Generelle PC-Reinigung zwecks Datentransfer

HaSu · Gestern, 09:14

Grüße liebes Forum//Board-Team;

Mir geht es hier grundsätzlich um eine generelle Bereinigung dieses "alten" Rechners, bevor dieser durch einen Neuen ersetzt wird. (Dieser hier ist leider nicht W11 kompatibel; Und da das Case Upgradeparts nicht unterstützt muss ein neuer her; Nur so als Sidenote

)
Da ich keine "Keime" Verschleppen will wenn ich div. Daten von einem Rechner auf einen anderen Rechner verlege wollte ich ihn ein letztes Mal "grundreinien".
Auch wäre es von Vorteil wenn ein "eingelagerter" PC nicht belastet ist, falls dieser in ferner Zukunft doch nochmals verwendet wird.

Windows-Defender hat zwar über die Jahre nie etwas gefunden, aber wer weiß was sich so an ihm vorbeigeschummelt hat.

Nebenbei läuft jetzt gerade ein Malwarebytes Benutzerdefinierter Scan + Rootkits (Im Offlinemodus) für alle Bereiche des PC's. Wenn ich davon einen LOG habe poste ich den auch hier hinein (Der kann nur etwas dauern)

Hier die FRST.txt

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-05-2025
durchgeführt von SUser (Administrator) auf STANDPC (Dell Inc. XPS 8700) (21-05-2025 09:38:33)
Gestartet von C:\Users\SUser\Desktop\FRST64.exe
Geladene Profile: SUser & User
Plattform: Microsoft Windows 10 Home Version 22H2 19045.5854 (X64) Sprache: Englisch (Vereinigte Staaten) -> Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\OneDrive\25.075.0420.0002\Microsoft.SharePoint.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe <2>
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5714f0dca6485379\Display.NvContainer\NVDisplay.Container.exe <3>
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.5853_none_7de3a0ec7cad0695\TiWorker.exe
(svchost.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe
(winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LogonUI.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Cm6620Sound] => C:\Program Files\Sades 7.1CH Gaming Headset\CPL\FaceLift_x64.exe [2250240 2014-04-11] () [Datei ist nicht signiert]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [368976 2025-03-17] (Apple Inc. -> Apple Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-3117560415-2877872214-3524472437-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4693600 2025-04-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3117560415-2877872214-3524472437-1002\...\Run: [MicrosoftEdgeAutoLaunch_FF85D3DE5509B8F71711D59094C6B89F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4045864 2025-05-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4045864 2025-05-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\...\Run: [electron.app.BlueStacks Services] => C:\Users\User\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe [162219656 2024-05-08] (Now.gg, INC -> now.gg, Inc.)
HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\...\Run: [com.squirrel.Teams.Teams] => C:\Users\User\AppData\Local\Microsoft\Teams\Update.exe [2591080 2023-12-12] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe -os-restarted --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb (Der Dateneintrag hat 86 weitere Zeichen). [695360 2025-05-18] (Mozilla Corporation -> Mozilla Corporation)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {B7CAD41C-D8C6-44AC-8208-D668323EC292} - System32\Tasks\{5A72DAC2-9CBD-4B68-954A-8A4F516038AC} => c:\program files (x86)\mozilla firefox\firefox.exe [695360 2025-05-18] (Mozilla Corporation -> Mozilla Corporation) -> hxxp://ui.skype.com/ui/0/7.24.0.104/de/abandoninstall?page=tsMain
Task: {62A13B36-E644-497D-8481-BEAD44C16D65} - System32\Tasks\{9FDADA98-3162-4011-BEA9-E65B8780080A} => c:\program files (x86)\mozilla firefox\firefox.exe [695360 2025-05-18] (Mozilla Corporation -> Mozilla Corporation) -> hxxp://ui.skype.com/ui/0/7.2.60.103/de/abandoninstall?page=tsMain
Task: {4E2422CA-F179-4C87-A4EF-0E040CC3B6EC} - System32\Tasks\{D61C63D9-781E-4F56-BB5E-946C795BA0B5} => c:\program files (x86)\mozilla firefox\firefox.exe [695360 2025-05-18] (Mozilla Corporation -> Mozilla Corporation) -> hxxp://ui.skype.com/ui/0/7.2.0.103/de/abandoninstall?page=tsBing
Task: {EFCF80B2-A2D1-411F-90B8-5884EBAF0A29} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {9486D2C0-40E3-4D1E-822C-4F35C4A5855E} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [302960 2025-03-24] (Now.gg, INC -> BlueStack Systems, Inc.)
Task: {02BDD2FA-5032-44BC-AB7F-A4FB07621F12} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-05] (CyberLink Corp. -> CyberLink)
Task: {53E7E8E4-8C5C-493A-8954-5E073B56DCA6} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340440 2013-03-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {27FFDB79-5087-447F-8F7C-1CB205A3C843} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe  /launch (Keine Datei)
Task: {CFBB185F-D705-4F42-A715-47370EBC5E24} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {D90BC662-0566-4196-856B-1400DC59A985} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {C69E1B6F-2441-4EE8-B833-E4DF3D8FA0EA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [973768 2023-08-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {68AA54B7-49D2-4D2B-88C7-9F9D36F2D280} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [973768 2023-08-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {F836BA54-0870-445D-8187-5A9C58FD8C9F} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe  join (Keine Datei)
Task: {74025FC6-E744-48C4-B9D4-E5E7DF1EFA90} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [695360 2025-05-18] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {D6FC1A44-9036-4365-9C54-ACE323A8965F} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3117560415-2877872214-3524472437-1002 E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [695360 2025-05-18] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {C293CA74-9D06-4F4F-AB54-DA1EB4D920DD} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3117560415-2877872214-3524472437-1003 E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [695360 2025-05-18] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {B137CA96-3202-42F9-B8A1-0B69542612E9} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [34880 2025-05-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {36BE1054-B45D-44CA-BC97-5CCCEE747013} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [56192 2018-08-22] (Oracle America, Inc. -> Oracle Corporation)
Task: {C1D4C883-E29B-44D3-BEF4-546F84DDC521} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {9F839A45-DBA7-4ABF-B3B0-D949CEA5E953} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A7151D15-0479-4359-8AAD-2F2368333C88} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {102CBB70-2E46-4A03-8EE3-ACB0CF92686E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {00B22305-61B4-4464-B809-D1998C24A9C9} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3CB20AA3-C282-4D8B-9B89-BA232FF112EF} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {395B052A-1C6E-4ECC-B920-4F31DDB2B0CA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C7209AC4-E9D8-44B4-96C9-D4A34BF2C876} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A9A25CEE-53DE-404F-9A1E-A4794D877947} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D0AA176C-273F-4BE8-B8ED-03678EF125A9} - System32\Tasks\OneDrive Startup Task-S-1-5-21-3117560415-2877872214-3524472437-1003 => C:\Users\User\AppData\Local\Microsoft\OneDrive\25.075.0420.0002\OneDriveLauncher.exe [679728 2025-05-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {0DF2FCF2-716F-4DEB-83A1-C1A6419B3133} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1623574968 => C:\Users\User\AppData\Local\Programs\Opera GX\launcher.exe  -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\User\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {3AFC8277-A085-44A1-A536-F60045D2FF87} - System32\Tasks\Opera GX scheduled Autoupdate 1623574964 => C:\Users\User\AppData\Local\Programs\Opera GX\launcher.exe  --scheduledautoupdate $(Arg0) (Keine Datei)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 10.0.0.138
Tcpip\..\Interfaces\{36C353B1-36C3-49D3-B0CE-A4634A4D08D5}: [DhcpNameServer] 10.0.0.138 10.0.0.138
Tcpip\..\Interfaces\{36C353B1-36C3-49D3-B0CE-A4634A4D08D5}: [DhcpDomain] home
Tcpip\..\Interfaces\{36C353B1-36C3-49D3-B0CE-A4634A4D08D5}\3345572656F5537486A7F503544444: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C7061D1C-2136-4E66-8D81-71A5227C35DE}: [DhcpNameServer] 10.72.0.68 10.72.0.69

