| |
| |||||||
Log-Analyse und Auswertung: „Browser-Redirect auf bonusgew.com / Exilence OAuth kapert Login“Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
Heute, 12:39
| #1 |
| |  „Browser-Redirect auf bonusgew.com / Exilence OAuth kapert Login“ Windows-Version (z.B. Windows 11 Pro, 64‑bit). Browser: Microsoft Edge. Symptome: Beim Exilence‑„Authorize“ oder PoE‑Login Redirect auf bonusgew.com bzw. Tagesschau statt pathofexile.com. Malwarebytes meldet und blockiert bonusgew.com als schädliche Seite. Bisher gemacht: Windows Defender Schnellscan: ohne Funde. Malwarebytes Scan: nur PUPs von OpenOffice, bereits in Quarantäne verschoben. Hosts‑Datei geprüft: nur Standard‑Einträge. Proxy-Einstellungen kontrolliert: kein manueller Proxy eingetragen. „Bitte um Hilfe bei Analyse (FRST-Logs etc.).“ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-11-2025
durchgeführt von Ralf (17-12-2025 12:26:40)
Gestartet von D:\Downloads
Microsoft Windows 11 Pro Version 24H2 26100.7462 (X64) (2025-01-03 16:01:12)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-907164338-1891526244-581135098-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-907164338-1891526244-581135098-503 - Limited - Disabled)
Gast (S-1-5-21-907164338-1891526244-581135098-501 - Limited - Disabled)
Ralf (S-1-5-21-907164338-1891526244-581135098-1000 - Administrator - Enabled) => C:\Users\Ralf
WDAGUtilityAccount (S-1-5-21-907164338-1891526244-581135098-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 25.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2501-000001000000}) (Version: 25.01.00.0 - Igor Pavlov)
Ashampoo WinOptimizer 2024 (HKLM-x32\...\{4209F371-3BFE-8783-1920-782675C32EF8}_is1) (Version: 26.00.22 - Ashampoo GmbH & Co. KG)
Awakened PoE Trade 3.27.106 (HKU\S-1-5-21-907164338-1891526244-581135098-1000\...\2ea281da-028b-5d55-b26e-53163c89344a) (Version: 3.27.106 - Alexander Drozdov)
CCleaner 7 (HKLM\...\CCleaner 7) (Version: 7.1.1042.1243 - Piriform)
Corsair Device Control Service (HKLM\...\{7F05A2E7-F6C9-4419-AB4B-170B97CAE29D}) (Version: 1.7.27 - Corsair) Hidden
Corsair Device Control Service Bundle (HKLM-x32\...\{d04eddd3-9909-49af-aa59-b30e1b161f18}) (Version: 1.7.27 - Corsair)
Discord (HKU\S-1-5-21-907164338-1891526244-581135098-1000\...\Discord) (Version: 1.0.9175 - Discord Inc.)
Dynamic Application Loader Host Interface Service (HKLM\...\{C1EF5AEC-6EC4-4102-A13A-20A8E4EB3071}) (Version: 1.0.0.0 - Intel Corporation) Hidden
ENE Video Capture Box HAL (HKLM\...\{A096611D-BA11-4A1A-8D09-0A0462D7C8F2}) (Version: 1.0.5.15 - Ene Tech.) Hidden
ENE Video Capture Box HAL (HKLM-x32\...\{974259bf-3ed1-4cd6-9ed1-40c7f601a786}) (Version: 1.0.5.15 - Ene Tech.) Hidden
ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{C59BF7A9-FFFA-4257-BD2B-52302F4A2772}) (Version: 1.0.19.0 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{a93538bc-9eee-458b-a5c6-d26ed02a2c75}) (Version: 1.0.19.0 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{c1d017c2-8846-4000-9254-5689eccd462e}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
ENE_External_Device_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.12.7 - ENE Tech) Hidden
ENE_External_Device_HAL (HKLM-x32\...\{a7b1cf47-d8f0-423d-9494-568195f1c864}) (Version: 1.0.12.7 - ENE Tech) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{bf256b46-8ff7-48be-ab7f-5661e9a0651f}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM-x32\...\{c662a481-d76a-4188-95d2-6eb4ffd55542}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden
ExplorerPatcher (HKLM\...\{D17F1E1A-5919-4427-8F89-A1A8503CA3EB}_ExplorerPatcher) (Version: 26100.4946.69.6 - VALINET Solutions SRL)
GBT_Dynamic_Lighting_Lib_UC 25.07.21.01 (HKLM\...\GBT_Dynamic_Lighting_Lib_UC) (Version: 25.07.21.01 - GIGABYTE)
GBT_MB_Update (HKLM\...\GBT_MB_Update) (Version: 25.09.16.01 - GIGABYTE)
GBT_RGB_Sync_Control 25.10.15.01 (HKLM\...\GBT_RGB_Sync_Control) (Version: 25.10.15.01 - GIGABYTE)
GBT_rgbMotherboard_UC 25.10.15.01 (HKLM\...\GBT_rgbMotherboard_UC) (Version: 25.10.15.01 - GIGABYTE)
GBT_VGA 25.07.01.01 (HKLM\...\GBT_VGA) (Version: 25.07.01.01 - GIGABYTE)
GIGABYTE Control Center 25.10.16.01 (HKLM\...\GIGABYTE Control Center) (Version: 25.10.16.01 - GIGABYTE)
GIGABYTE Performance Library (HKLM\...\MBEasyTune) (Version: 25.10.30.01 - GIGABYTE)
GIGABYTE Storage Library (HKLM\...\MBStorage) (Version: 25.10.15.01 - GIGABYTE)
Google Chrome (HKLM\...\{D8756D27-79B8-30DE-9331-8EB0A19B2607}) (Version: 143.0.7499.111 - Google LLC)
HWiNFO® 64 (HKLM\...\HWiNFO® 64_is1) (Version: 8.16 - Martin Malik, REALiX s.r.o.)
iCloud Outlook (HKLM\...\{B0D2F302-00A7-495C-9C1D-5619E87BCE63}) (Version: 15.3.0.152 - Apple Inc.)
Intel Driver && Support Assistant (HKLM-x32\...\{90EFD4CC-39A4-4470-AEEB-878CB2BCBC81}) (Version: 25.4.36.6 - Intel) Hidden
Intel(R) Chipset Device Software (HKLM\...\{7CE5A9A7-AD6E-4F64-9D53-E3B6F741B979}) (Version: 10.1.19899.8597 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{d86cfdf3-0928-4b89-9f81-d21552c39b2d}) (Version: 10.1.19899.8597 - Intel(R) Corporation)
Intel(R) Computing Improvement Program (HKLM\...\{7FD2EA2A-F627-46E7-9955-575AD20BF87C}) (Version: 2.4.11077 - Intel Corporation)
Intel(R) Extreme Tuning Utility (HKLM-x32\...\{23b8ca9c-4ed2-4c49-b4be-adfa33975d8c}) (Version: 7.14.1.12 - Intel Corporation)
Intel(R) Graphics Software & Drivers (HKLM\...\Intel(R) Graphics Software & Drivers) (Version: 1.0.1133.5 - Intel(R) Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.386 - Intel Corporation)
Intel(R) Icls (HKLM\...\{BBA1D01B-6740-425B-8B5C-DC980291DAC5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2425.6.26.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{F3D2543D-2538-49B0-BFA6-EBD2DC8143DD}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{CBC5E4AC-0679-4DA6-BD54-DF9737C5BE2A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME WMI Provider (HKLM\...\{95495073-8315-4E24-B475-E8B59638F0B4}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{0463150E-75E2-46F9-B447-2A13D70C9C21}) (Version: 30.100.2417.30 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2417.30 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{4152D055-4116-42A3-BC9E-86D0A17B35A5}) (Version: 25.4.36.6 - Intel)
Intel® Graphics Software (HKLM\...\{719CA6A4-CB67-4372-AB1E-A65865037F50}) (Version: 25.40.1953.2 - Intel Corporation)
Intel® Graphics Software (HKLM\...\{EF080BED-438B-4949-ADE5-09A837DE751F}) (Version: 25.40.1953.2 - Intel Corporation) Hidden
Malwarebytes version 5.4.5.226 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.4.5.226 - Malwarebytes)
Microsoft .NET Host - 8.0.20 (x64) (HKLM\...\{E8562B28-F84C-45AA-AE65-E31D1068377F}) (Version: 64.80.39230 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.20 (x86) (HKLM-x32\...\{8EA18843-2557-42A9-8541-27FCCBB02C26}) (Version: 64.80.39230 - Microsoft Corporation) Hidden
Microsoft .NET Host - 9.0.8 (x64) (HKLM\...\{45586851-E8D7-4E1B-83A2-CD38A8C665E5}) (Version: 72.32.37563 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.17 (x64) (HKLM\...\{B73795E1-2391-49EB-A3E8-C2E16B2CEAC4}) (Version: 64.68.34370 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.19 (x64) (HKLM\...\{69A17DA9-300A-49B9-97F1-1EB7424570DE}) (Version: 64.76.37566 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.20 (x64) (HKLM\...\{BB4BB73D-8784-40A3-9888-9BD29EC1B023}) (Version: 64.80.39230 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.20 (x86) (HKLM-x32\...\{4D4A5EE5-BAEC-4745-BAE8-91870660199B}) (Version: 64.80.39230 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 9.0.8 (x64) (HKLM\...\{416ACB21-5EB0-444C-8E44-0975705598C3}) (Version: 72.32.37563 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.17 (x64) (HKLM\...\{685320E7-FDFC-4BC6-91B3-E16746AFA1A0}) (Version: 64.68.34370 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.19 (x64) (HKLM\...\{B9F7A454-0CCD-410C-A3E0-D1AAC300F150}) (Version: 64.76.37566 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.19 (x64) (HKLM-x32\...\{04f2ebb7-4f99-4441-bcc6-f5c28c103f3f}) (Version: 8.0.19.35115 - Microsoft Corporation)
Microsoft .NET Runtime - 8.0.20 (x64) (HKLM\...\{402EB961-5AED-472A-B785-B5AE9EF71286}) (Version: 64.80.39230 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.20 (x86) (HKLM-x32\...\{A45EE2FF-1A57-48EE-9D23-73C33A915D3B}) (Version: 64.80.39230 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 9.0.8 (x64) (HKLM\...\{F91CC18B-2C99-4BD4-95D1-A0FA7CF40BCF}) (Version: 72.32.37563 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.20 - Shared Framework (x86) (HKLM-x32\...\{b9c84c09-55aa-4a5c-b8b7-3cbb76f545b4}) (Version: 8.0.20.25420 - Microsoft Corporation)
Microsoft ASP.NET Core 8.0.20 Shared Framework (x86) (HKLM-x32\...\{08D69D57-124D-30BE-B96B-7E86D86A3899}) (Version: 8.0.20.25420 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 143.0.3650.80 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 143.0.3650.80 - Microsoft Corporation) Hidden
