-02-23 12:16 - 000047616 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\WINDOWS\System32\AvmColorFax.dll 2024-07-28 15:35 - 2006-02-22 10:53 - 000043520 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\WINDOWS\System32\AvmFax.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\DELL\Downloads\charles-proxy-4.6.7-win64.msi:MBAM.Zone.Identifier [128] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ============= BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-05-06] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-05-06] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-05-06] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-05-06] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-05-06] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 ____N C:\WINDOWS\system32\drivers\etc\hosts ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-4188264911-3070158168-183260160-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\DELL\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\5048297419475744386\133910229671160266.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) ist aktiviert. Network Binding: ============= Mobilfunk 5: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys Mobilfunk 11: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys Mobilfunk 12: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys Mobilfunk 13: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys Mobilfunk 3: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys WLAN 2: Intel(R) Dual Band Wireless-AC 8260 #2 -> Netwtw06.sys Mobilfunk 9: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys Mobilfunk 15: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys Mobilfunk 7: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys LAN-Verbindung: ExpressVPN TUN Driver -> expressvpn-tun.sys Ethernet 4: ExpressVPN TAP Adapter -> tapexpressvpn.sys Mobilfunk 8: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys Mobilfunk 10: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys Mobilfunk: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys Mobilfunk 6: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys Bluetooth-Netzwerkverbindung 2: Bluetooth Device (Personal Area Network) #2 -> bthpan.sys Mobilfunk 16: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys Mobilfunk 2: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys Mobilfunk 14: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys Mobilfunk 4: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys Mobilfunk 17: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys vms_vsf: Erweiterungsfilter für virtuellen Hyper-V-Switch vms_vsp: Extension-Protokoll für virtuellen Hyper-V-Switch ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "WavesSvc" HKLM\...\StartupApproved\Run: => "Everything" HKLM\...\StartupApproved\Run32: => "ExpressVPNNotificationService" HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\StartupApproved\StartupFolder: => "wsl.exe.lnk" HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\StartupApproved\StartupFolder: => "UltraSearch.lnk" HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\StartupApproved\Run: => "icq.desktop" HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_6B770857D9B81538FA9524CBB2D560C5" HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\StartupApproved\Run: => "ExpressVPN" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{32F12A14-036D-425A-9C13-736CCF6C5C46}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{9AE96CF4-BDD4-49AF-9C1E-30508C5BB6D1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{6CA682D6-7735-4166-9886-B833FF41A6E6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{F2CF960E-E92E-4543-B650-4E31E5C7E00C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{24B91EE2-D95B-4B66-8952-BC881DCDEF7E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{A0D43F94-4733-4FE2-B613-76D48E920469}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{EA380E9B-DA2E-495E-B1C8-A8BF2185C4F5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{6068608E-9B77-4F61-860A-AD178753BC40}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{1F155793-B851-4C4A-87FE-3EDF1ECDAF8B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{C0E5FC80-7685-475B-964D-026A9CE2B812}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{0629F242-9157-4086-A7DF-85CF540C1246}] => (Allow) C:\Users\DELL\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Communications, Inc.) FirewallRules: [{42424134-79BE-4DE6-BE45-A3AF9784FA67}] => (Allow) C:\Users\DELL\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{E6D31DA0-1AB2-419C-A85A-A93220A0E9C9}] => (Allow) C:\Users\DELL\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{54B3D08A-3D96-4718-B6E9-7F185763A60B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{523E35A2-6E90-4BE6-9B4D-4E6C57F312EE}] => (Allow) LPort=2869 