| |
| |||||||
Log-Analyse und Auswertung: Windows 11: nach Runterladen einer Datei (pishing) Trojaner, der sich nicht löschen lässtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
Gestern, 16:02
| #31 |
| /// TB-Ausbilder   |  Windows 11: nach Runterladen einer Datei (pishing) Trojaner, der sich nicht löschen lässt Sehr gut, danke.  Von Malwarebytes kommen keine Meldungen mehr, oder? Kontroll-Scan
|
|
Gestern, 16:26
| #32 |
 | Windows 11: nach Runterladen einer Datei (pishing) Trojaner, der sich nicht löschen lässt nein, von Malwarebytes kommt aktuel nichts mehr,
__________________habe aber den AdwCleaner gerade nochmal durchlaufen lassen, hier gibt es noch funde... aber beim Versuch die funde in Quarantäne zu verschieben Bekomme ich immer noch einen Blue(black)screen "Your device ran into a problem and needs to restart. - Stop code: CRITICAL_PROCESS_DIED (0xEF)" Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.6.0.613
# -------------------------------
# Build: 08-19-2025
# Database: 2025-08-19.3 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-15-2025
# Duration: 00:00:10
# OS: Windows 11 (Build 26100.7462)
# Scanned: 32082
# Detected: 17
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Adware.Heuristic HKCU\SOFTWARE\5011C90DD5AF9CEB66BCA48D265FDBF9
PUP.Adware.Heuristic HKCU\SOFTWARE\5D077F08DFA47FD43EFB
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
PUP.Optional.Legacy Honey - jid1-93CWPmRbVPjRQA@jetpack
PUP.Optional.Legacy Honey - jid1-93CWPmRbVPjRQA@jetpack
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AGENT
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AUDIT
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\PLUGIN
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SUPPORTASSIST
Preinstalled.DellSupportAssistAgent Folder C:\Users\mail\Documents\DELL\SUPPORTASSIST
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5AD479AD-6F37-4F33-8FDE-B8479CBC6F08}
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AD479AD-6F37-4F33-8FDE-B8479CBC6F08}
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Preinstalled.DellSupportAssistAgent Task C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE
AdwCleaner[S00].txt - [3004 octets] - [10/12/2025 07:41:04]
AdwCleaner[S01].txt - [3065 octets] - [10/12/2025 08:00:43]
AdwCleaner[S02].txt - [3126 octets] - [10/12/2025 08:02:27]
AdwCleaner[S03].txt - [1706 octets] - [10/12/2025 10:25:05]
AdwCleaner[S04].txt - [3248 octets] - [11/12/2025 09:23:54]
AdwCleaner[S05].txt - [3309 octets] - [15/12/2025 16:18:54]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S06].txt ##########
|
|
Gestern, 16:40
| #33 |
| | Windows 11: nach Runterladen einer Datei (pishing) Trojaner, der sich nicht löschen lässt hier noch die Log von FRST64
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2025
durchgeführt von mail (Administrator) auf FRANK (Dell Inc. XPS 8960) (15-12-2025 16:33:29)
Gestartet von C:\Users\mail\Desktop\FRST64.exe
Geladene Profile: mail
Plattform: Microsoft Windows 11 Pro Version 24H2 26100.7462 (X64) Sprache: Englisch (Vereinigte Staaten) -> Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\AcroCEF.exe
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ES Status Monitor\ptnmwnd.exe
(C:\Program Files (x86)\ISOCAL\ISOCAL.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.Update.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files\Dell\DellOptimizer\DellEnterpriseClientFrameworkSubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellOptimizer\Console\DellOptimizer.Systray.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellOptimizer\SubAgents\Dell.UUE.CoreSubAgent\Dell.UUE.CoreSubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\Dell Remediation\Dell.Remediation.Agent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\DellDigitalDelivery\SubAgent\Dell.Digital.Delivery.Service.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\MyDell\Manager\Dell.UCA.Manager.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.CoreServices.Client.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Google\Drive File Stream\117.0.0.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\117.0.0.0\crashpad_handler.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\AI\ai.exe
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\AI\aimgr.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.5.23.0_x64__nzyj5cx40ttqa\iCloud\iCloudFirefox.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Mozilla Corporation -> Mozilla Foundation) C:\Program Files\Mozilla Firefox\crashhelper.exe
(C:\Program Files\Poly\Poly Lens Desktop\lens-desktop.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\Poly\Poly Lens Desktop\CallControlApp\PolyLensCallControlApp.exe
(C:\Program Files\Poly\Poly Lens Desktop\lens-desktop.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\Poly\Poly Lens Desktop\LegacyHost\LegacyHost.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> ) C:\Program Files\TeamViewer\crashpad_handler.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_15.5.23.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_15.5.23.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_15.5.23.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.5.23.0_x64__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(C:\Program Files\WindowsApps\AppUp.IntelArcSoftware_25.40.1953.0_x64__8j3eq9eme6ctt\VFS\ProgramFilesX64\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel(R) Corporation) C:\Program Files\WindowsApps\AppUp.IntelArcSoftware_25.40.1953.0_x64__8j3eq9eme6ctt\VFS\ProgramFilesX64\Intel\Intel Graphics Software\PresentMonService.exe
(C:\Users\mail\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\mail\AppData\Local\Programs\Opera GX\124.0.5705.89\opera_crashreporter.exe
(C:\Users\mail\Desktop\adwcleaner.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2508.38.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <2>
(drivers\RivetNetworks\Killer\KAPSService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPS.exe
(drivers\RivetNetworks\Killer\KNDBWMService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
(DriverStore\FileRepository\ipf_cpu.inf_amd64_c493e10bcfd25250\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_c493e10bcfd25250\ipf_helper.exe
(EB742617-4934-4951-8B93-E211D04E5A38 -> Intel) C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_3.1423.712.0_x64__rh07ty8m5nkag\KillerControlCenter_v2\KillerIntelligenceCenter.exe
(explorer.exe ->) () [Datei ist nicht signiert] C:\Program Files (x86)\DYMO\DYMO Connect\DYMO.WebApi.Win.Host.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (GNE) [Datei ist nicht signiert] C:\Program Files (x86)\Dual Monitor Tools\DMT.exe
(explorer.exe ->) (Google LLC -> Google LLC.) C:\Program Files\Google\Drive File Stream\117.0.0.0\GoogleDriveFS.exe <2>
(explorer.exe ->) (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG) C:\Program Files\AusweisApp\AusweisApp.exe
(explorer.exe ->) (HP Inc. -> HP Development Company, L.P.) C:\Program Files\Poly\Poly Lens Desktop\lens-desktop.exe <4>
(explorer.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Users\mail\Desktop\adwcleaner.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\mail\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(explorer.exe ->) (Newell Brands Inc -> ) [Datei ist nicht signiert] C:\Program Files (x86)\DYMO\DYMO Connect\DYMOConnectLauncher.exe
(explorer.exe ->) (Now.gg, INC -> now.gg, Inc.) C:\Users\mail\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe <4>
(explorer.exe ->) (Opera Norway AS -> Opera Software) C:\Users\mail\AppData\Local\Programs\Opera GX\opera.exe <19>
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Sanford, L.P.) [Datei ist nicht signiert] C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe
(explorer.exe ->) (SWS Sascha Willwacher Software GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\ISOCAL\ISOCAL.exe
(explorer.exe ->) (Thomas Holz -> IT-Services Thomas Holz) C:\Program Files (x86)\Easy2Sync für Outlook\E2S4Outlook64Bit.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo11de.inf_amd64_c6cd4cf632788a8e\WavesSvc64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(Sanford, L.P.) [Datei ist nicht signiert] C:\Program Files (x86)\DYMO\DYMO Label Software\DYMO.DLS.Printing.Host.exe
(services.exe ->) () [Datei ist nicht signiert] C:\Program Files (x86)\DYMO\DYMO Connect\PnpService\DYMO.Connect.PnP.Service.exe
(services.exe ->) (14C847C8-791E-46EB-9C0D-7CADAF31C930 -> QuickShareService) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungQuickShare_2.2.19.0_x64__wyx1vj98g3asy\QuickShareService\QuickShareService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Technologies Inc. -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelArcSoftware_25.40.1953.0_x64__8j3eq9eme6ctt\VFS\ProgramFilesX64\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe
(services.exe ->) (FOR TESTING ONLY - IPF_PreProd_Cert -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_8edcf6be1c4ddd78\ipfsvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\Poly\Lens Control Service\LensService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_8a3f88e34f6b8385\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_f28d27d12c1c64c5\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_91b5ed43a9896c4a\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_c493e10bcfd25250\ipf_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_b966ea70c5407e74\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_7955510f793739e6\Intel_PIE_Service.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
(services.exe ->) (Intel Graphics Internal 2023 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ea3add6a86481654\IntelCpHDCPSvc.exe
(services.exe ->) (KYOCERA Document Solutions Inc.) [Datei ist nicht signiert] C:\Program Files\KDService\bin\KDService.exe
(services.exe ->) (Lenovo -> ) C:\Program Files\Lenovo\LADMLauncherService\bin\LADMAutoInstallService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncHelper.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdd.inf_amd64_1c978806815a7d2e\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_434f4faf6aa034b3\RtkAudUService64.exe <3>
(services.exe ->) (Sanford, L.P.) [Datei ist nicht signiert] C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
(services.exe ->) (Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 11\Server\novapdfs.exe
(services.exe ->) (Star Finanz-Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 14 Deluxe S-Edition\ouservice\StarMoneyOnlineUpdate.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd) C:\Windows\System32\DriverStore\FileRepository\wavesapo11de.inf_amd64_c6cd4cf632788a8e\WavesAudioService.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo11de.inf_amd64_c6cd4cf632788a8e\WavesSysSvc64.exe
(sihost.exe ->) (50BDFD77-8903-4850-9FFE-6E8522F64D5B -> OpenAI) C:\Program Files\WindowsApps\OpenAI.ChatGPT-Desktop_1.2025.328.0_x64__2p2nqsd0c76g0\app\ChatGPT.exe <5>
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.5.23.0_x64__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.5.23.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Copilot_1.25114.55.0_x64__8wekyb3d8bbwe\Copilot.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2545.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.5.23.0_x64__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.5.23.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.5.23.0_x64__nzyj5cx40ttqa\iCloud\iCloudOutlookConfig64.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.5.23.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.151.0.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AppActions.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mmgaserver.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_434f4faf6aa034b3\RtkAudUService64.exe [2389992 2024-12-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Windows\System32\DriverStore\FileRepository\wavesapo11de.inf_amd64_c6cd4cf632788a8e\WavesSvc64.exe [5295368 2025-01-18] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [PowerDVD23Agent] => C:\Program Files\CyberLink\PowerDVD23\PowerDVD23Agent.exe [568584 2024-03-05] (CyberLink Corp. -> CyberLink Corp.)
HKLM\...\Run: [DYMOWebApi] => C:\Program Files (x86)\DYMO\DYMO Connect\DYMO.WebApi.Win.Host.exe [103131420 2025-06-17] () [Datei ist nicht signiert]
HKLM\...\Run: [DymoOfficeHelper] => C:\Program Files (x86)\DYMO\DYMO Connect\DYMO.OfficeHelper.exe [185882 2025-06-17] () [Datei ist nicht signiert]
HKLM\...\Run: [novaPDF OEM 11 nPdfOem_817351 Tray] => C:\Program Files\Softland\novaPDF 11\Driver\Tray.exe [121608 2025-11-24] (Softland SRL -> )
HKLM-x32\...\Run: [DLSWebSvc] => C:\Program Files (x86)\DYMO\DYMO Label Software\DYMO.DLS.Printing.Host.exe [5130240 2021-03-18] (Sanford, L.P.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [DYMOWebApi] => C:\Program Files (x86)\DYMO\DYMO Connect\DYMO.WebApi.Win.Host.exe [103131420 2025-06-17] () [Datei ist nicht signiert]
HKLM-x32\...\Run: [PTNMWND] => C:\Program Files (x86)\Brother\ES Status Monitor\ptnmwnd.exe [4052752 2025-01-23] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\117.0.0.0\GoogleDriveFS.exe [71918232 2025-11-19] (Google LLC -> Google LLC.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\117.0.0.0\GoogleDriveFS.exe [71918232 2025-11-19] (Google LLC -> Google LLC.)
HKU\S-1-5-21-731132713-3816676949-3657752684-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4742544 2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-731132713-3816676949-3657752684-1001\...\Run: [Mozilla-Firefox-308046B0AF4A39CB] => "C:\Program Files\Mozilla Firefox\firefox.exe" -os-autostart [696960 2025-12-11] (Mozilla Corporation -> Mozilla Corporation)
HKU\S-1-5-21-731132713-3816676949-3657752684-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3600072 2025-07-15] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-731132713-3816676949-3657752684-1001\...\Run: [DymoQuickPrint] => C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe [2033664 2021-03-18] (Sanford, L.P.) [Datei ist nicht signiert]
HKU\S-1-5-21-731132713-3816676949-3657752684-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\117.0.0.0\GoogleDriveFS.exe [71918232 2025-11-19] (Google LLC -> Google LLC.)
HKU\S-1-5-21-731132713-3816676949-3657752684-1001\...\Run: [electron.app.BlueStacks Services] => C:\Users\mail\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe [162219656 2024-05-08] (Now.gg, INC -> now.gg, Inc.)
HKU\S-1-5-21-731132713-3816676949-3657752684-1001\...\Run: [com.poly.lens.client.app] => C:\Program Files\Poly\Poly Lens Desktop\lens-desktop.exe [199433224 2025-06-09] (HP Inc. -> HP Development Company, L.P.)
HKU\S-1-5-21-731132713-3816676949-3657752684-1001\...\Run: [Opera GX Stable] => C:\Users\mail\AppData\Local\Programs\Opera GX\opera.exe [1986504 2025-12-05] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-731132713-3816676949-3657752684-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\mail\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-731132713-3816676949-3657752684-1001\...\Run: [BingSvc] => C:\Users\mail\AppData\Local\Microsoft\BingSvc\BingSvc.exe [3279408 2025-05-30] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-731132713-3816676949-3657752684-1001\...\Run: [DYMOConnectLauncher] => C:\Program Files (x86)\DYMO\DYMO Connect\DYMOConnectLauncher.exe [1616520 2025-06-17] (Newell Brands Inc -> ) [Datei ist nicht signiert]
HKU\S-1-5-21-731132713-3816676949-3657752684-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [41655256 2025-12-06] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-731132713-3816676949-3657752684-1001\...\Run: [AusweisApp] => C:\Program Files\AusweisApp\AusweisApp.exe [3415088 2025-10-29] (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
HKU\S-1-5-21-731132713-3816676949-3657752684-1004\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\117.0.0.0\GoogleDriveFS.exe [71918232 2025-11-19] (Google LLC -> Google LLC.)
HKU\S-1-5-21-731132713-3816676949-3657752684-1004\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4742544 2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [CyberlinkPowerPlayerMediaServer_PowerDVD23] => C:\Program Files\CyberLink\PowerDVD23\Common\CLMediaServer\clmediaserver.exe [6770440 2024-03-05] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\117.0.0.0\GoogleDriveFS.exe [71918232 2025-11-19] (Google LLC -> Google LLC.)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3600072 2025-07-15] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Print\Monitors\Brother PT-P900W Monitor: C:\Windows\system32\bsp15bL6.DLL [110448 2025-03-04] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM\...\Print\Monitors\DYMO LabelManager PnP Monitor: C:\Windows\system32\LMPNP_MON.DLL [16896 2024-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Sanford L.P.)
HKLM\...\Print\Monitors\DYMO LabelWriter 5xx Monitor: C:\Windows\system32\LW5XXMON.DLL [1423104 2025-06-17] (Newell Brands Inc -> DYMO Corp.)
HKLM\...\Print\Monitors\DYMO LabelWriter Monitor: C:\Windows\system32\LW400MON.DLL [16384 2024-04-24] (Microsoft Windows Hardware Compatibility Publisher -> DYMO Corp.)
HKLM\...\Print\Monitors\KX Language Monitor: C:\Windows\system32\KXPLM64.DLL [124416 2024-11-06] (KYOCERA Document Solutions Inc. -> KYOCERA Document Solutions Inc.)
HKLM\...\Print\Monitors\novaPDF 11 Port Monitor: C:\Windows\system32\novamn11.dll [171520 2025-11-24] (Softland) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\novaPDF OEM 7 Monitor: novamnv7.dll (Keine Datei)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [2025-11-06] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\143.0.7499.41\Installer\chrmstp.exe [2025-12-11] (Google LLC -> Google LLC)
Startup: C:\Users\mail\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DMT.lnk [2024-10-17]
ShortcutTarget: DMT.lnk -> C:\Program Files (x86)\Dual Monitor Tools\DMT.exe (GNE) [Datei ist nicht signiert]
Startup: C:\Users\mail\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Easy2Sync für Outlook.lnk [2025-06-16]
ShortcutTarget: Easy2Sync für Outlook.lnk -> C:\Program Files (x86)\Easy2Sync für Outlook\E2S4Outlook64Bit.exe (Thomas Holz -> IT-Services Thomas Holz)
Startup: C:\Users\mail\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outlook (classic).lnk [2024-10-16]
ShortcutTarget: Outlook (classic).lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LensDesktop1xUninstaller.lnk [2025-07-04]
ShortcutTarget: LensDesktop1xUninstaller.lnk -> C:\Program Files\Poly\Poly Lens Desktop\LensDesktop1xUninstaller\LensDesktop1xUninstaller.exe (HP Inc. -> HP Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {9AD31C07-0786-4E10-8975-236C3D0BAABA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1581568 2025-08-24] (Adobe Inc. -> Adobe Inc.)
Task: {99E259BB-1EAF-4C0C-AA2C-AB1D5478EE9B} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [302960 2025-06-10] (Now.gg, INC -> BlueStack Systems, Inc.)