Microsoft GameInput (HKLM\...\{ECB4BDD1-984C-9F25-299C-A9EF75C14197}) (Version: 10.1.26100.6879 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-907164338-1891526244-581135098-1000\...\OneDriveSetup.exe) (Version: 25.222.1112.0002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-907164338-1891526244-581135098-500\...\OneDriveSetup.exe) (Version: 25.149.0803.0003 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211 (HKLM-x32\...\{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35211 (HKLM-x32\...\{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35211 (HKLM-x32\...\{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.17 (x64) (HKLM\...\{64AB07EF-120F-4A5A-A356-61D6D8966457}) (Version: 64.68.34385 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.17 (x64) (HKLM-x32\...\{5b3e202b-e0c9-4d25-84df-5f687c3b7c47}) (Version: 8.0.17.34917 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.20 (x64) (HKLM\...\{D330A645-92DF-4389-8324-B82FE3561498}) (Version: 64.80.39251 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.20 (x64) (HKLM-x32\...\{e033dc24-62c0-4f2c-928e-99122efab19d}) (Version: 8.0.20.35221 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.20 (x86) (HKLM-x32\...\{1B2D5C9A-BEA5-4AF2-892E-7E9BE0B8EF3B}) (Version: 64.80.39251 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.20 (x86) (HKLM-x32\...\{8173f945-64eb-4aaa-b3a6-cd0137ef08c7}) (Version: 8.0.20.35221 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 9.0.8 (x64) (HKLM\...\{89F36AB9-4F0D-4504-8126-64D5BFB63886}) (Version: 72.32.37601 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 9.0.8 (x64) (HKLM-x32\...\{46826b89-8c19-4fd5-a618-85716f944932}) (Version: 9.0.8.35118 - Microsoft Corporation)
NVIDIA App 11.0.5.420 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.5.420 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.5.11504.36206172 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.11504.36206172 - NVIDIA Corporation)
NVIDIA Grafiktreiber 581.80 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 581.80 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.4.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.5.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
oneAPI Level Zero (HKLM\...\{2BA535F4-FEF9-45E1-9FF6-66C4E0F629FF}) (Version: 1.24.0 - Intel)
oneAPI Level Zero (HKLM\...\{FD1C864D-4BA3-4321-BDFC-66F50CF6B6BF}) (Version: 1.23.1 - Intel)
OpenOffice 4.1.15 (HKLM-x32\...\{D8DD7A6F-CB70-43AF-9A0C-9A5A4C195068}) (Version: 4.115.9813 - Apache Software Foundation)
Path of Building Community (HKU\S-1-5-21-907164338-1891526244-581135098-1000\...\Path of Building Community) (Version: 2.49.0 - Path of Building Community)
Path of Exile (HKLM-x32\...\{55e9c2b5-c5ab-4a9c-aef7-32a1884d3d5c}) (Version: 3.25.3.63540 - Grinding Gear Games)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 3.25.3.63540 - Grinding Gear Games) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.3 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{6e0eff60-c502-43bb-8f56-360ca07e73d9}) (Version: 1.1.0.3 - Patriot Memory) Hidden
Perplexity 1.1.3 (HKU\S-1-5-21-907164338-1891526244-581135098-1000\...\bf146e86-595f-5372-9f0f-5dfe3975eb52) (Version: 1.1.3 - Perplexity)
PowerToys (Preview) (HKLM\...\{AD40CD15-AB35-4F8F-A482-034FF8B1BB9D}) (Version: 0.96.1 - Microsoft Corporation) Hidden
PowerToys (Preview) x64 (HKU\S-1-5-21-907164338-1891526244-581135098-1000\...\{BB31A853-ECBA-4E49-BAE7-19121A809FB4}) (Version: 0.96.1 - Microsoft Corporation)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9879.1 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.103.2507 - Rockstar Games)
Rockstar Games SDK (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.4.0.146 - Rockstar Games)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 8.3.2.850 - Samsung Electronics)
Smart Backup (x64) (HKLM\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 3.24.0829.1 - Gigabyte) Hidden
Smart Backup (x64) (HKLM-x32\...\InstallShield_{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 3.24.0829.1 - Gigabyte)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 2.6.3.2901765 - Zenimax Online Studios)
Verbatim_SureFireGaming_Product (HKLM\...\{35CB65C6-A7E3-4EE7-AD40-738D70A72164}) (Version: 1.0.3.11 - Verbatim) Hidden
Verbatim_SureFireGaming_Product (HKLM-x32\...\{d601832a-0d94-46ce-9b19-78e8a5887313}) (Version: 1.0.3.11 - Verbatim) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-907164338-1891526244-581135098-1000\...\Wargaming.net Game Center) (Version: 25.5.0.352 - Wargaming.net)
WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD P40 Game Drive (HKLM-x32\...\{72b1a866-fc31-4381-bff3-fa6cd8823777}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WinRAR 7.12 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 7.12.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-907164338-1891526244-581135098-1000\...\2805179888) (Version: - Wargaming.net)
Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-24] ()
@{MicrosoftWindows.58683691.InpApp_1000.26100.6725.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.58683691.InpApp/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-12-09] ()
@{MicrosoftWindows.58683691.InpApp_1000.26100.6899.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.58683691.InpApp/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-12-09] ()
@{MicrosoftWindows.59379618.InpApp_1000.26100.7171.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.59379618.InpApp/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.59379618.InpApp_cw5n1h2txyewy [2025-12-09] (Microsoft Windows)
Abstract Bubbles PREMIUM -> C:\Program Files\WindowsApps\Microsoft.AbstractBubblesPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2025-08-04] (Microsoft Corporation)
Apple Music -> C:\Program Files\WindowsApps\AppleInc.AppleMusicWin_1.1536.28673.0_x64__nzyj5cx40ttqa [2025-09-16] (Apple Inc.)
Beautiful Norway -> C:\Program Files\WindowsApps\Microsoft.BeautifulNorway_1.0.0.0_neutral__8wekyb3d8bbwe [2025-08-04] (Microsoft Corporation)
Befehlspalette -> C:\Program Files\WindowsApps\Microsoft.CommandPalette_0.7.3271.0_x64__8wekyb3d8bbwe [2025-11-27] (Microsoft Corporation) [Startup Task]
BO6 DLC56 Trial Pack 01 -> C:\Program Files\WindowsApps\38985CA0.BO6DLC56TrialPack01_0.0.12.0_x64__5bkah9njm3e9g [2025-01-05] (Activision Publishing Inc.)
BO6 PC MS DLC01 BO6 Game Stub 01 -> C:\Program Files\WindowsApps\38985CA0.BO6PCMSDLC01BO6GameStub01_0.0.9.0_x64__5bkah9njm3e9g [2025-01-05] (Activision Publishing Inc.)
BO6 PC MS DLC07 Game Pass Launch Tracker -> C:\Program Files\WindowsApps\38985CA0.BO6PCMSDLC07GamePassLaunchTracker_0.0.9.0_x64__5bkah9njm3e9g [2025-01-05] (Activision Publishing Inc.)
BO6 PC MS DLC12 Beta Early Access -> C:\Program Files\WindowsApps\38985CA0.BO6PCMSDLC12BetaEarlyAccess_0.0.9.0_x64__5bkah9njm3e9g [2025-01-05] (Activision Publishing Inc.)
Call of Duty® -> C:\Program Files\WindowsApps\38985CA0.COREBase_1.0.133.0_x64_ww_5bkah9njm3e9g [2025-12-11] (Activision Publishing Inc.)
Call of Duty® Modern Warfare 3 -> C:\Program Files\WindowsApps\38985CA0.MWIIIGame_1.0.7.0_x64_ww_5bkah9njm3e9g [2025-09-21] (Activision Publishing Inc.)
Call of the Raven -> C:\Program Files\WindowsApps\Microsoft.CalloftheRaven_1.0.0.0_neutral__8wekyb3d8bbwe [2025-08-04] (Microsoft Corporation)
Clouds PREMIUM -> C:\Program Files\WindowsApps\Microsoft.CloudsPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2025-08-04] (Microsoft Corporation)
Community Showcase Aqua 2 -> C:\Program Files\WindowsApps\Microsoft.CommunityShowcaseAqua2_1.0.0.0_neutral__8wekyb3d8bbwe [2025-08-04] (Microsoft Corporation)
Curious Perspectives -> C:\Program Files\WindowsApps\MicrosoftCorporationII.CuriousPerspectives_1.0.0.0_neutral__8wekyb3d8bbwe [2025-08-04] (Microsoft Corp.)
DocX View & Edit -> C:\Program Files\WindowsApps\40242YTDApp.DocXViewEdit_1.3.8.0_neutral__fem9xfxjkkftg [2025-11-26] (YTDApp)
DTS:X Ultra -> C:\Program Files\WindowsApps\DTSInc.DTSXUltra_1.13.15.0_x64__t5j2fzbtdg37r [2025-08-05] (DTS, Inc.)
Earth from Above PREMIUM -> C:\Program Files\WindowsApps\Microsoft.EarthfromAbovePREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2025-08-04] (Microsoft Corporation)
Fish and Corals -> C:\Program Files\WindowsApps\Microsoft.FishandCorals_1.0.0.0_neutral__8wekyb3d8bbwe [2025-08-04] (Microsoft Corporation)
Ford F-150 Raptor Xbox One X Edition -> C:\Program Files\WindowsApps\Microsoft.FordF-150RaptorXboxOneXEdition_1.0.0.0_neutral__8wekyb3d8bbwe [2025-08-04] (Microsoft Corporation)
Ford Mustang RTR Formula Drift -> C:\Program Files\WindowsApps\Microsoft.FordMustangRTRFormulaDrift_1.0.0.0_neutral__8wekyb3d8bbwe [2025-08-04] (Microsoft Corporation)
GigabyteControlCenter -> C:\Program Files\WindowsApps\65d483df-b37e-4fcf-94de-8b795233db63_25.1.23.0_x64__1mmjbktjj1mkp [2025-08-05] (GIGABYTE)
Grand Theft Auto V Legacy -> C:\Program Files\WindowsApps\RockstarGamesInc.3605912C1822C_1.2.0.0_x64__k2ss7vbb13xte [2025-12-10] (Rockstar Games)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_15.4.210.0_x64__nzyj5cx40ttqa [2025-08-04] (Apple Inc.) [Startup Task]
Illusions by Josh Sommers -> C:\Program Files\WindowsApps\Microsoft.IllusionsbyJoshSommers_1.0.0.0_neutral__8wekyb3d8bbwe [2025-08-04] (Microsoft Corporation)
Malwarebytes Anti-Malware -> C:\Program Files\Malwarebytes\Anti-Malware [2025-12-17] ()
MW3 PC MS DLC01 Game Stub 01 -> C:\Program Files\WindowsApps\38985CA0.MW3PCMSDLC01GameStub01_0.0.9.0_x64__5bkah9njm3e9g [2025-01-05] (Activision Publishing Inc.)
MW3 PC MS DLC02 Cross-Gen Pack 01 -> C:\Program Files\WindowsApps\38985CA0.MW3PCMSDLC02Cross-GenPack01_0.0.9.0_x64__5bkah9njm3e9g [2025-01-05] (Activision Publishing Inc.)
MW3 PC MS DLC03 Cross-Gen Pack 02 -> C:\Program Files\WindowsApps\38985CA0.MW3PCMSDLC03Cross-GenPack02_0.0.9.0_x64__5bkah9njm3e9g [2025-01-05] (Activision Publishing Inc.)
MW3 PC MS DLC10 Game Pass Tracker -> C:\Program Files\WindowsApps\38985CA0.MW3PCMSDLC10GamePassTracker_0.0.9.0_x64__5bkah9njm3e9g [2025-01-05] (Activision Publishing Inc.)
Night Skies PREMIUM -> C:\Program Files\WindowsApps\Microsoft.NightSkiesPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2025-08-04] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.969.0_x64__56jybvy8sckqj [2025-11-07] (NVIDIA Corp.)