Edge: 
=======
Edge Profile: C:\Users\SUser\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-06]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\SUser\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-12-06]
Edge Extension: (Google Docs Offline) - C:\Users\SUser\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-06]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\SUser\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-12-06]
Edge Extension: (Edge relevant text changes) - C:\Users\SUser\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-12-06]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: w5otto2c.default-1671189486953
FF ProfilePath: C:\Users\SUser\AppData\Roaming\Mozilla\Firefox\Profiles\w5otto2c.default-1671189486953 [2025-05-06]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nicht gefunden
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-20] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-20] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-09-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.15 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103760 2025-03-27] (Apple Inc. -> Apple Inc.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3384464 2025-05-01] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3054128 2023-08-16] (Microsoft Corporation -> Microsoft Corporation)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2358800 2022-05-19] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-08-21] (HP Inc. -> HP Inc.)
S4 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-24] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S4 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123304 2025-03-21] (The Document Foundation -> The Document Foundation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9445832 2025-05-20] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-05-19] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe [2009608 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5714f0dca6485379\Display.NvContainer\NVDisplay.Container.exe [1274888 2024-06-25] (NVIDIA Corporation -> NVIDIA Corporation)
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink Corp. -> CyberLink)
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe [4538400 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe [278320 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 3dxhid; C:\WINDOWS\system32\DRIVERS\3dxhid.sys [49560 2021-10-16] (3Dconnexion SAM -> 3Dconnexion SAM)
S3 AF15BDA; C:\WINDOWS\System32\Drivers\AF15BDA.sys [518272 2010-06-22] (Microsoft Windows Hardware Compatibility Publisher -> ITETech)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [394176 2025-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Bluestack System Inc.)
S3 CMUAC; C:\WINDOWS\system32\DRIVERS\CMUAC.SYS [572416 2014-01-08] (C-MEDIA ELECTRONICS INC. -> C-Media Inc.)
S3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [46528 2023-03-14] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-04-11] (Techporch Incorporated -> Dell Computer Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2025-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-05-19] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\Drivers\farflt.sys [210536 2025-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\System32\Drivers\mbam.sys [80984 2025-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [242752 2025-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188232 2025-05-20] (Malwarebytes Inc -> Malwarebytes)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [163644 2023-12-21] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Datei ist nicht signiert]
S3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46896 2018-07-06] (SteelSeries ApS -> )
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [48800 2022-02-23] (SteelSeries ApS -> SteelSeries ApS)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 USBPcap; C:\WINDOWS\system32\DRIVERS\USBPcap.sys [48960 2018-08-14] (Tomasz Moń -> USBPcap)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [20016 2025-04-10] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [605576 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 DDDriver; \SystemRoot\system32\drivers\DDDriver64Dcsa.sys [X]
S3 MpKsl3081e4ea; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{77802640-A48B-4BB1-95D1-03369AD8EC04}\MpKslDrv.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2025-05-21 09:38 - 2025-05-21 09:40 - 000028626 _____ C:\Users\SUser\Desktop\FRST.txt
2025-05-21 09:37 - 2025-05-20 17:38 - 002405888 _____ (Farbar) C:\Users\SUser\Desktop\FRST64.exe
2025-05-20 19:05 - 2025-05-20 19:26 - 000000000 ____D C:\Users\User\AppData\LocalLow\IGDump
2025-05-20 17:53 - 2025-05-20 17:54 - 000068047 _____ C:\Users\User\Desktop\Addition.txt
2025-05-20 17:52 - 2025-05-20 17:53 - 000040449 _____ C:\Users\User\Desktop\FRST.txt
2025-05-20 17:47 - 2025-05-21 09:37 - 000000000 ____D C:\Users\SUser\AppData\Local\Malwarebytes
2025-05-20 17:37 - 2025-05-20 17:38 - 002405888 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2025-05-20 17:33 - 2025-05-20 17:33 - 000188232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2025-05-20 00:36 - 2025-05-21 09:33 - 000000000 ____D C:\Users\User\AppData\Local\Malwarebytes
2025-05-20 00:36 - 2025-05-20 00:36 - 000002107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-05-20 00:36 - 2025-05-20 00:36 - 000002095 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2025-05-20 00:35 - 2025-05-20 00:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-05-20 00:34 - 2025-05-20 00:35 - 000000000 ____D C:\Program Files\Malwarebytes
2025-05-20 00:34 - 2025-05-20 00:34 - 002827496 _____ (Malwarebytes) C:\Users\User\Downloads\MBSetup.exe
2025-05-19 18:57 - 2025-05-19 18:57 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3117560415-2877872214-3524472437-1003
2025-05-19 18:57 - 2025-05-19 18:57 - 000002437 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-05-14 18:00 - 2025-05-14 18:00 - 000022680 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-05-14 17:56 - 2025-05-14 17:56 - 000022680 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-05-14 17:05 - 2025-05-14 17:05 - 000000000 ___HD C:\$WinREAgent
2025-05-13 20:37 - 2025-05-13 20:37 - 000088557 _____ C:\Users\User\Desktop\2018_01_Entschuldigung.pdf
2025-05-06 18:14 - 2025-05-06 18:14 - 000000000 ____D C:\Users\SUser\AppData\Roaming\LibreOffice
2025-05-06 18:14 - 2025-05-06 18:14 - 000000000 ____D C:\Users\SUser\AppData\Roaming\gnupg
2025-05-06 18:14 - 2025-05-06 18:14 - 000000000 ____D C:\Users\SUser\AppData\Local\gnupg
2025-05-03 23:13 - 2025-05-03 23:13 - 000000000 ____D C:\Users\User\AppData\LocalLow\CatfoodStudio
2025-05-03 22:55 - 2025-05-03 22:55 - 000000000 ____D C:\Users\User\AppData\Roaming\Valve Corporation
2025-05-03 22:15 - 2025-05-03 22:15 - 000943840 _____ (now.gg, Inc.) C:\Users\User\Downloads\BlueStacksInstaller_5.22.70.1039_native_971e9f8f38cb721cf6236aef3d818154_MDs1LDM7MTUsMTsxNSw0OzE1LDU7MTU=.exe
2025-05-01 16:09 - 2025-05-20 17:27 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Balena Ltd
2025-05-01 16:09 - 2025-05-20 17:27 - 000000000 ____D C:\Users\User\AppData\Local\balena_etcher
2025-05-01 16:09 - 2025-05-07 18:36 - 000000000 ____D C:\Users\User\AppData\Roaming\balenaEtcher
2025-05-01 16:08 - 2025-05-01 16:08 - 182012512 _____ (Balena Ltd. <hello@balena.io>) C:\Users\User\Downloads\balenaEtcher-2.1.0.Setup.exe
2025-05-01 16:07 - 2025-05-01 16:07 - 000000258 __RSH C:\ProgramData\ntuser.pol
2025-05-01 15:58 - 2025-05-01 15:58 - 000000000 ____D C:\Users\User\AppData\Roaming\gnupg
2025-05-01 15:58 - 2025-05-01 15:58 - 000000000 ____D C:\Users\User\AppData\Local\gnupg
2025-05-01 15:48 - 2025-05-01 15:48 - 000000000 ____D C:\Program Files (x86)\gnupg
2025-05-01 15:46 - 2025-05-01 15:46 - 005625560 _____ (The GnuPG Project) C:\Users\User\Desktop\gnupg-w32-2.4.7_20241125.exe
2025-05-01 15:44 - 2025-05-01 15:44 - 000000000 ____D C:\Users\User\Desktop\ISO-Check
2025-04-29 21:13 - 2025-04-29 21:13 - 000001818 _____ C:\Users\Public\Desktop\iTunes.lnk
2025-04-29 21:13 - 2025-04-29 21:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2025-04-29 21:13 - 2025-04-29 21:13 - 000000000 ____D C:\Program Files\iTunes
2025-04-28 14:54 - 2025-04-28 15:12 - 000000000 ____D C:\Users\User\Downloads\check
2025-04-25 16:11 - 2025-04-25 16:11 - 001549663 _____ C:\Users\User\Downloads\Studie zu den Verteilungswirkungen Entlastung Österreich - Phasen 2 und 3 - 2019.pdf
2025-04-25 14:38 - 2025-04-25 14:38 - 000486077 _____ C:\Users\User\Downloads\545035006.pdf