Task: {5AD479AD-6F37-4F33-8FDE-B8479CBC6F08} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [1263768 2025-11-19] (Dell Technologies Inc. -> Dell Inc.) -> C:\Program Files\Dell\SupportAssistAgent\bin\AutoUpdate
Task: {94412085-678B-4FB2-8EFE-53F77EB3A5B4} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem144.0.7547.0{C75F1DF4-663C-4B2F-9167-DC9F22A24929} => C:\Program Files (x86)\Google\GoogleUpdater\144.0.7547.0\updater.exe [7056536 2025-11-26] (Google LLC -> Google LLC)
Task: {83A291CC-8FC4-48CA-81CF-324384CD9314} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16659240 2025-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {9A82F696-2765-4441-8BF4-8117C4F41BB7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28946240 2025-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {38429FBE-DB6E-4C1A-905B-212FEC973858} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [70968 2025-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {FBB87831-7B43-4DA1-8DDF-E8961076C08B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28946240 2025-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {408CD891-E251-4DC7-8EDB-CD334CB1AAE2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311056 2025-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {FAF5EFE1-F4F0-41B9-8C18-3546EAB4563F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311056 2025-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {524DBE00-66FB-4719-BDD4-5EEA82DBF220} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [1347344 2025-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1C3381D-AC13-41EC-8D18-CD4EA3189EC0} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16659240 2025-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C26D0E9-3D74-45A5-81D5-3672EE162D19} - System32\Tasks\Microsoft\Windows\Setup\PITRTask => {093cb270-c282-4c22-b2ea-7d2bf1c30bbf} C:\Windows\system32\oobe\PITRTask.dll [118784 2025-12-10] (Microsoft Windows -> Microsoft Corporation)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei)
Task: {5F66A413-B3C9-4925-B2E9-C1558ABBF386} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-731132713-3816676949-3657752684-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [696960 2025-12-11] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {AA502F1B-A5B0-4B34-B761-3FE6A3266F53} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34944 2025-12-11] (Mozilla Corporation -> Mozilla Foundation)
Task: {86427F78-DE2B-4510-84D8-E785313597BB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-05-08] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {0773FD7C-6CEC-4B34-ABE3-F4791742D157} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-05-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7779337D-54E1-41B5-ABDC-CDAA93799D38} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-05-08] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {F811A8B7-DE05-421A-95DF-E9761D0E681D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-05-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0F61BF02-C62C-4922-A7C2-21DDCBD13837} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-05-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EFE27F03-D9CE-4C22-B2D3-7B12CB65473A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-05-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CE13D03B-C431-4A43-B102-A4BADC1CD18B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-05-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {45DE7ABF-88C4-4A4A-A163-544225460205} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4383592 2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F699AF8B-8BAF-4810-A077-23BB8F9D82C6} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-731132713-3816676949-3657752684-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4383592 2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {338D8669-0A4C-4DEB-89B7-4D3A26E87B86} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-731132713-3816676949-3657752684-1002 => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting (Keine Datei)
Task: {FD1590FC-063E-4E17-A03D-F249A65861A2} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-731132713-3816676949-3657752684-1004 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4383592 2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {61110A53-733B-416C-B95C-99F3102635B9} - System32\Tasks\OneDrive Startup Task-S-1-5-21-731132713-3816676949-3657752684-1001 => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\OneDriveLauncher.exe [745832 2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {8BAB7840-47EE-46C5-AD68-A3DEE7827862} - System32\Tasks\OneDrive Startup Task-S-1-5-21-731132713-3816676949-3657752684-1004 => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\OneDriveLauncher.exe [745832 2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {75F91637-BC1F-42F8-93F5-C36FF07E7128} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1740387192 => C:\Users\mail\AppData\Local\Programs\Opera GX\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\mail\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {2A8CF9A8-B0DE-4800-A683-9234B7C0F9D6} - System32\Tasks\Opera GX scheduled Autoupdate 1739511949 => C:\Users\mail\AppData\Local\Programs\Opera GX\autoupdate\opera_autoupdate.exe [6204360 2025-12-03] (Opera Norway AS -> Opera Software)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 06 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 06 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\..\Interfaces\{3b6cbf3e-461f-44f0-88ce-81211860eb53}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{3b6cbf3e-461f-44f0-88ce-81211860eb53}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{92b5229f-792c-0bef-830a-2556638c2dc9}: [NameServer] 10.3.4.3,10.3.4.5
Tcpip\..\Interfaces\{94eb9ade-1311-4d17-b76c-481b11542a46}: [NameServer] 192.168.2.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\mail\AppData\Local\Microsoft\Edge\User Data\Default [2025-12-15]
Edge DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
Edge DefaultSearchKeyword: Default -> duckduckgo.com
Edge DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
Edge Session Restore: Default -> ist aktiviert.
Edge Extension: (DuckDuckGo) - C:\Users\mail\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2025-12-15]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\mail\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2025-12-15]
Edge Extension: (Google Docs Offline) - C:\Users\mail\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-11-15]
Edge Extension: (Edge relevant text changes) - C:\Users\mail\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-10-15]
Edge Extension: (iCloud-Passwörter) - C:\Users\mail\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mfbcdcnpokpoajjciilocoachedjkima [2025-11-15]
Edge Extension: (Enpass Password Manager) - C:\Users\mail\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mliehcloacfoicbanjhhnlimealolgoi [2025-12-15]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF DefaultProfile: 1rxw83i5.default
FF ProfilePath: C:\Users\mail\AppData\Roaming\Mozilla\Firefox\Profiles\1rxw83i5.default [2025-12-05]
FF user.js: detected! => C:\Users\mail\AppData\Roaming\Mozilla\Firefox\Profiles\1rxw83i5.default\user.js [2024-10-17]
FF ProfilePath: C:\Users\mail\AppData\Roaming\Mozilla\Firefox\Profiles\ysdsw9nt.default-release [2025-12-15]
FF user.js: detected! => C:\Users\mail\AppData\Roaming\Mozilla\Firefox\Profiles\ysdsw9nt.default-release\user.js [2024-10-17]
FF Notifications: Mozilla\Firefox\Profiles\ysdsw9nt.default-release -> hxxps://www.elektro-wandelt.de; hxxps://eshop.wuerth.de; hxxps://drive.google.com; hxxps://www.mainpost.de; hxxps://www.maschinensucher.de; hxxps://www.kaspersky.de; hxxps://www.bussgeldrechner.org
FF Extension: (Facebook Container) - C:\Users\mail\AppData\Roaming\Mozilla\Firefox\Profiles\ysdsw9nt.default-release\Extensions\@contain-facebook.xpi [2025-03-25]
FF Extension: (iCloud-Lesezeichen) - C:\Users\mail\AppData\Roaming\Mozilla\Firefox\Profiles\ysdsw9nt.default-release\Extensions\firefoxdav@icloud.com.xpi [2024-10-15]
FF Extension: (Honey) - C:\Users\mail\AppData\Roaming\Mozilla\Firefox\Profiles\ysdsw9nt.default-release\Extensions\jid1-93CWPmRbVPjRQA@jetpack.xpi [2024-10-15]
FF Extension: (Dark Background and Light Text) - C:\Users\mail\AppData\Roaming\Mozilla\Firefox\Profiles\ysdsw9nt.default-release\Extensions\jid1-QoFqdK4qzUfGWQ@jetpack.xpi [2024-10-15]
FF Extension: (New Tab) - C:\Users\mail\AppData\Roaming\Mozilla\Firefox\Profiles\ysdsw9nt.default-release\Extensions\newtab@mozilla.org.xpi [2025-12-01]
FF Extension: (Stealthy) - C:\Users\mail\AppData\Roaming\Mozilla\Firefox\Profiles\ysdsw9nt.default-release\Extensions\stealthyextension@gmail.com.xpi [2024-10-15]
FF Extension: (uBlock Origin) - C:\Users\mail\AppData\Roaming\Mozilla\Firefox\Profiles\ysdsw9nt.default-release\Extensions\uBlock0@raymondhill.net.xpi [2025-12-04]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\mail\AppData\Roaming\Mozilla\Firefox\Profiles\ysdsw9nt.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2025-12-11]
FF Extension: (NoScript) - C:\Users\mail\AppData\Roaming\Mozilla\Firefox\Profiles\ysdsw9nt.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2025-12-09]
FF Extension: (Google Search Maps Button) - C:\Users\mail\AppData\Roaming\Mozilla\Firefox\Profiles\ysdsw9nt.default-release\Extensions\{884f845b-914f-4069-ad5b-b8bf870249fc}.xpi [2025-07-03]
FF Extension: (Video DownloadHelper) - C:\Users\mail\AppData\Roaming\Mozilla\Firefox\Profiles\ysdsw9nt.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2025-06-05]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-12-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-12-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-11-18] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2025-12-05] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2025-12-05] <==== ACHTUNG
Chrome:
=======
CHR Profile: C:\Users\mail\AppData\Local\Google\Chrome\User Data\Default [2025-12-15]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (McAfee® WebAdvisor) - C:\Users\mail\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2025-11-28]
CHR Extension: (Google Docs Offline) - C:\Users\mail\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-11-28]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\mail\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-12-12]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\mail\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2025-04-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\mail\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-03-24]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-731132713-3816676949-3657752684-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-731132713-3816676949-3657752684-1001) Opera GXStable - "C:\Users\mail\AppData\Local\Programs\Opera GX\opera.exe"
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174584 2025-08-24] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13419320 2025-12-06] (Microsoft Corporation -> Microsoft Corporation)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [20240 2025-07-10] (Dell Technologies Inc. -> Dell INC.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [49952 2025-09-10] (Dell Technologies Inc. -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [153288 2025-07-03] (Dell Technologies Inc. -> Dell)
R2 dptftcs; C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_8edcf6be1c4ddd78\ipfsvc.exe [562040 2024-08-15] (FOR TESTING ONLY - IPF_PreProd_Cert -> Intel Corporation)
R2 DYMOConnectPnPService; C:\Program Files (x86)\DYMO\DYMO Connect\PnpService\DYMO.Connect.PnP.Service.exe [1706669 2025-06-17] () [Datei ist nicht signiert]
R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [27136 2021-03-18] (Sanford, L.P.) [Datei ist nicht signiert]
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncHelper.exe [3614568 2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
S2 Intel(R) Platform License Manager Service; C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_c25dbc60ad3b371a\lib\PlatformLicenseManagerService.exe [742904 2024-11-20] (Intel Corporation -> Intel(R) Corporation)
R2 IntelGraphicsSoftwareService; C:\Program Files\WindowsApps\AppUp.IntelArcSoftware_25.40.1953.0_x64__8j3eq9eme6ctt\VFS\ProgramFilesX64\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe [300544 2025-12-05] (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation)
R2 ipfsvc; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_c493e10bcfd25250\ipf_uf.exe [3102808 2024-10-23] (Intel Corporation -> Intel Corporation)
R3 KAPSService; C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe [78088 2023-08-17] (Intel Corporation -> Intel® Corporation)
R2 KDService; C:\Program Files\KDService\bin\KDService.exe [500736 2024-11-06] (KYOCERA Document Solutions Inc.) [Datei ist nicht signiert]
R2 Killer Analytics Service; C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2480944 2023-08-17] (Intel Corporation -> Intel)
R2 Killer Network Service; C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2981168 2023-08-17] (Intel Corporation -> Intel)
R3 KNDBWM; C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [78128 2023-08-17] (Intel Corporation -> Intel® Corporation)
R2 LADMLauncherService; C:\Program Files\Lenovo\LADMLauncherService\bin\LADMAutoInstallService.exe [2412832 2024-07-10] (Lenovo -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [11207664 2025-12-10] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-12-10] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\MpDefenderCoreService.exe [2063328 2025-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NovaPdf11Server; C:\Program Files\Softland\novaPDF 11\Server\novapdfs.exe [48912 2025-11-24] (Softland SRL -> Microsoft)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvdd.inf_amd64_1c978806815a7d2e\Display.NvContainer\NVDisplay.Container.exe [1275032 2025-11-04] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.222.1112.0002\OneDriveUpdaterService.exe [3906448 2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [21685912 2025-12-03] (Logitech Inc -> Logitech, Inc.)
R2 Poly Lens Control Service; C:\Program Files\Poly\Lens Control Service\LensService.exe [150024 2025-06-09] (HP Inc. -> HP Inc.)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256256 2024-10-15] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300232 2025-07-15] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [513672 2025-04-28] (Razer USA Ltd. -> Razer Inc.)
R2 SamsungQuickShareService; C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungQuickShare_2.2.19.0_x64__wyx1vj98g3asy\QuickShareService\QuickShareService.exe [16499712 2025-10-10] (14C847C8-791E-46EB-9C0D-7CADAF31C930 -> QuickShareService)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [803088 2025-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 StarMoney 14 Deluxe OnlineUpdate; C:\Program Files (x86)\StarMoney 14 Deluxe S-Edition\ouservice\StarMoneyOnlineUpdate.exe [766880 2025-01-13] (Star Finanz-Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [149656 2025-11-19] (Dell Technologies Inc. -> Dell Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [25728872 2025-12-01] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 WavesAudioService; C:\Windows\System32\DriverStore\FileRepository\wavesapo11de.inf_amd64_c6cd4cf632788a8e\WavesAudioService.exe [163592 2025-01-18] (Waves Inc -> Waves Audio Ltd)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\NisSrv.exe [4426832 2025-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\MsMpEng.exe [290704 2025-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [394312 2025-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Bluestack System Inc.)
R2 CLFCL5.23; C:\Windows\System32\drivers\CLFCL5.23\000.fcl [47808 2024-02-22] (CyberLink Corp. -> CyberLink Corp.)
S3 CtaChildDriver; C:\Windows\System32\drivers\CtaChildDriver.sys [65952 2023-12-01] (Intel Corporation -> )
R3 DellInstrumentation; C:\Windows\System32\drivers\DellInstrumentation.sys [33336 2025-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 e3k25cx21x64; C:\Windows\System32\DriverStore\FileRepository\e3k25cx21x64.inf_amd64_2187e0f3da9ad764\e3k25cx21x64.sys [717144 2023-08-17] (Realtek Semiconductor Corp. -> Realtek)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [159296 2025-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 googledrivefs31931; C:\Program Files\Google\Drive File Stream\Drivers\31931\googledrivefs31931.sys [386256 2025-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 GSCAuxDriver; C:\Windows\System32\DriverStore\FileRepository\gscauxdriver.inf_amd64_f6b6712856d991b0\GSCAuxDriverx64.sys [119096 2023-12-01] (Intel Corporation -> Intel Corporation)
S3 GSCx64; C:\Windows\System32\DriverStore\FileRepository\gscheci.inf_amd64_cf885aa8c7fcd01e\TeeDriverGSCW8x64.sys [289080 2023-12-01] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_GPIO2_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_302e75596cffa74a\iaLPSS2_GPIO2_ADL.sys [150616 2022-10-24] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_e736c048ca307ed2\iaLPSS2_I2C_ADL.sys [220224 2022-10-24] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_SPI_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_spi_adl.inf_amd64_334c460fea9b11a4\iaLPSS2_SPI_ADL.sys [171608 2022-10-24] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_UART2_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_uart2_adl.inf_amd64_43d5df63d19fde70\iaLPSS2_UART2_ADL.sys [329320 2022-10-24] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\Windows\System32\drivers\iaStorVD.sys [1623632 2025-10-02] (Intel Corporation -> Intel Corporation)
R3 IntelGNA; C:\Windows\System32\DriverStore\FileRepository\gna.inf_amd64_8e2f374849f1eba9\gna.sys [90304 2024-04-29] (Intel Corporation -> Intel Corporation)
S3 Intel_NF_I2C; C:\Windows\System32\DriverStore\FileRepository\intel_nf_i2c_child.inf_amd64_ec05d531d6f2e4c0\Intel_NF_I2C.sys [232752 2023-12-01] (Intel Corporation -> Intel Corporation)
R3 ipf_acpi; C:\Windows\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_ca5ac87d28341730\ipf_acpi.sys [89688 2024-10-23] (Intel Corporation -> Intel Corporation)
R3 ipf_cpu; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_c493e10bcfd25250\ipf_cpu.sys [89688 2024-10-23] (Intel Corporation -> Intel Corporation)
R3 ipf_lf; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_c493e10bcfd25250\ipf_lf.sys [504920 2024-10-23] (Intel Corporation -> Intel Corporation)
R3 KfeCoSvc; C:\Windows\System32\drivers\RivetNetworks\Killer\KfeCo11X64.sys [209200 2023-08-17] (Intel Corporation -> Rivet Networks, LLC.)