Porsche 911 GT2 RS - Forza Motorsport 7 -> C:\Program Files\WindowsApps\MicrosoftCorporation.Porsche911GT2RS-ForzaMotorspo_1.0.0.0_neutral__8wekyb3d8bbwe [2025-08-04] (Microsoft Corporation)
PowerToys.SparseApp -> C:\Users\Ralf\AppData\Local\PowerToys [2025-11-27] (PowerToys)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.53.374.0_x64__dt26b99r8h8gj [2025-10-11] (Realtek Semiconductor Corp)
Sloths PREMIUM -> C:\Program Files\WindowsApps\Microsoft.SlothsPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2025-08-04] (Microsoft Corporation)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2587.8.0_x64__cv1g1gvanyjgm [2025-12-06] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57242383.Tasbar_cw5n1h2txyewy [2025-12-09] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.59379618.InpApp_cw5n1h2txyewy [2025-12-09] (Microsoft Windows)
WinRAR -> C:\Program Files\WinRAR [2025-08-05] (win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-907164338-1891526244-581135098-1000_Classes\CLSID\{0e6d5bdd-d5f8-4692-a089-8bb88cdd37f4}\InprocServer32 -> C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.BgcodePreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-907164338-1891526244-581135098-1000_Classes\CLSID\{10144713-1526-46C9-88DA-1FB52807A9FF}\InprocServer32 -> C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.SvgThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-907164338-1891526244-581135098-1000_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\Ralf\AppData\Local\Microsoft\OneDrive\25.222.1112.0002\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-907164338-1891526244-581135098-1000_Classes\CLSID\{5c93a1e4-99d0-4fb3-991c-6c296a27be21}\InprocServer32 -> C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.BgcodeThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-907164338-1891526244-581135098-1000_Classes\CLSID\{60789D87-9C3C-44AF-B18C-3DE2C2820ED3}\InprocServer32 -> C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.MarkdownPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-907164338-1891526244-581135098-1000_Classes\CLSID\{729B72CD-B72E-4FE9-BCBF-E954B33FE699}\InprocServer32 -> C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.QoiPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-907164338-1891526244-581135098-1000_Classes\CLSID\{77257004-6F25-4521-B602-50ECC6EC62A6}\InprocServer32 -> C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.StlThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-907164338-1891526244-581135098-1000_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\Ralf\AppData\Local\Microsoft\OneDrive\25.222.1112.0002\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-907164338-1891526244-581135098-1000_Classes\CLSID\{9FAAAEDF-FF79-4A12-90F9-7F6F8DEE0F7E} -> [iCloud Drive] => C:\Users\Ralf\iCloudDrive [2025-06-25 17:28]
CustomCLSID: HKU\S-1-5-21-907164338-1891526244-581135098-1000_Classes\CLSID\{A0257634-8812-4CE8-AF11-FA69ACAEAFAE}\InprocServer32 -> C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.GcodePreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-907164338-1891526244-581135098-1000_Classes\CLSID\{AD856B15-D25E-4008-AFB7-AFAA55586188}\InprocServer32 -> C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.QoiThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-907164338-1891526244-581135098-1000_Classes\CLSID\{D8034CFA-F34B-41FE-AD45-62FCBB52A6DA}\InprocServer32 -> C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.MonacoPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-907164338-1891526244-581135098-1000_Classes\CLSID\{DD5CACDA-7C2E-4997-A62A-04A597B58F76}\localserver32 -> C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-907164338-1891526244-581135098-1000_Classes\CLSID\{f07ae553-2f15-3195-bffe-1c86c501d7ae}\localserver32 -> C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.PowerLauncher.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-907164338-1891526244-581135098-1000_Classes\CLSID\{F2847CBE-CD03-4C83-A359-1A8052C1B9D5}\InprocServer32 -> C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.GcodeThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-907164338-1891526244-581135098-1000_Classes\CLSID\{FB745F4E-6F9C-446E-BD7D-C6BA8D6C3B34}\localserver32 -> c:\program files\intel\intel graphics software\intelgraphicssoftware.exe (Intel Corporation -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-907164338-1891526244-581135098-1000_Classes\CLSID\{FCDD4EED-41AA-492F-8A84-31A1546226E0}\InprocServer32 -> C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.SvgPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
ShellServiceObjects: Kein Name -> {C2796011-81BA-4148-8FCA-C6643245113F} =>
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-12-17] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2025-06-23] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2025-06-23] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_c2d1126d336032b3\nvshext.dll [2025-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-12-17] (Malwarebytes Inc -> Malwarebytes)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [MidisrvTransferComplete] => 0
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Ralf\Desktop\Persönlich - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Default"
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2025-12-11 22:27 - 2025-12-09 10:15 - 000118272 _____ () [Datei ist nicht signiert] \\?\C:\Users\Ralf\AppData\Local\Programs\Awakened PoE Trade\resources\app.asar.unpacked\node_modules\electron-overlay-window\prebuilds\win32-x64\electron-overlay-window.node
2025-12-11 22:27 - 2025-12-09 10:15 - 000167936 _____ () [Datei ist nicht signiert] \\?\C:\Users\Ralf\AppData\Local\Programs\Awakened PoE Trade\resources\app.asar.unpacked\node_modules\uiohook-napi\prebuilds\win32-x64\node.napi.node
2025-01-03 19:39 - 2025-12-09 10:15 - 003058176 _____ () [Datei ist nicht signiert] C:\Users\Ralf\AppData\Local\Programs\Awakened PoE Trade\ffmpeg.dll
2025-01-03 19:39 - 2025-12-09 10:15 - 000504320 _____ () [Datei ist nicht signiert] C:\Users\Ralf\AppData\Local\Programs\Awakened PoE Trade\libegl.dll
2025-01-03 19:39 - 2025-12-09 10:15 - 008398848 _____ () [Datei ist nicht signiert] C:\Users\Ralf\AppData\Local\Programs\Awakened PoE Trade\libglesv2.dll
2025-01-03 19:39 - 2025-12-09 10:15 - 005640192 _____ () [Datei ist nicht signiert] C:\Users\Ralf\AppData\Local\Programs\Awakened PoE Trade\vk_swiftshader.dll
2025-01-03 19:39 - 2025-12-09 10:15 - 000944128 _____ () [Datei ist nicht signiert] C:\Users\Ralf\AppData\Local\Programs\Awakened PoE Trade\vulkan-1.dll
2025-06-24 11:48 - 2025-04-15 17:10 - 002927616 _____ () [Datei ist nicht signiert] C:\Users\Ralf\AppData\Local\Programs\Perplexity\ffmpeg.dll
2025-06-24 11:48 - 2025-04-15 17:10 - 000493056 _____ () [Datei ist nicht signiert] C:\Users\Ralf\AppData\Local\Programs\Perplexity\libegl.dll
2025-06-24 11:48 - 2025-04-15 17:10 - 008417792 _____ () [Datei ist nicht signiert] C:\Users\Ralf\AppData\Local\Programs\Perplexity\libglesv2.dll
2025-06-24 11:48 - 2025-04-15 17:10 - 005533184 _____ () [Datei ist nicht signiert] C:\Users\Ralf\AppData\Local\Programs\Perplexity\vk_swiftshader.dll
2024-11-18 12:47 - 2025-11-23 12:57 - 001865216 _____ () [Datei ist nicht signiert] D:\PathofBuilding\Path of Building Community\abseil_dll.dll
2024-11-18 12:47 - 2025-11-23 12:57 - 000140288 _____ () [Datei ist nicht signiert] D:\PathofBuilding\Path of Building Community\fmt.dll
2024-11-18 12:47 - 2025-11-23 12:57 - 000171520 _____ () [Datei ist nicht signiert] D:\PathofBuilding\Path of Building Community\lcurl.dll
2024-11-18 12:47 - 2025-11-23 12:57 - 000020992 _____ () [Datei ist nicht signiert] D:\PathofBuilding\Path of Building Community\libEGL.dll
2024-11-18 12:47 - 2025-11-23 12:57 - 005712384 _____ () [Datei ist nicht signiert] D:\PathofBuilding\Path of Building Community\libGLESv2.dll
2025-11-23 12:57 - 2025-11-23 12:57 - 000162816 _____ () [Datei ist nicht signiert] D:\PathofBuilding\Path of Building Community\libwebpdecoder.dll
2024-11-18 12:47 - 2025-11-23 12:57 - 000603136 _____ () [Datei ist nicht signiert] D:\PathofBuilding\Path of Building Community\lua51.dll
2025-01-29 08:51 - 2025-11-23 12:57 - 000169472 _____ () [Datei ist nicht signiert] D:\PathofBuilding\Path of Building Community\lua-utf8.dll
2024-11-18 12:47 - 2025-11-23 12:57 - 001148928 _____ () [Datei ist nicht signiert] D:\PathofBuilding\Path of Building Community\re2.dll
2024-11-18 12:47 - 2025-11-23 12:57 - 000090112 _____ () [Datei ist nicht signiert] D:\PathofBuilding\Path of Building Community\zlib1.dll
2023-11-20 23:14 - 2023-11-20 23:14 - 000557568 _____ (Apache Software Foundation) [Datei ist nicht signiert] C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll
2024-11-18 12:47 - 2025-11-23 12:57 - 000233472 _____ (GLFW) [Datei ist nicht signiert] D:\PathofBuilding\Path of Building Community\glfw3.dll
2025-01-29 08:51 - 2025-11-23 12:57 - 000652288 _____ (Meta Platforms, Inc.) [Datei ist nicht signiert] D:\PathofBuilding\Path of Building Community\zstd.dll
2025-10-21 06:28 - 2025-11-06 07:05 - 000000000 ___JL (Microsoft Corporation) [symlink -> C:\WINDOWS\system32\wincorlib.dll] C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\wincorlib_orig.dll
2025-11-24 11:29 - 2025-12-09 10:15 - 026070528 _____ (Microsoft(r) Corporation) [Datei ist nicht signiert] C:\Users\Ralf\AppData\Local\Programs\Awakened PoE Trade\dxcompiler.dll
2025-08-08 15:38 - 2025-10-31 12:29 - 000000000 ___JL (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
2024-11-18 12:47 - 2025-11-23 12:57 - 002147840 _____ (Path of Building Community) [Datei ist nicht signiert] D:\PathofBuilding\Path of Building Community\SimpleGraphic.dll
2025-10-03 17:46 - 2025-10-03 17:46 - 001781248 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2025-10-03 17:46 - 2025-10-03 17:46 - 003232256 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2024-11-18 12:47 - 2025-11-23 12:57 - 000570368 _____ (The curl library, hxxps://curl.se/) [Datei ist nicht signiert] D:\PathofBuilding\Path of Building Community\libcurl.dll
2025-10-21 06:28 - 2025-11-06 07:05 - 000624640 _____ (VALINET Solutions SRL) [Datei ist nicht signiert] C:\WINDOWS\dxgi.dll
2025-10-21 06:28 - 2025-11-06 07:05 - 000624640 _____ (VALINET Solutions SRL) [Datei ist nicht signiert] C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\dxgi.dll
2025-10-21 06:28 - 2025-11-06 07:05 - 000166912 _____ (VALINET Solutions SRL) [Datei ist nicht signiert] C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\wincorlib.DLL
2025-10-21 06:28 - 2025-11-06 07:05 - 000624640 _____ (VALINET Solutions SRL) [Datei ist nicht signiert] C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\dxgi.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-907164338-1891526244-581135098-1000\Software\Classes\regfile: <==== ACHTUNG
HKU\S-1-5-21-907164338-1891526244-581135098-1000\Software\Classes\.reg: => <==== ACHTUNG
HKU\S-1-5-21-907164338-1891526244-581135098-1000\Software\Classes\.bat: => <==== ACHTUNG
HKU\S-1-5-21-907164338-1891526244-581135098-1000\Software\Classes\.cmd: => <==== ACHTUNG
==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\WINDOWS\system32\mscoree.dll [2025-04-09] (Microsoft Windows -> Microsoft Corporation)
Toolbar: HKLM - Smart Backup - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\WINDOWS\system32\mscoree.dll [2025-04-09] (Microsoft Windows -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2024-04-01 08:26 - 2024-04-01 08:24 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Network ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
DNS Servers: 192.168.77.1
ist aktiviert.