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2025-05-21 09:41 - 2014-09-03 04:04 - 000000000 ____D C:\ProgramData\NVIDIA
2025-05-21 09:39 - 2023-06-08 20:33 - 000000000 ____D C:\FRST
2025-05-21 09:38 - 2021-12-17 02:32 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-05-21 09:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-05-21 09:37 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-05-21 09:30 - 2021-07-07 19:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-05-21 09:07 - 2022-02-22 21:45 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-05-20 18:15 - 2021-07-07 20:23 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2025-05-20 17:51 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2025-05-20 17:35 - 2018-04-04 09:32 - 000000000 ____D C:\Users\SUser\AppData\Local\Google
2025-05-20 17:35 - 2018-04-04 09:32 - 000000000 ____D C:\Program Files (x86)\Google
2025-05-20 17:17 - 2024-11-15 15:00 - 000008192 ___SH C:\DumpStack.log.tmp
2025-05-20 17:17 - 2021-07-07 19:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-05-20 17:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2025-05-20 06:20 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-05-20 00:36 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-05-19 23:27 - 2025-04-11 21:21 - 000000000 ____D C:\Users\User\Desktop\Work
2025-05-19 23:25 - 2016-06-29 20:58 - 000000000 ____D C:\Users\User\AppData\Roaming\discord
2025-05-19 23:13 - 2024-04-20 00:33 - 000000000 ____D C:\Users\User\AppData\Local\Discord
2025-05-19 23:13 - 2024-02-02 14:24 - 000000000 ____D C:\Users\User\AppData\Local\Battle.net
2025-05-19 23:01 - 2021-07-08 04:56 - 000741554 _____ C:\WINDOWS\system32\perfh007.dat
2025-05-19 23:01 - 2021-07-08 04:56 - 000149804 _____ C:\WINDOWS\system32\perfc007.dat
2025-05-19 23:01 - 2021-07-07 19:51 - 001725476 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-05-19 18:57 - 2025-02-05 21:47 - 000003574 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-3117560415-2877872214-3524472437-1003
2025-05-19 18:57 - 2021-12-12 19:42 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3117560415-2877872214-3524472437-1003
2025-05-19 16:28 - 2023-12-14 22:46 - 000000000 ____D C:\Users\User\AppData\Roaming\CurseForge
2025-05-19 16:25 - 2021-07-07 20:17 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-05-19 16:25 - 2021-07-07 20:17 - 000003660 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d773587e26306e
2025-05-19 15:29 - 2020-05-11 22:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2025-05-19 15:29 - 2014-09-23 22:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-05-18 11:47 - 2022-02-06 17:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-05-18 11:47 - 2014-09-23 22:27 - 000001237 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-05-17 20:19 - 2021-07-07 19:30 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-05-17 20:19 - 2017-01-31 23:00 - 000000000 ____D C:\Users\User\AppData\Local\Spotify
2025-05-17 20:18 - 2017-01-31 23:00 - 000000000 ____D C:\Users\User\AppData\Roaming\Spotify
2025-05-15 20:36 - 2021-06-25 16:39 - 000000000 ____D C:\Program Files (x86)\Steam
2025-05-14 19:18 - 2022-12-16 15:01 - 000505456 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-05-14 19:14 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2025-05-14 19:14 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-05-14 19:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-05-14 19:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-05-14 19:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-05-14 19:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-05-14 19:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-05-14 19:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2025-05-14 19:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-05-14 19:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-05-14 19:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-05-14 19:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-05-14 19:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-05-14 19:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-05-14 19:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-05-14 19:14 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2025-05-14 18:11 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-05-14 17:56 - 2021-07-07 19:31 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-05-13 21:09 - 2014-09-23 22:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-05-13 20:58 - 2014-09-23 22:54 - 214836568 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-05-09 18:57 - 2017-11-05 21:23 - 000000000 ____D C:\Users\User\Desktop\RP
2025-05-09 15:29 - 2024-04-20 00:34 - 000002283 _____ C:\Users\User\Desktop\Discord.lnk
2025-05-08 17:24 - 2025-04-09 18:37 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
2025-05-08 16:42 - 2025-04-09 18:38 - 000000000 ____D C:\ProgramData\bst_boost_interprocess
2025-05-08 16:42 - 2021-11-26 21:10 - 000000000 ____D C:\Users\User\AppData\Local\BlueStacks X
2025-05-07 22:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-05-07 19:11 - 2021-11-29 17:45 - 000000000 ____D C:\Users\User\AppData\Roaming\slobs-client
2025-05-07 18:17 - 2014-09-17 22:11 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2025-05-07 18:07 - 2014-10-25 20:14 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Word
2025-05-07 18:06 - 2015-03-31 12:09 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Excel
2025-05-06 18:21 - 2014-09-17 13:39 - 000000000 ____D C:\Users\SUser\AppData\Roaming\Microsoft\UProof
2025-05-06 18:21 - 2014-09-17 13:39 - 000000000 ____D C:\Users\SUser\AppData\Roaming\Microsoft\Office
2025-05-06 18:20 - 2014-09-17 13:39 - 000000000 ____D C:\Users\SUser\AppData\Roaming\Microsoft\Word
2025-05-06 18:09 - 2014-09-17 22:08 - 000000000 ____D C:\Users\SUser\AppData\Local\Packages
2025-05-06 18:08 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-05-04 18:21 - 2018-11-29 12:10 - 000000000 ____D C:\Users\User\AppData\Roaming\Notepad++
2025-05-04 12:55 - 2020-05-21 10:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2025-05-03 22:57 - 2014-11-08 11:17 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2025-05-03 21:56 - 2014-09-23 22:32 - 000002116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2025-05-01 16:09 - 2016-06-29 20:55 - 000000000 ____D C:\Users\User\AppData\Local\SquirrelTemp
2025-05-01 15:49 - 2021-07-07 19:41 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2017-11-07 12:10 - 2025-02-05 19:07 - 000007603 _____ () C:\Users\SUser\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