S3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [333192 2025-11-18] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [234088 2025-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [22120 2025-12-10] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\Drivers\farflt11.sys [214608 2025-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\Drivers\mbam.sys [80984 2025-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [245336 2025-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [190096 2025-12-15] (Malwarebytes Inc -> Malwarebytes)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-05-08] (NVIDIA Corporation -> NVIDIA Corporation)
R3 PRI-Driver; C:\Windows\System32\DriverStore\FileRepository\socthermalprovider_sw.inf_amd64_d8d2967b40ed3b12\Intel(R) PRI Driver\PRI-Driver.sys [297080 2024-11-04] (Intel Corporation -> Intel Corporation)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [51192 2025-01-16] (OpenVPN Inc. -> The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [21928 2025-12-11] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [635272 2025-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [102792 2025-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2025-12-05] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R3 WSDPrintDevice; C:\Windows\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2024-09-22] (Microsoft Windows -> Microsoft Corporation)
S3 WSDScan; C:\Windows\System32\DriverStore\FileRepository\sti.inf_amd64_a6dc64e436f22951\WSDScan.sys [61440 2025-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 IntelTACD; \??\C:\Windows\System32\drivers\IntelTACD.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2025-12-15 16:28 - 2025-12-15 16:28 - 000709232 _____ C:\Windows\system32\perfh007.dat
2025-12-15 16:28 - 2025-12-15 16:28 - 000151190 _____ C:\Windows\system32\perfc007.dat
2025-12-15 15:41 - 2025-12-15 15:41 - 000190096 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2025-12-15 15:40 - 2025-12-15 15:40 - 018549778 _____ C:\Users\mail\Desktop\15.12.2025_15.40.14.zip
2025-12-15 15:34 - 2025-12-15 15:35 - 171265006 _____ C:\Users\mail\Downloads\Architektur.zip
2025-12-15 13:21 - 2025-12-15 16:21 - 000000000 ____D C:\Windows\CbsTemp
2025-12-15 12:07 - 2025-12-15 12:09 - 000000000 ____D C:\SecurityCheck
2025-12-15 12:05 - 2025-12-15 12:05 - 000492893 _____ C:\Users\mail\Desktop\SecurityCheck.zip
2025-12-15 10:45 - 2025-12-15 10:46 - 000000192 _____ C:\Users\mail\Desktop\Textdokument (neu).txt
2025-12-15 08:34 - 2025-12-15 15:40 - 000008332 _____ C:\Users\mail\Desktop\Fixlog.txt
2025-12-15 07:44 - 2025-12-15 07:44 - 001015808 _____ C:\Users\mail\Downloads\Eon - 232033836987 - 17.10.2024 - 17.03.2025 - Rechnung-1.pdf
2025-12-15 07:10 - 2025-12-15 07:10 - 001015808 _____ C:\Users\mail\Downloads\Eon - 232033836987 - 17.10.2024 - 17.03.2025 - Rechnung.pdf
2025-12-12 11:44 - 2025-12-12 11:44 - 000000000 ____D C:\Program Files\Softland
2025-12-12 11:42 - 2025-12-12 11:52 - 000321687 _____ C:\Users\mail\Desktop\Erklärungen und Hinweise zum Antrag auf Abschluss einer Versicherung.pdf
2025-12-12 11:42 - 2025-12-12 11:49 - 000355780 _____ C:\Users\mail\Desktop\SEPA Mandat.pdf
2025-12-12 11:15 - 2025-12-12 11:15 - 000076933 _____ C:\Users\mail\Desktop\320250627084.pdf
2025-12-12 08:48 - 2025-12-12 08:48 - 000127484 _____ C:\Users\mail\Downloads\VE-WL-4701-Dämmung-Nachforderung-Unterlagen.pdf
2025-12-12 08:47 - 2025-12-12 08:47 - 000040660 _____ C:\Users\mail\Downloads\VE-WL-4701_Niederschrift_Oeffnung_Angebote_letzte Seite.pdf
2025-12-11 10:11 - 2025-12-11 10:11 - 000000000 ____D C:\Windows\system32\NarratorMCAT
2025-12-11 09:40 - 2025-12-11 09:40 - 000301195 _____ C:\Users\mail\Downloads\Dokumente_202512110940.zip
2025-12-11 08:55 - 2025-12-11 08:55 - 000000812 _____ C:\Users\mail\Desktop\Malwarebytes Bericht über blockierte Websites 2025-12-11 085438.txt
2025-12-11 08:53 - 2025-12-11 08:53 - 000000812 _____ C:\Users\mail\Desktop\Malwarebytes Bericht über blockierte Websites 2025-12-10 140624.txt
2025-12-10 16:33 - 2025-12-10 16:33 - 000014674 _____ C:\Users\mail\Desktop\ITW 11.2025 NEU.xml
2025-12-10 12:22 - 2025-12-10 12:22 - 000001417 _____ C:\Users\mail\Desktop\Malwarebytes Scan-Bericht 2025-12-10 112049.txt
2025-12-10 12:09 - 2025-12-15 16:31 - 000000000 ____D C:\Users\mail\AppData\Local\Malwarebytes
2025-12-10 12:09 - 2025-12-10 12:09 - 000002095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-12-10 12:09 - 2025-12-10 12:09 - 000002083 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2025-12-10 12:09 - 2025-12-10 12:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-12-10 12:09 - 2025-12-10 12:09 - 000000000 ____D C:\Program Files\Malwarebytes
2025-12-10 12:07 - 2025-12-10 12:07 - 002844952 _____ (Malwarebytes) C:\Users\mail\Desktop\MBSetup(1).exe
2025-12-10 10:05 - 2025-12-10 10:05 - 000035602 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-12-10 10:05 - 2025-12-10 10:05 - 000035602 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2025-12-10 07:40 - 2025-12-10 07:41 - 000000000 ____D C:\AdwCleaner
2025-12-10 07:39 - 2025-12-10 07:39 - 009616736 _____ (Malwarebytes) C:\Users\mail\Desktop\adwcleaner.exe
2025-12-09 08:31 - 2025-12-09 08:31 - 000073555 _____ C:\Users\mail\Desktop\Kapersky_.txt
2025-12-09 07:51 - 2025-12-09 07:51 - 000742264 _____ C:\Users\mail\Desktop\Kapersky.txt
2025-12-09 07:26 - 2025-12-10 12:34 - 000090506 _____ C:\Users\mail\Desktop\Addition.txt
2025-12-09 07:21 - 2025-12-15 16:34 - 000056106 _____ C:\Users\mail\Desktop\FRST.txt
2025-12-09 07:21 - 2025-12-15 16:34 - 000000000 ____D C:\FRST
2025-12-09 07:04 - 2025-12-09 07:04 - 002444288 _____ (Farbar) C:\Users\mail\Downloads\FRST64(1).exe
2025-12-09 07:03 - 2025-12-09 07:03 - 002444288 _____ (Farbar) C:\Users\mail\Desktop\FRST64.exe
2025-12-08 11:07 - 2025-12-08 11:08 - 000000000 ___HD C:\Users\mail\AppData\Local\205903c92023c8a72aa9235f3491af76
2025-12-08 10:05 - 2025-12-08 10:05 - 002844952 _____ (Malwarebytes) C:\Users\mail\Downloads\MBSetup.exe
2025-12-08 08:00 - 2025-12-09 16:37 - 000000000 ____D C:\Windows\system32\appmgmt
2025-12-08 07:39 - 2025-12-08 07:39 - 000000000 ____D C:\Users\mail\Desktop\OpenOffice 4.1.16 (de) Installation Files
2025-12-07 20:17 - 2025-09-04 21:36 - 002372376 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2025-12-07 20:17 - 2025-09-04 21:36 - 002372376 _____ C:\Windows\system32\vulkaninfo.exe
2025-12-07 20:17 - 2025-09-04 21:36 - 002071088 _____ C:\Windows\system32\ze_intel_gpu_raytracing.dll
2025-12-07 20:17 - 2025-09-04 21:36 - 001880880 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2025-12-07 20:17 - 2025-09-04 21:36 - 001880880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2025-12-07 20:17 - 2025-09-04 21:36 - 001621584 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2025-12-07 20:17 - 2025-09-04 21:36 - 001621584 _____ C:\Windows\system32\vulkan-1.dll
2025-12-07 20:17 - 2025-09-04 21:36 - 001428056 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2025-12-07 20:17 - 2025-09-04 21:36 - 001428056 _____ C:\Windows\SysWOW64\vulkan-1.dll
2025-12-07 20:17 - 2025-09-04 21:36 - 001099720 _____ C:\Windows\system32\ze_validation_layer.dll
2025-12-07 20:17 - 2025-09-04 21:36 - 000955248 _____ (Intel Corporation) C:\Windows\system32\libmfxhw64.dll
2025-12-07 20:17 - 2025-09-04 21:36 - 000949000 _____ C:\Windows\system32\ze_loader.dll
2025-12-07 20:17 - 2025-09-04 21:36 - 000792936 _____ (Intel) C:\Windows\system32\libvpl.dll
2025-12-07 20:17 - 2025-09-04 21:36 - 000713968 _____ (Intel Corporation) C:\Windows\SysWOW64\libmfxhw32.dll
2025-12-07 20:17 - 2025-09-04 21:36 - 000671936 _____ C:\Windows\system32\ze_tracing_layer.dll
2025-12-07 20:17 - 2025-09-04 21:36 - 000671016 _____ (Intel) C:\Windows\SysWOW64\libvpl.dll
2025-12-07 20:17 - 2025-09-04 21:36 - 000656224 _____ C:\Windows\SysWOW64\IntelControlLib32.dll
2025-12-07 20:17 - 2025-09-04 21:36 - 000597904 _____ (Intel Corporation) C:\Windows\system32\intel_gfx_api-x64.dll
2025-12-07 20:17 - 2025-09-04 21:36 - 000456888 _____ (Intel Corporation) C:\Windows\SysWOW64\intel_gfx_api-x86.dll
2025-12-07 20:17 - 2025-09-04 21:34 - 000324240 _____ C:\Windows\system32\ControlLib.dll
2025-12-07 20:17 - 2025-09-04 21:34 - 000270512 _____ C:\Windows\SysWOW64\ControlLib32.dll
2025-12-07 18:12 - 2025-12-07 18:12 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-12-05 11:13 - 2025-12-05 11:13 - 003522576 _____ C:\Users\mail\Downloads\P2122_826_826-260.zip
2025-12-05 10:02 - 2025-12-05 10:02 - 000000000 ____D C:\Users\mail\AppData\Local\Kaspersky Lab
2025-12-05 10:02 - 2025-12-05 10:02 - 000000000 ____D C:\Users\Default\AppData\Local\Kaspersky Lab
2025-12-05 10:01 - 2025-12-09 16:31 - 000000000 ____D C:\Program Files\Common Files\AV
2025-12-05 09:54 - 2025-12-05 09:54 - 005761808 _____ (Kaspersky) C:\Users\mail\Downloads\kaspersky4win202121.23.6.614de_46460.exe
2025-12-05 08:44 - 2025-12-05 08:44 - 000044021 _____ C:\Users\mail\AppData\LocalLow\37c7b68ec7ce59bb3fbbea724abe1e07aeb17fe31574619b0c137c3e1461a6fe
2025-12-05 08:44 - 2025-12-05 08:44 - 000032406 _____ C:\Users\mail\AppData\LocalLow\e60509fddc859f1e377f05bb5666c3f94d474358aa869f9c866d601527c995a6
2025-12-05 08:44 - 2025-12-05 08:44 - 000005895 _____ C:\Users\mail\AppData\LocalLow\380064f733c36c8c24d3de7ba64f91a8484e27de48d207007ffce3b859e13c19
2025-12-05 08:44 - 2025-12-05 08:44 - 000005884 _____ C:\Users\mail\AppData\LocalLow\02b2846b00ceedfbd0fe03d755def17e5a67a179217a0bda07579d156b44fe2b
2025-12-05 08:44 - 2025-12-05 08:44 - 000000130 _____ C:\Users\mail\AppData\LocalLow\dda32a1bd41845f373a453c6fe7f2100bbcffbf046452f742fceb374d6d7c94d
2025-12-05 08:44 - 2025-12-05 08:44 - 000000130 _____ C:\Users\mail\AppData\LocalLow\308fd1f7acc018ce199c1284859b82c6857bc2f321f233d0686d253502588fb8
2025-12-05 08:44 - 2025-12-05 08:44 - 000000130 _____ C:\Users\mail\AppData\LocalLow\214d8e117f9063072e22ab10aff0bf071c1d02bee386e29a69b7f3fe0daf38e7
2025-12-05 08:44 - 2025-12-05 08:44 - 000000130 _____ C:\Users\mail\AppData\LocalLow\0ab7f9cae0b21e4d6824a6d87c17bf43bd15f3f08d56a708cd0c36586ad401ee
2025-12-05 08:43 - 2025-11-04 12:58 - 000478440 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2025-12-05 08:43 - 2025-11-04 12:58 - 000374424 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2025-12-05 08:43 - 2025-11-04 12:54 - 001315992 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2025-12-05 08:43 - 2025-11-04 12:54 - 000674456 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2025-12-05 08:43 - 2025-11-04 12:54 - 000508568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2025-12-05 08:43 - 2025-11-04 12:53 - 026341016 _____ C:\Windows\system32\nvidia-pcc.exe
2025-12-05 08:43 - 2025-11-04 12:53 - 002317032 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2025-12-05 08:43 - 2025-11-04 12:53 - 001715944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2025-12-05 08:43 - 2025-11-04 12:53 - 001596048 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2025-12-05 08:43 - 2025-11-04 12:53 - 001572584 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2025-12-05 08:43 - 2025-11-04 12:53 - 001222296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2025-12-05 08:43 - 2025-11-04 12:53 - 001057512 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2025-12-05 08:43 - 2025-11-04 12:53 - 000812696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2025-12-05 08:43 - 2025-11-04 12:53 - 000468120 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2025-12-05 08:43 - 2025-11-04 12:53 - 000135888 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2025-12-05 08:43 - 2025-11-04 12:52 - 024675048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2025-12-05 08:43 - 2025-11-04 12:52 - 021712528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2025-12-05 08:43 - 2025-11-04 12:52 - 007682712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2025-12-05 08:43 - 2025-11-04 12:52 - 005917840 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2025-12-05 08:43 - 2025-11-04 12:52 - 005469928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2025-12-05 08:43 - 2025-11-04 12:52 - 004175080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2025-12-05 08:43 - 2025-11-04 12:51 - 000853736 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2025-12-05 08:43 - 2025-11-04 12:50 - 005620888 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2025-12-05 08:43 - 2025-11-04 12:50 - 004919920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2025-12-05 08:43 - 2025-11-04 12:14 - 000149896 _____ C:\Windows\system32\nvinfo.pb
2025-12-05 08:37 - 2025-12-05 08:38 - 000000000 ____D C:\Program Files\LogiOptionsPlus
2025-12-05 08:37 - 2025-12-05 08:37 - 000000859 _____ C:\Users\Public\Desktop\Logi Options+.lnk
2025-12-05 08:37 - 2025-12-05 08:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2025-12-05 08:10 - 2025-12-05 08:10 - 000034881 _____ C:\Users\mail\Downloads\Wuerzburg_HRB_17669_AD_05.12.2025.PDF
2025-12-05 01:23 - 2025-12-05 01:23 - 000000000 ____D C:\Users\UMFD-0.Font Driver Host
2025-12-05 01:23 - 2025-12-05 01:23 - 000000000 ____D C:\Users\TEMP.Font Driver Host
2025-12-03 13:53 - 2025-12-03 13:56 - 1102685245 _____ C:\Users\mail\Downloads\bilder.zip
2025-12-02 17:39 - 2025-12-02 17:39 - 000005233 _____ C:\Users\mail\Downloads\Positionsvergleich_A22_vs_A23.xlsx
2025-12-01 14:49 - 2025-12-01 14:49 - 000153528 _____ C:\Users\mail\Downloads\S_20251201_144855_Postfach_-_Sammeldownload(1).ZIP
2025-12-01 14:48 - 2025-12-01 14:48 - 000153528 _____ C:\Users\mail\Downloads\S_20251201_144855_Postfach_-_Sammeldownload.ZIP
2025-12-01 13:18 - 2025-12-01 13:18 - 000030284 _____ C:\Users\mail\Desktop\RTS SW-Schalen alu-kasch..ieg
2025-12-01 07:21 - 2025-12-01 07:21 - 000000211 _____ C:\Users\mail\AppData\Roaming\com.reolink.app.client
2025-11-28 08:56 - 2025-11-28 08:56 - 000130005 _____ C:\Users\mail\Desktop\Unbenannt-2.pdf
2025-11-27 12:38 - 2025-11-27 12:38 - 000000000 ____D C:\Users\UMFD-0
2025-11-27 12:38 - 2025-11-27 12:38 - 000000000 ____D C:\Users\TEMP
2025-11-27 10:56 - 2025-11-27 10:59 - 000903933 _____ C:\Users\mail\Desktop\Rückmeldeformular 2025.pdf
2025-11-26 16:20 - 2025-11-26 16:21 - 000000000 ____D C:\Users\mail\Desktop\Neuer Ordner
2025-11-26 10:59 - 2025-11-26 10:59 - 000139549 _____ C:\Users\mail\Desktop\581.0005.01.pdf
2025-11-26 07:50 - 2025-11-26 07:51 - 043616864 _____ C:\Users\mail\Downloads\finale-variante-prospekt-1.pdf
2025-11-26 07:50 - 2025-11-26 07:50 - 043616864 _____ C:\Users\mail\Downloads\finale-variante-prospekt.pdf
2025-11-26 07:48 - 2025-11-26 07:48 - 004330635 _____ C:\Users\mail\Downloads\Prospekt_HBT_10.pdf
2025-11-26 07:47 - 2025-11-26 07:47 - 000486989 _____ C:\Users\mail\Downloads\HA Flyer 4-seitig 2011 finish.pdf
2025-11-25 14:29 - 2025-11-25 14:29 - 000059546 _____ C:\Users\mail\Desktop\XRechnung_RE25-115.xml
2025-11-25 07:44 - 2025-11-25 07:44 - 000121498 _____ C:\Users\mail\Downloads\DEU_DOP K-FLEX S2 - 19-32mm thk sheet 15370103201-01DF-1.pdf
2025-11-25 07:39 - 2025-11-25 07:39 - 000573390 _____ C:\Users\mail\Desktop\Preisliste mit Rabattandruck.pdf
2025-11-24 13:15 - 2025-11-24 13:15 - 000171520 _____ (Softland) C:\Windows\system32\novamn11.dll
2025-11-24 13:15 - 2025-11-24 13:15 - 000015872 _____ (Softland) C:\Windows\system32\novami11.dll
2025-11-24 10:53 - 2025-11-24 10:53 - 014057976 _____ C:\Users\mail\Downloads\stbaer_25-089872_2362689(1).avasign
2025-11-24 10:52 - 2025-11-24 10:52 - 014057976 _____ C:\Users\mail\Downloads\stbaer_25-089872_2362689.avasign
2025-11-24 10:07 - 2025-11-24 10:07 - 011614582 _____ C:\Users\mail\Downloads\SPPM_NLH-490_2362619.avasign
2025-11-20 11:52 - 2025-11-20 11:52 - 000120794 _____ C:\Users\mail\Downloads\rechnung-FM.F25032488574.pdf
2025-11-19 07:52 - 2025-11-19 07:52 - 000032400 _____ C:\Users\mail\Downloads\Stuttgart_HRB_733915_19.11.2025.pdf
