Zurück   Trojaner-Board > Web/PC > Alles rund um Windows

Alles rund um Windows: Plötzlich hohe CPU-Auslastung durch seltsame Prozesse (UtcSvc, Windows Driver Foundation)

Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows.

 
Alt 06.05.2025, 19:14   #1
X3nion
 
Plötzlich hohe CPU-Auslastung durch seltsame Prozesse (UtcSvc, Windows Driver Foundation) - Standard

Problem: Plötzlich hohe CPU-Auslastung durch seltsame Prozesse (UtcSvc, Windows Driver Foundation)



Guten Abend zusammen,

bei meinem Laptop mit Windows 11 lastet vor allem ein Dienst namens "Diensthost: UtcSvc, Benutzererfahrungen und Telemetrie im verbundenen Modus" die CPU mit 30% permanent aus. Ab und an schaltet sich "Windows Driver Foundation" mit ebenfalls ordentlicher CPU-Auslastung dazu und bremst das System zusätzlich.

Hier die Vorab-Logs:

FRST.txt

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 06-05-2025
durchgeführt von DELL (Administrator) auf DESKTOP-FLR7RSH (Dell Inc. Latitude 7370) (06-05-2025 20:02:12)
Gestartet von C:\Users\DELL\Desktop\Bereinigung\FRST64.exe
Geladene Profile: DELL
Plattform: Microsoft Windows 11 Pro Version 22H2 22621.4317 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe ->) (Expressco Services LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.SystemService.exe ->) (Expressco Services LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.) C:\Program Files\DellTPad\hidfind.exe
(C:\Program Files\DellTPad\HidMonitorSvc.exe ->) (ALPS ALPINE CO.,LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(C:\Program Files\Google\Drive File Stream\107.0.3.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\107.0.3.0\crashpad_handler.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_e6d6f5a306002a89\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e6d6f5a306002a89\igfxEM.exe
(explorer.exe ->) (Google LLC -> Google LLC.) C:\Program Files\Google\Drive File Stream\107.0.3.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2501.31.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe
(services.exe ->) (Expressco Services LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.AppService.exe
(services.exe ->) (Expressco Services LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.SystemService.exe
(services.exe ->) (Expressco Services LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.VpnService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e6d6f5a306002a89\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_141eb88527011137\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d0b39b11619fd0c4\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d0b39b11619fd0c4\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WSL\wslservice.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\UshUpgradeService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation) C:\Windows\System32\HostControlService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation) C:\Windows\System32\HostStorageService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Sierra Wireless, Inc -> Sierra Wireless, Inc.) C:\Windows\Sierra Wireless Inc\bin\SwiService.exe
(services.exe ->) (voidtools -> voidtools) C:\Program Files\Everything\Everything.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25032.52.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2517.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa\iCloud\iCloudOutlookConfig64.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mmgaserver.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [767480 2021-09-02] (ALPS ALPINE CO.,LTD. -> ALPSALPINE Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9230280 2017-06-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489384 2017-06-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2265104 2024-08-01] (voidtools -> voidtools)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [384808 2024-12-23] (Expressco Services LLC -> ExpressVPN)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\107.0.3.0\GoogleDriveFS.exe [65821280 2025-04-23] (Google LLC -> Google LLC.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\107.0.3.0\GoogleDriveFS.exe [65821280 2025-04-23] (Google LLC -> Google LLC.)
HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\107.0.3.0\GoogleDriveFS.exe [65821280 2025-04-23] (Google LLC -> Google LLC.)
HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler (Keine Datei)
HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\Run: [MicrosoftEdgeAutoLaunch_6B770857D9B81538FA9524CBB2D560C5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4045880 2025-05-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\Run: [ExpressVPN] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe [855336 2024-12-23] (Expressco Services LLC -> ExpressVPN)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\107.0.3.0\GoogleDriveFS.exe [65821280 2025-04-23] (Google LLC -> Google LLC.)
HKLM\...\Windows x64\Print Processors\Canon TS6200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDEO.DLL [482816 2018-07-17] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TS9500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDER.DLL [529408 2020-06-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS6200 series: C:\WINDOWS\system32\CNMLMEO.DLL [1303040 2018-07-17] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS9500 series: C:\WINDOWS\system32\CNMLMER.DLL [950272 2020-06-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\FRITZ!fax Color Port Monitor: C:\WINDOWS\system32\FritzColorPort64.dll [20480 2006-02-23] () [Datei ist nicht signiert]
HKLM\...\Print\Monitors\FRITZ!fax Port Monitor: C:\WINDOWS\system32\FritzPort64.dll [20480 2006-02-22] () [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\135.0.7049.116\Installer\chrmstp.exe [2025-05-01] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
Startup: C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\UltraSearch.lnk [2024-08-13]
ShortcutTarget: UltraSearch.lnk -> C:\Program Files\JAM Software\UltraSearch\UltraSearch.exe (JAM Software GmbH -> JAM Software)
Startup: C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wsl.exe.lnk [2023-03-03]
ShortcutTarget: wsl.exe.lnk -> C:\Windows\System32\wsl.exe (Microsoft Windows -> Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {56C0E9D4-5FF8-4800-9528-E6B474C9E327} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {1C088204-91D7-42CE-9FB8-BBB904E50CA8} - System32\Tasks\cron => C:\Windows\System32\wsl.exe [200704 2024-06-27] (Microsoft Windows -> Microsoft Corporation)
Task: {9B21F81D-8914-4ECF-BD3F-CAF0C44E6341} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem138.0.7156.0{444BE4D4-3E4C-4459-BACF-68FB4D1193EF} => C:\Program Files (x86)\Google\GoogleUpdater\138.0.7156.0\updater.exe [7096416 2025-05-02] (Google LLC -> Google LLC)
Task: {E6980EEB-29B1-4C76-A429-73F9121BB48E} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [307384 2025-05-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE6BED0E-F266-4E36-80E4-FFC32B20F371} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [307384 2025-05-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {A838DD24-EA2E-4CB6-98C5-E08A9C16EA24} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29102296 2025-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {57681E76-AAC1-4EBC-9DA1-17B71AC5BB56} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\opushutil.exe [68344 2025-05-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {DAAAB4D2-618C-43BB-A423-6D3469C0B6A9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29102296 2025-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {CD357957-83B3-4567-AB7F-14BA7CE158FB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [307384 2025-05-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {81510B79-FBE4-42D6-9D11-0FECBA5D62F5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [307384 2025-05-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {8D95F1D5-BB79-49A1-8556-1E474C30663F} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [213216 2025-05-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {CAB898C9-2EB7-4D1B-9872-23979FCB5C82} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe  (Keine Datei)
Task: {56AB6536-F726-41D0-9524-A2A256A6C9C2} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe  /RunOnAC RebootDialog (Keine Datei)
Task: {EFF4A8D7-E1CA-40DF-B699-BC125A0C46A0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe  /RunOnBattery RebootDialog (Keine Datei)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Keine Datei)
Task: {0F34717B-AFDF-4523-91D7-569E3E771B90} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1F860D2F-BB8C-4F02-832A-D063D7CD2723} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6343E625-5D26-4223-9514-BAD88B7C4FD4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E75345E5-3B14-4693-8596-2BEB1704C354} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D39894DC-F56D-416F-A1E2-A01DA99D7E2A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-05-02] (Mozilla Corporation -> Mozilla Foundation)
Task: {B3EE11FC-DF5C-4187-8CAC-DCEA112C13B4} - System32\Tasks\OneDrive Startup Task-S-1-5-21-4188264911-3070158168-183260160-1002 => C:\Users\DELL\AppData\Local\Microsoft\OneDrive\25.065.0406.0002\OneDriveLauncher.exe [679232 2025-05-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4A75A80-08D5-4DDF-81E6-7528D6A31240} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489384 2017-06-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {5B10C080-2EEB-46B5-A2F9-D9ABD30F4FBF} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-4188264911-3070158168-183260160-1002 => C:\Users\DELL\AppData\Roaming\Zoom\bin\Zoom.exe [434488 2025-03-08] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyServer: [S-1-5-21-4188264911-3070158168-183260160-1002] => http=127.0.0.1:8888;https=127.0.0.1:8888
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{30ed16cb-6eb1-4ae9-8971-c1af6465e341}: [DhcpNameServer] 10.30.128.1
Tcpip\..\Interfaces\{53439dba-5d82-482d-b110-ab9f1e337e23}: [DhcpNameServer] 10.30.128.1
Tcpip\..\Interfaces\{9f570ee7-188e-42b0-8e0e-9fc1014df8c1}: [NameServer] 100.64.100.1
Tcpip\..\Interfaces\{cd1f2afe-fce5-4bdd-be78-dca0869f7398}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{cd1f2afe-fce5-4bdd-be78-dca0869f7398}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{cd1f2afe-fce5-4bdd-be78-dca0869f7398}\64B4B40234C65726: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{cd1f2afe-fce5-4bdd-be78-dca0869f7398}\64B4B40234C65726: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{cd1f2afe-fce5-4bdd-be78-dca0869f7398}\74C65696370293: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{cd1f2afe-fce5-4bdd-be78-dca0869f7398}\74C65696370293: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{cd1f2afe-fce5-4bdd-be78-dca0869f7398}\960586F6E656: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{cd1f2afe-fce5-4bdd-be78-dca0869f7398}\D4167656E6471675C414E4D2333525B4: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{cd1f2afe-fce5-4bdd-be78-dca0869f7398}\D4167656E6471675C414E4D2333525B4: [DhcpDomain] speedport.ip
Tcpip\..\Interfaces\{fb9199cb-b79b-49d1-8c36-4cf47cbe360e}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{fb9199cb-b79b-49d1-8c36-4cf47cbe360e}: [DhcpDomain] fritz.box