Und die Addition.txt

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-05-2025
durchgeführt von SUser (21-05-2025 09:41:46)
Gestartet von C:\Users\SUser\Desktop
Microsoft Windows 10 Home Version 22H2 19045.5854 (X64) (2021-07-07 17:54:34)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-3117560415-2877872214-3524472437-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3117560415-2877872214-3524472437-503 - Limited - Disabled)
Guest (S-1-5-21-3117560415-2877872214-3524472437-501 - Limited - Disabled)
SUser (S-1-5-21-3117560415-2877872214-3524472437-1002 - Administrator - Enabled) => C:\Users\SUser
User (S-1-5-21-3117560415-2877872214-3524472437-1003 - Limited - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-3117560415-2877872214-3524472437-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Android Studio (HKLM\...\Android Studio) (Version: 3.3 - Google LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{4D2C51C8-6939-4BBC-805B-B5B94DB4AE96}) (Version: 18.5.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
blender (HKLM\...\{A449CA81-C1F2-45F2-8885-0E78EBA14D6C}) (Version: 3.6.4 - Blender Foundation)
BlueStacks (HKLM\...\BlueStacks_nxt) (Version: 5.22.51.1038 - now.gg, Inc.)
BlueStacks Services (HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\...\BlueStacksServices) (Version: 3.0.9 - now.gg, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cisco Packet Tracer 7.1.1 64Bit (HKLM\...\Cisco Packet Tracer 7.1.1 64Bit_is1) (Version: 7.1.1.0132 - Cisco Systems, Inc.)
Cisco Packet Tracer 7.2.1 64Bit (HKLM\...\Cisco Packet Tracer 7.2.1 64Bit_is1) (Version:  - Cisco Systems, Inc.)
CPUID HWMonitor 1.52 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.52 - CPUID, Inc.)
CurseForge (HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.239.3.1 - Overwolf app)
CurseForge 1.277.0-25562 (HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\...\ca0e291c-abd4-5fc3-b6a0-3d4333eccbd7) (Version: 1.277.0-25562 - Overwolf)
CyberLink LabelPrint 2.5 (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0.6603 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.3214 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.3123 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.3126 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3205.55 - CyberLink Corp.) Hidden
Discord (HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\...\Discord) (Version: 1.0.9040 - Discord Inc.)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 12.1.3.15356 - Foxit Software Inc.)
GIMP 2.10.34 (HKLM\...\GIMP-2_is1) (Version: 2.10.34 - The GIMP Team)
GNU Privacy Guard (HKLM-x32\...\GnuPG) (Version: 2.4.7 - The GnuPG Project)
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Intel(R) Chipset Device Software (HKLM\...\{B7CC660E-F31D-490C-BD2A-2CB2EC5A5E3A}) (Version: 10.0.13 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{e48a2f61-851a-4155-82f9-af1b04db8c3b}) (Version: 10.0.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{0FE18988-DE59-46FB-9EE7-D40DA5E98FEA}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{C2A1F9AE-5E6B-4021-B1BA-72711EC5E558}) (Version: 10.0.0.1168 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}) (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{73250D12-B600-4ED6-AFC0-10D9D8EDA745}) (Version: 7.3.2 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{0e6a18a2-ea36-4041-9f69-0b2cc3f04f88}) (Version: 20.10.1 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{077F1F4E-3AFF-454E-9B6B-5967DD92FC0D}) (Version: 20.10.1.1209 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (HKLM\...\{3DE97849-544D-4D68-9255-11DF6F9F10D8}) (Version: 1.35.127.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{173E26AD-CD9F-4AE6-813E-08DCC8666F91}) (Version: 12.13.7.1 - Apple Inc.)
LibreOffice 25.2.2.2 (HKLM\...\{632F6BB4-FB41-4870-9EA9-346A347CABA6}) (Version: 25.2.2.2 - The Document Foundation)
Malwarebytes version 5.3.1.188 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.3.1.188 - Malwarebytes)
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.36 (x64) (HKLM\...\{D6932D97-36F1-40B8-9CDC-CA8365B21000}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.36 (x64) (HKLM\...\{A9E32B25-994B-4856-A12B-0EBED3050410}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.36 (x64) (HKLM\...\{C912E33F-956A-4921-9F55-CC11AE8F09AF}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.36 (x64) (HKLM-x32\...\{9d3fc73f-1cf4-412c-a1c9-d2ad28ccbd62}) (Version: 6.0.36.34214 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 136.0.3240.76 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 136.0.3240.76 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.5603.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3117560415-2877872214-3524472437-1002\...\OneDriveSetup.exe) (Version: 22.238.1114.0002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\...\OneDriveSetup.exe) (Version: 25.075.0420.0002 - Microsoft Corporation)
Microsoft Teams classic (HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\...\Teams) (Version: 1.6.00.33567 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33810 (HKLM-x32\...\{5af95fd8-a22e-458f-acee-c61bd787178e}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29913 (HKLM-x32\...\{572DCD10-CF2E-43D1-8151-8BD9AC9086D0}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29913 (HKLM-x32\...\{6236EBBD-F50F-40B3-B819-8DB0C608308C}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33810 (HKLM\...\{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33810 (HKLM\...\{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MidiEditor (HKLM-x32\...\D4338446-FFE6-1A12-ACFF-CB6F6A6A70A1) (Version: 3.3.0 - Markus Schwenk)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 138.0.4 (x64 en-US)) (Version: 138.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 82.0.3 - Mozilla)
Mozilla Thunderbird (x86 de) (HKLM-x32\...\Mozilla Thunderbird 128.10.0 (x86 de)) (Version: 128.10.0 - Mozilla)
MySQL Connector C++ 8.0 (HKLM\...\{44F3FCFA-A510-4B29-AC34-0AC4A6AE8E65}) (Version: 8.0.13 - Oracle Corporation)
MySQL Connector J (HKLM-x32\...\{B1164F95-1616-4768-9825-D9EBAC3704CA}) (Version: 8.0.13 - Oracle Corporation)
MySQL Connector Net 8.0.13 (HKLM-x32\...\{3BB51C01-9368-4DEF-BBD2-44914AD372AD}) (Version: 8.0.13 - Oracle)
MySQL Connector/ODBC 8.0 (HKLM\...\{68348C36-F97C-437E-9616-686E0730758E}) (Version: 8.0.13 - Oracle Corporation)
MySQL Documents 8.0 (HKLM-x32\...\{0630D438-9BD7-4813-8F44-5FACF9616D83}) (Version: 8.0.13 - Oracle Corporation)
MySQL Examples and Samples 8.0 (HKLM-x32\...\{AE9F436F-67AD-4743-86FB-D290C09E2DFB}) (Version: 8.0.13 - Oracle Corporation)
MySQL Installer - Community (HKLM-x32\...\{7107D7F6-4243-4DA5-AABC-42E26D14F967}) (Version: 1.4.27.0 - Oracle Corporation)
MySQL Router 8.0 (HKLM\...\{1D453383-11E5-4741-8D92-C82DF214E572}) (Version: 8.0.13 - Oracle Corporation)
MySQL Server 8.0 (HKLM\...\{5A1AC698-82B9-4962-9FF5-EABADBA5A124}) (Version: 8.0.13 - Oracle Corporation)
MySQL Shell 8.0.13 (HKLM\...\{887B1914-C74A-47C3-9972-9E402161E292}) (Version: 8.0.13 - Oracle and/or its affiliates)
MySQL Workbench 8.0 CE (HKLM\...\{3B1F62A9-98B7-4F2A-8D3E-54FCF192EEAB}) (Version: 8.0.13 - Oracle Corporation)
NetBeans IDE 8.2 (HKLM\...\nbi-nb-base-8.2.0.0.201609300101) (Version: 8.2 - NetBeans.org)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.6.2 - Notepad++ Team)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.28.0.417 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.417 - NVIDIA Corporation)
NVIDIA Grafiktreiber 556.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 556.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.4.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.0.1 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 466.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 466.63 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 30.2.3 - OBS Project)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5603.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5603.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0407-0000-0000000FF1CE}) (Version: 15.0.5603.1000 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Spotify (HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\...\Spotify) (Version: 1.2.60.564.gcc6305cb - Spotify AB)
Spyder (HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\...\Spyder) (Version: 5.2.1 - Spyder Project Contributors and others)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs Desktop 1.16.7 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 1.16.7 - General Workings, Inc.)
SumatraPDF (HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\...\SumatraPDF) (Version: 3.4.6 - Krzysztof Kowalczyk)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 147.0.10965 - Ubisoft)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
USBPcap 1.2.0.4 (HKLM\...\USBPcap) (Version: 1.2.0.4 - Tomasz Mon)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Voxengo Marvel GEQ (HKLM\...\Voxengo Marvel GEQ_is1) (Version: 1.11 - Voxengo)
Windows-PC-Integritätsprüfung (HKLM\...\{A5F151BA-B6DF-4659-83C0-13692B76634F}) (Version: 3.9.2402.14001 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Wireshark 3.6.7 64-bit (HKLM-x32\...\Wireshark) (Version: 3.6.7 - The Wireshark developer community, hxxps://www.wireshark.org)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
XAMPP (HKLM-x32\...\xampp) (Version: 7.3.0-0 - Bitnami)