2025-11-19 07:33 - 2025-11-19 07:33 - 000031841 _____ C:\Users\mail\Downloads\Wuerzburg_HRB_15152_19.11.2025.pdf
2025-11-18 16:32 - 2025-11-18 16:47 - 006983273 _____ C:\Users\mail\Desktop\ITW-Isoliertechnik GmbH und Co.KG Sepa.pdf
2025-11-18 15:22 - 2025-11-18 15:22 - 000334266 _____ C:\Users\mail\Desktop\2025000637.iea
2025-11-17 16:47 - 2025-11-17 16:47 - 000025102 _____ C:\Users\mail\Downloads\DRP141673251.pdf
2025-11-17 16:46 - 2025-11-17 16:46 - 000043713 _____ C:\Users\mail\Downloads\DRP142555317.pdf
2025-11-17 09:48 - 2025-11-17 09:49 - 000110155 _____ C:\Users\mail\Desktop\ITW Kündigung - Dynamische Sach-Inhaltsversicherung.pdf
2025-11-15 13:48 - 2025-11-15 13:48 - 000005860 _____ C:\Users\mail\Downloads\sammelueberweisung.xlsx
2025-11-15 13:43 - 2025-11-15 13:43 - 000014103 _____ C:\Users\mail\Downloads\SEPA_NORMAL_FINAL.xml
2025-11-15 13:39 - 2025-11-15 13:39 - 000014103 _____ C:\Users\mail\Downloads\ITW_10.2025_TOMORROW.xml
2025-11-15 13:37 - 2025-11-15 13:37 - 000014103 _____ C:\Users\mail\Downloads\ITW_10.2025_UPDATED.xml
2025-11-15 13:23 - 2025-11-15 13:23 - 001082368 _____ C:\Users\mail\Downloads\EasyDTASEPAPruef.exe
2025-11-15 13:20 - 2025-11-15 13:20 - 000014674 _____ C:\Users\mail\Desktop\ITW 10.2025.xml
2025-11-15 13:20 - 2025-11-15 13:20 - 000001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AusweisApp.lnk
2025-11-15 13:20 - 2025-11-15 13:20 - 000001080 _____ C:\Users\Public\Desktop\AusweisApp.lnk
2025-11-15 13:20 - 2025-11-15 13:20 - 000000000 ____D C:\Program Files\AusweisApp
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2025-12-15 16:28 - 2024-09-22 11:24 - 001637736 _____ C:\Windows\system32\PerfStringBackup.INI
2025-12-15 16:28 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemTemp
2025-12-15 16:28 - 2024-04-01 08:24 - 000000000 ____D C:\Windows\INF
2025-12-15 16:27 - 2025-09-22 05:53 - 000000130 _____ C:\Users\mail\AppData\LocalLow\1156a6bdb7a6ab63c7e010bb15eeebdead41901fd3b52007f6c94107447639eb
2025-12-15 16:27 - 2024-10-17 09:57 - 000000000 ____D C:\Program Files (x86)\ISOCAL
2025-12-15 16:26 - 2024-10-18 13:47 - 000000000 ____D C:\Users\mail\Documents\Outlook-Dateien
2025-12-15 16:25 - 2024-10-28 08:13 - 000000000 ____D C:\Users\mail\AppData\Roaming\bluestacks-services
2025-12-15 16:25 - 2024-10-17 11:56 - 000000000 ___RD C:\Users\mail\iCloudPhotos
2025-12-15 16:25 - 2024-10-17 11:56 - 000000000 ___RD C:\Users\mail\iCloudDrive
2025-12-15 16:24 - 2024-10-15 16:48 - 000000000 ___RD C:\Users\mail\OneDrive
2025-12-15 16:24 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\AppReadiness
2025-12-15 16:22 - 2024-10-15 16:56 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-12-15 16:22 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\Registration
2025-12-15 16:21 - 2025-11-05 08:59 - 000000000 ____D C:\Program Files\TeamViewer
2025-12-15 16:21 - 2024-10-17 09:41 - 000000000 ____D C:\Users\mail\AppData\Local\LogiOptionsPlus
2025-12-15 16:21 - 2024-10-16 01:05 - 000012556 _____ C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-12-15 16:21 - 2024-10-15 16:38 - 000000000 ____D C:\Users\mail
2025-12-15 16:21 - 2024-09-25 03:35 - 010301622 ____N C:\Windows\Minidump\121525-22375-01.dmp
2025-12-15 16:21 - 2024-09-25 03:15 - 000000000 ____D C:\Windows\Minidump
2025-12-15 16:21 - 2024-09-25 03:05 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2025-12-15 16:21 - 2024-09-25 03:00 - 000000000 ____D C:\ProgramData\NVIDIA
2025-12-15 16:21 - 2024-09-22 11:06 - 000012288 ___SH C:\DumpStack.log.tmp
2025-12-15 16:21 - 2024-09-22 11:06 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-12-15 16:21 - 2024-09-22 11:06 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-12-15 16:21 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ServiceState
2025-12-15 16:21 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-12-15 16:16 - 2024-10-15 16:38 - 000000000 ___SD C:\Users\mail\AppData\Roaming\Microsoft\Credentials
2025-12-15 15:42 - 2024-11-06 11:11 - 000000000 ____D C:\ProgramData\KDService
2025-12-15 15:40 - 2024-04-01 08:21 - 000524288 _____ C:\Windows\system32\config\BBI
2025-12-15 15:20 - 2024-10-15 16:43 - 000000000 ____D C:\Users\mail\AppData\Local\Packages
2025-12-15 15:20 - 2024-09-22 12:29 - 000000000 ____D C:\ProgramData\Packages
2025-12-15 15:20 - 2024-09-22 11:21 - 000000000 ____D C:\Program Files\Microsoft Office
2025-12-15 15:20 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-12-15 12:52 - 2024-10-15 16:44 - 000000000 ____D C:\Users\mail\AppData\Local\D3DSCache
2025-12-15 12:07 - 2024-12-31 13:28 - 000554487 _____ (glax24 (safezone.cc)) C:\Users\mail\Desktop\SecurityCheck.exe
2025-12-15 09:13 - 2024-11-27 16:07 - 000000000 ____D C:\Users\mail\AppData\LocalLow\Temp
2025-12-15 09:09 - 2024-10-17 08:52 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-12-15 07:44 - 2024-12-18 09:52 - 000000224 _____ C:\Windows\system32\Drivers\mstpr12x.sys
2025-12-15 07:14 - 2024-09-22 11:07 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-12-12 15:00 - 2024-10-18 11:24 - 000000000 ____D C:\Users\mail\AppData\Roaming\Microsoft\Excel
2025-12-12 13:45 - 2024-10-17 09:43 - 000000000 ____D C:\Users\mail\AppData\Local\Deployment
2025-12-12 11:57 - 2025-02-05 13:00 - 000003546 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-731132713-3816676949-3657752684-1004
2025-12-12 11:57 - 2025-02-05 13:00 - 000003546 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-731132713-3816676949-3657752684-1001
2025-12-12 11:57 - 2024-11-13 10:44 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-731132713-3816676949-3657752684-1004
2025-12-12 11:57 - 2024-10-16 14:40 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-12-12 11:57 - 2024-10-16 14:39 - 000002134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-12-12 11:57 - 2024-10-15 16:48 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-731132713-3816676949-3657752684-1001
2025-12-12 11:43 - 2025-11-11 12:38 - 000000000 ____D C:\Program Files\Print2PDFAnnotator
2025-12-12 11:43 - 2024-10-16 16:41 - 000000950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Annotator.lnk
2025-12-12 11:43 - 2024-10-16 16:41 - 000000938 _____ C:\Users\Public\Desktop\PDF Annotator.lnk
2025-12-12 11:43 - 2024-10-16 16:41 - 000000000 ____D C:\Program Files\PDF Annotator
2025-12-12 11:42 - 2024-10-16 16:41 - 000000000 ____D C:\Users\mail\AppData\Local\PDF Annotator
2025-12-12 08:43 - 2024-10-16 15:50 - 000000000 ____D C:\Program Files (x86)\StarMoney 14 Deluxe S-Edition
2025-12-12 07:56 - 2025-06-16 09:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MODupRemover
2025-12-12 07:54 - 2025-03-12 09:50 - 000000000 ____D C:\BOPVuno
2025-12-12 07:45 - 2024-10-17 10:13 - 000000000 ____D C:\Users\mail\AppData\Roaming\reolink
2025-12-12 07:07 - 2024-10-15 16:48 - 000000000 ____D C:\Users\mail\AppData\Local\CrashDumps
2025-12-11 23:55 - 2025-03-24 15:01 - 000002241 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-12-11 23:55 - 2025-03-24 15:01 - 000002200 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-12-11 10:31 - 2024-09-22 11:07 - 000000000 ____D C:\Windows\system32\Drivers\wd
2025-12-11 10:13 - 2025-04-01 09:11 - 002245984 _____ C:\Windows\system32\FNTCACHE.DAT
2025-12-11 10:13 - 2024-10-15 16:56 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-12-11 10:13 - 2024-10-15 16:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-12-11 10:12 - 2024-10-16 08:00 - 000000000 ____D C:\Windows\system32\MRT
2025-12-11 10:11 - 2025-07-09 19:00 - 000000000 ____D C:\Windows\system32\ruxim
2025-12-11 10:11 - 2024-09-22 11:54 - 000000000 ____D C:\Windows\InboxApps
2025-12-11 10:11 - 2024-04-01 09:08 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\SysWOW64\F12
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\system32\F12
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files (x86)\Windows Defender
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ___HD C:\Windows\ELAMBKUP
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\WUModels
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\UUS
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\setup
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\oobe
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\InstallShield
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\Dism
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\DDFs
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemResources
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinMetadata
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ShellExperiences
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\setup
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\oobe
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\migwiz
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\Dism
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\DDFs
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\appraiser
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellExperiences
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellComponents
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\Provisioning
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\PolicyDefinitions
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\DiagTrack
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\BrowserCore
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\bcastdvr
2025-12-11 10:11 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-12-11 10:11 - 2024-04-01 08:21 - 000000000 ____D C:\Windows\servicing
2025-12-11 10:09 - 2024-10-16 08:00 - 218369424 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2025-12-11 09:45 - 2024-10-17 10:29 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-12-11 09:38 - 2024-10-15 16:56 - 000001067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-12-11 09:24 - 2024-09-25 03:35 - 015556588 ____N C:\Windows\Minidump\121125-21359-01.dmp
2025-12-10 14:03 - 2024-10-28 08:18 - 000002017 _____ C:\Users\mail\Desktop\Whiteout Survival.lnk
2025-12-10 14:02 - 2025-07-04 10:00 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
2025-12-10 10:25 - 2024-09-25 03:35 - 010782504 ____N C:\Windows\Minidump\121025-22343-01.dmp
2025-12-10 10:05 - 2024-09-22 11:10 - 003276800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2025-12-10 08:01 - 2024-09-25 03:35 - 009163268 ____N C:\Windows\Minidump\121025-20031-01.dmp
2025-12-10 07:44 - 2024-09-25 03:35 - 011701544 ____N C:\Windows\Minidump\121025-20156-01.dmp
2025-12-09 16:35 - 2025-10-23 07:05 - 000002264 _____ C:\Users\mail\AppData\LocalLow\77fc7be7bbd8ed3f32a801b512f70643b3a80513977d99083bc1062ee4f382c6
2025-12-09 16:31 - 2024-04-01 08:21 - 000008192 _____ C:\Windows\system32\config\ELAM
2025-12-08 09:04 - 2024-10-15 16:56 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2025-12-08 09:00 - 2025-02-07 15:19 - 000000000 ____D C:\Program Files\WinRAR
2025-12-08 08:07 - 2025-11-10 11:44 - 000002264 _____ C:\Users\mail\AppData\LocalLow\27552428dd8bb418eb75074cdd3f329cd8108c694c3a907d01516f437731a47f
2025-12-08 07:39 - 2025-02-07 15:19 - 000001100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2025-12-08 07:39 - 2025-02-07 15:19 - 000000000 ____D C:\Users\mail\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2025-12-08 07:39 - 2025-02-07 15:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2025-12-08 06:57 - 2025-09-22 05:53 - 000000026 _____ C:\Users\mail\AppData\LocalLow\993f4cc5892ababaf01ccbfa8e1ac0aea51fafac31437fa96c626f9c16f6e958
2025-12-08 06:55 - 2025-10-29 08:27 - 000000026 _____ C:\Users\mail\AppData\LocalLow\ed029e93b22f4ecf0278b087252ab367de76ea9fd84ba946af85efd5ace544e6
2025-12-08 06:54 - 2025-11-05 07:33 - 000000000 ____D C:\ProgramData\Whesvc
2025-12-05 08:38 - 2025-02-10 07:28 - 000000000 ____D C:\Program Files\Logi
2025-12-05 07:20 - 2025-02-14 06:45 - 000004198 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1739511949
2025-12-05 07:20 - 2025-02-14 06:45 - 000001451 _____ C:\Users\mail\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Opera GX.lnk
2025-12-03 14:02 - 2024-10-16 13:15 - 000000000 ____D C:\Users\mail\AppData\Roaming\Microsoft\Word
2025-12-01 07:30 - 2024-09-22 11:07 - 000003830 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{0177441F-9BFC-4401-82E2-1A23015FF7F6}
2025-12-01 07:30 - 2024-09-22 11:07 - 000003704 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{B7519F7E-0E70-436D-9F54-331BF832C3EF}
2025-12-01 07:21 - 2024-10-17 10:13 - 000000000 ____D C:\Program Files\Reolink
2025-12-01 07:17 - 2024-10-17 16:21 - 000000000 ____D C:\Users\mail\AppData\Roaming\DYMOConnect
2025-11-26 10:12 - 2024-09-25 03:18 - 000003940 _____ C:\Windows\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2025-11-26 10:11 - 2024-09-25 03:06 - 000000000 ____D C:\Program Files (x86)\Dell
2025-11-21 12:44 - 2025-01-17 11:46 - 000000001 _____ C:\Users\mail\.lock
2025-11-21 12:44 - 2025-01-17 11:46 - 000000000 ____D C:\Users\mail\BCockpit
2025-11-19 18:50 - 2024-10-21 15:27 - 000002175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2025-11-19 18:50 - 2024-10-21 15:27 - 000002046 _____ C:\Users\mail\Desktop\Google Drive.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2025-12-01 07:21 - 2025-12-01 07:21 - 000000211 _____ () C:\Users\mail\AppData\Roaming\com.reolink.app.client
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
Gestern, 17:00
| #34 |
| | Windows 11: nach Runterladen einer Datei (pishing) Trojaner, der sich nicht löschen lässt FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-11-2025
durchgeführt von mail (15-12-2025 16:34:58)
Gestartet von C:\Users\mail\Desktop
Microsoft Windows 11 Pro Version 24H2 26100.7462 (X64) (2024-10-16 00:02:54)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-731132713-3816676949-3657752684-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-731132713-3816676949-3657752684-503 - Limited - Disabled)
Frank Scan (S-1-5-21-731132713-3816676949-3657752684-1003 - Limited - Enabled)
Gast (S-1-5-21-731132713-3816676949-3657752684-501 - Limited - Disabled)
mail (S-1-5-21-731132713-3816676949-3657752684-1001 - Administrator - Enabled) => C:\Users\mail
WDAGUtilityAccount (S-1-5-21-731132713-3816676949-3657752684-504 - Limited - Disabled)
WsiAccount (S-1-5-21-731132713-3816676949-3657752684-1004 - Limited - Disabled) => C:\Users\WsiAccount
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Kaspersky (Disabled - Up to date) {DABD1ABC-6D70-BB0E-89E6-BFA3FC920FD1}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky (Disabled) {E2869B99-271F-BA56-A2B9-1696024148AA}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 25.001.20997 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601120}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AI WEBLAUNCHER 1.3.1 (HKLM\...\6100-0335-3940-9865) (Version: 1.3.1 - Administration Intelligence AG)
Asian Language And Spelling Dictionaries Support For Adobe Acrobat Reader (HKLM\...\{AC76BA86-7AD7-0000-0000-BC17084FC500}) (Version: 23.008.20421 - Adobe Systems Incorporated)
AusweisApp (HKLM\...\{A8AAF0C7-5AC5-4890-8DEE-8973DA3ECA66}) (Version: 2.4.0 - Governikus GmbH & Co. KG)
ava-sign 2024 (HKLM\...\{5cd33495-6e54-4c39-8af6-b6327a316684}) (Version: 2.4.4 - RIB Software SE)
BlueStacks (HKLM\...\BlueStacks_nxt) (Version: 5.22.85.1011 - now.gg, Inc.)
BlueStacks Services (HKU\S-1-5-21-731132713-3816676949-3657752684-1001\...\BlueStacksServices) (Version: 3.0.9 - now.gg, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother Printer Driver (HKLM-x32\...\{71DDFA81-0862-4421-A398-12222E500E82}) (Version: 1.11.0.0 - Brother Industries Ltd.) Hidden
Brother Printer Setting Tool (HKLM-x32\...\{8DA2E2DC-C572-4F87-89FC-833DB588CC7B}) (Version: 1.6.0132 - Brother Industries, Ltd.)
Brother P-touch Editor (HKLM-x32\...\{C0A0CE08-4444-43C0-89CB-322856B3F6EE}) (Version: 6.9.00 - Brother Industries, Ltd.)