FirewallRules: [{348BCD02-436B-49F3-89B3-50E6A091FAB8}] => (Allow) LPort=1900 FirewallRules: [TCP Query User{AC4BDD97-F052-45FF-904E-422E92EF09E4}C:\program files\charles\charles.exe] => (Allow) C:\program files\charles\charles.exe (XK72 Limited -> XK72 Ltd) FirewallRules: [UDP Query User{4AE9EA63-F627-433B-A30B-F483AB5A4772}C:\program files\charles\charles.exe] => (Allow) C:\program files\charles\charles.exe (XK72 Limited -> XK72 Ltd) FirewallRules: [{1A7D08AF-67B0-42C7-BABB-F97DD03B936A}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24137.2203.2894.4529_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A2CBB88F-EC54-47DD-BFDC-A85F0105BCE6}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24137.2203.2894.4529_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{9D8A1DAA-5838-4C9A-A56D-7CB70FA12841}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) FirewallRules: [UDP Query User{5913D701-4700-4290-B45B-47006AA06FD6}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) FirewallRules: [TCP Query User{8883B23B-7E9C-4240-867E-CA11B752E8CD}C:\program files\chamsys ltd\magicq pc\mqqt.exe] => (Allow) C:\program files\chamsys ltd\magicq pc\mqqt.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{35DE1E71-A4EA-4C29-BD42-A9A8B6404BAE}C:\program files\chamsys ltd\magicq pc\mqqt.exe] => (Allow) C:\program files\chamsys ltd\magicq pc\mqqt.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{A952653E-78A5-4643-B628-437D5E016FB4}C:\program files\chamsys ltd\magicq pc\mqqt.exe] => (Allow) C:\program files\chamsys ltd\magicq pc\mqqt.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{C6C18ACE-93E6-4364-A2EA-D3D08BE1FD74}C:\program files\chamsys ltd\magicq pc\mqqt.exe] => (Allow) C:\program files\chamsys ltd\magicq pc\mqqt.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{69D4C620-AE58-469D-B73B-737BF53C98D9}C:\users\dell\downloads\kdenlive-24.05.2_standalone\bin\kdenlive.exe] => (Allow) C:\users\dell\downloads\kdenlive-24.05.2_standalone\bin\kdenlive.exe (K Desktop Environment e. V. -> ) FirewallRules: [UDP Query User{616C3CFA-8262-4A59-90D7-ADEF81E3AB5E}C:\users\dell\downloads\kdenlive-24.05.2_standalone\bin\kdenlive.exe] => (Allow) C:\users\dell\downloads\kdenlive-24.05.2_standalone\bin\kdenlive.exe (K Desktop Environment e. V. -> ) FirewallRules: [TCP Query User{4252EA34-8FC9-4E9A-8EBC-913713BCA39A}C:\users\dell\downloads\kdenlive-24.05.2_standalone\bin\kdenlive.exe] => (Allow) C:\users\dell\downloads\kdenlive-24.05.2_standalone\bin\kdenlive.exe (K Desktop Environment e. V. -> ) FirewallRules: [UDP Query User{67BCD2AB-26C1-47A6-BBB2-9ACDFD0FC3F7}C:\users\dell\downloads\kdenlive-24.05.2_standalone\bin\kdenlive.exe] => (Allow) C:\users\dell\downloads\kdenlive-24.05.2_standalone\bin\kdenlive.exe (K Desktop Environment e. V. -> ) FirewallRules: [TCP Query User{2C716111-2862-4CDD-BF21-4B64E98E264F}C:\users\dell\videos\motke\kdenlive-24.05.2_standalone\bin\kdenlive.exe] => (Allow) C:\users\dell\videos\motke\kdenlive-24.05.2_standalone\bin\kdenlive.exe (K Desktop Environment e. V. -> ) FirewallRules: [UDP Query User{412AAB61-911B-418D-8D0E-4539305F7E9B}C:\users\dell\videos\motke\kdenlive-24.05.2_standalone\bin\kdenlive.exe] => (Allow) C:\users\dell\videos\motke\kdenlive-24.05.2_standalone\bin\kdenlive.exe (K Desktop Environment e. V. -> ) FirewallRules: [TCP Query User{D7C6B0F6-408B-4064-BCDE-88C49CA10DB9}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{00375296-C965-42B7-A5F4-02B3BAE70FBF}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [TCP Query User{D32E1271-55ED-4E3B-B509-DAD7471D839E}C:\users\dell\videos\motke\kdenlive-24.05.2_standalone\bin\kdenlive.exe] => (Allow) C:\users\dell\videos\motke\kdenlive-24.05.2_standalone\bin\kdenlive.exe (K Desktop Environment e. V. -> ) FirewallRules: [UDP Query User{03AB8F04-55A0-411B-9385-1509499C9A05}C:\users\dell\videos\motke\kdenlive-24.05.2_standalone\bin\kdenlive.exe] => (Allow) C:\users\dell\videos\motke\kdenlive-24.05.2_standalone\bin\kdenlive.exe (K Desktop Environment e. V. -> ) FirewallRules: [TCP Query User{11107DA3-80B8-4C50-BC84-EE14A29892EE}C:\users\dell\appdata\local\discord\app-1.0.9166\discord.exe] => (Block) C:\users\dell\appdata\local\discord\app-1.0.9166\discord.exe => Keine Datei FirewallRules: [UDP Query User{20C3FAED-AD4A-4C4A-ACEB-E2B4EA525AC5}C:\users\dell\appdata\local\discord\app-1.0.9166\discord.exe] => (Block) C:\users\dell\appdata\local\discord\app-1.0.9166\discord.exe => Keine Datei FirewallRules: [{759E873C-3C2F-4473-85DE-31CF7EE78017}] => (Allow) C:\Program Files\rekordbox\rekordbox 7.0.4\rekordbox.exe (AlphaTheta Corporation -> AlphaTheta Corporation) FirewallRules: [{9ABEF1FF-4280-4F83-95E4-58EA1367523E}] => (Allow) C:\Program Files\rekordbox\rekordbox 7.0.4\edb_streamd.exe (AlphaTheta Corporation -> ) FirewallRules: [{F6C2FA87-DE11-4B09-8EF1-6B0FF80E4E96}] => (Allow) C:\Program Files\rekordbox\rekordbox 7.0.4\rbHttpServer.exe (AlphaTheta Corporation -> ) FirewallRules: [{4DEE7CDA-E99F-45CD-A579-3DE49096EE08}] => (Allow) C:\Program Files\rekordbox\rekordbox 7.0.4\rekordboxAgent-win32-x64\rekordboxAgent.exe (AlphaTheta Corporation -> AlphaTheta Corporation) FirewallRules: [TCP Query User{02D6A7F7-90D7-41AC-B6A3-CCF63DF6F7CD}C:\users\dell\appdata\local\programs\ffmuc-meet\freifunkmeet.exe] => (Allow) C:\users\dell\appdata\local\programs\ffmuc-meet\freifunkmeet.exe (Freifunk Muenchen) [Datei ist nicht signiert] FirewallRules: [UDP Query User{F80FB61B-701A-456F-A44E-EE1078AD3EA3}C:\users\dell\appdata\local\programs\ffmuc-meet\freifunkmeet.exe] => (Allow) C:\users\dell\appdata\local\programs\ffmuc-meet\freifunkmeet.exe (Freifunk Muenchen) [Datei ist nicht signiert] FirewallRules: [TCP Query User{136F7DC2-AE9A-4F9F-823C-96519EFE2D17}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) FirewallRules: [UDP Query User{B6C0F0EA-F2F8-4A3B-94B9-04493B9F6C2C}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) FirewallRules: [{3CA40668-2E9F-481C-8CD3-504D90BB47EA}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA) FirewallRules: [{CEADCFA6-F808-49C6-8223-BC7AD513E05A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA) FirewallRules: [{177880F9-3C4D-4B4A-914A-81148C2D6AF5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.98\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0B67D6FC-439A-4DBB-8116-3DA8CDBDD5A8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25108.501.3586.7144_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{1D13CA68-4D7B-456F-BF23-1AA86C8321FE}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25108.501.3586.7144_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{BC95E44D-29BD-4896-A7F4-969BA30244E2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{4BB41468-787A-40F6-AF9B-65BCB106EF25}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{DA70361C-DCA6-4867-9FA2-EE9A0ED34C92}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{9D352E24-5191-44E1-AE33-53F42C42037D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{1FD71A90-C1A7-426B-A2FC-2DEA48F50F7C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{DE4E683A-1C92-46CD-860A-1355C1057AA3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{11093327-8905-4AAF-BACD-B51D4DDDD15A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{27D840F3-D208-4DF0-AD0C-98959461D00D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{BE159E41-7B8B-4885-9DDD-0394EA4AB81E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{7C5F7B63-2937-45B4-8DC7-CF9D8CE74127}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{1DA82C58-FEF1-45B1-8D7D-D229CEFB3459}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{3700806A-A89B-49C2-A494-4732042534CB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{92FAC7AB-9298-4A8D-A9EE-51EFDBBCE4DF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{ACE4ABF0-92A7-4363-A81A-0635AD71358C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Wiederherstellungspunkte ========================= 05-05-2025 00:06:29 Windows Update ==================== Fehlerhafte Geräte im Gerätemanager ============ Name: ExpressVPN TAP Adapter Description: ExpressVPN TAP Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: ExpressVPN Service: tapexpressvpn Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (05/06/2025 05:35:24 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT) Description: Das Programm RAVBg64.exe Version 1.0.0.274 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“. Error: (05/06/2025 05:27:22 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT) Description: Das Programm FRST64.exe Version 6.5.2025.0 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“. Error: (05/05/2025 12:15:19 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 25 Error: (05/05/2025 12:15:19 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 24 Error: (05/05/2025 12:15:19 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 23 Error: (05/05/2025 12:15:19 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 22 Error: (05/05/2025 12:15:19 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 21 Error: (05/05/2025 12:15:19 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 20 Systemfehler: ============= Error: (05/06/2025 06:00:01 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT-AUTORITÄT) Description: Beim Update für den sicheren Start konnte eine Variable für den sicheren Start nicht aktualisiert werden. Fehler: (-2147020471 = Sicheres Starten ist auf