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\DELL\AppData\Local\Microsoft\Edge\User Data\Default [2025-05-06]
Edge Extension: (Google Docs Offline) - C:\Users\DELL\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-05-01]
Edge Extension: (Edge relevant text changes) - C:\Users\DELL\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-04-18]

FireFox:
========
FF DefaultProfile: 08x1q7h1.default
FF ProfilePath: C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\tvktevs8.Test [2025-02-11]
FF ProfilePath: C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\08x1q7h1.default [2022-07-18]
FF ProfilePath: C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\0wam7xn9.default-release-1714733047451 [2025-05-06]
FF NetworkProxy: Mozilla\Firefox\Profiles\0wam7xn9.default-release-1714733047451 -> backup.ssl", "192.168.178.26"
FF Extension: (Tab Session Manager) - C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\0wam7xn9.default-release-1714733047451\Extensions\Tab-Session-Manager@sienori.xpi [2025-04-08]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-04-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-04-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-04-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR Profile: C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default [2025-03-13]
CHR Notifications: Default -> hxxps://www.reddit.com
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-02-09]
CHR Extension: (Tab Session Manager) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaiomicjabeggjcfkbimgmglanimpnae [2024-06-07]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-04-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-10]
CHR HKU\S-1-5-21-4188264911-3070158168-183260160-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-4188264911-3070158168-183260160-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [114976 2021-09-02] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
R2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [144784 2018-04-18] (Canon Inc. -> CANON INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13824208 2025-04-27] (Microsoft Corporation -> Microsoft Corporation)
R2 Everything; C:\Program Files\Everything\Everything.exe [2265104 2024-08-01] (voidtools -> voidtools)
R2 ExpressVPN App Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.AppService.exe [440616 2024-12-23] (Expressco Services LLC -> ExpressVPN)
R2 ExpressVPN System Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.SystemService.exe [440616 2024-12-23] (Expressco Services LLC -> ExpressVPN)
R2 ExpressVPN VPN Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.VpnService.exe [440616 2024-12-23] (Expressco Services LLC -> ExpressVPN)
R2 hostcontrolsvc; C:\WINDOWS\System32\HostControlService.exe [824424 2019-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
R2 hoststoragesvc; C:\WINDOWS\System32\HostStorageService.exe [170088 2019-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [446328 2023-09-13] (Canon Inc. -> )
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123320 2024-07-11] (The Document Foundation -> The Document Foundation)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe [2009608 2025-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [530448 2024-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SwiService; C:\WINDOWS\Sierra Wireless Inc\bin\SwiService.exe [1630184 2018-01-30] (Sierra Wireless, Inc -> Sierra Wireless, Inc.)
R2 ushupgradesvc; C:\WINDOWS\System32\UshUpgradeService.exe [274536 2019-12-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe [4538400 2025-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe [278320 2025-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AX88772; C:\WINDOWS\System32\DriverStore\FileRepository\netax88772.inf_amd64_f1efe88b4f90c639\ax88772.sys [116736 2022-05-07] (Microsoft Windows -> ASIX Electronics Corp.)
S3 bcmnfcusb; C:\WINDOWS\System32\drivers\bcmnfcusb.sys [58632 2019-12-16] (Broadcom Corporation -> Broadcom Corporation.)
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2022-11-23] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\driver\expressvpnsplittunnel.sys [46712 2024-12-23] (ExprsVPN LLC -> ExpressVPN)
R3 expressvpntun; C:\WINDOWS\System32\drivers\expressvpn-tun.sys [56552 2023-02-06] (Express VPN International Ltd. -> ExpressVPN)
R2 googledrivefs31626; C:\Program Files\Google\Drive File Stream\Drivers\31626\googledrivefs31626.sys [384096 2024-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-15] (Microsoft Windows -> Microsoft Corporation)
R3 swmbbser05; C:\WINDOWS\system32\DRIVERS\swmbbser05.sys [296488 2018-02-02] (Sierra Wireless, Inc -> Sierra Wireless Incorporated)
S3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [61496 2023-02-06] (ExprsVPN LLC -> The OpenVPN Project)
S3 UsbNcm; C:\WINDOWS\System32\drivers\UsbNcm.sys [167936 2024-04-20] (Microsoft Windows -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-04-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [605576 2025-04-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-15] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2025-05-06 17:39 - 2025-05-06 17:39 - 000723674 _____ C:\WINDOWS\system32\perfh007.dat
2025-05-06 17:39 - 2025-05-06 17:39 - 000149714 _____ C:\WINDOWS\system32\perfc007.dat
2025-05-06 17:28 - 2025-05-06 17:43 - 000000000 ____D C:\Users\DELL\Desktop\Bereinigung
2025-05-06 17:28 - 2025-05-06 17:28 - 000000000 ____D C:\Users\DELL\Downloads\Neuer Ordner (2)
2025-05-04 23:32 - 2025-05-04 23:32 - 000001292 _____ C:\Users\DELL\Downloads\DESKTOP-FLR7RSH.C21FAA7C-8555-2A44-BC54-43FFB5CA8CC5.mobileconfig
2025-05-04 22:56 - 2025-05-05 00:20 - 000000000 ____D C:\Users\DELL\AppData\Roaming\iMazing
2025-05-04 22:56 - 2025-05-04 23:20 - 000000000 ____D C:\Users\DELL\AppData\Local\DigiDNA
2025-05-04 22:51 - 2025-05-04 22:51 - 000000000 ____D C:\Program Files\iPod
2025-05-04 22:50 - 2025-05-04 22:50 - 000000000 ____D C:\Program Files\Bonjour
2025-05-04 22:50 - 2025-05-04 22:50 - 000000000 ____D C:\Program Files (x86)\Bonjour
2025-05-04 22:39 - 2025-05-04 22:39 - 000001870 _____ C:\Users\Public\Desktop\iMazing.lnk
2025-05-04 22:39 - 2025-05-04 22:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMazing
2025-05-04 22:39 - 2025-05-04 22:39 - 000000000 ____D C:\ProgramData\DigiDNA
2025-05-04 22:36 - 2025-05-04 22:36 - 000000000 ____D C:\Program Files\DigiDNA
2025-05-04 22:14 - 2025-05-04 22:14 - 000000000 ____D C:\Tenorshare
2025-05-04 14:44 - 2025-05-04 14:46 - 199341360 _____ (DigiDNA ) C:\Users\DELL\Downloads\iMazing3forWindows.exe
2025-05-04 14:38 - 2025-05-04 14:38 - 000000000 ____D C:\Users\DELL\Downloads\1832
2025-05-04 14:37 - 2025-05-04 23:00 - 000000000 ____D C:\Users\DELL\Downloads\183
2025-05-04 14:37 - 2025-05-04 14:37 - 000000000 ____D C:\Users\DELL\Downloads\1831
2025-05-04 13:28 - 2025-05-04 13:28 - 000000000 ____D C:\Users\DELL\.openjfx
2025-05-04 13:27 - 2025-05-04 13:27 - 000000884 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\blobsaver.lnk
2025-05-04 13:27 - 2025-05-04 13:27 - 000000872 _____ C:\Users\Public\Desktop\blobsaver.lnk
2025-05-04 13:27 - 2025-05-04 13:27 - 000000000 ____D C:\Program Files\blobsaver
2025-05-04 13:26 - 2025-05-04 13:26 - 045554213 _____ (airsquared ) C:\Users\DELL\Downloads\blobsaver-3.6.0.exe
2025-05-02 23:54 - 2025-05-02 23:54 - 000000000 ____D C:\Users\DELL\AppData\Roaming\Apple
2025-05-02 23:21 - 2025-05-04 22:57 - 000000000 ____D C:\Users\DELL\AppData\Roaming\Apple Computer
2025-05-02 23:20 - 2025-05-02 23:20 - 000000000 ____D C:\Users\DELL\AppData\Roaming\TSMonitor
2025-05-02 23:17 - 2025-05-04 22:14 - 000000000 ____D C:\Program Files (x86)\Tenorshare ReiBoot
2025-05-02 23:15 - 2025-05-02 23:15 - 073106528 _____ (Tenorshare ) C:\Users\DELL\Downloads\reiboot_11746220508479024601.exe
2025-05-02 23:10 - 2025-05-02 23:10 - 002959824 _____ C:\Users\DELL\Downloads\wootechy-imaster_setup.exe
2025-05-02 11:07 - 2025-05-06 17:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-05-01 17:02 - 2025-05-01 17:02 - 000000000 ____D C:\Users\DELL\Apple
2025-04-20 17:59 - 2025-04-20 17:59 - 000078122 _____ C:\Users\DELL\Downloads\Rechnung_Entwurf_enderle_Veranstaltungstechnik_2025-04-20-3.pdf
2025-04-20 17:58 - 2025-04-20 17:58 - 000072133 _____ C:\Users\DELL\Downloads\Rechnung_Entwurf_enderle_Veranstaltungstechnik_2025-04-20-2.pdf
2025-04-20 17:57 - 2025-04-20 17:57 - 000070817 _____ C:\Users\DELL\Downloads\Rechnung_Entwurf_enderle_Veranstaltungstechnik_2025-04-20-1.pdf
2025-04-20 17:36 - 2025-04-20 17:36 - 000061312 _____ C:\Users\DELL\Downloads\Rechnung_Entwurf_enderle_Veranstaltungstechnik_2025-04-20.pdf
2025-04-20 17:33 - 2025-04-20 17:33 - 000055081 _____ C:\Users\DELL\Downloads\vorlage_rechnung.pdf
2025-04-16 19:45 - 2025-04-16 19:45 - 000479825 _____ C:\Users\DELL\Documents\IMG_20250416_0003.pdf
2025-04-16 19:45 - 2025-04-16 19:45 - 000476751 _____ C:\Users\DELL\Documents\Erste Rechnung_20250416_0001.pdf
2025-04-16 19:22 - 2025-04-16 19:22 - 000471070 _____ C:\Users\DELL\Documents\IMG_20250416_0001.pdf
2025-04-16 19:22 - 2025-04-16 19:22 - 000468973 _____ C:\Users\DELL\Documents\Erste Rechnung unterschrieben_20250416_0001.pdf
2025-04-09 14:20 - 2025-05-06 17:30 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2025-04-08 16:28 - 2025-04-08 16:28 - 000002599 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WSL.lnk
2025-04-08 16:28 - 2025-04-08 16:28 - 000002546 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WSL Settings.lnk
2025-04-08 16:28 - 2025-04-08 16:28 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-04-08 16:27 - 2025-04-08 16:28 - 000000000 ____D C:\Program Files\WSL