Network Binding:
=============
WLAN 3: MediaTek Wi-Fi 7 MT7927 Wireless LAN Card -> mtkwecx.sys
Bluetooth-Netzwerkverbindung: Bluetooth Device (Personal Area Network) -> bthpan.sys
WLAN: MediaTek Wi-Fi 7 MT7927 Wireless LAN Card -> mtkwecx.sys
WLAN 4: MediaTek Wi-Fi 7 MT7927 Wireless LAN Card -> mtkwecx.sys
WLAN 2: MediaTek Wi-Fi 7 MT7927 Wireless LAN Card -> mtkwecx.sys
WLAN 5: MediaTek Wi-Fi 7 MT7927 Wireless LAN Card -> mtkwecx.sys
Ethernet: Marvell AQtion 10GBASE-T Network Adapter -> aqnic650.sys
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-907164338-1891526244-581135098-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ralf\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-907164338-1891526244-581135098-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\5410052191013313024\134010028623195636.jpg
HKU\S-1-5-80-863171341-2975503981-1811344707-3769924460-3995132968\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run32: => "Intel® Graphics Software"
HKU\S-1-5-21-907164338-1891526244-581135098-1000\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_3C046FF7385624A973B1C10A39DE0CB8"
HKU\S-1-5-21-907164338-1891526244-581135098-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-907164338-1891526244-581135098-1000\...\StartupApproved\Run: => "OpenOffice Updater"
HKU\S-1-5-21-907164338-1891526244-581135098-1000\...\StartupApproved\Run: => "com.todesktop.25020447d4kq915"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{A32F5AF5-7969-4D0F-AA3A-B1355CD415E4}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [TCP Query User{8328D46C-9282-4DCB-9E83-E6EBA5891F3B}D:\wot\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\wot\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{C77F5D50-EF7D-4682-A3C9-2BCEEF832C6E}D:\wot\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\wot\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{49C9515E-A8A6-42D3-A33E-84827966BD99}C:\program files\gigabyte\control center\gcc.exe] => (Allow) C:\program files\gigabyte\control center\gcc.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [UDP Query User{0D2F3CBF-FB9A-4365-9C8F-8714BB9C3040}C:\program files\gigabyte\control center\gcc.exe] => (Allow) C:\program files\gigabyte\control center\gcc.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{8D188176-9160-44B2-AE78-1C27EBB69691}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7B07F97A-1413-44A3-B832-E40F2B20D97C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F1BD4DAC-64CF-4E0A-90D0-3158710D48FB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D903418C-BF02-46F9-ABCF-426728B9F4CB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{84F34AF6-EF84-4F3E-97CB-1209D5D77CEE}] => (Allow) D:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks LLC -> Bethesda Softworks)
FirewallRules: [{ADC59C6D-AB52-4A19-AA0D-0BBEB23CD452}] => (Allow) D:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks LLC -> Bethesda Softworks)
FirewallRules: [TCP Query User{4C0C91AC-93D0-43FE-BAE8-00BA1D48A51D}D:\wot\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\wot\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{802CFB0D-25D8-4B44-AF48-C358597DD2FD}D:\wot\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\wot\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{492AFD4E-1DFB-4FA3-BD91-5C87DADCEBA6}D:\xboxgames\call of duty\content\cod.exe] => (Allow) D:\xboxgames\call of duty\content\cod.exe (Zugriff verweigert) [Datei ist nicht signiert?]
FirewallRules: [UDP Query User{DC916D57-715F-419A-BDE8-00F9EFFCC2BC}D:\xboxgames\call of duty\content\cod.exe] => (Allow) D:\xboxgames\call of duty\content\cod.exe (Zugriff verweigert) [Datei ist nicht signiert?]
FirewallRules: [TCP Query User{A64DDDEF-8E7F-4581-B214-4DFF8CAC7F51}D:\xboxgames\call of duty\content\sp24\sp24-cod.exe] => (Allow) D:\xboxgames\call of duty\content\sp24\sp24-cod.exe (Zugriff verweigert) [Datei ist nicht signiert?]
FirewallRules: [UDP Query User{D9B650C0-96A0-49F8-BE8C-51E123A84EFD}D:\xboxgames\call of duty\content\sp24\sp24-cod.exe] => (Allow) D:\xboxgames\call of duty\content\sp24\sp24-cod.exe (Zugriff verweigert) [Datei ist nicht signiert?]
FirewallRules: [TCP Query User{AA2AB792-7A3F-4A37-9785-2654F8E1DEAA}C:\xboxgames\call of duty- modern warfare 3\content\cod23-cod.exe] => (Allow) C:\xboxgames\call of duty- modern warfare 3\content\cod23-cod.exe (Zugriff verweigert) [Datei ist nicht signiert?]
FirewallRules: [UDP Query User{2B97E5A4-1AF7-4B3E-BB1E-0A0B599184B4}C:\xboxgames\call of duty- modern warfare 3\content\cod23-cod.exe] => (Allow) C:\xboxgames\call of duty- modern warfare 3\content\cod23-cod.exe (Zugriff verweigert) [Datei ist nicht signiert?]
FirewallRules: [TCP Query User{B0F9B01A-4FCB-4F92-8D33-C2A3358A958D}C:\xboxgames\call of duty- modern warfare 3\content\sp23\sp23-cod.exe] => (Allow) C:\xboxgames\call of duty- modern warfare 3\content\sp23\sp23-cod.exe (Zugriff verweigert) [Datei ist nicht signiert?]
FirewallRules: [UDP Query User{540DBA67-6FDC-467B-9D71-369FC8684405}C:\xboxgames\call of duty- modern warfare 3\content\sp23\sp23-cod.exe] => (Allow) C:\xboxgames\call of duty- modern warfare 3\content\sp23\sp23-cod.exe (Zugriff verweigert) [Datei ist nicht signiert?]
FirewallRules: [{83BB1E10-51DA-41A0-AC8B-6DD47E469556}] => (Allow) C:\Program Files\WindowsApps\AppleInc.AppleMusicWin_1.1536.28673.0_x64__nzyj5cx40ttqa\AppleMusic.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{858FC202-6CF8-4530-B0B1-F96B19121223}] => (Allow) C:\Program Files\WindowsApps\AppleInc.AppleMusicWin_1.1536.28673.0_x64__nzyj5cx40ttqa\AppleMusic.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{B5971428-8DEF-497E-B534-711CA5CA57C5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.AppleMusicWin_1.1536.28673.0_x64__nzyj5cx40ttqa\AMPLibraryAgent.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{88DD0D1C-EF45-4A22-A8B8-22359FA77B9E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.AppleMusicWin_1.1536.28673.0_x64__nzyj5cx40ttqa\AMPLibraryAgent.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{3C31974B-2164-46F5-8C41-F8004C911519}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 3\OakGame\Binaries\Win64\Borderlands3.exe (Gearbox Software, L.L.C. -> Gearbox Software)
FirewallRules: [{1088F836-D27E-4E33-B32C-7769753A41DA}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 3\OakGame\Binaries\Win64\Borderlands3.exe (Gearbox Software, L.L.C. -> Gearbox Software)
FirewallRules: [TCP Query User{C7BE33F5-A96A-4E65-B802-9AB13B74DA8B}D:\xboxgames\grand theft auto v legacy\content\gta5.exe] => (Allow) D:\xboxgames\grand theft auto v legacy\content\gta5.exe (Zugriff verweigert) [Datei ist nicht signiert?]
FirewallRules: [UDP Query User{1207D026-7F5F-4255-92EC-41211F4A0CE9}D:\xboxgames\grand theft auto v legacy\content\gta5.exe] => (Allow) D:\xboxgames\grand theft auto v legacy\content\gta5.exe (Zugriff verweigert) [Datei ist nicht signiert?]
FirewallRules: [{37091009-B4DD-41F5-B686-B2B044D7C809}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Wiederherstellungspunkte =========================
16-12-2025 16:59:59 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (12/17/2025 08:07:32 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Description: A .NET application failed.
Application: DSAArcDetect64.exe
Path: C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAArcDetect64.exe
Message: You must install or update .NET to run this application.
App: C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAArcDetect64.exe
Architecture: x64
Framework: 'Microsoft.AspNetCore.App', version '8.0.0' (x64)
.NET location: C:\Program Files\dotnet\
No frameworks were found.
Learn more:
https://aka.ms/dotnet/app-launch-failed
To install missing framework, download:
https://aka.ms/dotnet-core-applaunch?framework=Microsoft.AspNetCore.App&framework_version=8.0.0&arch=x64&rid=win-x64&os=win10
Error: (12/17/2025 07:58:03 AM) (Source: Telemetry 3.0 x64) (EventID: 259) (User: )
Description: Policy not available: tid=cc8e5423-5d55-4bb1-8dbc-3bb41576e0ec
Error: (12/17/2025 07:58:02 AM) (Source: Telemetry 3.0 x64) (EventID: 259) (User: )
Description: Policy not available: tid=cc8e5423-5d55-4bb1-8dbc-3bb41576e0ec
Error: (12/17/2025 07:50:53 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Description: A .NET application failed.
Application: DSAArcDetect64.exe
Path: C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAArcDetect64.exe
Message: You must install or update .NET to run this application.
App: C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAArcDetect64.exe
Architecture: x64
Framework: 'Microsoft.AspNetCore.App', version '8.0.0' (x64)
.NET location: C:\Program Files\dotnet\
No frameworks were found.
Learn more:
https://aka.ms/dotnet/app-launch-failed
To install missing framework, download:
https://aka.ms/dotnet-core-applaunch?framework=Microsoft.AspNetCore.App&framework_version=8.0.0&arch=x64&rid=win-x64&os=win10
Error: (12/17/2025 07:50:15 AM) (Source: Application Error) (EventID: 1000) (User: KÜHLKÖRPERDELUX)
Description: Fehlerhafter Anwendungsname: GbtCloudMatrix.exe, Version: 22.9.21.1, Zeitstempel: 0xf4734db7
Fehlerhafter Modulname: KERNELBASE.dll, Version: 10.0.26100.7462, Zeitstempel: 0xe9f9d656
Ausnahmecode: 0xe0434352
Fehleroffset: 0x00000000000c782a
Fehlerhafte Prozess-ID: 0x748
Fehlerhafte Anwendungsstartzeit: 0x1dc6f2149153e72
Fehlerhafter Anwendungspfad: C:\Program Files\GIGABYTE\Control Center\GbtCloudMatrix.exe
Fehlerhafter Modulpfad: C:\WINDOWS\System32\KERNELBASE.dll
Berichts-ID: a252d818-edad-4d0f-a99d-5c7614049938
Vollständiger Name des fehlerhaften Pakets:
Fehlerhafte paketbezogene Anwendungs-ID:
Error: (12/17/2025 07:50:15 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: GbtCloudMatrix.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.FileNotFoundException
bei GbtCloudMatrix.Service.UploadCloudMatrixService.query_cloudmatrix_interval()
bei GbtCloudMatrix.Views.UploadPage.funDoUpload()
bei GbtCloudMatrix.Views.UploadPage.OnTick(System.Object, System.EventArgs)
bei System.Windows.Threading.DispatcherTimer.FireTick(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Application.RunDispatcher(System.Object)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei GbtCloudMatrix.App.Main()
Error: (12/16/2025 04:41:37 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte Defragmentierung auf \\?\Volume{654b49b0-4689-11f0-a104-74563cb8e252}\ nicht abschließen. Grund: Die Volumes können nicht optimiert werden, weil der Datei Systemtyp nicht unter stützt wird. (0x8900002F)
Error: (12/16/2025 04:41:37 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte Defragmentierung auf \\?\Volume{654b49af-4689-11f0-a104-74563cb8e252}\ nicht abschließen. Grund: Die Volumes können nicht optimiert werden, weil der Datei Systemtyp nicht unter stützt wird. (0x8900002F)
Systemfehler:
=============
Error: (12/17/2025 07:54:25 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT-AUTORITÄT)
Description: Secure Boot certificates have been updated but are not yet applied to the device firmware. Review the published guidance to complete the update and ensure full protection. This device signature information is included here.