Packages:
=========
Adobe Revel -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeRevel_1.5.101.6_x64__ynb6jyjzte8ga [2021-07-07] (Adobe Systems Incorporated)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_130.1.323.0_x64__v10z8vjag6ke6 [2021-08-30] (HP Inc.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-30] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-07-17] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0 [2021-07-07] (Spotify AB) [Startup Task]
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2021-07-07] (New Work SE)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3117560415-2877872214-3524472437-1002_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\User\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3117560415-2877872214-3524472437-1003_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3117560415-2877872214-3524472437-1003_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\User\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} =>  -> Keine Datei
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\contextMenu\NppShell.dll [2024-01-14] (Notepad++ -> Bjarke I. Pedersen gurli@gurlinet.dk)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-07] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-07] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-05-20] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5714f0dca6485379\nvshext.dll [2024-06-25] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-05-20] (Malwarebytes Inc -> Malwarebytes)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2022-08-17 11:55 - 2022-07-15 16:00 - 000094720 _____ (Igor Pavlov) [Datei ist nicht signiert] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\SUser\Desktop\FRST64.exe:MBAM.Zone.Identifier [225]
AlternateDataStreams: C:\Users\User\Desktop\FRST64.exe:MBAM.Zone.Identifier [225]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============

HKU\S-1-5-21-3117560415-2877872214-3524472437-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-3117560415-2877872214-3524472437-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-3117560415-2877872214-3524472437-1002 -> DefaultScope {C786520D-2D40-46D3-A8E8-D242317688E7} URL = 
SearchScopes: HKU\S-1-5-21-3117560415-2877872214-3524472437-1002 -> {C786520D-2D40-46D3-A8E8-D242317688E7} URL = 
SearchScopes: HKU\S-1-5-21-3117560415-2877872214-3524472437-1003 -> DefaultScope {C786520D-2D40-46D3-A8E8-D242317688E7} URL = 
SearchScopes: HKU\S-1-5-21-3117560415-2877872214-3524472437-1003 -> {C786520D-2D40-46D3-A8E8-D242317688E7} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2023-08-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2023-08-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  Keine Datei
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  Keine Datei
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  Keine Datei

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\...\skype.com -> hxxps://apps.skype.com

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\dotnet\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\gnupg\bin
HKU\S-1-5-21-3117560415-2877872214-3524472437-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\SUser\Downloads\uyhepI.jpg
HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\User\Downloads\520859.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
 ist aktiviert.

Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
Wi-Fi: Intel(R) Dual Band Wireless-AC 7260 -> Netwbw02.sys