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2025-05-06 20:03 - 2024-07-28 14:09 - 000000000 ____D C:\FRST
2025-05-06 20:02 - 2022-07-18 17:44 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-05-06 20:01 - 2022-11-24 00:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-05-06 20:01 - 2022-07-12 15:29 - 000000000 ___SD C:\Users\DELL\AppData\Roaming\Microsoft\Credentials
2025-05-06 20:01 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-05-06 17:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-05-06 17:43 - 2023-01-06 02:23 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-05-06 17:42 - 2023-01-06 02:23 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-05-06 17:42 - 2023-01-06 02:23 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2025-05-06 17:39 - 2022-11-24 00:44 - 001662892 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-05-06 17:39 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2025-05-06 17:35 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2025-05-06 17:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-05-06 17:31 - 2022-07-12 15:29 - 000000000 __SHD C:\Users\DELL\IntelGraphicsProfiles
2025-05-06 17:31 - 2021-01-19 09:10 - 000175043 _____ C:\WINDOWS\system32\CVFirmwareUpgradeLog.txt
2025-05-06 17:31 - 2020-07-24 14:28 - 000000000 ____D C:\Program Files\Microsoft Office
2025-05-06 17:30 - 2022-11-24 00:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-05-06 17:30 - 2022-07-18 17:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-05-06 17:30 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2025-05-06 17:30 - 2022-05-07 07:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2025-05-06 17:30 - 2021-01-19 09:08 - 000000000 ____D C:\Intel
2025-05-06 17:30 - 2020-07-24 13:20 - 000012288 ___SH C:\DumpStack.log.tmp
2025-05-06 17:29 - 2022-11-24 00:28 - 000000000 ____D C:\Users\DELL
2025-05-06 16:58 - 2022-07-12 16:07 - 000000000 ____D C:\Users\DELL\AppData\Local\D3DSCache
2025-05-06 01:25 - 2022-07-18 18:15 - 000000000 ____D C:\Users\DELL\AppData\Roaming\vlc
2025-05-06 01:06 - 2022-11-24 00:47 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-05-06 01:06 - 2022-11-24 00:47 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-05-04 22:51 - 2023-02-23 03:48 - 000000000 ____D C:\ProgramData\Apple Inc
2025-05-04 22:22 - 2022-07-12 16:12 - 000000000 ____D C:\Users\DELL\AppData\Roaming\Microsoft\MMC
2025-05-04 14:06 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-05-03 22:25 - 2024-04-18 19:24 - 000000000 ____D C:\ProgramData\CanonIJPLM
2025-05-03 14:32 - 2022-07-12 15:29 - 000000000 ____D C:\Users\DELL\AppData\Local\Packages
2025-05-03 14:25 - 2022-07-18 18:36 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-05-03 14:25 - 2022-07-18 18:36 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-05-03 00:52 - 2024-05-03 12:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-05-03 00:52 - 2022-07-18 17:44 - 000001072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-05-01 17:46 - 2025-02-06 16:46 - 000003568 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-4188264911-3070158168-183260160-1002
2025-05-01 17:46 - 2022-11-24 00:47 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4188264911-3070158168-183260160-1002
2025-05-01 17:46 - 2022-11-24 00:47 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4188264911-3070158168-183260160-1002
2025-05-01 17:46 - 2022-07-12 15:34 - 000002399 _____ C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-05-01 16:57 - 2023-02-23 03:48 - 000000000 ____D C:\ProgramData\Apple
2025-05-01 16:57 - 2022-07-12 15:38 - 000000000 ____D C:\Users\DELL\AppData\Local\Publishers
2025-05-01 16:57 - 2020-07-24 13:35 - 000000000 ____D C:\ProgramData\Packages
2025-05-01 16:52 - 2022-07-12 15:35 - 000000000 ____D C:\Users\DELL\AppData\Local\PlaceholderTileLogoFolder
2025-05-01 16:51 - 2023-03-10 19:26 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-05-01 16:51 - 2023-03-10 19:26 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-04-24 00:24 - 2023-01-05 23:51 - 000000000 ____D C:\Users\DELL\AppData\Roaming\audacity
2025-04-23 14:47 - 2023-03-24 19:29 - 000002180 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2025-04-23 14:47 - 2023-03-24 19:29 - 000002051 _____ C:\Users\DELL\Desktop\Google Drive.lnk
2025-04-20 18:25 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-04-15 22:52 - 2020-07-24 13:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-04-09 14:21 - 2022-11-22 16:41 - 000001062 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2025-04-08 15:55 - 2023-02-07 19:26 - 000000000 ____D C:\Users\DELL\AppData\Local\Zoom

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2024-08-24 12:35 - 2024-08-24 12:35 - 000000477 _____ () C:\Users\DELL\AppData\Local\kdeglobals
2024-08-16 00:59 - 2024-08-16 00:59 - 000008337 _____ () C:\Users\DELL\AppData\Local\kdenlive-layoutsrc
2024-08-16 00:59 - 2025-02-19 18:41 - 000004823 _____ () C:\Users\DELL\AppData\Local\kdenliverc
2024-08-18 00:27 - 2024-08-18 00:27 - 000000052 _____ () C:\Users\DELL\AppData\Local\klanguageoverridesrc
2024-11-03 14:32 - 2024-11-03 14:32 - 000013341 _____ () C:\Users\DELL\AppData\Local\recently-used.xbel
2024-08-18 00:29 - 2024-08-18 00:29 - 000005016 _____ () C:\Users\DELL\AppData\Local\user-places.xbel
2024-08-16 00:59 - 2024-08-16 00:59 - 000004735 _____ () C:\Users\DELL\AppData\Local\user-places.xbel.bak
2024-08-18 00:29 - 2024-08-18 00:29 - 000000000 _____ () C:\Users\DELL\AppData\Local\user-places.xbel.tbcache