Brother P-touch Update Software (HKLM-x32\...\{6EB33BCE-E36E-4E6F-884B-F4424FBA2341}) (Version: 1.0.0290 - Brother Industries, Ltd.)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{8616305F-122C-4341-9C37-47A9CD322AB2}) (Version: 17.1.0.572 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{8616305F-122C-4341-9C37-47A9CD322AB2}) (Version: 17.1.572 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{4DD94E1E-998D-414B-953C-9BAC44E4CCDD}) (Version: 17.1.572 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM (HKLM-x32\...\{D29A4F85-0FB7-4E54-B591-044652C4295F}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (HKLM-x32\...\{657EAD32-8E7A-43C0-A794-3BB31B00DC34}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (HKLM-x32\...\{246FE426-2661-4DD6-9603-DF2E6832387C}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (HKLM-x32\...\_{C5D9CECB-A66F-473F-B406-5C8C2DCA4DF0}) (Version: 17.1.0.572 - Corel Corporation)
CSG Thumbnail (HKLM\...\{7B1F67AD-E90C-4986-973A-93D77674B2D7}_is1) (Version: 7.0 - CAD Schroer)
CyberLink Media Player 23 with PowerDVD (HKLM-x32\...\{1BB40144-36AC-4A7C-AF6A-A0F9DA57FC76}) (Version: 23.0.1506.62 - CyberLink Corp.)
Dell AppCore (HKLM\...\{80F9F666-A9FB-42EE-A60B-EBD5752001F7}) (Version: 6.2.1.0 - Dell) Hidden
Dell Core Services (HKLM\...\{F75EF4CF-1C2E-4E3B-9559-29CD8B5B49B8}) (Version: 1.10.52.0 - Dell, Inc.)
Dell Optimizer (HKLM\...\{73653A24-E525-48DD-8712-A28BCA3C1B2D}) (Version: 6.2.1.0 - Dell) Hidden
Dell Optimizer (HKLM-x32\...\{CC40119D-6ADF-4832-8025-4808195E41D5}) (Version: 6.2.1.0 - Dell Technologies Inc.)
Dell SupportAssist (HKLM\...\{00B9D238-5A72-4BD9-B2DC-0144D8DBD5C8}) (Version: 4.10.6.48716 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{6EBF5DC4-FA0B-4692-A954-E7470146943D}) (Version: 5.5.14.0 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{d0ab664c-e704-4396-b9bc-ad1a7327731f}) (Version: 5.5.14.0 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{C4EB11B2-C049-48D4-93DF-5335FD3FD4D0}) (Version: 5.5.14.0 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{cfdd42cb-404f-4d32-b448-12b588a2ad76}) (Version: 5.5.14.0 - Dell Inc.)
Dell.Digital.Delivery-64Bit (HKLM\...\{D9238968-E24C-44DC-96E1-5377B61D8870}) (Version: 3.7.35.0 - Dell Technologies, Inc.) Hidden
Drucken in PDF Annotator 10.0.0.1004 (HKLM\...\Print2PDFAnnotatorNG_is1) (Version: 10.0.0.1004 - GRAHL software design)
Dual Monitor Tools (HKLM-x32\...\{EB21198E-8EA8-4E32-8EE2-3D5C18C3E4B9}) (Version: 2.11.0.0 - GNE)
DYMO Connect (HKLM-x32\...\{F56F973A-B0F5-4521-A4A6-44935A4A70EF}) (Version: 1.5.0.17 - DYMO)
DYMO Connect Web Service (HKLM-x32\...\DYMO Connect Web Service) (Version: 1.5.0.17 - DYMO)
DYMO Label (HKLM-x32\...\{764D82EE-A8F0-426A-88B8-71AC3B28E332}) (Version: 8.7.4.48936 - Newell Rubbermaid)
Easy2Sync für Outlook 10.04.00 (HKLM-x32\...\{EF702322-B623-4B6A-B41D-411725582043}_is1) (Version: 10.04.00 - ITSTH)
ES Status Monitor (HKLM-x32\...\{169421E1-CB71-408A-A9B0-DBFB835851E5}) (Version: 1.12.0.0 - Brother Inductries, Ltd.)
FileZilla 3.68.1 (HKLM-x32\...\FileZilla Client) (Version: 3.68.1 - Tim Kosse)
GAEB-Online 2023 (HKLM\...\{359D2796-5FE8-4F56-81F9-2BC8BC8A671C}}_is1) (Version: - gaeb-online, Ulrike Braun)
Gefährdungsbeurteilungen BG BAU (HKLM-x32\...\Gefährdungsbeurteilungen BG BAU) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 143.0.7499.41 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 117.0.0.0 - Google LLC)
iCloud Outlook (HKLM\...\{7AB369BE-3EC1-475A-AEEE-BF91FE270A39}) (Version: 15.2.0.157 - Apple Inc.)
Intel(R) Graphics Software & Drivers (HKLM\...\Intel(R) Graphics Software & Drivers) (Version: 1.0.1054.4 - Intel(R) Corporation)
Intel® Fortran Compiler runtime (HKLM\...\{40D1E8EB-1283-4B70-B906-13C484D5401E}) (Version: 22.2.3790 - Intel Corporation)
ISOCAL (HKLM-x32\...\{7EB2097F-72DB-4770-83C8-9F810CC5C631}) (Version: 8.0.00.46 - SWS Sascha Willwacher Software GmbH)
Killer Wireless Driver UWD (HKLM\...\{F74B3A68-7451-4861-8583-4F13EF61E1C3}) (Version: 36.25.3250 - Rivet Networks)
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 6.0.4912 - KYOCERA Document Solutions Inc.)
LADMLauncherService (HKLM\...\{854B6F11-4B1A-4069-BD45-785B7D41DDEC}) (Version: 1.0.0843 - Lenovo)
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.98.809639 - Logitech)
Logi Plugin Service (HKLM\...\{FB4DBF89-6BCB-485D-AFA7-6E298885E6A5}) (Version: 6.2.6.1611 - Logitech)
Logi RightSightForWebcams 1.1.207 (HKLM\...\{D6C56CC7-F3A8-4189-9939-AFCA7C4E4C4B}) (Version: 1.1.207.0 - Logitech) Hidden
LogiOptionsPlusExcelAddin (HKU\S-1-5-21-731132713-3816676949-3657752684-1001\...\D52016B639D322F0325F55AC8907516FD53F5818E7B50B28B546FC509A1A3244) (Version: 1.92.9754.0 - Logitech)
LogiOptionsPlusPowerPointAddin (HKU\S-1-5-21-731132713-3816676949-3657752684-1001\...\C0A659DFDE5A2520D6EF4CD194E81B1E46054910AAE5ED4E27CDE54B31A749FA) (Version: 1.92.9754.0 - Logitech)
LogiOptionsPlusWordAddin (HKU\S-1-5-21-731132713-3816676949-3657752684-1001\...\5CBD44E2723BB1841697EE65F4F6FB6DBF7D5E594165632D89494C75F6F61A13) (Version: 1.92.9754.0 - Logitech)
M4 PERSONAL V7.2.4 (HKLM\...\M4_PERSONAL_V7_2_4) (Version: V7.2.4 - CAD Schroer)
Malwarebytes version 5.4.5.226 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.4.5.226 - Malwarebytes)
Microsoft .NET Host - 6.0.36 (x64) (HKLM\...\{D6932D97-36F1-40B8-9CDC-CA8365B21000}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.22 (x64) (HKLM\...\{872CDB4B-5DDE-4297-BD19-C93B6C93E386}) (Version: 64.88.42551 - Microsoft Corporation) Hidden
Microsoft .NET Host - 9.0.11 (x64) (HKLM\...\{CF6D52E0-F74C-4C62-8A86-F870C5FE8770}) (Version: 72.44.42384 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.36 (x64) (HKLM\...\{A9E32B25-994B-4856-A12B-0EBED3050410}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.22 (x64) (HKLM\...\{7A046DD7-9D61-4C5D-8F5E-24EE192B1B6A}) (Version: 64.88.42551 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 9.0.11 (x64) (HKLM\...\{EABD407D-A4D7-426F-BCEB-2BD0C34B63AA}) (Version: 72.44.42384 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.36 (x64) (HKLM\...\{C912E33F-956A-4921-9F55-CC11AE8F09AF}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.22 (x64) (HKLM\...\{C43A1A89-0CA5-43FD-BDC4-3B85DAD06A41}) (Version: 64.88.42551 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 9.0.11 (x64) (HKLM\...\{15A74731-6EA1-4EDD-9A78-2E1A0BCBE573}) (Version: 72.44.42384 - Microsoft Corporation) Hidden
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.19426.20186 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.19426.20186 - Microsoft Corporation)
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.19426.20186 - Microsoft Corporation)
Microsoft 365 - it-it (HKLM\...\O365HomePremRetail - it-it) (Version: 16.0.19426.20186 - Microsoft Corporation)
Microsoft 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.19426.20186 - Microsoft Corporation)
Microsoft Access database engine 2016 (English) (HKLM-x32\...\{90160000-00D1-0409-0000-0000000FF1CE}) (Version: 16.0.5044.1000 - Microsoft Corporation)
Microsoft ASP.NET Core 8.0.22 - Shared Framework (x64) (HKLM-x32\...\{21069b18-3e50-4d7f-9f3b-8ea81f1abb5b}) (Version: 8.0.22.25528 - Microsoft Corporation)
Microsoft ASP.NET Core 8.0.22 Shared Framework (x64) (HKLM\...\{4675A82C-4BC0-3E41-99B1-25CFCEE2114D}) (Version: 8.0.22.25528 - Microsoft Corporation) Hidden
Microsoft Bing Service (HKLM-x32\...\{2227F026-F64E-4D72-A2DD-376E29A97EF1}) (Version: 2.0.0.12 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 143.0.3650.80 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 143.0.3650.80 - Microsoft Corporation) Hidden
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home & Business 2024 - de-de (HKLM\...\HomeBusiness2024Retail - de-de) (Version: 16.0.19426.20186 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.222.1112.0002 - Microsoft Corporation)
Microsoft OneNote - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 16.0.19426.20186 - Microsoft Corporation)
Microsoft OneNote - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.19426.20186 - Microsoft Corporation)
Microsoft OneNote - fr-fr (HKLM\...\OneNoteFreeRetail - fr-fr) (Version: 16.0.19426.20186 - Microsoft Corporation)
Microsoft OneNote - it-it (HKLM\...\OneNoteFreeRetail - it-it) (Version: 16.0.19426.20186 - Microsoft Corporation)
Microsoft OneNote - nl-nl (HKLM\...\OneNoteFreeRetail - nl-nl) (Version: 16.0.19426.20186 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{E75776B2-EAE5-42F9-A800-0A10763DEDF0}) (Version: 11.0.2318.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x86) (HKLM-x32\...\{90120000-0070-0000-0000-4000000FF1CE}) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x86) English (HKLM-x32\...\{BAB89D31-4C55-472B-8909-6CBE2CC276B1}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x86) German (HKLM-x32\...\{9EF200A3-1CAC-462E-990B-EC902279BAAA}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211 (HKLM-x32\...\{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35211 (HKLM-x32\...\{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35211 (HKLM-x32\...\{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{610487D9-3460-328A-9333-219D43A75CC5}) (Version: 10.0.60922 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60917 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.60917 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 Finalizer (HKLM-x32\...\{5950473A-825B-3019-AF86-55F2F9A95FCB}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Module linguistique Français (HKLM\...\{BA14C6F7-A633-3E88-831B-FCC197A5A17D}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - DEU-Sprachpaket (HKLM\...\{36B98E65-CA52-348C-9ED7-77B926A16C2D}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Language Pack ITA (HKLM\...\{73A36613-1F8F-3D94-B28A-4CC0E3CAECB5}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Paquete de idioma ESN (HKLM\...\{DDDF762A-2D1D-36A3-9B70-70BD62B4EDCF}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - 한국어 언어 팩 (HKLM\...\{2F884A17-E051-3DB7-B093-6274C98740F6}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - 日本語 Language Pack (HKLM\...\{73A64813-E631-3807-8E78-BA679EDA09A8}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support (HKLM\...\{5707EC26-AA9F-32C6-B7C1-347A3482CEC0}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 主控支援 - 繁體中文語言套件 (HKLM\...\{FB501A6E-CA6D-36DA-8860-17F0E6D89155}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 托管支持 - 简体中文语言包 (HKLM\...\{CD56C9B9-FB98-372B-8BC7-FDA312CD2511}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - DEU-Sprachpaket (HKLM-x32\...\{CAAC553D-EE02-32D2-9F7E-FBC5C22E4C08}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Language Pack ITA (HKLM-x32\...\{B8FD8F53-7E58-3DE5-A8FC-CB2B5CCF38CE}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Module linguistique Français (HKLM-x32\...\{3371699A-C1EF-3AC3-B094-D338191FA6E9}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Paquete de idioma ESN (HKLM-x32\...\{A3EB1DE3-9D3F-34C2-BDE6-5A8A4B98CC37}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - 한국어 언어 팩 (HKLM-x32\...\{955E1388-E1F1-320A-A018-24616ED60F95}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - 日本語 Language Pack (HKLM-x32\...\{859C7535-6862-3867-B97E-816795E8AB65}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support (HKLM-x32\...\{CF06B8C4-F6FC-3A4B-ADD0-04A1CAC3DD86}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 主控支援 - 繁體中文語言套件 (HKLM-x32\...\{0FE6DE07-8CBA-3F73-86B4-51B91E506D24}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 托管支持 - 简体中文语言包 (HKLM-x32\...\{7259BDDA-D888-309D-ADE1-84AA0CB24FE9}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM\...\{61D4736B-3325-4D4A-BD41-8BD206C6A86E}) (Version: 48.144.23186 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM-x32\...\{0532b8f2-12d7-43de-95fc-7b87006758a8}) (Version: 6.0.36.34217 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.22 (x64) (HKLM\...\{4CCC1CCD-6FA3-4DD5-A06B-E94EA90094CF}) (Version: 64.88.42561 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.22 (x64) (HKLM-x32\...\{a3899eef-6164-4d42-b8c3-95ae6a844821}) (Version: 8.0.22.35428 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 9.0.11 (x64) (HKLM\...\{1291A37E-2C01-4CA2-BD4B-490B42279CB6}) (Version: 72.44.42433 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 9.0.11 (x64) (HKLM-x32\...\{59a5723a-dcf6-43d8-a8bb-a14466c9d3ca}) (Version: 9.0.11.35420 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox) (Version: 146.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 140.0.2 - Mozilla)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.8.2 - Notepad++ Team)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.28.0.412 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.412 - NVIDIA Corporation)
NVIDIA Grafiktreiber 581.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 581.04 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.19426.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.19029.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.19426.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.19426.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0410-1000-0000000FF1CE}) (Version: 16.0.19426.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.19426.20170 - Microsoft Corporation) Hidden
Opera GX Stable 124.0.5705.89 (HKU\S-1-5-21-731132713-3816676949-3657752684-1001\...\Opera GX 124.0.5705.89) (Version: 124.0.5705.89 - Opera Software)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF Annotator 10.0.0.1004 (HKLM\...\PDFAnnotator_is1) (Version: 10.0.0.1004 - GRAHL software design)
Poly Lens Control Service (HKLM\...\{92FB562B-E9B2-405B-A1CB-E33FD758A9A4}) (Version: 1.11.793 - HP Inc.)
Poly Lens Desktop (HKLM\...\{5625A841-9FDE-4149-8243-C08FAB2B5639}) (Version: 2.2.0.3547 - HP Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.10.0730.071519 - Razer Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9780.1 - Realtek Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.26100.21374 - Realtek Semiconductor Corp.)
Reolink 8.20.5 (HKLM\...\3e633401-0468-5835-935c-33d2b4b2a764) (Version: 8.20.5 - Reolink Technology Co., Ltd.)
StarMoney 14 Deluxe S-Edition (HKLM-x32\...\{6139C878-6D58-4310-B153-A3D020346DD1}) (Version: 14 - Star Finanz GmbH)
Status Monitor 5 (HKLM\...\Status Monitor 5) (Version: 5.0.9814 - KYOCERA Document Solutions Inc.)
SysTools PST Merge v6.3 (HKLM-x32\...\{6D38F03F-EDBA-4BC4-B0DC-996424C463BB}}_is1) (Version: 6.3 - SysTools Software Pvt. Ltd.)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.72.6 - TeamViewer)
WinRAR 7.13 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 7.13.0 - win.rar GmbH)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3624.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\Windows\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-07-07] ()
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\Windows\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-07-07] ()
@{MicrosoftWindows.58683691.InpApp_1000.26100.6899.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.58683691.InpApp/Resources/ProductPkgDisplayName} -> C:\Windows\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-12-11] ()
@{MicrosoftWindows.59379618.InpApp_1000.26100.7171.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.59379618.InpApp/Resources/ProductPkgDisplayName} -> C:\Windows\SystemApps\SxS\MicrosoftWindows.59379618.InpApp_cw5n1h2txyewy [2025-12-11] (Microsoft Windows)
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Assets [2025-12-11] ()
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-11-11] (INTEL CORP) [Startup Task]
Barcode Manager for Windows -> C:\Program Files\WindowsApps\42795blueyachtsoftware.QRWin_5.1.1.0_x64__4aw44ckj2xyg8 [2025-10-31] (blueyacht software)
ChatGPT -> C:\Program Files\WindowsApps\OpenAI.ChatGPT-Desktop_1.2025.328.0_x64__2p2nqsd0c76g0 [2025-12-05] (OpenAI) [Startup Task]
ChatRobot AI -> C:\Program Files\WindowsApps\OpenLinkNetworkLimited.ChatOn-AIChatBotAssistant_1.0.38.0_x64__8xwyjp7q5ywm2 [2025-01-25] (OpenLink)
Dell SupportAssist -> C:\Program Files\WindowsApps\Dell.SupportAssistforPCs_4.10.6.0_x64__18ctm2993j0dg [2025-11-26] (Dell Inc)
Dolby Digital Plus decoder for PC OEMs -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyDigitalPlusDecoderOEM_1.2.581.0_x64__rz1tebttyb220 [2025-09-25] (Dolby Laboratories)
Enpass Password Manager -> C:\Program Files\WindowsApps\SinewSoftwareSystems.EnpassPasswordManager_6.1116.2122.0_x86__fwdy0m65qb6h2 [2025-11-11] (Enpass Technologies Private Limited) [Startup Task]
Goodnotes -> C:\Program Files\WindowsApps\GoodnotesLimited.GoodNotesforWindows_2.0.1.0_neutral__wjqdg2qn10y2j [2025-10-10] (Goodnotes Limited)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_15.5.23.0_x64__nzyj5cx40ttqa [2025-09-17] (Apple Inc.) [Startup Task]
Intel® Graphics Software -> C:\Program Files\WindowsApps\AppUp.IntelArcSoftware_25.40.1953.0_x64__8j3eq9eme6ctt [2025-12-05] (INTEL CORP)
Intel® Rapid Storage Technology Application -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_20.0.1021.0_x64__8j3eq9eme6ctt [2025-04-24] (INTEL CORP)
Killer Intelligence Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_3.1423.712.0_x64__rh07ty8m5nkag [2024-09-25] (INTEL CORP) [Startup Task]
KYOCERA Print Center -> C:\Program Files\WindowsApps\A97ECD55.KYOCERAPrintCenter_4.4.11708.0_x64__kqmhh0ktdt7dg [2025-06-20] (KYOCERA Document Solutions Inc)
Local AI Manager for Microsoft 365 -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\AI [2025-12-15] ()
Malwarebytes Anti-Malware -> C:\Program Files\Malwarebytes\Anti-Malware [2025-12-10] ()
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-10-16] (Microsoft Corp.)