DeviceAttributes: BaseBoardManufacturer:Gigabyte Technology Co., Ltd.;FirmwareManufacturer:American Megatrends International, LLC.;FirmwareVersion:F10;OEMModelNumber:Z790 AORUS MASTER X;OEMModelBaseBoard:Z790 AORUS MASTER X;OEMModelSystemFamily:Z790 MB;OEMManufacturerName:Gigabyte Technology Co., Ltd.;OEMModelSKU:Default string;OSArchitecture:amd64;
BucketId: 63dc0210f4a4c88116b001151fd08428e10682228b5b4765c316ec6c6218cbb9
BucketConfidenceLevel:
UpdateType:
For more information, please see https://go.microsoft.com/fwlink/?linkid=2301018.
Error: (12/17/2025 07:49:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IntelTACD" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (12/17/2025 07:49:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IntelTACD" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (12/17/2025 07:49:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IntelTACD" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (12/17/2025 07:49:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IntelTACD" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (12/17/2025 07:49:24 AM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Der Bluetooth-Treiber hat ein HCI-Ereignis mit einer bestimmten Größe erwartet, das aber nicht empfangen wurde.
Error: (12/17/2025 07:49:24 AM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Der Bluetooth-Treiber hat ein HCI-Ereignis mit einer bestimmten Größe erwartet, das aber nicht empfangen wurde.
Error: (12/17/2025 07:49:24 AM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Der Bluetooth-Treiber hat ein HCI-Ereignis mit einer bestimmten Größe erwartet, das aber nicht empfangen wurde.
Windows Defender:
================
Date: 2025-12-15 09:13:07
Description:
Microsoft Defender Antivirus ѕςăπ нåş ьэεņ ѕŧōρφеđ ьèƒōŕë ċómρℓэτίóň.%п %ţŚ¢äʼn ΪĎ:%ъ{139B9A69-D355-42F5-985D-3D6826A7BDF0}%ń %ţЅçăη Τýрē:%ъAntimalware%π %ťŠĉάή Ραгªмéτєŕŝ:%вSchnellüberprüfung%ņ %ťŮŝзґ:%ьNT-AUTORITÄT\SYSTEM%и %тŠτóφ Гєãşøŋ:%вЯΡÇ ςǿņñэçŧΐǿņ ŗμⁿðôẁή
Date: 2025-12-11 08:56:26
Description:
Microsoft Defender Antivirus ѕςăπ нåş ьэεņ ѕŧōρφеđ ьèƒōŕë ċómρℓэτίóň.%п %ţŚ¢äʼn ΪĎ:%ъ{82E1164D-0639-4E4E-9FA1-8E097C720618}%ń %ţЅçăη Τýрē:%ъAntimalware%π %ťŠĉάή Ραгªмéτєŕŝ:%вSchnellüberprüfung%ņ %ťŮŝзґ:%ьNT-AUTORITÄT\SYSTEM%и %тŠτóφ Гєãşøŋ:%вЯΡÇ ςǿņñэçŧΐǿņ ŗμⁿðôẁή
Date: 2025-12-01 08:19:42
Description:
Microsoft Defender Antivirus ѕςăπ нåş ьэεņ ѕŧōρφеđ ьèƒōŕë ċómρℓэτίóň.%п %ţŚ¢äʼn ΪĎ:%ъ{7CCC1469-5B03-4166-9BD4-C05AA2559EEA}%ń %ţЅçăη Τýрē:%ъAntimalware%π %ťŠĉάή Ραгªмéτєŕŝ:%вSchnellüberprüfung%ņ %ťŮŝзґ:%ьNT-AUTORITÄT\SYSTEM%и %тŠτóφ Гєãşøŋ:%вŔР€ сóňйê¢τїøй ŗŭⁿδôẅñ
Date: 2025-11-27 08:20:54
Description:
Microsoft Defender Antivirus ѕςăπ нåş ьэεņ ѕŧōρφеđ ьèƒōŕë ċómρℓэτίóň.%п %ţŚ¢äʼn ΪĎ:%ъ{EF211E48-B30C-46AA-B7CF-6B8F8D41431B}%ń %ţЅçăη Τýрē:%ъAntimalware%π %ťŠĉάή Ραгªмéτєŕŝ:%вSchnellüberprüfung%ņ %ťŮŝзґ:%ьNT-AUTORITÄT\SYSTEM%и %тŠτóφ Гєãşøŋ:%вŞċħęðùłėđ ŝ¢ǻй ẁąş ѕĸϊρφέđ веčаџŝĕ ťĥε łąşţ şϋς¢еşѕƒûļ şċаņ ẁäş ẁìţħϊή ťђè ļдšţ 7 ďªÿş
Date: 2025-11-10 07:42:19
Description:
Microsoft Defender Antivirus ѕςăπ нåş ьэεņ ѕŧōρφеđ ьèƒōŕë ċómρℓэτίóň.%п %ţŚ¢äʼn ΪĎ:%ъ{C6F412CF-6E2B-435E-B67A-3CDEA2947873}%ń %ţЅçăη Τýрē:%ъAntimalware%π %ťŠĉάή Ραгªмéτєŕŝ:%вSchnellüberprüfung%ņ %ťŮŝзґ:%ьNT-AUTORITÄT\SYSTEM%и %тŠτóφ Гєãşøŋ:%вЅĉђ℮ďµŀεď ś¢äŋ ώåś šķìрφéđ ъěсăūşэ ťђĕ ľаşť ѕµçċ℮šşƒцļ š¢áп ẁāš ẁίτĥĩń ŧħë ľаŝţ 7 ďäуѕ
Event[0]
Date: 2025-11-12 07:17:31
Description:
Fehler des Microsoft Defender Antivirus-Echtzeitschutz-Features.
Feature: Verhaltensüberwachung
Fehlercode: 0x80004005
Fehlerbeschreibung: Unbekannter Fehler
Ursache: Der Echtzeitschutz wurde aus unbekanntem Grund beendet. Starten Sie den Dienst neu.
Date: 2025-11-12 07:17:04
Description:
Microsoft Defender Antivirus Ressourcenmonitor: Der Arbeitsspeicherverbrauch hat das Limit überschritten.
Trefferanzahl: 1
Aktueller Schwellenwert: 4096
Date: 2025-08-05 00:57:58
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Security Intelligence aufgetreten. Es wird versucht, zu einer vorherigen Version zurückzukehren.
Security Intelligence versucht: Aktuell
Fehlercode: 0x80070003
Fehlerbeschreibung: Das System kann den angegebenen Pfad nicht finden.
Security Intelligence-Version: 0.0.0.0;0.0.0.0
Modulversion: 0.0.0.0
Date: 2025-07-21 08:05:05
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.431.776.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.25050.6
Fehlercode: 0x8024001e
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
Date: 2025-04-09 12:08:21
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.427.142.0
Update Source: Microsoft Update Server
Sicherheitstyp: AntiVirus
Updatetyp: Full
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.25030.1
Fehlercode: 0x8024001e
Fehlerbeschreibung: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
CodeIntegrity:
===============
Date: 2025-12-17 12:01:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends International, LLC. F10 09/18/2025
Hauptplatine: Gigabyte Technology Co., Ltd. Z790 AORUS MASTER X
Prozessor: 13th Gen Intel(R) Core(TM) i7-13700K
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 65300.41 MB
Verfügbarer physikalischer RAM: 48730.21 MB
Summe virtueller Speicher: 69396.41 MB
Verfügbarer virtueller Speicher: 47941.82 MB
==================== Laufwerke ================================
Drive c: (Zentrum) (Fixed) (Total:1862.2 GB) (Free:1465.51 GB) (Model: Samsung SSD 990 PRO 2TB) NTFS
Drive d: (Spiele) (Fixed) (Total:1862.25 GB) (Free:1058.63 GB) (Model: Samsung SSD 990 PRO 2TB) NTFS
\\?\Volume{28919fd5-8bd4-4f5a-b2d7-fd5c5b493135}\ () (Fixed) (Total:0.76 GB) (Free:0.08 GB) NTFS
\\?\Volume{747bbbb5-5e76-47ca-a3e9-7b479d700bd4}\ () (Fixed) (Total:0.71 GB) (Free:0.07 GB) NTFS
\\?\Volume{ca1ed381-5d72-4a0b-9fce-ec3e22bc6cdb}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt =======================
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2025
durchgeführt von Ralf (Administrator) auf KÜHLKÖRPERDELUX (Gigabyte Technology Co., Ltd. Z790 AORUS MASTER X) (17-12-2025 12:25:57)
Gestartet von D:\Downloads\FRST64.exe
Geladene Profile: Ralf & Administrator & IntelTelemetryAgent
Plattform: Microsoft Windows 11 Pro Version 24H2 26100.7462 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAService.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSATray.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <4>
(C:\Program Files\GIGABYTE\Control Center\GCC.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GBT_DL_LIB) C:\Program Files\WindowsApps\65d483df-b37e-4fcf-94de-8b795233db63_25.1.23.0_x64__1mmjbktjj1mkp\GBT_DL_LIB.exe
(C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\Intel Graphics Software\PresentMonService.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_15.4.210.0_x64__nzyj5cx40ttqa\iCloud\iCloudChrome.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.4.210.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_15.4.210.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_15.4.210.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.AlwaysOnTop.exe
(C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.CropAndLock.exe
(C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.PowerLauncher.exe
(C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.PowerOCR.exe
(C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.ZoomIt.exe
(C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Ralf\AppData\Local\PowerToys\WinUI3Apps\PowerToys.Peek.UI.exe
(cmd.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.4.210.0_x64__nzyj5cx40ttqa\iCloud\iCloudChrome.exe <2>
(cmd.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.4.210.0_x64__nzyj5cx40ttqa\iCloud\iCloudPasswordsExtensionHelper.exe <2>
(explorer.exe ->) () [Datei ist nicht signiert] D:\PathofBuilding\Path of Building Community\Path of Building.exe
(explorer.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> WhatsApp.Root) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2587.8.0_x64__cv1g1gvanyjgm\WhatsApp.Root.exe
(explorer.exe ->) (Alexander Drozdov) [Datei ist nicht signiert] C:\Users\Ralf\AppData\Local\Programs\Awakened PoE Trade\Awakened PoE Trade.exe <4>
(explorer.exe ->) (PERPLEXITY AI, INC. -> Perplexity) C:\Users\Ralf\AppData\Local\Programs\Perplexity\Perplexity.exe <9>
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <83>
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Ralf\AppData\Local\Microsoft\OneDrive\25.222.1112.0002\OneDrive.Sync.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair Device Control Service\bin\CorsairDeviceControlService.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files\GIGABYTE\Control Center\Lib\GBT_VGA\Service\AorusLcdService.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\System32\GigabyteUpdateService.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files\Intel\CollectorService\collector_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files\Intel\TelemetryAgent\telemetry_agent.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_8a3f88e34f6b8385\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5384aa165a2c7217\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_58a0ea2de06916f7\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAUpdateService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_ee4ab813cb541e9a\logi_lamparray_service.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (MEDIATEK INC. -> MediaTek Inc.) C:\Windows\System32\mtkbtsvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft GameInput\x64\GameInputRedistService.exe
(services.exe ->) (Microsoft Windows -> ) C:\Windows\System32\OpenSSH\ssh-agent.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_c2d1126d336032b3\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_25a6ec32bd401f19\RtkAudUService64.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.4.210.0_x64__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.4.210.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.4.210.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Piriform\CCleaner 7\CCleaner.exe
(svchost.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files\GIGABYTE\Control Center\GCC.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.27.350.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2512.1001.34.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.195.0.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.23.12811.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_25a6ec32bd401f19\RtkAudUService64.exe [3119640 2025-08-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Intel® Graphics Software] => C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.exe [436400 2025-11-14] (Intel Corporation -> Intel Corporation)