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         
Addition.txt

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 06-05-2025
durchgeführt von DELL (06-05-2025 20:05:09)
Gestartet von C:\Users\DELL\Desktop\Bereinigung
Microsoft Windows 11 Pro Version 22H2 22621.4317 (X64) (2022-11-23 22:47:35)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-4188264911-3070158168-183260160-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4188264911-3070158168-183260160-503 - Limited - Disabled)
DELL (S-1-5-21-4188264911-3070158168-183260160-1002 - Administrator - Enabled) => C:\Users\DELL
Gast (S-1-5-21-4188264911-3070158168-183260160-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4188264911-3070158168-183260160-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 24.09 (x64) (HKLM\...\7-Zip) (Version: 24.09 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 25.001.20474 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601110}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Audacity 3.0.0 (HKLM-x32\...\Audacity_is1) (Version: 3.0.0 - Audacity Team)
Audacity 3.6.1 (64 Bit) (HKLM\...\Audacity_is1) (Version: 3.6.1 - Audacity Team)
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version:  - AVM Berlin)
blobsaver version 3.6.0 (HKLM\...\{F5EAE50A-1E3A-4DA5-B2F0-4D29968E59CD}_is1) (Version: 3.6.0 - airsquared)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.10.2 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.10.2.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.0.69 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.5.2 - Canon Inc.)
Canon TS6200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS6200_series) (Version: 1.02 - Canon Inc.)
Canon TS9500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS9500_series) (Version: 1.03 - Canon Inc.)
ChamSys MagicQ (HKLM\...\MagicQ) (Version: 1.9.6.0 - ChamSys Limited)
Charles 4.6.7 (HKLM\...\{CE0AF30E-47A4-44D2-A8E5-453A5048E26F}) (Version: 4.6.7.0 - XK72 Ltd)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.216 - ALPSALPINE CO., LTD.)
Dell WLAN Radio Switch Driver (HKLM\...\Dell WLAN Radio Switch Driver) (Version: 1.0.0.9 - Dell Inc)
Everything 1.4.1.1026 (x64) (HKLM\...\Everything) (Version: 1.4.1.1026 - voidtools)
ExpressVPN (HKLM-x32\...\{4904d2c4-f0e4-4ec2-ba32-7c8d7438ec22}) (Version: 12.88.0.36 - ExpressVPN)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B89B4D7855}) (Version: 12.88.0.36 - ExpressVPN) Hidden
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreifunkMeet 2024.3.0 (HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\a8637bf9-ca4c-588c-9e85-5a4f2068a371) (Version: 2024.3.0 - Freifunk Muenchen)
GIMP 2.10.38 (HKLM\...\GIMP-2_is1) (Version: 2.10.38 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 135.0.7049.116 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 107.0.3.0 - Google LLC)
iCloud Outlook (HKLM\...\{11727D12-D910-486F-9B36-B496F4AB334D}) (Version: 14.1.0.108 - Apple Inc.)
iMazing (HKLM\...\iMazing_is1) (Version: 3.1.2.0 - DigiDNA)
iPod-Unterstützung (HKLM\...\{5530CCC4-99F6-4198-BB1B-F1F78D6BCA76}) (Version: 12.11.3.7 - Apple Inc.)
LibreOffice 24.2.5.2 (HKLM\...\{7519E50A-1B31-4EAE-9AB3-DEB5C0F764F9}) (Version: 24.2.5.2 - The Document Foundation)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Microsoft .NET Host - 6.0.36 (x64) (HKLM\...\{D6932D97-36F1-40B8-9CDC-CA8365B21000}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.36 (x64) (HKLM\...\{A9E32B25-994B-4856-A12B-0EBED3050410}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.36 (x64) (HKLM\...\{C912E33F-956A-4921-9F55-CC11AE8F09AF}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft 365 - da-dk (HKLM\...\O365HomePremRetail - da-dk) (Version: 16.0.18730.20122 - Microsoft Corporation)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.18730.20122 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.18730.20122 - Microsoft Corporation)
Microsoft 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.18730.20122 - Microsoft Corporation)
Microsoft 365 - fi-fi (HKLM\...\O365HomePremRetail - fi-fi) (Version: 16.0.18730.20122 - Microsoft Corporation)
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.18730.20122 - Microsoft Corporation)
Microsoft 365 - it-it (HKLM\...\O365HomePremRetail - it-it) (Version: 16.0.18730.20122 - Microsoft Corporation)
Microsoft 365 - nb-no (HKLM\...\O365HomePremRetail - nb-no) (Version: 16.0.18730.20122 - Microsoft Corporation)
Microsoft 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.18730.20122 - Microsoft Corporation)
Microsoft 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 16.0.18730.20122 - Microsoft Corporation)
Microsoft 365 - pt-pt (HKLM\...\O365HomePremRetail - pt-pt) (Version: 16.0.18730.20122 - Microsoft Corporation)
Microsoft 365 - sv-se (HKLM\...\O365HomePremRetail - sv-se) (Version: 16.0.18730.20122 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 136.0.3240.50 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.98 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\OneDriveSetup.exe) (Version: 25.065.0406.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30156 (HKLM-x32\...\{692e16a0-c886-466d-91db-706f6f99ac96}) (Version: 14.29.30156.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30156 (HKLM-x32\...\{7ACE9888-9B5B-4041-90BA-6A5B470B21EB}) (Version: 14.29.30156 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30156 (HKLM-x32\...\{1F91919D-04A6-4A8C-8B81-FAF84FDB93F0}) (Version: 14.29.30156 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM\...\{61D4736B-3325-4D4A-BD41-8BD206C6A86E}) (Version: 48.144.23186 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM-x32\...\{0532b8f2-12d7-43de-95fc-7b87006758a8}) (Version: 6.0.36.34217 - Microsoft Corporation)
MiKTeX (HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\MiKTeX) (Version: 24.1 - MiKTeX.org)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 138.0.1 (x64 de)) (Version: 138.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 125.0.3 - Mozilla)
Mozilla Thunderbird (x64 de) (HKLM\...\Mozilla Thunderbird 128.9.1 (x64 de)) (Version: 128.9.1 - Mozilla)
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Novation USB Midi 2.27.0.66 (HKLM\...\Novation USB Midi Driver_is1) (Version: 2.27.0.66 - Novation DMS, Ltd.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18730.20122 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0406-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12527.20482 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040B-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0410-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0414-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-041D-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0816-1000-0000000FF1CE}) (Version: 16.0.12527.20482 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{87DABDEA-47A4-4182-AA7C-2C90DAAE3117}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6122 - Realtek Semiconductor Corp.)
rekordbox 7.0.4 64bit (HKLM\...\Pioneer rekordbox 7.0.4) (Version: 7.0.4.0021 - AlphaTheta)
Sierra Wireless Dell Mobile Broadband INF Package (HKLM\...\SWIDellDrvInstaller) (Version: 7.54.4799.0502 - Sierra Wireless, Inc.)
Telegram Desktop (HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 5.5.4 - Telegram FZ-LLC)
Texmaker 6.0.0 (64-bit) (HKLM-x32\...\{BDB36DD0-C209-4716-A9AD-8EAC74C31716}) (Version: 6.0.0.0 - Texmaker)
UltraSearch V4.3 (64 bit) (HKLM\...\UltraSearch_is1) (Version: 4.3 - JAM Software)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.92.0 - Winamp SA)
Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{66233218-CA57-4AB2-BA43-A97AA4635960}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{FC071B45-4A5F-408F-92F8-4D9D693E866F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Subsystem for Linux (HKLM\...\{1D48774E-EC31-48BA-ABEE-EF92019BAC42}) (Version: 2.4.13.0 - Microsoft Corporation) Hidden
Windows Subsystem for Linux Update (HKLM\...\{F8474A47-8B5D-4466-ACE3-78EAB3BF21A8}) (Version: 5.10.102.1 - Microsoft Corporation)
Windows Subsystem for Linux WSLg Preview (HKLM\...\{3CBDE512-7510-4F90-B1C0-7C4EB9DD7C26}) (Version: 1.0.27 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
zebNet Windows Keyfinder (HKLM\...\{BE5CE69C-C48B-4F67-8E42-BB9A41A5395B}_is1) (Version: 6.1.0.0 - zebNet Ltd)
Zoom Workplace (HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\ZoomUMX) (Version: 6.3.11 (60501) - Zoom Communications, Inc.)

Packages:
=========
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2025-04-22] (INTEL CORP) [Startup Task]
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2023-03-05] (Canon Inc.)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_2024.3.211.0_neutral__6rarf9sa4v8jt [2024-10-09] (Disney)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa [2025-05-06] (Apple Inc.) [Startup Task]
Instagram -> C:\Program Files\WindowsApps\www.instagram.com-3D2AAE46_42.0.23.1_neutral__ysfa6mcnwr1rw [2024-10-09] (www.instagram.com)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa [2025-05-01] (Apple Inc.) [Startup Task]
JAMSoftware.UltraSearchContextMenu -> C:\Program Files\JAM Software\UltraSearch [2024-08-13] (JAM Software)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_55.20331.573.0_x64__8wekyb3d8bbwe [2025-04-15] (Microsoft Corporation)
Net Speed Meter -> C:\Program Files\WindowsApps\4789ZeroByte.NetSpeedMeter_4.0.8.0_neutral__gvheqymwk6zrr [2025-04-15] (Zero Byte) [Startup Task]
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16 [2025-05-06] ()
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.150.3125.0_x64__kzf8qxf38zg5c [2025-05-06] (Skype)
Ubuntu 22.04.5 LTS -> C:\Program Files\WindowsApps\CanonicalGroupLimited.Ubuntu22.04LTS_2204.5.10021.0_x64__79rhkp1fndgsc [2025-02-23] (Canonical Group Limited)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2517.4.0_x64__cv1g1gvanyjgm [2025-05-06] (WhatsApp Inc.) [Startup Task]

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4188264911-3070158168-183260160-1002_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-4188264911-3070158168-183260160-1002_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-4188264911-3070158168-183260160-1002_Classes\CLSID\{8136A429-5EB1-4F19-ABBB-BC5EF06A0DFD}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-4188264911-3070158168-183260160-1002_Classes\CLSID\{daa67aa1-26c7-428f-9e3a-11cf2cc6144e}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\107.0.3.0\drivefsext.dll [2025-04-23] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\107.0.3.0\drivefsext.dll [2025-04-23] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\107.0.3.0\drivefsext.dll [2025-04-23] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\107.0.3.0\drivefsext.dll [2025-04-23] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\107.0.3.0\drivefsext.dll [2025-04-23] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\107.0.3.0\drivefsext.dll [2025-04-23] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\107.0.3.0\drivefsext.dll [2025-04-23] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\107.0.3.0\drivefsext.dll [2025-04-23] (Google LLC -> Google LLC.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\107.0.3.0\drivefsext.dll [2025-04-23] (Google LLC -> Google LLC.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\107.0.3.0\drivefsext.dll [2025-04-23] (Google LLC -> Google LLC.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\107.0.3.0\drivefsext.dll [2025-04-23] (Google LLC -> Google LLC.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [Datei ist nicht signiert]