Microsoft Forms -> C:\Program Files\WindowsApps\Microsoft.MicrosoftForms_1.0.1.0_neutral__8wekyb3d8bbwe [2024-11-06] (Microsoft Corporation)
Microsoft.Office.ActionsServer -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\ActionsServer [2025-12-15] ()
Moblo 3D -> C:\Program Files\WindowsApps\25271FlixRaymond.Moblo3D_25.10.3.0_x64__4vcqrkyzwatmr [2025-10-23] (Félix Raymond)
Notepad++ -> C:\Program Files\Notepad++\contextMenu [2025-07-04] (Notepad++)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.969.0_x64__56jybvy8sckqj [2025-11-06] (NVIDIA Corp.)
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16 [2025-12-15] ()
Quick Share -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungQuickShare_2.2.19.0_x64__wyx1vj98g3asy [2025-10-10] (Samsung Electronics Co, Ltd.) [Startup Task]
raumPlayer -> C:\Program Files\WindowsApps\52745jc-design.raumPlayer_0.9.6.0_x64__encshw3ce7cwt [2024-10-17] (jc-design)
Waves MaxxAudio Pro for Dell 2022 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2022_5.0.59.0_x64__fh4rh281wavaa [2024-09-25] (Waves Audio)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2545.5.0_x64__cv1g1gvanyjgm [2025-11-14] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.4 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.4_4000.1309.2056.0_x64__8wekyb3d8bbwe [2024-10-16] (Microsoft Corp.)
WinAppRuntime.Main.1.6 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.6_6000.519.329.0_x64__8wekyb3d8bbwe [2025-06-20] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_8000.642.119.0_x64__8wekyb3d8bbwe [2025-10-21] (Microsoft Corp.)
Windows App Runtime DDLM 4000.1227.1637.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1227.1637.0-x6_4000.1227.1637.0_x64__8wekyb3d8bbwe [2024-10-16] (Microsoft Corporation)
Windows App Runtime DDLM 4000.1227.1637.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1227.1637.0-x8_4000.1227.1637.0_x86__8wekyb3d8bbwe [2024-10-16] (Microsoft Corporation)
Windows App Runtime DDLM 6000.424.1611.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.6000.424.1611.0-x6_6000.424.1611.0_x64__8wekyb3d8bbwe [2025-05-08] (Microsoft Corporation)
Windows App Runtime DDLM 6000.424.1611.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.6000.424.1611.0-x8_6000.424.1611.0_x86__8wekyb3d8bbwe [2025-05-08] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\Windows\SystemApps\SxS\MicrosoftWindows.57242383.Tasbar_cw5n1h2txyewy [2025-12-11] (Microsoft Windows)
Windows Feature Experience Pack -> C:\Windows\SystemApps\SxS\MicrosoftWindows.59379618.InpApp_cw5n1h2txyewy [2025-12-11] (Microsoft Windows)
WinRAR -> C:\Program Files\WinRAR [2025-12-08] (win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-731132713-3816676949-3657752684-1001_Classes\CLSID\{0BAD39CB-DD3E-4F21-9156-649B0156C28E}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo11de.inf_amd64_c6cd4cf632788a8e\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.)
CustomCLSID: HKU\S-1-5-21-731132713-3816676949-3657752684-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-731132713-3816676949-3657752684-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-731132713-3816676949-3657752684-1001_Classes\CLSID\{65f15f72-3bd6-c8de-dca3-cee75e674ac4}\localserver32 -> C:\Program Files\Dell\DellOptimizer\Console\DellOptimizer.Systray.exe (Dell Technologies Inc. -> Dell Technologies Inc.)
CustomCLSID: HKU\S-1-5-21-731132713-3816676949-3657752684-1001_Classes\CLSID\{6da32e32-0686-8d4f-e799-79dc9f129f0f}\localserver32 -> "C:\Program Files\Dell\MyDell\Console\NGA.ThickClient.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-731132713-3816676949-3657752684-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => Keine Datei
CustomCLSID: HKU\S-1-5-21-731132713-3816676949-3657752684-1001_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-731132713-3816676949-3657752684-1001_Classes\CLSID\{E463CD99-FF79-49F3-AFAA-7686AD2BB112} -> [iCloud-Fotos] => C:\Users\mail\iCloudPhotos\Photos [2024-10-17 11:56]
CustomCLSID: HKU\S-1-5-21-731132713-3816676949-3657752684-1001_Classes\CLSID\{ed071ecf-3772-736c-aec0-661da10aeefc}\localserver32 -> "C:\Program Files\Dell\MyDell\Console\Dell.UCA.Systray.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-731132713-3816676949-3657752684-1001_Classes\CLSID\{F6D58B3C-797E-4A8A-9546-2DE6A5AFB323} -> [iCloud Drive] => C:\Users\mail\iCloudDrive [2024-10-17 11:56]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\117.0.0.0\drivefsext.dll [2025-11-19] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\117.0.0.0\drivefsext.dll [2025-11-19] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\117.0.0.0\drivefsext.dll [2025-11-19] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\117.0.0.0\drivefsext.dll [2025-11-19] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\117.0.0.0\drivefsext.dll [2025-11-19] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\117.0.0.0\drivefsext.dll [2025-11-19] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\117.0.0.0\drivefsext.dll [2025-11-19] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\117.0.0.0\drivefsext.dll [2025-11-19] (Google LLC -> Google LLC.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [$PowerDVD23] -> {CF1F77B3-4F86-4266-9964-1E9FF41836E8} => C:\ProgramData\CyberLink\PowerDVD23\OpenWith\PDVD_Shell64.dll [2024-03-05] (CyberLink Corp. -> CyberLink Corp.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2025-09-08] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\117.0.0.0\drivefsext.dll [2025-11-19] (Google LLC -> Google LLC.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-12-10] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\117.0.0.0\drivefsext.dll [2025-11-19] (Google LLC -> Google LLC.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\117.0.0.0\drivefsext.dll [2025-11-19] (Google LLC -> Google LLC.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvdd.inf_amd64_1c978806815a7d2e\nvshext.dll [2025-11-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-12-10] (Malwarebytes Inc -> Malwarebytes)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [MidisrvTransferComplete] => 0
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\mail\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()
ShortcutWithArgument: C:\Users\mail\Desktop\Goodnotes.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=ffhnkanmhmmnfebldhpffiopadhbeimp --app-url=hxxps://web.goodnotes.com/ --app-launch-source=4
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2025-12-15 09:12 - 2025-12-15 09:12 - 000168448 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\mail\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\PvFRq0pRUIy49ysLeuztIj0S1VYTa2o=\DYMO.Common.dll
2025-12-15 09:12 - 2025-12-15 09:12 - 000161280 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\mail\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\PvFRq0pRUIy49ysLeuztIj0S1VYTa2o=\DYMO.CrossPlatform.Common.dll
2025-12-15 09:12 - 2025-12-15 09:12 - 000365568 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\mail\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\PvFRq0pRUIy49ysLeuztIj0S1VYTa2o=\DYMO.WebApi.Win.Host.dll
2025-12-15 09:13 - 2025-12-15 09:13 - 000015872 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\mail\AppData\Local\Temp\.net\DYMOConnectLauncher\jLi9k1jjGTvmOIQq2W4NAjw9ygPdbpk=\DYMOConnectLauncher.dll
2025-07-24 15:21 - 2025-07-24 15:21 - 000231936 ____N () [Datei ist nicht signiert] [Datei wird verwendet] C:\Windows\SystemTemp\.net\DYMO.Connect.PnP.Service\_x0q5Sn93JMRVDOXJ2v703RsEGPCbvI=\DYMO.Connect.PnP.Service.dll
2025-12-15 16:24 - 2025-12-15 16:24 - 002338304 _____ () [Datei ist nicht signiert] \\?\C:\Users\mail\AppData\Local\Temp\c327620b-7e24-4748-8bc7-8e1edca1a042.tmp.node
2024-10-28 08:13 - 2024-05-08 09:18 - 002862080 _____ () [Datei ist nicht signiert] C:\Users\mail\AppData\Local\Programs\bluestacks-services\ffmpeg.dll
2024-10-28 08:13 - 2024-05-08 09:18 - 000479232 _____ () [Datei ist nicht signiert] C:\Users\mail\AppData\Local\Programs\bluestacks-services\libegl.dll
2024-10-28 08:13 - 2024-05-08 09:18 - 007513600 _____ () [Datei ist nicht signiert] C:\Users\mail\AppData\Local\Programs\bluestacks-services\libglesv2.dll
2024-10-28 08:13 - 2024-05-08 09:18 - 005209088 _____ () [Datei ist nicht signiert] C:\Users\mail\AppData\Local\Programs\bluestacks-services\vk_swiftshader.dll
2024-12-05 23:21 - 2024-12-05 23:21 - 000060928 _____ (Adobe Systems Incorporated) [Datei ist nicht signiert] C:\Program Files\Adobe\Acrobat DC\Acrobat\Locale\de_de\Adobe Send\SendAsLinkAddin.DEU
2021-03-18 11:47 - 2021-03-18 11:47 - 000505344 _____ (DYMO Corporation) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\DYMO\DYMO Label Software\PrintingSupportLibrary.dll
2025-12-15 09:12 - 2025-12-15 09:12 - 000042496 _____ (DYMO) [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\mail\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\PvFRq0pRUIy49ysLeuztIj0S1VYTa2o=\DymoSDK.dll
2025-12-15 09:12 - 2025-12-15 09:12 - 000081920 _____ (DYMOConnect) [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\mail\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\PvFRq0pRUIy49ysLeuztIj0S1VYTa2o=\de\DYMO.LabelAPI.resources.dll
2025-12-15 09:12 - 2025-12-15 09:12 - 000007168 _____ (DYMOConnect) [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\mail\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\PvFRq0pRUIy49ysLeuztIj0S1VYTa2o=\de\DYMO.WebApi.Server.resources.dll
2025-12-15 09:12 - 2025-12-15 09:12 - 000023040 _____ (DYMOConnect) [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\mail\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\PvFRq0pRUIy49ysLeuztIj0S1VYTa2o=\DYMO.CloudflareAddin.dll
2025-12-15 09:12 - 2025-12-15 09:12 - 000143872 _____ (DYMOConnect) [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\mail\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\PvFRq0pRUIy49ysLeuztIj0S1VYTa2o=\DYMO.CrossPlatform.Services.dll
2025-12-15 09:12 - 2025-12-15 09:12 - 002016768 _____ (DYMOConnect) [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\mail\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\PvFRq0pRUIy49ysLeuztIj0S1VYTa2o=\DYMO.LabelAPI.dll
2025-12-15 09:12 - 2025-12-15 09:12 - 000074240 _____ (DYMOConnect) [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\mail\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\PvFRq0pRUIy49ysLeuztIj0S1VYTa2o=\DYMO.PrinterCommands.dll
2025-12-15 09:12 - 2025-12-15 09:12 - 000257024 _____ (DYMOConnect) [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\mail\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\PvFRq0pRUIy49ysLeuztIj0S1VYTa2o=\DYMO.WebApi.Server.dll
2016-12-27 13:00 - 2016-12-27 13:00 - 001324032 _____ (Firebird Project) [Datei ist nicht signiert] C:\Program Files (x86)\ISOCAL\fbclient.dll
2021-01-12 10:09 - 2025-10-10 13:20 - 001386496 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\ISOCAL\MSVBVM60.DLL
2024-09-22 11:24 - 2024-09-22 11:24 - 000000000 ___JL (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
2024-09-22 11:24 - 2024-09-22 11:24 - 000000000 ___JL (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppvIsvSubsystems64.dll
2024-09-22 11:24 - 2024-09-22 11:24 - 000000000 ___JL (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Client\C2R64.dll
2024-09-22 11:24 - 2024-09-22 11:24 - 000000000 ___JL (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2025-12-15 09:12 - 2025-12-15 09:12 - 000370176 _____ (Microsoft) [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\mail\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\PvFRq0pRUIy49ysLeuztIj0S1VYTa2o=\DYMO.LabelAPI.PlatformSpecific.dll
2025-12-15 09:12 - 2025-12-15 09:12 - 000014336 _____ (Newell Rubbermaid) [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\mail\AppData\Local\Temp\.net\DYMO.WebApi.Win.Host\PvFRq0pRUIy49ysLeuztIj0S1VYTa2o=\DYMO.CrossPlatform.Common.PlatformSpecific.dll
2025-12-15 09:13 - 2025-12-15 09:13 - 000946688 _____ (NLog) [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\mail\AppData\Local\Temp\.net\DYMOConnectLauncher\jLi9k1jjGTvmOIQq2W4NAjw9ygPdbpk=\NLog.dll
2009-11-26 09:24 - 2009-11-26 09:24 - 000503808 _____ (SautinSoft) [Datei ist nicht signiert] C:\Program Files (x86)\ISOCAL\htmltortf.dll
2025-11-24 13:15 - 2025-11-24 13:15 - 000171520 _____ (Softland) [Datei ist nicht signiert] C:\Windows\System32\novamn11.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\mail\Desktop\SecurityCheck.exe:MBAM.Zone.Identifier [158]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============
SearchScopes: HKU\S-1-5-21-731132713-3816676949-3657752684-1001 -> DefaultScope {3AAA9C2D-9916-4E74-962F-1D354F6EB511} URL =
SearchScopes: HKU\S-1-5-21-731132713-3816676949-3657752684-1001 -> {3AAA9C2D-9916-4E74-962F-1D354F6EB511} URL =
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-11-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-11-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-11-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-11-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-11-18] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2024-04-01 08:26 - 2025-09-22 17:03 - 000000822 _____ C:\Windows\system32\drivers\etc\hosts
==================== Network ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
DNS Servers: 192.168.2.1
ist aktiviert.
Network Binding:
=============
Ethernet: Killer E3100G 2.5 Gigabit Ethernet Controller -> e3k25cx21x64.sys
Bluetooth-Netzwerkverbindung: Bluetooth Device (Personal Area Network) -> bthpan.sys
WLAN: Killer(R) Wi-Fi 6E AX1675i 160MHz Wireless Network Adapter (211NGW) -> Netwtw14.sys
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%intel64\libfabric\bin\;%INTEL_DEV_REDIST%intel64\libfabric\bin\utils;%INTEL_DEV_REDIST%intel64\bin;%INTEL_DEV_REDIST%ia32;%INTEL_DEV_REDIST%intel64;%INTEL_DEV_REDIST%;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\firebird\firebird_3_0\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\
HKU\S-1-5-21-731132713-3816676949-3657752684-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mail\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\12734751230701962634\134085246495986020.jpg
HKU\S-1-5-21-731132713-3816676949-3657752684-1004\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 5) (TamperProtectionSource: 2)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKU\S-1-5-21-731132713-3816676949-3657752684-1001\...\StartupApproved\Run: => "Teams"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{BBD0467B-7B8C-45A1-96A9-19A58144BD0E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A6FC2335-1457-4731-854E-342E984C21D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F90FD193-4E44-4DC5-95F3-93F846351699}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{12CAA146-4622-4E3F-B76A-E4BE69B77A18}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3C277E12-B5BE-4730-9201-A05A7E57839D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EB32DF40-41F0-4FA6-9C39-C41A512B0257}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{77A1FE2E-2E06-4238-B54A-A7BAE0649BD1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FDDD4121-D66A-4629-9D92-26E5654105F5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B2C88784-99B6-4125-9462-85D9D4052C65}] => (Allow) C:\Program Files\CyberLink\PowerDVD23\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{6C504613-6639-483F-A1FD-B66AE54405D7}] => (Allow) C:\Program Files\CyberLink\PowerDVD23\PowerDVD23Agent.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{C2D123F4-CE59-41CD-9722-76CCA518FA9C}] => (Allow) C:\Program Files\CyberLink\PowerDVD23\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{3E4265BB-6830-420A-9AC1-444BF8DE5E22}] => (Allow) C:\Program Files\CyberLink\PowerDVD23\CastingStation.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{4B353AAE-AE2E-4D03-848D-F0E6FED58BDB}] => (Allow) C:\Program Files\CyberLink\PowerDVD23\Common\CLMediaServer\clmediaserver.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{EB644F11-A0EA-4706-8CF8-483B4D5A581D}] => (Allow) C:\Program Files\CyberLink\PowerDVD23\Common\dynamic_transcode.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{7F7FDA32-B5DC-4728-9003-7A74ED72D675}] => (Allow) C:\Program Files\CyberLink\PowerDVD23\Common\CLMediaServer\clmediaserver.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{4AE0D199-6564-4432-B6F2-E86E7F595549}] => (Allow) LPort=31302
FirewallRules: [{9B98F757-7C54-4468-9790-7B123AFB6057}] => (Allow) C:\Program Files\CyberLink\PowerDVD23\Common\CLMediaServer\clmediaserver.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{60B866AA-3420-4C79-A798-D8E2313DF2F5}] => (Allow) LPort=31302
FirewallRules: [{54776A52-84D6-4F67-970B-84FD36A161CE}] => (Allow) C:\Program Files (x86)\StarMoney 14 Deluxe S-Edition\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz-Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{43D41429-659E-4E01-A344-0EE6D29D22C8}] => (Allow) C:\Program Files (x86)\StarMoney 14 Deluxe S-Edition\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz-Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{822A1980-9D4B-4844-BA2B-970CA909F324}] => (Allow) C:\Program Files (x86)\StarMoney 14 Deluxe S-Edition\app\StarMoney.exe (Star Finanz-Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{CC9EAABC-82E7-4F17-B5BF-11FDBDDCF95C}] => (Allow) C:\Program Files (x86)\StarMoney 14 Deluxe S-Edition\app\StarMoney.exe (Star Finanz-Software Entwicklung und Vertriebs GmbH -> Star Finanz-Software Entwicklung und Vertriebs GmbH)
FirewallRules: [{F418E70D-9C74-4E15-8766-1EC6D8EB0645}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{9BF69546-24BC-4EA1-AED0-3CD3FC50BE7C}C:\program files\reolink\reolink.exe] => (Allow) C:\program files\reolink\reolink.exe (Reolink Innovation Inc. -> Reolink Technology Co., Ltd.)