HKLM\...\RunOnce: [C:\Program_Files\Intel\Intel(R)_Graphics_Software_&_Drivers_DeleteUninstallerFolder] => cmd.exe /C rmdir /s /q "C:\Program Files\Intel\Intel(R) Graphics Software & Drivers" [0 2025-12-09] () <==== ACHTUNG [Null Byte Datei/Ordner]
HKLM\...\RunOnce: [RPMKickstart] => C:\Program Files\GIGABYTE\Smart Backup\RPMKickstartEx.exe [2320384 2014-04-01] (TODO: <Company name>) [Datei ist nicht signiert]
HKLM\...\RunOnce: [GCC] => C:\Program Files\GIGABYTE\Control Center\GCC.exe [35425448 2025-09-12] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\143.0.3650.80\Installer\setup.exe [7736912 2025-12-12] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-907164338-1891526244-581135098-1000\...\Run: [MicrosoftEdgeAutoLaunch_3C046FF7385624A973B1C10A39DE0CB8] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4228688 2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-907164338-1891526244-581135098-1000\...\Run: [com.todesktop.25020447d4kq915] => C:\Users\Ralf\AppData\Local\Programs\Perplexity\Perplexity.exe [188845344 2025-04-15] (PERPLEXITY AI, INC. -> Perplexity)
HKU\S-1-5-21-907164338-1891526244-581135098-1000\...\MountPoints2: {c5012e91-71b9-11f0-a126-74563cb8e252} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-907164338-1891526244-581135098-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [176128 2025-12-09] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-907164338-1891526244-581135098-500\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Keine Datei)
HKU\S-1-5-21-907164338-1891526244-581135098-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Keine Datei)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\143.0.7499.111\Installer\chrmstp.exe [2025-12-17] (Google LLC -> Google LLC)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {E39331F2-9BAA-45A8-9B1F-C78CAA579EF2} - System32\Tasks\Cloud => C:\Program Files\GIGABYTE\Control Center\GbtCloudMatrix.exe [84584 2023-03-25] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
Task: {4E932F62-2C4C-4BAD-B1FC-F1D8FC5B5CCA} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [3191352 2025-12-09] (Microsoft Windows -> Microsoft Corporation)
Task: {762792DB-493F-4150-9F85-B93E741FD710} - System32\Tasks\GCC => C:\Program Files\GIGABYTE\Control Center\GCC.exe [35425448 2025-09-12] (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) -> C:\Program Files\GIGABYTE\Control Center\\-b
Task: {85ADC9D2-EEBE-4E97-A97C-55F17859FB10} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem145.0.7569.0{A21F157A-D1D8-4959-922D-D117C4E9EAC4} => C:\Program Files (x86)\Google\GoogleUpdater\145.0.7569.0\updater.exe [7201944 2025-12-08] (Google LLC -> Google LLC)
Task: {17617DC6-8C10-48B8-81A2-181104F183E8} - System32\Tasks\Intel\Intel Telemetry 3 => C:\Program Files\Intel\Telemetry 3.0\lrio.exe [6045240 2024-02-14] (Intel Corporation -> Intel Corporation)
Task: {46285908-ED1D-4EDC-BE18-D7582299B030} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [6392456 2025-09-30] (Intel Corporation -> Intel Corporation)
Task: {11FF2CDD-94EE-462F-AA1C-89655C93F368} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [6392456 2025-09-30] (Intel Corporation -> Intel Corporation)
Task: {4FFCF05B-BC65-4FC1-A35C-5564C038F538} - System32\Tasks\Microsoft\Windows\Setup\PITRTask => {093cb270-c282-4c22-b2ea-7d2bf1c30bbf} C:\WINDOWS\system32\oobe\PITRTask.dll [118784 2025-12-09] (Microsoft Windows -> Microsoft Corporation)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei)
Task: {224E5272-772B-424A-9B71-EDA32D650576} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3324528 2025-10-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4B1D496C-434C-4585-A5F2-71B5F8DE4008} - System32\Tasks\OneDrive Startup Task-S-1-5-21-907164338-1891526244-581135098-1000 => C:\Users\Ralf\AppData\Local\Microsoft\OneDrive\25.222.1112.0002\OneDriveLauncher.exe [745832 2025-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {51D307BF-31F0-45BF-A5FA-F501B6DEA47F} - System32\Tasks\OneDrive Startup Task-S-1-5-21-907164338-1891526244-581135098-500 => C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\25.149.0803.0003\OneDriveLauncher.exe [725352 2025-08-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {F60371EE-CF64-4385-B419-AB584995F354} - System32\Tasks\Piriform\CCleaner 7 - S-1-5-21-907164338-1891526244-581135098-1000 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [4756600 2025-11-12] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {2733ED5F-ED82-4252-9E44-A8EE2102CD5B} - System32\Tasks\Piriform\CCleaner 7 - S-1-5-21-907164338-1891526244-581135098-500 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [4756600 2025-11-12] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {E625DEE9-CF65-4FE6-AF81-842DAC69729D} - System32\Tasks\Piriform\CCleaner 7 - S-1-5-80-3813707748-758360716-1304555492-4038154049-1060595566 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [4756600 2025-11-12] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {D4139A42-C6FD-4929-A7F8-38D193BFA8A8} - System32\Tasks\Piriform\CCleaner 7 - S-1-5-80-863171341-2975503981-1811344707-3769924460-3995132968 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [4756600 2025-11-12] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {743042C1-9B6E-4D7D-A546-98A34A666F20} - System32\Tasks\Piriform\CCleaner 7 BugReport => C:\Program Files\Piriform\CCleaner 7\CCleanerBugReport.exe [6274680 2025-11-12] (Gen Digital Inc. -> Gen Digital Inc.) -> --send "dumps|report" --product 234 --programpath "C:\Program Files\Piriform\CCleaner 7" --configpath "C:\Program Files\Piriform\CCleaner 7\data" --path "C:\Program Files\Piriform\CCleaner 7\log" --path "C:\Program Files\Piriform\CCleaner 7\data\dumps" --logpath "C:\Program Files\Piriform\CCleaner 7 (Der Dateneintrag hat 58 weitere Zeichen).
Task: {7746CFDC-C35A-4F5E-9CB4-0815B834FDBF} - System32\Tasks\Piriform\CCleaner 7 Update => C:\Program Files\Common Files\Piriform\Icarus\piriform-ccl\icarus.exe [9173216 2025-10-31] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {AE1CD4AA-7626-4982-AA7D-5D665D946002} - System32\Tasks\PowerToys\Autorun for Ralf => C:\Users\Ralf\AppData\Local\PowerToys\PowerToys.exe [1478688 2025-11-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {AF329A5F-0B82-4EC9-8EC9-AA6FAAEE8ED3} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [140407592 2025-07-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) -> C:\Program Files (x86)\Samsung\Samsung Magician\\--disable-gpu-sandbox /AUTOHIDE
Task: {92B56B1E-60A6-432E-A295-91CCD38E241B} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [454656 2025-09-09] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files\Intel\SUR\QUEENCREEK\x64\-Command "Start-Process -WindowStyle Hidden task.bat"
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{100bd301-99a2-40bc-bbe6-321541e5577e}: [DhcpNameServer] 192.168.77.1
Tcpip\..\Interfaces\{100bd301-99a2-40bc-bbe6-321541e5577e}: [DhcpDomain] lan
Tcpip\..\Interfaces\{9a6ac3cf-dbb9-4be9-90b4-561db8a9edcb}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9a6ac3cf-dbb9-4be9-90b4-561db8a9edcb}: [DhcpDomain] fritz.box
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ralf\AppData\Local\Microsoft\Edge\User Data\Default [2025-12-17]
Edge DownloadDir: Default -> D:\Downloads
Edge Notifications: Default -> hxxps://mail.yahoo.com; hxxps://www.pathofexile.com
Edge HomePage: Default -> hxxp://www.google.de/
Edge StartupUrls: Default -> "hxxps://mail.yahoo.com/d/folders/1?.lang=de-DE&guce_referrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmRlLw&guce_referrer_sig=AQAAANoVbMJDfOjAQYthwdllbU3xeTYkyLEW1JIqJyAg0ZwQY6qai0Ht8kHymJajX9U73wXv082rofJyi5915NXx8uQD2uney24XTmIyDTPMh1HCkOocmQ_bxGcqCwoLMr_CCubSmWrfmzlNxzmD6QXczreeJglRtSl32eqqUcLrv6gY","hxxps://www.icloud.com/mail/","hxxp://192.168.77.1/dumaweb#networkmonitor","hxxps://www.pathofexile.com/trade/search/Standard/ldkvWYkhV/live","hxxps://www.pathofexile.com/trade/search/Standard","hxxps://www.pathofexile.com/trade/search/Standard","hxxps://www.pathofexile.com/trade/search/Standard/2kzn5Jjfk/live","hxxps://www.pathofexile.com/trade/search/Standard/zG4kZlmi4/live","hxxps://www.pathofexile.com/trade/search/Standard/mvZyoRrS6","hxxps://www.pathofexile.com/trade/search/Standard/l83MB3wiV","hxxps://www.pathofexile.com/trade/search/Standard/DorZekvU5","hxxps://www.pathofexile.com/trade/search/Standard","hxxps://www.youtube.com/watch?v=hU4FCJSVg-0","hxxps://maxroll.gg/poe/bosses/the-maven-boss-guide#skills-breakdown-header","hxxps://maxroll.gg/poe/poe-atlas-tree/ir7y0xx5","hxxps://www.ign.com/wikis/path-of-exile-2/Omens","hxxps://www.youtube.com/watch?v=1t6MWTpQk3M&t=122s","hxxps://www.youtube.com/watch?v=6n6piu6h-FM&t=1332s","hxxps://pobb.in/ShD3zhiUTxuB","hxxps://pobb.in/GmlQyNNxEXuJ","hxxps://pobb.in/OrAyZs-3gmRX"
Edge Session Restore: Default -> ist aktiviert.
Edge Extension: (Enhancer for YouTube™) - C:\Users\Ralf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dlgfaleeejmphhnemjgiaekdbonkagkd [2025-11-14]
Edge Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Ralf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\elhekieabhbkpmcefcoobjddigjcaadp [2025-12-10]
Edge Extension: (Video Downloader Professional) - C:\Users\Ralf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2025-01-03]
Edge Extension: (Better PathOfExile Trading) - C:\Users\Ralf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fhlinfpmdlijegjlpgedcmglkakaghnk [2025-12-17]
Edge Extension: (iCloud-Lesezeichen) - C:\Users\Ralf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2025-01-03]
Edge Extension: (Google Docs Offline) - C:\Users\Ralf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-11-25]
Edge Extension: (Edge relevant text changes) - C:\Users\Ralf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-01-03]
Edge Extension: (Video DownloadHelper) - C:\Users\Ralf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmkaglaafmhbcpleggkmaliipiilhldn [2025-12-17]
Edge Extension: (iCloud-Lesezeichen) - C:\Users\Ralf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lbfbbhdljlmhnpbcdcajkdanonpgbhlh [2025-01-03]
Edge Extension: (iCloud-Passwörter) - C:\Users\Ralf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mfbcdcnpokpoajjciilocoachedjkima [2025-12-17]
Edge Extension: (iCloud-Passwörter) - C:\Users\Ralf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pejdijmoenmkgeppbflobdenhhabjlaj [2025-12-17]
Edge Profile: C:\Users\Ralf\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2025-10-13]
Edge DownloadDir: Profile 1 -> D:\Downloads
Edge HomePage: Profile 1 -> www.google.com
Edge Session Restore: Profile 1 -> ist aktiviert.