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bluetooth Device Monitor => 2
MSCONFIG\Services: Bluetooth OBEX Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: DellDigitalDelivery => 2
MSCONFIG\Services: DellProdRegManager => 3
MSCONFIG\Services: EvtEng => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) ME Service => 2
MSCONFIG\Services: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: iumsvc => 3
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MBAMService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MyWiFiDHCPDNS => 3
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvTelemetryContainer => 2
MSCONFIG\Services: RegSrvc => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: RtkAudioService => 2
MSCONFIG\Services: SftService => 2
MSCONFIG\Services: ZeroConfigService => 2
HKLM\...\StartupApproved\StartupFolder: => "m-trip Launcher.lnk"
HKLM\...\StartupApproved\Run: => "RtHDVBg"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "Cm6620Sound"
HKLM\...\StartupApproved\Run: => "SteelSeriesGG"
HKLM\...\StartupApproved\Run: => "3DxWare Service"
HKU\S-1-5-21-3117560415-2877872214-3524472437-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3117560415-2877872214-3524472437-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3117560415-2877872214-3524472437-1002\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-3117560415-2877872214-3524472437-1002\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-3117560415-2877872214-3524472437-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3117560415-2877872214-3524472437-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3117560415-2877872214-3524472437-1002\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_FF85D3DE5509B8F71711D59094C6B89F"
HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\...\StartupApproved\Run: => "Opera GX Browser Assistant"
HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C"
HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\...\StartupApproved\Run: => "RiotClient"
HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3117560415-2877872214-3524472437-1003\...\StartupApproved\Run: => "electron.app.BlueStacks Services"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [UDP Query User{75277FFE-7AFC-4873-9911-4FF5C93D5E06}C:\gameing_section\riotgames\riot games\riot client\riotclientservices.exe] => (Allow) C:\gameing_section\riotgames\riot games\riot client\riotclientservices.exe => Keine Datei
FirewallRules: [TCP Query User{E2EBB2B5-5026-41B8-9C5F-02EE2889A1FF}C:\gameing_section\riotgames\riot games\riot client\riotclientservices.exe] => (Allow) C:\gameing_section\riotgames\riot games\riot client\riotclientservices.exe => Keine Datei
FirewallRules: [{FE086784-25FC-4149-840D-4EBBD49531D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{00CE0E21-2754-4B81-B866-860E09917D49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{95D5E007-F6B3-4FA8-B42D-85C4C97B361A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8A8F7157-2D7D-4CC2-A9F3-0D25D25B49CD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{8E0B1B39-5B83-4B26-BDF4-9CA1131B9EA2}C:\users\user\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\user\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{D74B3B12-C28A-4FF4-AFBB-B11CD07BD245}C:\users\user\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\user\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{8D4AF258-1981-4AC9-B79E-C037AD04EE7A}C:\gameing_section\riotgames\riot games\league of legends\game\league of legends.exe] => (Allow) C:\gameing_section\riotgames\riot games\league of legends\game\league of legends.exe => Keine Datei
FirewallRules: [TCP Query User{961ABDCC-0285-47FC-958F-E82BD4AEA68A}C:\gameing_section\riotgames\riot games\league of legends\game\league of legends.exe] => (Allow) C:\gameing_section\riotgames\riot games\league of legends\game\league of legends.exe => Keine Datei
FirewallRules: [UDP Query User{17D0AA91-57AA-4828-8E0C-D5062EDEAF8B}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [TCP Query User{85838EF2-4645-4D1F-8838-C9D2609FC7D1}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [UDP Query User{BB1E8C8E-651F-4AC2-90A0-E41218395678}C:\program files\cisco packet tracer 7.1.1\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.1.1\bin\packettracer7.exe (CISCO SYSTEMS, INC. -> Cisco Systems, Inc)
FirewallRules: [TCP Query User{70327E19-1E77-4E4D-9A4E-54C4084C643E}C:\program files\cisco packet tracer 7.1.1\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.1.1\bin\packettracer7.exe (CISCO SYSTEMS, INC. -> Cisco Systems, Inc)
FirewallRules: [UDP Query User{25EE2320-0BC6-419B-B9D6-0F703ECB7851}C:\program files\cisco packet tracer 7.1.1\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.1.1\bin\packettracer7.exe (CISCO SYSTEMS, INC. -> Cisco Systems, Inc)
FirewallRules: [TCP Query User{F64F0B61-6C61-479E-868E-064E65CC110B}C:\program files\cisco packet tracer 7.1.1\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.1.1\bin\packettracer7.exe (CISCO SYSTEMS, INC. -> Cisco Systems, Inc)
FirewallRules: [UDP Query User{D0CD89CE-5EB2-470C-BB6A-40EB8E117EBA}C:\program files\cisco packet tracer 7.2.1\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.2.1\bin\packettracer7.exe (CISCO SYSTEMS, INC. -> Cisco Systems, Inc)
FirewallRules: [TCP Query User{C969EDD8-282C-4AA7-AC0A-9CD63B111200}C:\program files\cisco packet tracer 7.2.1\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.2.1\bin\packettracer7.exe (CISCO SYSTEMS, INC. -> Cisco Systems, Inc)
FirewallRules: [UDP Query User{CA7C2AFF-351F-4A76-97DC-4E698D053558}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [TCP Query User{0334B907-9438-4FA0-9F35-D841BD29980E}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [UDP Query User{22A3818E-E9D1-4963-AC4B-0F930FC998D0}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{DBC7420D-F2C6-46C5-83BD-E24AFF298616}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{867F12B1-2080-4768-ABCA-02534274D532}C:\program files\java\jdk1.8.0_161\bin\jmc.exe] => (Block) C:\program files\java\jdk1.8.0_161\bin\jmc.exe => Keine Datei
FirewallRules: [TCP Query User{9C27BD4D-93C3-4EC8-98F2-0E8FB7FDC3AF}C:\program files\java\jdk1.8.0_161\bin\jmc.exe] => (Block) C:\program files\java\jdk1.8.0_161\bin\jmc.exe => Keine Datei
FirewallRules: [UDP Query User{7334E68A-D498-4DF3-89EE-3D32785568EE}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{8ED4A8D5-FC0A-45E8-8BE9-15FA35A27C82}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4B7F5C18-C071-4C7C-8686-E2DD537C8DF5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{880EC628-90B1-44F7-9AF5-E26C262C8B7F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{75A690C8-47A1-4D63-9822-8FFCCC410415}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A5F56127-AF55-4B38-B810-41C57EFDDBB3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{471CA4EF-85CC-4568-AB80-29D9B51FD696}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EC21B436-F550-42FA-BE1A-51D88707444F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{4BD659B3-C263-49D3-B564-89873D901AE0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{108DAFA5-6A56-42B1-BE4B-E0A0535A9B77}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E441557F-F0B6-4093-84DA-0B610A01A0DD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FAD97878-265B-433C-903D-C3E13603A64D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{87EE2404-6F9A-4362-8794-6B940BC7EFD6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{37DB708E-5AC5-4B92-B203-9F0BEA0397E0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{2FF1EE29-8B43-4C15-9F64-D5E0C714EF4D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CE67C07D-B799-4AE5-B390-A362C0ABA79D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2C683FAB-9F38-4E00-AA2A-B3A60A2967D0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A72897DB-F816-461C-AED2-3E038DE4117C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0176CB34-A719-43E9-AE05-2D57315950C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F02BF50F-5E07-4AD5-819E-CC98FA154E84}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{477696FA-D762-41AA-8CAE-C71D4EEF0241}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{27FAC7BF-70EF-479A-8D81-A9EEE1FD2BAC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6E02C8E9-4E2C-4708-8B7A-D6B68E44FADD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D7BD3D8E-DDE8-43F1-B316-36FF305DB55F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{835AF24B-C3D1-468C-862A-0888CB1E4AA2}C:\users\user\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\user\appdata\local\programs\opera gx\opera.exe => Keine Datei
FirewallRules: [UDP Query User{8AA225D5-3BC4-4014-A42C-BA6445BD2319}C:\users\user\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\user\appdata\local\programs\opera gx\opera.exe => Keine Datei
FirewallRules: [TCP Query User{18CFB8F4-B0DD-4577-993D-00B6F28E2C1F}C:\users\user\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\user\appdata\local\programs\opera gx\opera.exe => Keine Datei
FirewallRules: [UDP Query User{EB7F976A-E724-440A-A5A9-B3FB3A4A57FE}C:\users\user\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\user\appdata\local\programs\opera gx\opera.exe => Keine Datei
FirewallRules: [{34AC1AE7-9BF6-4EFB-A311-E94EBAF16647}] => (Allow) C:\Gameing_Section\SWTOR\launcher.exe => Keine Datei
FirewallRules: [{06DF61C4-E715-4495-90D3-F34C5390FA01}] => (Allow) C:\Gameing_Section\SWTOR\launcher.exe => Keine Datei
FirewallRules: [TCP Query User{57A7F9DD-9603-44FA-B53A-5D5E713437A2}C:\gameing_section\blizz\battle.net\battle.net.exe] => (Block) C:\gameing_section\blizz\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{D2E27D8E-EFC7-45DE-8FCD-D7F60CE2BFEA}C:\gameing_section\blizz\battle.net\battle.net.exe] => (Block) C:\gameing_section\blizz\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{D42391BA-ED58-4CC2-A6AD-DE806FD760F9}C:\gameing_section\projectignis\edopro.exe] => (Block) C:\gameing_section\projectignis\edopro.exe (Project Ignis) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{21D9447B-E530-4978-8C25-F55D166D17EE}C:\gameing_section\projectignis\edopro.exe] => (Block) C:\gameing_section\projectignis\edopro.exe (Project Ignis) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{D7F08DCC-8E72-439F-AC39-1E0CC2FDAB4A}C:\gameing_section\blizz\hearthstone\hearthstone.exe] => (Allow) C:\gameing_section\blizz\hearthstone\hearthstone.exe => Keine Datei
FirewallRules: [UDP Query User{F3C48D7A-20B1-4C81-B6FE-A2595EFBAF24}C:\gameing_section\blizz\hearthstone\hearthstone.exe] => (Allow) C:\gameing_section\blizz\hearthstone\hearthstone.exe => Keine Datei
FirewallRules: [TCP Query User{C950831A-D57D-4989-94B0-5AE5E2C21B21}C:\gameing_section\blizz\hearthstone\hearthstone.exe] => (Allow) C:\gameing_section\blizz\hearthstone\hearthstone.exe => Keine Datei