diesem Computer nicht aktiviert.). Weitere Informationen finden Sie unter https://go.microsoft.com/fwlink/?linkid=2169931 Error: (05/06/2025 05:33:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Error: (05/06/2025 05:33:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht. Error: (05/06/2025 05:33:02 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT-AUTORITÄT) Description: Beim Update für den sicheren Start konnte eine Variable für den sicheren Start nicht aktualisiert werden. Fehler: (-2147020471 = Sicheres Starten ist auf diesem Computer nicht aktiviert.). Weitere Informationen finden Sie unter https://go.microsoft.com/fwlink/?linkid=2169931 Error: (05/06/2025 05:30:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "MessagingService_424fc" wurde mit folgendem Fehler beendet: Das Gerät ist nicht bereit. Error: (05/06/2025 05:30:14 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Der Dienst Windows-Sicherheitsdienst konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden. Error: (05/06/2025 05:12:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9WZDNCRFJ3P2-MICROSOFT.ZUNEVIDEO Error: (05/06/2025 05:12:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9PKTQ5699M62-AppleInc.iCloud Windows Defender: ================ Date: 2025-05-05 08:44:37 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2025-05-03 09:09:15 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2025-05-02 02:23:39 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2025-04-26 23:10:03 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2025-04-26 15:20:32 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Event[0] Date: 2025-01-31 15:17:05 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.421.1619.0 Update Source: Microsoft Update-Server Security intelligence Type: AntiVirus Update Type: Voll Current Engine Version: Previous Engine Version: 1.1.24090.11 Error code: 0x80070102 Error description: Der Wartevorgang wurde abgebrochen. Date: 2025-01-31 15:17:05 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.421.1619.0 Update Source: Microsoft Update-Server Security intelligence Type: AntiVirus Update Type: Voll Current Engine Version: Previous Engine Version: 1.1.24090.11 Error code: 0x80070102 Error description: Der Wartevorgang wurde abgebrochen. Date: 2024-12-05 01:28:40 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.421.604.0 Update Source: Microsoft Update-Server Security intelligence Type: AntiVirus Update Type: Voll Current Engine Version: Previous Engine Version: 1.1.24090.11 Error code: 0x80072f8f Error description: Es ist ein Sicherheitsfehler aufgetreten. Date: 2024-04-25 16:52:11 Description: Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: Bei Zugriff Error Code: 0x80004005 Error description: Unbekannter Fehler Reason: Die Elementenüberprüfung des Filtertreibers wurde übersprungen, und er befindet sich nun im Durchleitungsmodus. Dies ist möglicherweise auf Ressourcenmangel zurückzuführen. Date: 2023-04-18 16:32:38 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.387.1204.0 Update Source: Microsoft Update-Server Security intelligence Type: AntiVirus Update Type: Voll Current Engine Version: Previous Engine Version: 1.1.20200.4 Error code: 0x80240016 Error description: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support". CodeIntegrity: =============== Date: 2025-05-06 20:07:23 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. ==================== Speicherinformationen =========================== BIOS: Dell Inc. 1.30.3 07/05/2022 Hauptplatine: Dell Inc. 077G26 Prozessor: Intel(R) Core(TM) m7-6Y75 CPU @ 1.20GHz Prozentuale Nutzung des RAM: 70% Installierter physikalischer RAM: 8087.25 MB Verfügbarer physikalischer RAM: 2404.21 MB Summe virtueller Speicher: 16174.5 MB Verfügbarer virtueller Speicher: 10250.12 MB ==================== Laufwerke ================================ Drive c: (Windows) (Fixed) (Total:237.36 GB) (Free:20.46 GB) (Model: PC300 NVMe SK hynix 256GB) NTFS Drive g: (Google Drive) (Fixed) (Total:100 GB) (Free:19.44 GB) (Model: PC300 NVMe SK hynix 256GB) FAT32 \\?\Volume{4795eaee-2d02-446e-8b03-022b7a97a1f0}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.32 GB) NTFS \\?\Volume{d6f0cb0a-1626-4fbe-8f5a-b14fdda53536}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: 55374CAC) Partition: GPT. ==================== Ende von Addition.txt ======================= Viele Grüße, X3nion |
Themen zu Plötzlich hohe CPU-Auslastung durch seltsame Prozesse (UtcSvc, Windows Driver Foundation) |
adobe, antivirus, bonjour, cpu, defender, firefox, google, internet, internet explorer, mozilla, performance, port, prozesse, realtek, registry, scan, services.exe, software, starten, svchost.exe, system, udp, updates, windows, wmi |