Edge Extension: (Google Docs Offline) - C:\Users\Ralf\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-10-10]
Edge Extension: (Edge relevant text changes) - C:\Users\Ralf\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-10-10]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\Ralf\AppData\Local\Google\Chrome\User Data\Default [2025-10-24]
CHR Extension: (iCloud-Lesezeichen) - C:\Users\Ralf\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2025-08-11]
CHR Extension: (Google Docs Offline) - C:\Users\Ralf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-10-04]
CHR Extension: (Video DownloadHelper) - C:\Users\Ralf\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2025-10-04]
CHR Extension: (Coupert - Coupon Assistent & Cashback) - C:\Users\Ralf\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidniedemcgceagapgdekdbmanojomk [2025-10-04]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ralf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-08-11]
CHR Extension: (iCloud-Passwörter) - C:\Users\Ralf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pejdijmoenmkgeppbflobdenhhabjlaj [2025-09-08]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AorusLcdService; C:\Program Files\GIGABYTE\Control Center\Lib\GBT_VGA\Service\AorusLcdService.exe [58840 2024-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [20276904 2025-11-27] (BattlEye Innovations e.K. -> )
R2 CCleaner7; C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe [28256888 2025-11-12] (Gen Digital Inc. -> Gen Digital Inc.)
S4 CMigrationService; C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe [765736 2025-07-18] (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy)
R3 CorsairDeviceControlService; C:\Program Files\Corsair\Corsair Device Control Service\bin\CorsairDeviceControlService.exe [2525576 2025-04-17] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAService.exe [133736 2025-08-27] (Intel Corporation -> Intel)
R2 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAUpdateService.exe [133224 2025-08-27] (Intel Corporation -> Intel)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [505712 2025-09-21] (DTS, Inc. -> DTS Inc.)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [150696 2025-08-08] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 GameInputRedistService; C:\Program Files\Microsoft GameInput\x64\GameInputRedistService.exe [141680 2025-10-20] (Microsoft Corporation -> Microsoft Corporation)
S2 GBTECService; C:\Program Files (x86)\GIGABYTE\GBTECService\OLEDDisplayService.exe [21160 2025-09-25] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S2 Intel(R) Platform License Manager Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_740dc8aba9846dbb\lib\PlatformLicenseManagerService.exe [741600 2024-05-07] (Intel Corporation -> Intel(R) Corporation)
R2 IntelCollectorService; C:\Program Files\Intel\CollectorService\collector_service.exe [5434064 2025-10-03] (Intel Corporation -> Intel Corporation)
R2 IntelGraphicsSoftwareService; C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe [311472 2025-11-14] (Intel Corporation -> Intel Corporation)
R2 IntelTelemetryAgent; C:\Program Files\Intel\TelemetryAgent\telemetry_agent.exe [4951248 2025-10-03] (Intel Corporation -> Intel Corporation)
R2 logi_lamparray_service; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_ee4ab813cb541e9a\logi_lamparray_service.exe [11280984 2025-04-08] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [11207664 2025-12-17] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-12-17] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\MpDefenderCoreService.exe [2063328 2025-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MTKBTSVC; C:\WINDOWS\System32\mtkbtsvc.exe [535432 2025-10-01] (MEDIATEK INC. -> MediaTek Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_c2d1126d336032b3\Display.NvContainer\NVDisplay.Container.exe [1275624 2025-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
S4 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1593464 2025-11-27] (Rockstar Games, Inc. -> Rockstar Games)
S4 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [428328 2025-07-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [803088 2025-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\NisSrv.exe [4426832 2025-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.5-0\MsMpEng.exe [290704 2025-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 GigabyteUpdateService; C:\WINDOWS\system32\GigabyteUpdateService.exe [407288 2025-12-17] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [77240 2022-07-18] (Advanced Micro Devices Inc. -> AMD)
R3 aqnic650; C:\WINDOWS\System32\drivers\aqnic650.sys [227000 2024-04-22] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor Inc.)
S3 atvi-randgrid_msstore; D:\XBoxGames\Call of Duty\Content\Randgrid.sys [10448760 2025-12-11] (Activision Publishing Inc -> Activision Blizzard, Inc.)
S3 atvi-sigrun_msstore; C:\XboxGames\Call of Duty- Modern Warfare 3\Content\Randgrid.sys [9684248 2025-08-24] (Activision Publishing Inc -> Activision Blizzard, Inc.)
R2 CorsairLLAccessE5624B0A345A7E17A08498BFEDC2D42A7CBA71C2; C:\Program Files\Corsair\Corsair Device Control Service\bin\CorsairLLAccess64.sys [23632 2025-04-17] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [34920 2025-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [159296 2025-12-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 gdrv3; C:\WINDOWS\System32\drivers\gdrv3.sys [52440 2025-01-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_6f8ae740d22247ce\iaLPSS2_GPIO2_ADL.sys [141288 2024-05-15] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_563fbcd35feb69a6\iaLPSS2_I2C_ADL.sys [211432 2024-05-15] (Intel Corporation -> Intel Corporation)
S3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [333192 2025-11-18] (Microsoft Windows -> Microsoft Corporation)
S3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2025-01-10] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2025-01-10] (Logitech Inc -> Logitech)
S3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2025-01-10] (Logitech Inc -> Logitech)
R3 logi_lamparray; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_ee4ab813cb541e9a\logi_lamparray.sys [89688 2025-04-08] (Logitech Inc -> Logitech, Inc.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234088 2025-12-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-12-17] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\Drivers\farflt11.sys [214608 2025-12-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\System32\Drivers\mbam.sys [80984 2025-12-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [245336 2025-12-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [190096 2025-12-17] (Malwarebytes Inc -> Malwarebytes)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [19672 2025-12-01] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 mtkbtacx; C:\WINDOWS\System32\DriverStore\FileRepository\mtkbtacx.inf_amd64_83b672d8fe91251d\mtkbtacx.sys [289184 2025-09-24] (MEDIATEK INC. -> MediaTek Inc.)
R3 MTKBTFilterx64; C:\WINDOWS\System32\DriverStore\FileRepository\mtkbtfilter.inf_amd64_29ebe64ca9ce123f\mtkbtfilterx.sys [614792 2025-10-01] (MEDIATEK INC. -> MediaTek Inc.)
R3 mtkwecx; C:\WINDOWS\System32\DriverStore\FileRepository\mtkwecx.inf_amd64_7dc9bcb127fe0044\mtkwecx.sys [2524528 2025-10-01] (MEDIATEK INC. -> MediaTek Inc.)
S3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [48800 2022-02-23] (SteelSeries ApS -> SteelSeries ApS)
S3 UsbNcm; C:\WINDOWS\System32\DriverStore\FileRepository\usbncm.inf_amd64_7761eb6a0dd50fde\UsbNcm.sys [204800 2025-12-09] (Microsoft Windows -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [21928 2025-12-11] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [635272 2025-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [102792 2025-12-11] (Microsoft Windows -> Microsoft Corporation)
R3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2024-09-06] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz158; \??\C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [X] <==== ACHTUNG
S3 IntelTACD; \??\C:\Windows\System32\drivers\IntelTACD.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2025-12-17 12:25 - 2025-12-17 12:26 - 000000000 ____D C:\FRST
2025-12-17 12:00 - 2025-12-17 12:15 - 000000000 ____D C:\Users\Ralf\AppData\LocalLow\IGDump
2025-12-17 12:00 - 2025-12-17 12:00 - 000190096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2025-12-17 11:04 - 2025-12-17 12:19 - 000000000 ____D C:\Users\Ralf\AppData\Local\Malwarebytes
2025-12-17 11:04 - 2025-12-17 11:04 - 000002100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-12-17 11:04 - 2025-12-17 11:04 - 000002088 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2025-12-17 11:03 - 2025-12-17 11:03 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-12-17 11:03 - 2025-12-17 11:03 - 000000000 ____D C:\Program Files\Malwarebytes
2025-12-17 07:53 - 2025-12-17 07:53 - 000706648 _____ C:\WINDOWS\system32\perfh007.dat
2025-12-17 07:53 - 2025-12-17 07:53 - 000149622 _____ C:\WINDOWS\system32\perfc007.dat
2025-12-15 17:55 - 2025-12-17 09:49 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-12-09 22:29 - 2025-12-09 22:29 - 000000000 ____D C:\WINDOWS\system32\NarratorMCAT
2025-12-09 20:36 - 2025-12-09 20:36 - 000035602 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-12-09 20:36 - 2025-12-09 20:36 - 000035602 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-12-09 07:40 - 2025-12-04 19:47 - 002042128 _____ C:\WINDOWS\system32\ze_intel_gpu_raytracing.dll
2025-12-09 07:40 - 2025-12-04 19:47 - 001087560 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2025-12-09 07:40 - 2025-12-04 19:47 - 000940384 _____ C:\WINDOWS\system32\ze_loader.dll
2025-12-09 07:40 - 2025-12-04 19:47 - 000785960 _____ (Intel) C:\WINDOWS\system32\libvpl.dll
2025-12-09 07:40 - 2025-12-04 19:47 - 000667120 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2025-12-09 07:40 - 2025-12-04 19:47 - 000666128 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2025-12-09 07:40 - 2025-12-04 19:46 - 000945536 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2025-12-09 07:40 - 2025-12-04 19:46 - 000708440 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2025-12-09 07:40 - 2025-12-04 19:44 - 000655272 _____ C:\WINDOWS\SysWOW64\IntelControlLib32.dll
2025-12-09 07:40 - 2025-12-04 19:44 - 000594312 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2025-12-09 07:40 - 2025-12-04 19:44 - 000455840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2025-12-09 07:40 - 2025-12-04 19:42 - 027966808 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2025-12-09 07:40 - 2025-12-04 19:42 - 020690776 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2025-12-09 07:40 - 2025-12-04 19:42 - 002379096 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2025-12-09 07:40 - 2025-12-04 19:42 - 002379096 _____ C:\WINDOWS\system32\vulkaninfo.exe
2025-12-09 07:40 - 2025-12-04 19:42 - 001887576 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2025-12-09 07:40 - 2025-12-04 19:42 - 001887576 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2025-12-09 07:40 - 2025-12-04 19:42 - 001619288 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2025-12-09 07:40 - 2025-12-04 19:42 - 001619288 _____ C:\WINDOWS\system32\vulkan-1.dll