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\DELL\Desktop\Ausbalanciert.lnk -> C:\Ausbalanciert.bat ()
Shortcut: C:\Users\DELL\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()
Shortcut: C:\Users\DELL\Desktop\Höchstleistung.lnk -> C:\Höchstleistung.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2024-07-28 15:35 - 2006-02-23 11:35 - 000020480 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\FritzColorPort64.dll
2024-07-28 15:35 - 2006-02-22 10:39 - 000020480 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\FritzPort64.dll
2023-03-02 04:09 - 2016-10-21 17:06 - 000318976 _____ (CANON INC) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\scchmpm.dll
2023-03-02 04:09 - 2017-06-27 11:59 - 000219648 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnmpu2.dll
2023-03-02 04:09 - 2017-11-02 16:36 - 000008704 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_DEU.DLL
2023-03-02 04:09 - 2017-11-02 16:36 - 000104960 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2024-12-30 20:27 - 2024-11-29 20:00 - 000101376 _____ (Igor Pavlov) [Datei ist nicht signiert] C:\Program Files\7-Zip\7-zip.dll
2024-07-29 08:11 - 2024-07-29 08:11 - 001654784 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\Fusion\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_none_758c8a477f89a995\8.0\8.0.50727.6195\MFC80U.DLL
2024-07-29 08:11 - 2024-07-29 08:11 - 000054272 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\Fusion\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_none_eeb8165fbcb9c171\8.0\8.0.50727.6195\MFC80DEU.DLL
2020-07-24 14:28 - 2020-07-24 14:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppvIsvSubsystems64.dll
2020-07-24 14:28 - 2020-07-24 14:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2024-07-28 15:35 - 2006-02-23 12:16 - 000047616 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\WINDOWS\System32\AvmColorFax.dll
2024-07-28 15:35 - 2006-02-22 10:53 - 000043520 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\WINDOWS\System32\AvmFax.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\DELL\Downloads\charles-proxy-4.6.7-win64.msi:MBAM.Zone.Identifier [128]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-05-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-05-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-05-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-05-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-05-06] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 ____N C:\WINDOWS\system32\drivers\etc\hosts

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4188264911-3070158168-183260160-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\DELL\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\5048297419475744386\133910229671160266.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
 ist aktiviert.

Network Binding:
=============
Mobilfunk 5: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilfunk 11: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilfunk 12: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilfunk 13: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilfunk 3: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
WLAN 2: Intel(R) Dual Band Wireless-AC 8260 #2 -> Netwtw06.sys
Mobilfunk 9: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilfunk 15: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilfunk 7: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
LAN-Verbindung: ExpressVPN TUN Driver -> expressvpn-tun.sys
Ethernet 4: ExpressVPN TAP Adapter -> tapexpressvpn.sys
Mobilfunk 8: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilfunk 10: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilfunk: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilfunk 6: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Bluetooth-Netzwerkverbindung 2: Bluetooth Device (Personal Area Network) #2 -> bthpan.sys
Mobilfunk 16: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilfunk 2: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilfunk 14: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilfunk 4: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilfunk 17: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys

vms_vsf: Erweiterungsfilter für virtuellen Hyper-V-Switch
vms_vsp: Extension-Protokoll für virtuellen Hyper-V-Switch