FirewallRules: [UDP Query User{8FD535B8-E27C-4F92-9F8C-83FF1CA9B3AB}C:\program files\reolink\reolink.exe] => (Allow) C:\program files\reolink\reolink.exe (Reolink Innovation Inc. -> Reolink Technology Co., Ltd.)
FirewallRules: [{A504739E-C129-45DD-B64B-DB472E83D26B}] => (Block) c:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X7\Programs\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{CB6F75B9-463B-40C9-807F-E3FEAB77B0A7}] => (Block) c:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X7\Programs\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [TCP Query User{F5617A96-E6D6-4DCD-9BB5-CC536D593699}C:\program files (x86)\dymo\dymo connect\dymoconnect.exe] => (Allow) C:\program files (x86)\dymo\dymo connect\dymoconnect.exe (Newell Brands Inc -> ) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{11F9138B-26FD-4270-B40B-928E7A201C2D}C:\program files (x86)\dymo\dymo connect\dymoconnect.exe] => (Allow) C:\program files (x86)\dymo\dymo connect\dymoconnect.exe (Newell Brands Inc -> ) [Datei ist nicht signiert]
FirewallRules: [{3BCAB96A-65AA-4B60-9731-9E701D5361E3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{62F959E2-CABB-4169-A17D-23276F579855}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{132DD884-6138-4636-96F7-A82785123342}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C296B446-B78D-4489-A2A5-D1B26EF46018}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{47D1348C-4BFA-41BB-BE48-E969DE1112C5}] => (Allow) LPort=9422
FirewallRules: [{C3DE5348-193D-4F08-B782-CCD08EBDD05A}] => (Allow) LPort=9245
FirewallRules: [{38296C3F-5258-4958-A541-630B296320B0}] => (Allow) LPort=9246
FirewallRules: [{B48640AA-B564-40BE-935E-B0A3DAEF55C8}] => (Allow) LPort=9247
FirewallRules: [{84AC0815-7451-486A-A287-A042B61691C7}] => (Allow) LPort=3702
FirewallRules: [{A9545114-D167-4CD4-A5EC-B8CBE1BE1212}] => (Allow) LPort=9244
FirewallRules: [{AB1000D7-4B37-43A1-99F7-E6D3A6272342}] => (Allow) LPort=9444
FirewallRules: [TCP Query User{9C075E93-C99E-48F9-9F01-5751B710BCCF}C:\program files\reolink\reolink.exe] => (Allow) C:\program files\reolink\reolink.exe (Reolink Innovation Inc. -> Reolink Technology Co., Ltd.)
FirewallRules: [UDP Query User{48F3ECF0-7828-48C5-B172-DAA4BE490E4C}C:\program files\reolink\reolink.exe] => (Allow) C:\program files\reolink\reolink.exe (Reolink Innovation Inc. -> Reolink Technology Co., Ltd.)
FirewallRules: [TCP Query User{3227F043-F8CF-418A-A3AF-5DC3A6A233C1}C:\users\mail\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\mail\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{AEFDBA36-B326-4794-9874-2AE2F8D72F5C}C:\users\mail\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\mail\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{5962A949-41A9-4304-859B-0797744A79BC}C:\m4_personal_v7_2_4\med2d\m2d\run\draft.exe] => (Allow) C:\m4_personal_v7_2_4\med2d\m2d\run\draft.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{E74ABB3A-6C5F-4CCE-A87B-94CD0B9A75B7}C:\m4_personal_v7_2_4\med2d\m2d\run\draft.exe] => (Allow) C:\m4_personal_v7_2_4\med2d\m2d\run\draft.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{810618A6-1905-46DF-850F-5CF614FA8EF6}C:\users\mail\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\mail\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{F63541D1-CFED-4D7C-B512-FF31D4746AAE}C:\users\mail\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\mail\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{124DBE6C-00C9-4C1F-93F8-5E0474A1846F}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.139.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Allow) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.139.0_x64__2p2nqsd0c76g0\app\chatgpt.exe => Keine Datei
FirewallRules: [UDP Query User{EDE88D38-7523-4763-8E60-D73BBE1FE0B0}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.139.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Allow) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.139.0_x64__2p2nqsd0c76g0\app\chatgpt.exe => Keine Datei
FirewallRules: [TCP Query User{17D9270A-33A9-4F38-A2F9-84B62361AB59}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.153.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Allow) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.153.0_x64__2p2nqsd0c76g0\app\chatgpt.exe => Keine Datei
FirewallRules: [UDP Query User{7D97E92D-BBE2-4252-97DF-15D8952D901D}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.153.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Allow) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.153.0_x64__2p2nqsd0c76g0\app\chatgpt.exe => Keine Datei
FirewallRules: [{C31CD197-4186-4633-B0A4-732C0CB7C22E}] => (Allow) LPort=1201
FirewallRules: [{DA19C11B-43BF-4B56-9770-C23093518040}] => (Allow) C:\Program Files (x86)\Easy2Sync für Outlook\E2S4Outlook.exe (Thomas Holz -> IT-Services Thomas Holz)
FirewallRules: [{31A6C033-83A9-4BBE-9513-9682781A0B37}] => (Allow) C:\Program Files (x86)\Easy2Sync für Outlook\E2S4Outlook64Bit.exe (Thomas Holz -> IT-Services Thomas Holz)
FirewallRules: [TCP Query User{79820639-B805-4B5D-9607-045E9542113F}C:\program files (x86)\easy2sync für outlook\e2s4outlook64bit.exe] => (Allow) C:\program files (x86)\easy2sync für outlook\e2s4outlook64bit.exe (Thomas Holz -> IT-Services Thomas Holz)
FirewallRules: [UDP Query User{2FC86D0F-73CD-410B-BA8E-3D65A4093E53}C:\program files (x86)\easy2sync für outlook\e2s4outlook64bit.exe] => (Allow) C:\program files (x86)\easy2sync für outlook\e2s4outlook64bit.exe (Thomas Holz -> IT-Services Thomas Holz)
FirewallRules: [{6A3374E4-1455-4EDF-8422-482B47F7AF65}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Now.gg, INC -> Bluestack Systems, Inc.)
FirewallRules: [{69873DB1-A0F3-471C-BE09-F976BD4FE1E5}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Keine Datei
FirewallRules: [{8FC2A3A2-B01B-46E1-84B5-CEB4517A8CF5}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Now.gg, INC -> BlueStack Systems)
FirewallRules: [{336C0756-BC0B-456A-948E-AE8775E019D3}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe (Now.gg, INC -> The Qt Company Ltd.)
FirewallRules: [{CAB72D8F-2CA7-4F0E-A8B2-2F6E3EB1C692}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4511542C-E623-46A9-8180-EF3722F56BEA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E83E516E-24AB-48A0-B3FC-E1F362EE6D14}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FD616BE3-7BCF-4C7E-BD79-3E5B99BC3D34}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{67A22D57-1268-41D2-9BAB-CCFB20DEEEEB}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.202.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Allow) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.202.0_x64__2p2nqsd0c76g0\app\chatgpt.exe => Keine Datei
FirewallRules: [UDP Query User{8EC1AE90-927D-4B32-B8C7-2524E1514190}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.202.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Allow) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.202.0_x64__2p2nqsd0c76g0\app\chatgpt.exe => Keine Datei
FirewallRules: [TCP Query User{245640DD-A7FE-4CFA-B6CC-E8BC06FA64BB}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.202.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Allow) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.202.0_x64__2p2nqsd0c76g0\app\chatgpt.exe => Keine Datei
FirewallRules: [UDP Query User{82A42633-7046-43C0-A75A-4D7DA66DEB30}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.202.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Allow) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.202.0_x64__2p2nqsd0c76g0\app\chatgpt.exe => Keine Datei
FirewallRules: [{E31F4BE1-D8FC-4B4A-A0D3-CABD47520177}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{732D095C-6C90-4464-8B22-2DCB909CCA7F}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.258.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Allow) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.258.0_x64__2p2nqsd0c76g0\app\chatgpt.exe => Keine Datei
FirewallRules: [UDP Query User{31FB561E-4F88-4C20-BDF3-277A144BD983}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.258.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Allow) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.258.0_x64__2p2nqsd0c76g0\app\chatgpt.exe => Keine Datei
FirewallRules: [TCP Query User{9D161F4E-5803-49B5-AD28-D867CB84ECF4}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.258.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Allow) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.258.0_x64__2p2nqsd0c76g0\app\chatgpt.exe => Keine Datei
FirewallRules: [UDP Query User{CBBAD80C-7A5E-4EC2-AF1C-BE2840754E8D}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.258.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Allow) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.258.0_x64__2p2nqsd0c76g0\app\chatgpt.exe => Keine Datei
FirewallRules: [{FD044C8E-FAB6-4930-AC3E-8EBFAD190E2C}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungQuickShare_2.2.19.0_x64__wyx1vj98g3asy\QuickShareCore\QuickShareCore.exe (14C847C8-791E-46EB-9C0D-7CADAF31C930 -> QuickShareCore)
FirewallRules: [{AEBE16B6-E1D3-4BB8-A3E4-BB94B94F876D}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungQuickShare_2.2.19.0_x64__wyx1vj98g3asy\QuickShareCore\QuickShareCore.exe (14C847C8-791E-46EB-9C0D-7CADAF31C930 -> QuickShareCore)
FirewallRules: [{955E9356-5745-48D5-9670-A72355941ACC}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungQuickShare_2.2.19.0_x64__wyx1vj98g3asy\QuickShareCore\QuickShareCore.exe (14C847C8-791E-46EB-9C0D-7CADAF31C930 -> QuickShareCore)
FirewallRules: [{973C393D-410E-45BA-8628-08C6B5918DA7}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungQuickShare_2.2.19.0_x64__wyx1vj98g3asy\QuickShareCore\QuickShareCore.exe (14C847C8-791E-46EB-9C0D-7CADAF31C930 -> QuickShareCore)
FirewallRules: [{DE659382-3805-49EB-A4C7-3C782A919ED8}] => (Allow) C:\Program Files (x86)\Brother\DriverTemp\Package\BSP15B-2025-11-04-17-39-09-109\start.exe => Keine Datei
FirewallRules: [{D8CFE163-2461-42F2-832D-228D660C488F}] => (Allow) C:\Program Files (x86)\Brother\DriverTemp\Package\BSP15B-2025-11-04-17-39-09-109\start.exe => Keine Datei
FirewallRules: [{B933AF7B-1094-4943-809C-B71E7238A8D0}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{EEA927E9-D2D2-4695-B299-A77E98153756}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DB5244E2-4A50-49A3-80ED-E6DA9C6F41CF}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E1CB880F-CAF7-49F0-8032-0D4C4ADE3F4E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F29EC490-5710-47A5-9009-71B5280EF6B1}] => (Allow) C:\Program Files (x86)\Brother\DriverTemp\Package\BSP15B-2025-11-05-13-03-40-313\start.exe => Keine Datei
FirewallRules: [{C7DBE2A7-7B56-42DB-9196-4A4C7753C86C}] => (Allow) C:\Program Files (x86)\Brother\DriverTemp\Package\BSP15B-2025-11-05-13-03-40-313\start.exe => Keine Datei
FirewallRules: [{DB1AB0BF-1F35-4E52-BD73-734D4C848211}] => (Allow) C:\Program Files (x86)\Brother\DriverTemp\Package\BSP15B-2025-11-05-13-05-29-938\start.exe => Keine Datei
FirewallRules: [{F846703D-09D3-48A8-A76C-6524BDB62499}] => (Allow) C:\Program Files (x86)\Brother\DriverTemp\Package\BSP15B-2025-11-05-13-05-29-938\start.exe => Keine Datei
FirewallRules: [{B30BA927-A2FE-49A9-A5E5-54DD4A1FEAFF}] => (Allow) C:\Program Files\AusweisApp\AusweisApp.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [{87FE7D42-FCA7-4ED0-928D-EA188786007C}] => (Allow) C:\Program Files\AusweisApp\AusweisApp.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [{72CFEE3B-AF05-4E8A-A80A-468753E7DFA9}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BAE416C8-FA23-4C72-B2A4-ED3BEE2BCF72}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CADA73C0-60C3-483F-90CE-12F5FF3E56D6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E2003B1A-BA78-4F60-AF7D-6068C3688FC6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CA1936AC-CF42-464B-BDD9-321DE461FE0C}] => (Allow) C:\Program Files\Logi\LogiPluginService\LogiPluginService.exe (Logitech Inc -> Logitech)
FirewallRules: [{1D89E86B-A2FA-4425-A1C2-994C8B84D03C}] => (Allow) C:\ProgramData\Kaspersky Lab\AVP21.23\Data\webview2\Win10\msedgewebview2.exe => Keine Datei
FirewallRules: [{90AB2C1B-E665-4847-9E3E-F60461CC60B5}] => (Allow) C:\ProgramData\Kaspersky Lab\KSDE5.23\Data\webview2\Win10\msedgewebview2.exe => Keine Datei
FirewallRules: [{B8E2462D-FDA9-4A87-9648-162137A1DB18}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25306.804.4102.7193_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9ABF8060-F70B-489D-B9AB-6EE1DCEFBC77}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25306.804.4102.7193_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CC085B39-E68D-4036-9D2D-BBA2A92A978E}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25306.804.4102.7193_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F7D9CC74-5571-4D0E-AD41-724467CF3B26}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25306.804.4102.7193_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F0832FF8-E0ED-4710-BE43-6EF04C70AE9D}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.328.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Allow) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.328.0_x64__2p2nqsd0c76g0\app\chatgpt.exe (50BDFD77-8903-4850-9FFE-6E8522F64D5B -> OpenAI)
FirewallRules: [UDP Query User{5B4D349B-518B-4B1F-AAE9-08786A0CBF79}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.328.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Allow) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.328.0_x64__2p2nqsd0c76g0\app\chatgpt.exe (50BDFD77-8903-4850-9FFE-6E8522F64D5B -> OpenAI)
FirewallRules: [TCP Query User{0588C824-0715-4ED0-A2AC-5193FF7BB0A8}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.328.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Block) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.328.0_x64__2p2nqsd0c76g0\app\chatgpt.exe (50BDFD77-8903-4850-9FFE-6E8522F64D5B -> OpenAI)
FirewallRules: [UDP Query User{C5BFCEFF-AB41-459E-A4C0-2B697D311534}C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.328.0_x64__2p2nqsd0c76g0\app\chatgpt.exe] => (Block) C:\program files\windowsapps\openai.chatgpt-desktop_1.2025.328.0_x64__2p2nqsd0c76g0\app\chatgpt.exe (50BDFD77-8903-4850-9FFE-6E8522F64D5B -> OpenAI)
FirewallRules: [{000DD6DC-6544-42A5-8858-EF066A611FC1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{BA65B23C-F73F-4308-9D2E-EAF34BF69D8B}] => (Allow) LPort=8501
FirewallRules: [{07EB7413-1D82-4F99-AC2F-116326A89DA6}] => (Allow) LPort=8501
==================== Wiederherstellungspunkte =========================
15-12-2025 13:19:06 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (12/15/2025 04:27:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Frank.local already in use; will try Frank-2.local instead
Error: (12/15/2025 04:27:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Frank.local. Addr 192.168.2.65
Error: (12/15/2025 04:27:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.65:5353 16 Frank.local. AAAA 2003:00C6:F721:A400:E8C4:5674:02FC:EAF2
Error: (12/15/2025 04:27:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Frank.local. AAAA FE80:0000:0000:0000:A860:D217:AAD0:6CD6
Error: (12/15/2025 04:27:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.65:5353 16 Frank.local. AAAA 2003:00C6:F721:A400:E8C4:5674:02FC:EAF2
Error: (12/15/2025 04:27:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 Frank.local. Addr 192.168.2.65
Error: (12/15/2025 04:27:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.65:5353 16 Frank.local. AAAA 2003:00C6:F721:A400:E8C4:5674:02FC:EAF2
Error: (12/15/2025 04:25:02 PM) (Source: .NET Runtime) (EventID: 1000) (User: )
Description: Category: CallControl.Plugin.Zoom.ZoomPlugin
EventId: 0
SetSdkEnable(): Failed to enable Zoom SDK channel.
Systemfehler:
=============
Error: (12/15/2025 04:26:20 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: Der zugrunde liegende Transport für 127.0.0.1:41951 kann nicht gebunden werden. Möglicherweise enthält die Liste nur zum Abhören von IP einen Verweis auf eine Schnittstelle, die gegebenenfalls auf diesem Computer nicht vorhanden ist. Das Datenfeld enthält die Fehlernummer.