FirewallRules: [UDP Query User{CF1CB8C7-6AEC-43E0-ACAE-E1A696FB83EC}C:\gameing_section\blizz\hearthstone\hearthstone.exe] => (Allow) C:\gameing_section\blizz\hearthstone\hearthstone.exe => Keine Datei
FirewallRules: [TCP Query User{E07116EB-4261-464B-8278-B43BC6F6DF52}C:\users\user\appdata\local\discord\app-1.0.9008\discord.exe] => (Allow) C:\users\user\appdata\local\discord\app-1.0.9008\discord.exe => Keine Datei
FirewallRules: [UDP Query User{911F47F4-1F13-471C-819F-C5F39DFD7EDD}C:\users\user\appdata\local\discord\app-1.0.9008\discord.exe] => (Allow) C:\users\user\appdata\local\discord\app-1.0.9008\discord.exe => Keine Datei
FirewallRules: [TCP Query User{BBF1D541-163F-4D07-9AED-50F5F5030A74}C:\users\user\appdata\local\discord\app-1.0.9010\discord.exe] => (Allow) C:\users\user\appdata\local\discord\app-1.0.9010\discord.exe => Keine Datei
FirewallRules: [UDP Query User{96118B43-9D04-4651-8DC8-0D8BF2BB522D}C:\users\user\appdata\local\discord\app-1.0.9010\discord.exe] => (Allow) C:\users\user\appdata\local\discord\app-1.0.9010\discord.exe => Keine Datei
FirewallRules: [TCP Query User{0A17EDE4-E688-4036-A169-1C7CB2AC2A3E}C:\users\user\appdata\local\discord\app-1.0.9012\discord.exe] => (Allow) C:\users\user\appdata\local\discord\app-1.0.9012\discord.exe => Keine Datei
FirewallRules: [UDP Query User{3FE5C9BA-CEC1-499C-881E-1FE9EAC62BF4}C:\users\user\appdata\local\discord\app-1.0.9012\discord.exe] => (Allow) C:\users\user\appdata\local\discord\app-1.0.9012\discord.exe => Keine Datei
FirewallRules: [TCP Query User{EA820B40-7C23-404C-9B9D-7F2F5A97193B}C:\users\user\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\user\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{040605CD-B233-4AD3-B8A9-D12F22EA4172}C:\users\user\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\user\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{80536592-AC52-41E7-BA38-9B3CF9C82DB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DCFD606B-23EF-4430-B10F-8429D4D293F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A61A0BA8-6946-47DC-AE0E-6F9A06E5AC7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prince of Persia\Launcher\Launcher.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{782D6E91-68B6-4AD4-997C-234E4E389690}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prince of Persia\Launcher\Launcher.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{22A7BAD6-8E4F-4979-A833-DAB515F882A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prince of Persia The Warrior Within\PrinceOfPersia.exe (UBISOFT) [Datei ist nicht signiert]
FirewallRules: [{E5A52A8D-83CF-40BF-A955-7664F3DCB961}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prince of Persia The Warrior Within\PrinceOfPersia.exe (UBISOFT) [Datei ist nicht signiert]
FirewallRules: [{4384D183-9450-4D7C-A328-4FB1C91D37B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prince of Persia Two Thrones\PrinceOfPersia.exe (UBISOFT) [Datei ist nicht signiert]
FirewallRules: [{921BA705-98B7-4BCD-8651-A2921CCC1839}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prince of Persia Two Thrones\PrinceOfPersia.exe (UBISOFT) [Datei ist nicht signiert]
FirewallRules: [{8984CB30-FDBC-4053-BC73-5E33A2CBBEA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prince of Persia The Sands of Time\PrinceOfPersia.EXE (UBISOFT) [Datei ist nicht signiert]
FirewallRules: [{C6DF6EE4-C7C0-4161-92EA-F169A4E7AB31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prince of Persia The Sands of Time\PrinceOfPersia.EXE (UBISOFT) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{F0BC78C6-C8D0-4688-ADF6-22E20E12A033}C:\gameing_section\blizz\heroes of the storm\versions\base91418\heroesofthestorm_x64.exe] => (Allow) C:\gameing_section\blizz\heroes of the storm\versions\base91418\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [UDP Query User{76DA754F-948E-434A-B128-D9D3C23F1EA4}C:\gameing_section\blizz\heroes of the storm\versions\base91418\heroesofthestorm_x64.exe] => (Allow) C:\gameing_section\blizz\heroes of the storm\versions\base91418\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [TCP Query User{5A715942-B63B-4F54-868E-89DB7C668236}C:\gameing_section\blizz\heroes of the storm\versions\base91418\heroesofthestorm_x64.exe] => (Allow) C:\gameing_section\blizz\heroes of the storm\versions\base91418\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [UDP Query User{E8DB64C7-2972-47E9-9590-697B872BEA00}C:\gameing_section\blizz\heroes of the storm\versions\base91418\heroesofthestorm_x64.exe] => (Allow) C:\gameing_section\blizz\heroes of the storm\versions\base91418\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [TCP Query User{0433CF25-5CD9-47CD-93D3-23BAED9D24F8}C:\gameing_section\blizz\heroes of the storm\versions\base91769\heroesofthestorm_x64.exe] => (Allow) C:\gameing_section\blizz\heroes of the storm\versions\base91769\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [UDP Query User{A8BA41A8-26F0-4DA6-BF8A-571A24D03C1C}C:\gameing_section\blizz\heroes of the storm\versions\base91769\heroesofthestorm_x64.exe] => (Allow) C:\gameing_section\blizz\heroes of the storm\versions\base91769\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [TCP Query User{F4A136FB-9D6B-4118-808A-189E251F5722}C:\program files (x86)\steam\steamapps\common\prince of persia forgotten sands\uplaybrowser.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\prince of persia forgotten sands\uplaybrowser.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{F9A96AA2-0537-4A61-97B4-324E269E7D17}C:\program files (x86)\steam\steamapps\common\prince of persia forgotten sands\uplaybrowser.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\prince of persia forgotten sands\uplaybrowser.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{C726E111-C0CF-40DF-AC68-74FC3712EDDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prince of Persia Forgotten Sands\Prince of Persia.exe () [Datei ist nicht signiert]
FirewallRules: [{A3ECCDAD-DE9F-4F05-BC21-CA36BBCED4F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prince of Persia Forgotten Sands\Prince of Persia.exe () [Datei ist nicht signiert]
FirewallRules: [{9E00CBF5-7AB6-4BAC-965A-1BA304B25FA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sudeki\SudekiLauncher.exe () [Datei ist nicht signiert]
FirewallRules: [{B317DF22-CE69-4A09-A235-CA4644F4C3E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sudeki\SudekiLauncher.exe () [Datei ist nicht signiert]
FirewallRules: [{5DEB153C-556E-4DED-8A5C-19943FBEBE5C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1E2DFA2E-3166-457C-A46F-BF4920C8B7A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{70D4C151-7AA4-4525-AAB9-A1CA555DC3AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ED0BC6DD-1CE1-453B-B360-C271F4BDE477}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{A909FCB5-E9BF-40CD-B897-2FF4B30116AA}C:\users\user\appdata\local\discord\app-1.0.9166\discord.exe] => (Block) C:\users\user\appdata\local\discord\app-1.0.9166\discord.exe => Keine Datei
FirewallRules: [UDP Query User{142339CC-BAEA-4757-B119-31BA10A49644}C:\users\user\appdata\local\discord\app-1.0.9166\discord.exe] => (Block) C:\users\user\appdata\local\discord\app-1.0.9166\discord.exe => Keine Datei
FirewallRules: [TCP Query User{EA10D4F2-AD2A-42A4-B58A-641F1B6DE0B6}C:\gameing_section\streamlabs_obs\streamlabs obs\resources\app.asar.unpacked\node_modules\obs-studio-node\obs-plugins\64bit\obs-browser-page.exe] => (Allow) C:\gameing_section\streamlabs_obs\streamlabs obs\resources\app.asar.unpacked\node_modules\obs-studio-node\obs-plugins\64bit\obs-browser-page.exe (Logitech Inc -> )
FirewallRules: [UDP Query User{43242436-4194-46D1-92E0-F7B326026F9F}C:\gameing_section\streamlabs_obs\streamlabs obs\resources\app.asar.unpacked\node_modules\obs-studio-node\obs-plugins\64bit\obs-browser-page.exe] => (Allow) C:\gameing_section\streamlabs_obs\streamlabs obs\resources\app.asar.unpacked\node_modules\obs-studio-node\obs-plugins\64bit\obs-browser-page.exe (Logitech Inc -> )
FirewallRules: [{67E26FAE-D79A-4868-A3CA-24FE4C754BF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command & Conquer\C&C95.EXE (Electronic Arts, Inc. -> )
FirewallRules: [{052073C6-D60E-4734-A890-6BE52CE27F90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command & Conquer\C&C95.EXE (Electronic Arts, Inc. -> )
FirewallRules: [{098456E8-0023-4569-8045-459F201FBC8C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command & Conquer\CCSETUP.EXE (Electronic Arts, Inc. -> )
FirewallRules: [{0C83697A-D8FA-4985-8C8C-D5C305AB6A3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command & Conquer\CCSETUP.EXE (Electronic Arts, Inc. -> )
FirewallRules: [TCP Query User{2F32F715-22CB-4266-A3A8-9D128D5881C2}C:\users\user\appdata\local\programs\curseforge windows\curseforge.exe] => (Allow) C:\users\user\appdata\local\programs\curseforge windows\curseforge.exe (Overwolf Ltd -> Overwolf)
FirewallRules: [UDP Query User{721F2E75-478E-4F90-8616-E7B20F48DBC4}C:\users\user\appdata\local\programs\curseforge windows\curseforge.exe] => (Allow) C:\users\user\appdata\local\programs\curseforge windows\curseforge.exe (Overwolf Ltd -> Overwolf)
FirewallRules: [{9AE757EF-7B16-484E-BC1E-076A921D9129}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Now.gg, INC -> Bluestack Systems, Inc.)
FirewallRules: [{407177A2-7CAC-4D60-AAED-E8A39AC1AB1D}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Now.gg, INC -> COMPANY NAME)
FirewallRules: [{90053A23-4C39-4F85-AC01-FCBB755418A4}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Now.gg, INC -> BlueStack Systems)
FirewallRules: [{94BBD92C-D435-4637-8A86-E2E313986246}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe (Now.gg, INC -> The Qt Company Ltd.)
FirewallRules: [TCP Query User{03101304-B022-4784-ACCE-46C9B2472420}C:\gameing_section\guild wars 2\bin64\cef\cefhost.exe] => (Block) C:\gameing_section\guild wars 2\bin64\cef\cefhost.exe (ArenaNet, LLc -> ArenaNet LLC)
FirewallRules: [UDP Query User{627A2522-9EA6-4314-AE54-4E84342D4401}C:\gameing_section\guild wars 2\bin64\cef\cefhost.exe] => (Block) C:\gameing_section\guild wars 2\bin64\cef\cefhost.exe (ArenaNet, LLc -> ArenaNet LLC)
FirewallRules: [{EA04D092-0A37-4154-B945-1E6485455FB0}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{89E33DEA-564E-4B3E-8049-E227062BBC1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mahjong Soul\Jantama_MahjongSoul.exe () [Datei ist nicht signiert]
FirewallRules: [{EE5A2F0B-9271-4BC1-A212-8C00FC8D2625}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mahjong Soul\Jantama_MahjongSoul.exe () [Datei ist nicht signiert]
FirewallRules: [{595D8E8D-CF45-47A0-B1C7-0FD0429A90E5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\136.0.3240.76\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