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKLM\...\StartupApproved\Run: => "Everything"
HKLM\...\StartupApproved\Run32: => "ExpressVPNNotificationService"
HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\StartupApproved\StartupFolder: => "wsl.exe.lnk"
HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\StartupApproved\StartupFolder: => "UltraSearch.lnk"
HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\StartupApproved\Run: => "icq.desktop"
HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_6B770857D9B81538FA9524CBB2D560C5"
HKU\S-1-5-21-4188264911-3070158168-183260160-1002\...\StartupApproved\Run: => "ExpressVPN"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{32F12A14-036D-425A-9C13-736CCF6C5C46}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9AE96CF4-BDD4-49AF-9C1E-30508C5BB6D1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6CA682D6-7735-4166-9886-B833FF41A6E6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F2CF960E-E92E-4543-B650-4E31E5C7E00C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{24B91EE2-D95B-4B66-8952-BC881DCDEF7E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A0D43F94-4733-4FE2-B613-76D48E920469}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EA380E9B-DA2E-495E-B1C8-A8BF2185C4F5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6068608E-9B77-4F61-860A-AD178753BC40}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1F155793-B851-4C4A-87FE-3EDF1ECDAF8B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C0E5FC80-7685-475B-964D-026A9CE2B812}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0629F242-9157-4086-A7DF-85CF540C1246}] => (Allow) C:\Users\DELL\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
FirewallRules: [{42424134-79BE-4DE6-BE45-A3AF9784FA67}] => (Allow) C:\Users\DELL\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{E6D31DA0-1AB2-419C-A85A-A93220A0E9C9}] => (Allow) C:\Users\DELL\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{54B3D08A-3D96-4718-B6E9-7F185763A60B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{523E35A2-6E90-4BE6-9B4D-4E6C57F312EE}] => (Allow) LPort=2869
FirewallRules: [{348BCD02-436B-49F3-89B3-50E6A091FAB8}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{AC4BDD97-F052-45FF-904E-422E92EF09E4}C:\program files\charles\charles.exe] => (Allow) C:\program files\charles\charles.exe (XK72 Limited -> XK72 Ltd)
FirewallRules: [UDP Query User{4AE9EA63-F627-433B-A30B-F483AB5A4772}C:\program files\charles\charles.exe] => (Allow) C:\program files\charles\charles.exe (XK72 Limited -> XK72 Ltd)
FirewallRules: [{1A7D08AF-67B0-42C7-BABB-F97DD03B936A}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24137.2203.2894.4529_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A2CBB88F-EC54-47DD-BFDC-A85F0105BCE6}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24137.2203.2894.4529_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{9D8A1DAA-5838-4C9A-A56D-7CB70FA12841}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [UDP Query User{5913D701-4700-4290-B45B-47006AA06FD6}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [TCP Query User{8883B23B-7E9C-4240-867E-CA11B752E8CD}C:\program files\chamsys ltd\magicq pc\mqqt.exe] => (Allow) C:\program files\chamsys ltd\magicq pc\mqqt.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{35DE1E71-A4EA-4C29-BD42-A9A8B6404BAE}C:\program files\chamsys ltd\magicq pc\mqqt.exe] => (Allow) C:\program files\chamsys ltd\magicq pc\mqqt.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{A952653E-78A5-4643-B628-437D5E016FB4}C:\program files\chamsys ltd\magicq pc\mqqt.exe] => (Allow) C:\program files\chamsys ltd\magicq pc\mqqt.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{C6C18ACE-93E6-4364-A2EA-D3D08BE1FD74}C:\program files\chamsys ltd\magicq pc\mqqt.exe] => (Allow) C:\program files\chamsys ltd\magicq pc\mqqt.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{69D4C620-AE58-469D-B73B-737BF53C98D9}C:\users\dell\downloads\kdenlive-24.05.2_standalone\bin\kdenlive.exe] => (Allow) C:\users\dell\downloads\kdenlive-24.05.2_standalone\bin\kdenlive.exe (K Desktop Environment e. V. -> )
FirewallRules: [UDP Query User{616C3CFA-8262-4A59-90D7-ADEF81E3AB5E}C:\users\dell\downloads\kdenlive-24.05.2_standalone\bin\kdenlive.exe] => (Allow) C:\users\dell\downloads\kdenlive-24.05.2_standalone\bin\kdenlive.exe (K Desktop Environment e. V. -> )
FirewallRules: [TCP Query User{4252EA34-8FC9-4E9A-8EBC-913713BCA39A}C:\users\dell\downloads\kdenlive-24.05.2_standalone\bin\kdenlive.exe] => (Allow) C:\users\dell\downloads\kdenlive-24.05.2_standalone\bin\kdenlive.exe (K Desktop Environment e. V. -> )
FirewallRules: [UDP Query User{67BCD2AB-26C1-47A6-BBB2-9ACDFD0FC3F7}C:\users\dell\downloads\kdenlive-24.05.2_standalone\bin\kdenlive.exe] => (Allow) C:\users\dell\downloads\kdenlive-24.05.2_standalone\bin\kdenlive.exe (K Desktop Environment e. V. -> )
FirewallRules: [TCP Query User{2C716111-2862-4CDD-BF21-4B64E98E264F}C:\users\dell\videos\motke\kdenlive-24.05.2_standalone\bin\kdenlive.exe] => (Allow) C:\users\dell\videos\motke\kdenlive-24.05.2_standalone\bin\kdenlive.exe (K Desktop Environment e. V. -> )
FirewallRules: [UDP Query User{412AAB61-911B-418D-8D0E-4539305F7E9B}C:\users\dell\videos\motke\kdenlive-24.05.2_standalone\bin\kdenlive.exe] => (Allow) C:\users\dell\videos\motke\kdenlive-24.05.2_standalone\bin\kdenlive.exe (K Desktop Environment e. V. -> )
FirewallRules: [TCP Query User{D7C6B0F6-408B-4064-BCDE-88C49CA10DB9}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{00375296-C965-42B7-A5F4-02B3BAE70FBF}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{D32E1271-55ED-4E3B-B509-DAD7471D839E}C:\users\dell\videos\motke\kdenlive-24.05.2_standalone\bin\kdenlive.exe] => (Allow) C:\users\dell\videos\motke\kdenlive-24.05.2_standalone\bin\kdenlive.exe (K Desktop Environment e. V. -> )
FirewallRules: [UDP Query User{03AB8F04-55A0-411B-9385-1509499C9A05}C:\users\dell\videos\motke\kdenlive-24.05.2_standalone\bin\kdenlive.exe] => (Allow) C:\users\dell\videos\motke\kdenlive-24.05.2_standalone\bin\kdenlive.exe (K Desktop Environment e. V. -> )