Error: (12/15/2025 04:26:20 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT-AUTORITÄT)
Description: Zertifikate für den sicheren Start wurden aktualisiert, aber noch nicht auf die Gerätefirmware angewendet. Lesen Sie den veröffentlichten Leitfaden, um das Update abzuschließen und vollständigen Schutz sicherzustellen. Diese Gerätesignaturinformationen sind hier enthalten.
DeviceAttributes: FirmwareManufacturer:Dell Inc.;FirmwareVersion:2.19.0;OEMManufacturerName:Dell Inc.;OEMModelSKU:0BC0;OSArchitecture:amd64;
BucketId: d92c2726036765b9abdfacbd87d57173256e9e2eb7ab4bda68d2f77fe3d9eece
BucketConfidenceLevel:
UpdateType:
Weitere Informationen finden Sie unter https://go.microsoft.com/fwlink/?linkid=2301018.
Error: (12/15/2025 04:23:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IntelTACD" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (12/15/2025 04:23:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IntelTACD" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (12/15/2025 04:23:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IntelTACD" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (12/15/2025 04:23:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IntelTACD" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (12/15/2025 04:23:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IntelTACD" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (12/15/2025 04:23:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IntelTACD" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Windows Defender:
================
Date: 2025-12-10 07:59:44
Description:
Microsoft Defender Antivirus ѕςăπ нåş ьэεņ ѕŧōρφеđ ьèƒōŕë ċómρℓэτίóň.%п %ţŚ¢äʼn ΪĎ:%ъ{B5FE7C52-BD6C-4ABA-A26C-2FB8D5A6EFB3}%ń %ţЅçăη Τýрē:%ъAntimalware%π %ťŠĉάή Ραгªмéτєŕŝ:%вSchnellüberprüfung%ņ %ťŮŝзґ:%ьNT-AUTORITÄT\SYSTEM%и %тŠτóφ Гєãşøŋ:%вŔР€ сóňйê¢τїøй ŗŭⁿδôẅñ
Date: 2025-12-09 18:30:44
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUABundler:Win32/FileZilla_BundleInstaller&threatid=311942&enterprise=0
Name: PUABundler:Win32/FileZilla_BundleInstaller
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\Users\mail\Downloads\FileZilla_3.68.1_win64_sponsored2-setup.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Benutzer
Benutzer: Frank\mail
Prozessname: Unknown
Sicherheitsversion: AV: 1.441.838.0, AS: 1.441.838.0, NIS: 1.441.838.0
Modulversion: AM: 1.1.25100.9002, NIS: 1.1.25100.9002
Date: 2025-12-03 12:19:44
Description:
Microsoft Defender Antivirus ѕςăπ нåş ьэεņ ѕŧōρφеđ ьèƒōŕë ċómρℓэτίóň.%п %ţŚ¢äʼn ΪĎ:%ъ{1C34C45D-9859-426B-967F-E2A51BD1FFE4}%ń %ţЅçăη Τýрē:%ъAntimalware%π %ťŠĉάή Ραгªмéτєŕŝ:%вSchnellüberprüfung%ņ %ťŮŝзґ:%ьNT-AUTORITÄT\SYSTEM%и %тŠτóφ Гєãşøŋ:%вŞċħęðùłėđ ŝ¢ǻй ẁąş ѕĸϊρφέđ веčаџŝĕ ťĥε łąşţ şϋς¢еşѕƒûļ şċаņ ẁäş ẁìţħϊή ťђè ļдšţ 7 ďªÿş
Date: 2025-12-02 14:00:03
Description:
Microsoft Defender Antivirus ѕςăπ нåş ьэεņ ѕŧōρφеđ ьèƒōŕë ċómρℓэτίóň.%п %ţŚ¢äʼn ΪĎ:%ъ{039A68DA-4C05-424A-851C-0543AAF71DCF}%ń %ţЅçăη Τýрē:%ъAntimalware%π %ťŠĉάή Ραгªмéτєŕŝ:%вSchnellüberprüfung%ņ %ťŮŝзґ:%ьNT-AUTORITÄT\SYSTEM%и %тŠτóφ Гєãşøŋ:%вŞċħęðùłėđ ŝ¢ǻй ẁąş ѕĸϊρφέđ веčаџŝĕ ťĥε łąşţ şϋς¢еşѕƒûļ şċаņ ẁäş ẁìţħϊή ťђè ļдšţ 7 ďªÿş
Date: 2025-12-01 13:27:05
Description:
Microsoft Defender Antivirus ѕςăπ нåş ьэεņ ѕŧōρφеđ ьèƒōŕë ċómρℓэτίóň.%п %ţŚ¢äʼn ΪĎ:%ъ{B7883343-D358-4BC3-AFC7-DF14CA070F9E}%ń %ţЅçăη Τýрē:%ъAntimalware%π %ťŠĉάή Ραгªмéτєŕŝ:%вSchnellüberprüfung%ņ %ťŮŝзґ:%ьNT-AUTORITÄT\SYSTEM%и %тŠτóφ Гєãşøŋ:%вŞċħęðùłėđ ŝ¢ǻй ẁąş ѕĸϊρφέđ веčаџŝĕ ťĥε łąşţ şϋς¢еşѕƒûļ şċаņ ẁäş ẁìţħϊή ťђè ļдšţ 7 ďªÿş
Event[0]
Date: 2025-12-04 21:04:43
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.441.699.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.25100.9002
Fehlercode: 0x80240022
Fehlerbeschreibung: Die Suche des Programms nach Definitionsaktualisierungen ist nicht möglich.
Date: 2025-12-04 21:04:43
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.441.699.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.25100.9002
Fehlercode: 0x80240022
Fehlerbeschreibung: Die Suche des Programms nach Definitionsaktualisierungen ist nicht möglich.
Date: 2025-12-03 21:04:37
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.441.624.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.25100.9002
Fehlercode: 0x80240022
Fehlerbeschreibung: Die Suche des Programms nach Definitionsaktualisierungen ist nicht möglich.
Date: 2025-12-03 21:04:37
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.441.624.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.25100.9002
Fehlercode: 0x80240022
Fehlerbeschreibung: Die Suche des Programms nach Definitionsaktualisierungen ist nicht möglich.
Date: 2025-12-02 21:04:41
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.441.624.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.25100.9002
Fehlercode: 0x80240022
Fehlerbeschreibung: Die Suche des Programms nach Definitionsaktualisierungen ist nicht möglich.
CodeIntegrity:
===============
Date: 2025-12-15 16:34:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
Date: 2025-12-15 16:32:07
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2025-12-15 16:31:23
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
BIOS: Dell Inc. 2.19.0 07/28/2025
Hauptplatine: Dell Inc. 09M47G
Prozessor: Intel(R) Core(TM) i7-14700
Prozentuale Nutzung des RAM: 56%
Installierter physikalischer RAM: 30370.25 MB
Verfügbarer physikalischer RAM: 13172.39 MB
Summe virtueller Speicher: 50850.25 MB
Verfügbarer virtueller Speicher: 30986.14 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:929.48 GB) (Free:492.31 GB) (Model: NVMe BC901 NVMe SK hynix 1024GB) (Protected) NTFS
Drive d: (Daten_Frank) (Fixed) (Total:2794.39 GB) (Free:1499.41 GB) (Model: ST3000DM001-1CH166) (Protected) NTFS
Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:2.2 GB) (Model: ST3000DM001-1CH166) FAT32
Drive z: (Volume) (Network) (Total:8848.28 GB) (Free:4745.67 GB) (Model: ST3000DM001-1CH166) NTFS
\\?\Volume{5c730375-1140-456b-8906-bbf55269d3aa}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.27 GB) NTFS
\\?\Volume{2fdfd64c-ec14-430b-97be-79af9340e61c}\ (Image) (Fixed) (Total:21.63 GB) (Free:0.12 GB) NTFS
\\?\Volume{5b3cc69f-df73-4d11-aa2d-153994584815}\ (DELLSUPPORT) (Fixed) (Total:1.45 GB) (Free:0.44 GB) NTFS
\\?\Volume{f462a035-3e99-4c75-8b49-24fa3c78bdd2}\ (ESP) (Fixed) (Total:0.19 GB) (Free:0.07 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 2794.5 GB) (Disk ID: F7727437)
Partition: GPT.
==========================================================
Disk: 1 (Size: 953.9 GB) (Disk ID: 4C918129)
Partition: GPT.
==================== Ende von Addition.txt =======================
|
|
Gestern, 17:23
| #35 |
| /// TB-Ausbilder | Windows 11: nach Runterladen einer Datei (pishing) Trojaner, der sich nicht löschen lässt Ok, danke für den Hinweis bezüglich AdwCleaner. Dann lassen wir DoesNotBelong (DNB) laufen. Bitte downloade dir DoesNotBelong (DNB) auf deinen Desktop.
|
|
Gestern, 17:45
| #36 |
| | Windows 11: nach Runterladen einer Datei (pishing) Trojaner, der sich nicht löschen lässt HI M-K-D-B, ich erhalte folgende Meldung: "diese app kann auf dem PC nicht werden wenden sie sich an den softwareherausgeber um eine geeignete version für ihren pc zu finden." |
|
Gestern, 17:51
| #37 |
| /// TB-Ausbilder | Windows 11: nach Runterladen einer Datei (pishing) Trojaner, der sich nicht löschen lässt Oh man...  Dann bitte mit FRST weiter. Reparatur mit FRST HINWEIS AN ALLE MITLESER: Dieses FRST-Skript ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System verwendet werden!
|
|
Gestern, 18:06
| #38 |
| | Windows 11: nach Runterladen einer Datei (pishing) Trojaner, der sich nicht löschen lässt okay, das Problem war anscheinend die Benutzerkontensteuerung? auf jeden fall steht im Browser bei downloads Diese Datei wird nicht oft heruntergeladen und kännte ein Virus sein ..... deswegen hatte er sie garnicht runtergeladen... habe sie nun aber noch mal heruntergeladen und siehe da es lies sich starten.... und dann -> wieder einen Blue(black)screen "Your device ran into a problem and needs to restart. "  habe eben FRST durchlaufen lassen... leider ist die Fixlog.txt über 7.000.000 Zeichen lang.... das wären viele Nachrichten.... |
|
Gestern, 20:58
| #39 | |
| /// TB-Ausbilder | Windows 11: nach Runterladen einer Datei (pishing) Trojaner, der sich nicht löschen lässtZitat:
Vermutlich sind dann in den Schlüsseln Werte im REG_BINARY - Format. Dies ist typisch für Malware. Wir entfernen die Schlüssel mit FRST. Reparatur mit FRST HINWEIS AN ALLE MITLESER: Dieses FRST-Skript ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System verwendet werden!
Geändert von M-K-D-B (Gestern um 21:12 Uhr) |
|
Gestern, 21:13
| #40 |
| | Windows 11: nach Runterladen einer Datei (pishing) Trojaner, der sich nicht löschen lässtCode:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-11-2025
durchgeführt von mail (15-12-2025 21:08:16) Run:5
Gestartet von C:\Users\mail\Desktop
Geladene Profile: mail
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
Start::
DeleteKey: HKCU\SOFTWARE\5011C90DD5AF9CEB66BCA48D265FDBF9
DeleteKey: HKCU\SOFTWARE\5D077F08DFA47FD43EFB
CMD: reg query "HKCU\Software"
Reboot:
End::
*****************
HKCU\SOFTWARE\5011C90DD5AF9CEB66BCA48D265FDBF9 => erfolgreich entfernt
HKCU\SOFTWARE\5D077F08DFA47FD43EFB => erfolgreich entfernt
========= reg query "HKCU\Software" =========
HKEY_CURRENT_USER\Software
MultipleInvokePromptMinimum REG_DWORD 0x16
HKEY_CURRENT_USER\Software\Adobe
HKEY_CURRENT_USER\Software\appdatalow
HKEY_CURRENT_USER\Software\Apple Inc.
HKEY_CURRENT_USER\Software\ASProtect
HKEY_CURRENT_USER\Software\BlueStacks X
HKEY_CURRENT_USER\Software\BlueStacksInstaller
HKEY_CURRENT_USER\Software\BlueStacksServices
HKEY_CURRENT_USER\Software\Brother Industries, Ltd.
HKEY_CURRENT_USER\Software\BSXInstaller
HKEY_CURRENT_USER\Software\cad-schroer.de
HKEY_CURRENT_USER\Software\CADSchroer
HKEY_CURRENT_USER\Software\ChangeTracker
HKEY_CURRENT_USER\Software\Chromium
HKEY_CURRENT_USER\Software\Clients
HKEY_CURRENT_USER\Software\Corel
HKEY_CURRENT_USER\Software\CyberLink
HKEY_CURRENT_USER\Software\Dell
HKEY_CURRENT_USER\Software\Developer Express
HKEY_CURRENT_USER\Software\DYMO
HKEY_CURRENT_USER\Software\Edge
HKEY_CURRENT_USER\Software\ej-technologies
HKEY_CURRENT_USER\Software\Google
HKEY_CURRENT_USER\Software\Governikus GmbH & Co. KG
HKEY_CURRENT_USER\Software\GRAHL
HKEY_CURRENT_USER\Software\Heiko Schroeder Software
HKEY_CURRENT_USER\Software\IM Providers
HKEY_CURRENT_USER\Software\Intel Corporation
HKEY_CURRENT_USER\Software\IT-Services Thomas Holz
HKEY_CURRENT_USER\Software\JavaSoft
HKEY_CURRENT_USER\Software\Kyocera Document Solutions
HKEY_CURRENT_USER\Software\Kyocera Mita
HKEY_CURRENT_USER\Software\Licenses
HKEY_CURRENT_USER\Software\LogiShrd
HKEY_CURRENT_USER\Software\Logitech
HKEY_CURRENT_USER\Software\Malwarebytes
HKEY_CURRENT_USER\Software\Microsoft
HKEY_CURRENT_USER\Software\Mozilla
HKEY_CURRENT_USER\Software\Netscape
HKEY_CURRENT_USER\Software\NVIDIA Corporation
HKEY_CURRENT_USER\Software\ODBC
HKEY_CURRENT_USER\Software\Opera Software
HKEY_CURRENT_USER\Software\Policies
HKEY_CURRENT_USER\Software\QtProject
HKEY_CURRENT_USER\Software\RAPWare
HKEY_CURRENT_USER\Software\Razer
HKEY_CURRENT_USER\Software\Realtek
HKEY_CURRENT_USER\Software\RegisteredApplications
HKEY_CURRENT_USER\Software\RIB
HKEY_CURRENT_USER\Software\SoftGold
HKEY_CURRENT_USER\Software\Softland
HKEY_CURRENT_USER\Software\SyncEngines
HKEY_CURRENT_USER\Software\TeamViewer
HKEY_CURRENT_USER\Software\The Silicon Realms Toolworks
HKEY_CURRENT_USER\Software\VB and VBA Program Settings
HKEY_CURRENT_USER\Software\Waves Audio
HKEY_CURRENT_USER\Software\WinRAR
HKEY_CURRENT_USER\Software\WinRAR SFX
HKEY_CURRENT_USER\Software\Wow6432Node
HKEY_CURRENT_USER\Software\Classes
========= Ende von CMD: =========
Das System musste neu gestartet werden.
==== Ende von Fixlog 21:08:17 ====
|
|
Gestern, 21:15
| #41 |
| /// TB-Ausbilder | Windows 11: nach Runterladen einer Datei (pishing) Trojaner, der sich nicht löschen lässt Gut gemacht.  Ich denke, aktive Malware ist keine mehr auf dem System. Wir können uns noch eine Zweitmeinung einholen. Dafür wäre ESET ganz gut. Das Tool kann aber, je nach Menge der Dateien, auch mehrere Stunden laufen, ist aber sehr gründlich. Führe ESET Online Scanner (EOS) gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. |
|
Gestern, 21:34
| #42 |
| /// TB-Ausbilder | Windows 11: nach Runterladen einer Datei (pishing) Trojaner, der sich nicht löschen lässt Ich hatte Kontakt mit dem Resarch Team von Malwarebytes. Die Malware auf deinem System war ein Shellcode Injector, der Zugangsdaten abgegriffen haben könnte. Daher solltest du am Ende der Bereinigung alle Passwörter und Zugangsdaten von allen Online-Diensten ändern. Ich bin morgen Abend nach der Arbeit wieder da. Je nachdem, was ESET ergibt, können wir dann dein Thema schon abschließen. Ein paar Tipps hätte ich auch noch für dich. |
|
Heute, 09:03
| #43 |
| | Windows 11: nach Runterladen einer Datei (pishing) Trojaner, der sich nicht löschen lässt Hallo M-K-D-B, scheint jetzt sauber zu sein. Malwarebytes zeigt auch nur noch die Firefox-Erweiterung (Paypal Honey) an. aber entfernen (in Quarantäne verschieben) lassen die sich trotzdem nicht ... also immer noch "Your device ran into a problem and needs to restart. " Das mit den Passwörtern kann gut sein. ich habe bereits an dem tag, an dem ich mir das Viech "Installiert" habe eine bestellung einer Amazon Geschenkkarte über mein konto gehabt. zum glück haben die sicherheitsmechanismen von Amazon fonktioniert. mich hat ein Amazon mitarbeiter angerufen und gefragt, ob diese bestellung von mir kam. ich habe sofort das Passwort geändert. DAnn muss ich wohl am Wochenende mal sämtliche Passwörter ändern. woher greifen die diese ab? durch eingabe oder durch entschlüsselung bspw. Firefox Passwörter? Code:
ATTFilter 16.12.2025 08:51:53
Geprüfte Dateien: 678653
Erkannte Dateien: 0
Gesäuberte Dateien: 0
Scandauer gesamt: 01:18:43
Scanstatus: Abgeschlossen
|
|
| Themen zu Windows 11: nach Runterladen einer Datei (pishing) Trojaner, der sich nicht löschen lässt |
| .dll, adobe, bonjour, defender, desktop, e-mail, firefox, google, installation, internet, kaspersky, monitor, mozilla, performance, phishing, pishing, prozesse, realtek, registry, scan, server, svchost.exe, system, trojaner, windows |
Linear-Darstellung