04-05-2025 18:29:22 Scheduled Checkpoint
12-05-2025 10:07:32 Scheduled Checkpoint
14-05-2025 17:02:31 Windows Modules Installer
14-05-2025 17:22:59 Windows Modules Installer

==================== Fehlerhafte Geräte im Gerätemanager ============

==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (05/20/2025 05:19:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm SearchApp.exe Version 10.0.19041.5794 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 21f0

Startzeit: 01dbc99a7833bd2f

Beendigungszeit: 4294967295

Anwendungspfad: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Bericht-ID: bd60bb34-fd14-4596-8ca1-2c71e128dcab

Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Search_1.14.17.19041_neutral_neutral_cw5n1h2txyewy

Relative Anwendungs-ID des fehlerhaften Pakets: CortanaUI

Absturztyp: Cross-thread

Error: (05/20/2025 01:20:00 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, A system shutdown is in progress..

Error: (05/20/2025 01:20:00 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, A system shutdown is in progress.]

Error: (05/20/2025 01:20:00 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, A system shutdown is in progress..

Error: (05/20/2025 01:20:00 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, A system shutdown is in progress.]

Error: (05/20/2025 12:40:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MBAMService.exe, Version: 3.2.0.1394, Zeitstempel: 0x67eaa0a0
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.5794, Zeitstempel: 0x3af2a74f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000649e6
ID des fehlerhaften Prozesses: 0x26ec
Startzeit der fehlerhaften Anwendung: 0x01dbc90e6f4b9bbf
Pfad der fehlerhaften Anwendung: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: bfbe50dd-aa54-4557-8318-7e5e9bf29db7
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/20/2025 12:36:38 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_ON.

Error: (05/19/2025 03:33:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WaaSMedicAgent.exe, Version: 10.0.19041.5794, Zeitstempel: 0xf031621d
Name des fehlerhaften Moduls: WaaSMedicCapsule.dll, Version: 10.0.19041.5794, Zeitstempel: 0xa974b7ba
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000b462
ID des fehlerhaften Prozesses: 0x2378
Startzeit der fehlerhaften Anwendung: 0x01dbc8c22eae1c32
Pfad der fehlerhaften Anwendung: C:\WINDOWS\System32\WaaSMedicAgent.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\WaaSMedicCapsule.dll
Berichtskennung: 1b93ada0-2584-409f-bedd-39f78047ffac
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (05/20/2025 05:17:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SecDrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (05/20/2025 05:17:47 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS

Error: (05/20/2025 06:09:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SecDrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (05/20/2025 06:09:57 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS

Error: (05/20/2025 12:40:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Malwarebytes Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Restart the service.

Error: (05/19/2025 08:58:32 PM) (Source: DCOM) (EventID: 10010) (User: STANDPC)
Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/19/2025 05:57:56 PM) (Source: DCOM) (EventID: 10010) (User: STANDPC)
Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/19/2025 04:14:15 PM) (Source: DCOM) (EventID: 10010) (User: STANDPC)
Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


Windows Defender:
================
Date: 2025-05-20 17:23:25
Description: 
Controlled Folder Access blocked C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe from making changes to memory.
Detection time: 2025-05-20T15:23:25.259Z
Path: \Device\ClVtDrvCtrl
Process Name: C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
Security intelligence Version: 1.429.77.0
Engine Version: 1.1.25040.1
Product Version: 4.18.25030.2

Date: 2025-05-19 23:19:42
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Kepavll!rfn&threatid=2147939874&enterprise=0
Name: Trojan:Win32/Kepavll!rfn
Severity: Severe
Category: Trojan
Path: file:_C:\Users\User\Downloads\XToys-Utilities.exe; webfile:_C:\Users\User\Downloads\XToys-Utilities.exe|https://downloads.xtoys.app/XToys-Utilities.exe|pid:10956,ProcessStart:133921631793237508
Detection Origin: Internet
Detection Type: Concrete
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.429.55.0, AS: 1.429.55.0, NIS: 1.429.55.0
Engine Version: AM: 1.1.25040.1, NIS: 1.1.25040.1

Date: 2025-05-18 15:40:57
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-05-18 12:14:28
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-05-14 19:13:33
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:

Date: 2025-05-13 20:48:05
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.427.746.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.25030.1
Error code: 0x80070102
Error description: The wait operation timed out. 

Date: 2025-05-13 20:48:05
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.427.746.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.25030.1
Error code: 0x80070102
Error description: The wait operation timed out. 

Date: 2025-04-25 14:16:52
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.427.443.0
Previous security intelligence Version: 1.427.429.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.25030.1
Previous Engine Version: 1.1.25030.1
Error code: 0x80501102
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support. 

Date: 2025-04-25 14:16:52
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.427.443.0
Previous security intelligence Version: 1.427.429.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.25030.1
Previous Engine Version: 1.1.25030.1
Error code: 0x80501102
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support. 

Date: 2025-04-25 14:16:38
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.427.429.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.25030.1
Error code: 0x80240022
Error description: The program can't check for definition updates. 

CodeIntegrity:
===============
Date: 2025-05-20 17:33:28
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Microsoft signing level requirements.

Date: 2025-05-20 17:33:28
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Microsoft signing level requirements.

Date: 2025-05-20 17:31:00
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.

Date: 2025-05-20 17:25:10
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: Dell Inc. A08 04/16/2014
Hauptplatine: Dell Inc. 0KWVT8
Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 16335.21 MB
Verfügbarer physikalischer RAM: 8729.44 MB
Summe virtueller Speicher: 18767.21 MB
Verfügbarer virtueller Speicher: 11100.61 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:1846.95 GB) (Free:1292.51 GB) (Model:  ST2000DM001-1CH) NTFS

\\?\Volume{609763c9-2479-4cc2-ae45-e8dad813a2c6}\ (WINRETOOLS) (Fixed) (Total:2 GB) (Free:1.53 GB) NTFS
\\?\Volume{48633224-88ad-4b82-9a65-3b6e6324c4a2}\ (PBR Image) (Fixed) (Total:13.41 GB) (Free:0.21 GB) NTFS
\\?\Volume{ac76d93e-6b82-4922-be53-917cfe435c11}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 04DC8E12)

Partition: GPT.

==================== Ende von Addition.txt =======================

EDIT:
Oh, bevor ich es vergesse -- gestern habe ich noch einen Schnellscan mit Malwarebytes gemacht -- Das hier ist der LOG davon:

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 20.05.2025
Scan-Zeit: 17:55
Protokolldatei: d9c7a554-3592-11f0-8a0e-3417ebba5448.json

-Softwaredaten-
Version: 5.3.1.188
Komponentenversion: 133.0.5274
Version des Aktualisierungspakets: 1.0.99205
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 19045.5854)
CPU: x64
Dateisystem: NTFS
Benutzer: StandPC\User

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 288662
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 18 Min., 57 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)

(end)

Generelle PC-Reinigung zwecks Datentransfer

Log-Analyse und Auswertung: Generelle PC-Reinigung zwecks Datentransfer

Generelle PC-Reinigung zwecks Datentransfer

Ähnliche Themen: Generelle PC-Reinigung zwecks Datentransfer