FirewallRules: [TCP Query User{11107DA3-80B8-4C50-BC84-EE14A29892EE}C:\users\dell\appdata\local\discord\app-1.0.9166\discord.exe] => (Block) C:\users\dell\appdata\local\discord\app-1.0.9166\discord.exe => Keine Datei
FirewallRules: [UDP Query User{20C3FAED-AD4A-4C4A-ACEB-E2B4EA525AC5}C:\users\dell\appdata\local\discord\app-1.0.9166\discord.exe] => (Block) C:\users\dell\appdata\local\discord\app-1.0.9166\discord.exe => Keine Datei
FirewallRules: [{759E873C-3C2F-4473-85DE-31CF7EE78017}] => (Allow) C:\Program Files\rekordbox\rekordbox 7.0.4\rekordbox.exe (AlphaTheta Corporation -> AlphaTheta Corporation)
FirewallRules: [{9ABEF1FF-4280-4F83-95E4-58EA1367523E}] => (Allow) C:\Program Files\rekordbox\rekordbox 7.0.4\edb_streamd.exe (AlphaTheta Corporation -> )
FirewallRules: [{F6C2FA87-DE11-4B09-8EF1-6B0FF80E4E96}] => (Allow) C:\Program Files\rekordbox\rekordbox 7.0.4\rbHttpServer.exe (AlphaTheta Corporation -> )
FirewallRules: [{4DEE7CDA-E99F-45CD-A579-3DE49096EE08}] => (Allow) C:\Program Files\rekordbox\rekordbox 7.0.4\rekordboxAgent-win32-x64\rekordboxAgent.exe (AlphaTheta Corporation -> AlphaTheta Corporation)
FirewallRules: [TCP Query User{02D6A7F7-90D7-41AC-B6A3-CCF63DF6F7CD}C:\users\dell\appdata\local\programs\ffmuc-meet\freifunkmeet.exe] => (Allow) C:\users\dell\appdata\local\programs\ffmuc-meet\freifunkmeet.exe (Freifunk Muenchen) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{F80FB61B-701A-456F-A44E-EE1078AD3EA3}C:\users\dell\appdata\local\programs\ffmuc-meet\freifunkmeet.exe] => (Allow) C:\users\dell\appdata\local\programs\ffmuc-meet\freifunkmeet.exe (Freifunk Muenchen) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{136F7DC2-AE9A-4F9F-823C-96519EFE2D17}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [UDP Query User{B6C0F0EA-F2F8-4A3B-94B9-04493B9F6C2C}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [{3CA40668-2E9F-481C-8CD3-504D90BB47EA}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{CEADCFA6-F808-49C6-8223-BC7AD513E05A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{177880F9-3C4D-4B4A-914A-81148C2D6AF5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.98\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0B67D6FC-439A-4DBB-8116-3DA8CDBDD5A8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25108.501.3586.7144_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1D13CA68-4D7B-456F-BF23-1AA86C8321FE}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25108.501.3586.7144_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BC95E44D-29BD-4896-A7F4-969BA30244E2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4BB41468-787A-40F6-AF9B-65BCB106EF25}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{DA70361C-DCA6-4867-9FA2-EE9A0ED34C92}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{9D352E24-5191-44E1-AE33-53F42C42037D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{1FD71A90-C1A7-426B-A2FC-2DEA48F50F7C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{DE4E683A-1C92-46CD-860A-1355C1057AA3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{11093327-8905-4AAF-BACD-B51D4DDDD15A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{27D840F3-D208-4DF0-AD0C-98959461D00D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{BE159E41-7B8B-4885-9DDD-0394EA4AB81E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{7C5F7B63-2937-45B4-8DC7-CF9D8CE74127}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1DA82C58-FEF1-45B1-8D7D-D229CEFB3459}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3700806A-A89B-49C2-A494-4732042534CB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{92FAC7AB-9298-4A8D-A9EE-51EFDBBCE4DF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ACE4ABF0-92A7-4363-A81A-0635AD71358C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

05-05-2025 00:06:29 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager ============
Name: ExpressVPN TAP Adapter
Description: ExpressVPN TAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ExpressVPN
Service: tapexpressvpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (05/06/2025 05:35:24 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Das Programm RAVBg64.exe Version 1.0.0.274 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.

Error: (05/06/2025 05:27:22 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Das Programm FRST64.exe Version 6.5.2025.0 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.

Error: (05/05/2025 12:15:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 25

Error: (05/05/2025 12:15:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24

Error: (05/05/2025 12:15:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23

Error: (05/05/2025 12:15:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22

Error: (05/05/2025 12:15:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21

Error: (05/05/2025 12:15:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20


Systemfehler:
=============
Error: (05/06/2025 06:00:01 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT-AUTORITÄT)
Description: Beim Update für den sicheren Start konnte eine Variable für den sicheren Start nicht aktualisiert werden. Fehler: (-2147020471 = Sicheres Starten ist auf diesem Computer nicht aktiviert.). Weitere Informationen finden Sie unter https://go.microsoft.com/fwlink/?linkid=2169931

Error: (05/06/2025 05:33:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (05/06/2025 05:33:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.

Error: (05/06/2025 05:33:02 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT-AUTORITÄT)
Description: Beim Update für den sicheren Start konnte eine Variable für den sicheren Start nicht aktualisiert werden. Fehler: (-2147020471 = Sicheres Starten ist auf diesem Computer nicht aktiviert.). Weitere Informationen finden Sie unter https://go.microsoft.com/fwlink/?linkid=2169931

Error: (05/06/2025 05:30:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "MessagingService_424fc" wurde mit folgendem Fehler beendet: 
Das Gerät ist nicht bereit.