2025-12-09 07:40 - 2025-12-04 19:42 - 001425752 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2025-12-09 07:40 - 2025-12-04 19:42 - 001425752 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2025-12-09 07:40 - 2025-12-04 19:39 - 000325256 _____ C:\WINDOWS\system32\ControlLib.dll
2025-12-09 07:40 - 2025-12-04 19:39 - 000272536 _____ C:\WINDOWS\SysWOW64\ControlLib32.dll
2025-12-02 20:08 - 2025-12-02 20:08 - 000003600 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2025-12-02 20:08 - 2025-10-03 17:46 - 000049872 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\semav6msr64.sys
2025-12-01 08:39 - 2025-12-01 08:43 - 000001356 _____ C:\Users\Ralf\Desktop\Ins BIOS.lnk
2025-11-27 23:07 - 2025-11-27 23:07 - 000000000 ____D C:\Users\Ralf\AppData\Local\BattlEye
2025-11-27 23:04 - 2025-11-27 23:07 - 000000000 ____D C:\Users\Ralf\Documents\Rockstar Games
2025-11-27 23:04 - 2025-11-27 23:07 - 000000000 ____D C:\Users\Ralf\AppData\Local\Rockstar Games
2025-11-27 23:03 - 2025-11-27 23:04 - 000000000 ____D C:\Program Files\Rockstar Games
2025-11-27 23:03 - 2025-11-27 23:03 - 000000000 ____D C:\Users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2025-11-27 23:03 - 2025-11-27 23:03 - 000000000 ____D C:\ProgramData\Rockstar Games
2025-11-27 23:03 - 2025-11-27 23:03 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2025-11-27 22:48 - 2025-11-27 22:48 - 000000537 _____ C:\Users\Ralf\Desktop\Grand Theft Auto V Legacy.lnk
2025-11-27 17:19 - 2025-12-17 07:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2025-11-27 17:19 - 2025-11-27 17:19 - 000000000 ____D C:\Users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerToys (Preview)
2025-11-27 17:19 - 2025-11-27 17:19 - 000000000 ____D C:\Users\Ralf\AppData\Local\PowerToys
2025-11-23 12:56 - 2025-12-17 08:43 - 000000880 _____ C:\Users\Ralf\Desktop\Path of Building.lnk
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2025-12-17 12:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-12-17 12:20 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-12-17 12:15 - 2025-06-12 16:10 - 000000000 ____D C:\Users\Ralf\AppData\Roaming\exilence-next-app
2025-12-17 12:00 - 2025-01-03 16:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-12-17 11:03 - 2025-01-03 17:01 - 000000000 ____D C:\Users\Ralf\AppData\Local\Packages
2025-12-17 11:03 - 2025-01-03 17:01 - 000000000 ____D C:\ProgramData\Packages
2025-12-17 11:03 - 2024-04-01 08:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-12-17 11:03 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-12-17 11:03 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-12-17 11:03 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2025-12-17 10:28 - 2025-08-08 15:33 - 000000000 ____D C:\Users\Ralf\AppData\Local\D3DSCache
2025-12-17 09:51 - 2025-06-24 11:50 - 000000000 ____D C:\Users\Ralf\AppData\Roaming\Perplexity
2025-12-17 08:43 - 2025-01-03 19:39 - 000002439 _____ C:\Users\Ralf\Desktop\Awakened PoE Trade.lnk
2025-12-17 08:43 - 2025-01-03 19:39 - 000000000 ____D C:\Users\Ralf\AppData\Roaming\awakened-poe-trade
2025-12-17 07:53 - 2025-01-03 17:05 - 001633252 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-12-17 07:50 - 2025-08-08 15:42 - 000000000 ____D C:\Users\Ralf\AppData\Local\CrashDumps
2025-12-17 07:50 - 2025-02-06 12:34 - 000003156 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-907164338-1891526244-581135098-1000
2025-12-17 07:49 - 2025-08-11 18:12 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-12-17 07:49 - 2025-08-08 15:38 - 000000000 ____D C:\ProgramData\NVIDIA
2025-12-17 07:49 - 2025-02-15 08:05 - 000003410 _____ C:\WINDOWS\system32\Tasks\Cloud
2025-12-17 07:49 - 2025-01-03 17:22 - 000003446 _____ C:\WINDOWS\system32\Tasks\GCC
2025-12-17 07:49 - 2025-01-03 17:01 - 000089336 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteDownloadAssistant.exe
2025-12-17 07:49 - 2025-01-03 17:01 - 000048326 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-12-17 07:49 - 2025-01-03 16:59 - 000435040 _____ C:\WINDOWS\system32\wpbbin.exe
2025-12-17 07:49 - 2025-01-03 16:59 - 000407288 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteUpdateService.exe
2025-12-17 07:49 - 2025-01-03 16:59 - 000012288 ___SH C:\DumpStack.log.tmp
2025-12-17 07:49 - 2025-01-03 16:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-12-17 00:02 - 2024-04-01 08:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-12-16 12:06 - 2025-10-22 12:00 - 000000130 _____ C:\Users\Ralf\AppData\LocalLow\214d8e117f9063072e22ab10aff0bf071c1d02bee386e29a69b7f3fe0daf38e7
2025-12-16 07:36 - 2025-01-03 17:02 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-907164338-1891526244-581135098-1000
2025-12-16 07:36 - 2025-01-03 17:02 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-907164338-1891526244-581135098-1000
2025-12-16 07:36 - 2025-01-03 17:02 - 000002383 _____ C:\Users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-12-15 18:33 - 2025-01-03 16:59 - 000003830 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{CBBC9103-E58C-423D-A22D-C5BE872C1482}
2025-12-15 18:33 - 2025-01-03 16:59 - 000003704 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{F44B7476-71F6-4B1E-B425-FFB154CCEF04}
2025-12-13 18:34 - 2025-01-03 16:59 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-12-13 08:11 - 2025-03-08 09:14 - 000002264 _____ C:\Users\Ralf\AppData\LocalLow\4b78e141e7964654a9ce5a7fc6e3b1abee6be65cc9a7be30e29ee0f9aab8a222
2025-12-12 07:59 - 2025-08-22 09:03 - 000002264 _____ C:\Users\Ralf\AppData\LocalLow\27552428dd8bb418eb75074cdd3f329cd8108c694c3a907d01516f437731a47f
2025-12-11 21:39 - 2025-06-13 17:47 - 000000130 _____ C:\Users\Ralf\AppData\LocalLow\0ab7f9cae0b21e4d6824a6d87c17bf43bd15f3f08d56a708cd0c36586ad401ee
2025-12-11 14:01 - 2025-06-25 17:28 - 000000000 ___RD C:\Users\Ralf\iCloudDrive
2025-12-11 14:01 - 2025-01-03 17:02 - 000000000 ___RD C:\Users\Ralf\OneDrive
2025-12-11 08:08 - 2025-01-03 16:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-12-10 16:35 - 2025-06-13 17:47 - 000043962 _____ C:\Users\Ralf\AppData\LocalLow\37c7b68ec7ce59bb3fbbea724abe1e07aeb17fe31574619b0c137c3e1461a6fe
2025-12-10 14:32 - 2025-11-12 21:18 - 000000000 ____D C:\ProgramData\Whesvc
2025-12-10 07:40 - 2025-10-13 22:46 - 000002264 _____ C:\Users\Ralf\AppData\LocalLow\77fc7be7bbd8ed3f32a801b512f70643b3a80513977d99083bc1062ee4f382c6
2025-12-09 22:31 - 2025-10-21 06:28 - 000000000 ____D C:\Users\Ralf\AppData\Roaming\ExplorerPatcher
2025-12-09 22:31 - 2025-01-03 20:51 - 000000000 ____D C:\Program Files\Common Files\GIGABYTE
2025-12-09 22:30 - 2025-01-03 16:59 - 000334504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-12-09 22:29 - 2025-07-09 08:01 - 000000000 ____D C:\WINDOWS\system32\ruxim
2025-12-09 22:29 - 2024-04-01 17:37 - 000000000 ____D C:\WINDOWS\InboxApps
2025-12-09 22:29 - 2024-04-01 17:36 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files (x86)\Windows Defender
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\WUModels
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\DDFs
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\DDFs
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\DiagTrack
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-12-09 22:29 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-12-09 22:29 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing
2025-12-09 20:35 - 2025-01-03 17:01 - 003276800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-12-09 20:31 - 2025-01-03 17:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-12-09 20:30 - 2025-01-03 17:05 - 218369424 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-12-09 10:45 - 2025-10-22 12:00 - 000000026 _____ C:\Users\Ralf\AppData\LocalLow\02b2846b00ceedfbd0fe03d755def17e5a67a179217a0bda07579d156b44fe2b
2025-12-09 07:46 - 2025-01-19 09:05 - 000000000 ____D C:\Users\Ralf\AppData\Local\Intel
2025-12-09 07:43 - 2025-08-08 07:55 - 000000000 ____D C:\Program Files\LevelZeroSDK
2025-12-09 07:43 - 2025-01-03 17:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2025-12-09 07:43 - 2025-01-03 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2025-12-09 07:43 - 2025-01-03 17:25 - 000000000 ____D C:\Program Files\Intel
2025-12-09 07:43 - 2025-01-03 17:22 - 000000000 ____D C:\ProgramData\Package Cache
2025-12-09 07:43 - 2025-01-03 17:03 - 000000000 ____D C:\Users\Ralf\AppData\LocalLow\Intel
2025-12-02 20:08 - 2025-04-09 11:50 - 000003762 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2025-12-02 20:08 - 2025-04-09 11:50 - 000003528 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2025-12-01 07:54 - 2025-01-03 17:22 - 000019672 _____ (MICSYS Technology Co., LTd) C:\WINDOWS\system32\Drivers\MsIo64.sys
2025-12-01 07:54 - 2025-01-03 17:22 - 000001928 _____ C:\Users\Public\Desktop\GCC.lnk
2025-12-01 07:54 - 2025-01-03 17:22 - 000000000 ____D C:\Program Files\GIGABYTE
2025-12-01 07:53 - 2025-01-03 21:00 - 000000000 ____D C:\Program Files (x86)\Steam
2025-11-29 23:09 - 2025-01-04 09:29 - 000002634 _____ C:\WINDOWS\system32\Tasks\SamsungMagician
2025-11-29 23:08 - 2025-01-04 09:29 - 000000000 ____D C:\Users\Ralf\AppData\Roaming\Samsung Magician
2025-11-29 12:51 - 2025-08-08 15:38 - 000003070 _____ C:\WINDOWS\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2025-11-29 12:49 - 2025-10-13 05:48 - 000002159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 7.lnk
2025-11-29 12:49 - 2025-10-13 05:48 - 000002147 _____ C:\Users\Public\Desktop\CCleaner 7.lnk
2025-11-27 17:19 - 2025-01-03 19:44 - 000000000 ____D C:\Users\Ralf\AppData\Local\Package Cache
2025-11-25 13:28 - 2025-01-03 17:01 - 000000000 ____D C:\Users\Ralf
2025-11-23 13:25 - 2025-01-03 19:11 - 000000000 ____D C:\Users\Ralf\AppData\Roaming\Microsoft\MMC
2025-11-20 22:06 - 2025-01-05 10:44 - 004581752 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2025-11-20 22:06 - 2025-01-05 10:44 - 000153976 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2025-11-20 22:06 - 2025-01-05 10:44 - 000076152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2025-11-20 22:05 - 2025-09-24 11:33 - 000436592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_b.dll
2025-11-20 22:05 - 2025-01-05 10:44 - 000878968 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2025-11-20 22:05 - 2025-01-05 10:44 - 000285040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2025-11-20 22:05 - 2025-01-05 10:44 - 000244088 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2025-11-20 22:05 - 2025-01-05 10:44 - 000166264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2025-11-18 19:53 - 2025-01-03 19:24 - 000000000 ____D C:\Users\Ralf\AppData\Local\Steam
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Geändert von cosinus (Heute um 12:44 Uhr) Grund: code tags |
| Themen zu „Browser-Redirect auf bonusgew.com / Exilence OAuth kapert Login“ |
| adobe, antivirus, autorun, blockiert, defender, desktop, downloader, firewall, homepage, internet, internet explorer, monitor, performance, problem, prozesse, registry, security, services.exe, software, starten, svchost.exe, tcp, udp, wmi, zugriff verweigert |
Baum-Darstellung