Error: (05/06/2025 05:30:14 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows-Sicherheitsdienst konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (05/06/2025 05:12:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9WZDNCRFJ3P2-MICROSOFT.ZUNEVIDEO

Error: (05/06/2025 05:12:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9PKTQ5699M62-AppleInc.iCloud


Windows Defender:
================
Date: 2025-05-05 08:44:37
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-05-03 09:09:15
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-05-02 02:23:39
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-04-26 23:10:03
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-04-26 15:20:32
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]

Date: 2025-01-31 15:17:05
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.421.1619.0
Update Source: Microsoft Update-Server
Security intelligence Type: AntiVirus
Update Type: Voll
Current Engine Version: 
Previous Engine Version: 1.1.24090.11
Error code: 0x80070102
Error description: Der Wartevorgang wurde abgebrochen.  

Date: 2025-01-31 15:17:05
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.421.1619.0
Update Source: Microsoft Update-Server
Security intelligence Type: AntiVirus
Update Type: Voll
Current Engine Version: 
Previous Engine Version: 1.1.24090.11
Error code: 0x80070102
Error description: Der Wartevorgang wurde abgebrochen.  

Date: 2024-12-05 01:28:40
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.421.604.0
Update Source: Microsoft Update-Server
Security intelligence Type: AntiVirus
Update Type: Voll
Current Engine Version: 
Previous Engine Version: 1.1.24090.11
Error code: 0x80072f8f
Error description: Es ist ein Sicherheitsfehler aufgetreten.  

Date: 2024-04-25 16:52:11
Description: 
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Bei Zugriff
Error Code: 0x80004005
Error description: Unbekannter Fehler 
Reason: Die Elementenüberprüfung des Filtertreibers wurde übersprungen, und er befindet sich nun im Durchleitungsmodus. Dies ist möglicherweise auf Ressourcenmangel zurückzuführen. 

Date: 2023-04-18 16:32:38
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.387.1204.0
Update Source: Microsoft Update-Server
Security intelligence Type: AntiVirus
Update Type: Voll
Current Engine Version: 
Previous Engine Version: 1.1.20200.4
Error code: 0x80240016
Error description: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".  

CodeIntegrity:
===============
Date: 2025-05-06 20:07:23
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. 


==================== Speicherinformationen =========================== 

BIOS: Dell Inc. 1.30.3 07/05/2022
Hauptplatine: Dell Inc. 077G26
Prozessor: Intel(R) Core(TM) m7-6Y75 CPU @ 1.20GHz
Prozentuale Nutzung des RAM: 70%
Installierter physikalischer RAM: 8087.25 MB
Verfügbarer physikalischer RAM: 2404.21 MB
Summe virtueller Speicher: 16174.5 MB
Verfügbarer virtueller Speicher: 10250.12 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:237.36 GB) (Free:20.46 GB) (Model: PC300 NVMe SK hynix 256GB) NTFS
Drive g: (Google Drive) (Fixed) (Total:100 GB) (Free:19.44 GB) (Model: PC300 NVMe SK hynix 256GB) FAT32

\\?\Volume{4795eaee-2d02-446e-8b03-022b7a97a1f0}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.32 GB) NTFS
\\?\Volume{d6f0cb0a-1626-4fbe-8f5a-b14fdda53536}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 55374CAC)

Partition: GPT.

==================== Ende von Addition.txt =======================
         
Ich wäre euch sehr dankbar, wenn sich jemand dieser Thematik annimmt!

Viele Grüße,
X3nion

 

Themen zu Plötzlich hohe CPU-Auslastung durch seltsame Prozesse (UtcSvc, Windows Driver Foundation)
adobe, antivirus, bonjour, cpu, defender, firefox, google, internet, internet explorer, mozilla, performance, port, prozesse, realtek, registry, scan, services.exe, software, starten, svchost.exe, system, udp, updates, windows, wmi




Ähnliche Themen: Plötzlich hohe CPU-Auslastung durch seltsame Prozesse (UtcSvc, Windows Driver Foundation)


  1. Hohe CPU-Auslastung durch svchost.exe
    Plagegeister aller Art und deren Bekämpfung - 20.12.2016 (5)
  2. Hohe CPU-Auslastung durch svhost.exe
    Alles rund um Windows - 30.11.2016 (6)
  3. Hohe CPU-Auslastung durch svchost.exe und Leerlaufprozesse(ram-auslastung)
    Plagegeister aller Art und deren Bekämpfung - 06.07.2016 (11)
  4. Hohe CPU bei Windows 10 durch 3 Prozesse
    Alles rund um Windows - 02.06.2016 (1)
  5. Hohe CPU Auslastung durch svchost.exe
    Plagegeister aller Art und deren Bekämpfung - 12.11.2014 (1)
  6. Hohe CPU-Auslastung, Rechner langsam, viele Prozesse (u.a. svchost.exe): Win Vista, Service Pack 2
    Log-Analyse und Auswertung - 28.04.2014 (13)
  7. Hohe CPU-Auslastung durch Systemunterbrechungen
    Netzwerk und Hardware - 14.03.2014 (1)
  8. immer hohe cpu auslastung und x viele doppelte prozesse :(
    Log-Analyse und Auswertung - 06.12.2013 (17)
  9. Viele Prozesse laufen (u.a. svchost.exe) - hohe CPU-Auslastung: Rechner langsam!
    Log-Analyse und Auswertung - 17.11.2013 (13)
  10. hohe CPU Auslastung ohne erkennbar laufende Prozesse
    Netzwerk und Hardware - 17.03.2013 (1)
  11. Hohe Cpu Auslastung + Seltsame Prozesse im Windows Task Manager was tun ?
    Plagegeister aller Art und deren Bekämpfung - 14.03.2013 (3)
  12. Hohe CPU Auslastung, >88 Prozesse, Lüfter läuft ständig, PC langsam
    Netzwerk und Hardware - 10.04.2012 (8)
  13. Plötzlich hohe Cpu auslastung, ohne erkennbaren Grund
    Plagegeister aller Art und deren Bekämpfung - 19.11.2010 (36)
  14. Hohe CPU-Auslastung, viele Prozesse
    Log-Analyse und Auswertung - 04.05.2010 (3)
  15. plötzlich hohe cpu auslastung
    Log-Analyse und Auswertung - 30.04.2010 (0)
  16. Internet-Explorer extrem langsam + hohe CPU-Auslastung + dubiose Prozesse...
    Log-Analyse und Auswertung - 04.02.2008 (0)
  17. Hohe CPU Auslastung durch GDFwSvc.exe
    Antiviren-, Firewall- und andere Schutzprogramme - 07.11.2007 (0)

Zum Thema Plötzlich hohe CPU-Auslastung durch seltsame Prozesse (UtcSvc, Windows Driver Foundation) - Guten Abend zusammen, bei meinem Laptop mit Windows 11 lastet vor allem ein Dienst namens "Diensthost: UtcSvc, Benutzererfahrungen und Telemetrie im verbundenen Modus" die CPU mit 30% permanent aus. Ab - Plötzlich hohe CPU-Auslastung durch seltsame Prozesse (UtcSvc, Windows Driver Foundation)...
Archiv
Du betrachtest: Plötzlich hohe CPU-Auslastung durch seltsame Prozesse (UtcSvc, Windows Driver Foundation) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.