Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 11: Windows 11: PUP.Adware.Heuristic von AdwCleaner gefunden

Windows 11: Windows 11: PUP.Adware.Heuristic von AdwCleaner gefunden


Log-Analyse und Auswertung: Windows 11: Windows 11: PUP.Adware.Heuristic von AdwCleaner gefunden

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt Heute, 13:35   #1
BMW1300
 
Windows 11: Windows 11: PUP.Adware.Heuristic von AdwCleaner gefunden - Standard

Windows 11: Windows 11: PUP.Adware.Heuristic von AdwCleaner gefunden


Hallo,

auf meinem Desktop-PC findet das Programm AdwCleaner nach jedem Neustart die Adware PUP.Adware.Heuristic.
Ich habe schon mehrfach die Adware in die Quarantäne verschoben und gelöscht, jedoch ohne Erfolg.
Der Virenscanner von McAfee findet nichts.

Folgenden Logfiles habe ich angehängt:
FRST.txt
Addition.txt
AdwCleaner.txt

Ich bitte um Hilfe bei der weiteren Vorgehensweise.

Viele Grüße und vielen Dank im voraus.
Uwe




Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2025
durchgeführt von Volkh (Administrator) auf BEQUIET (CSL Computer GmbH Gaming) (28-12-2025 10:44:25)
Gestartet von C:\Users\Volkh\Downloads\FRST64.exe
Geladene Profile: Volkh
Plattform: Microsoft Windows 11 Home Version 24H2 26100.7462 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\wps\1.35.148.1\extnhost\mc-extn-browserhost.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Mozilla Corporation -> Mozilla Foundation) C:\Program Files\Mozilla Firefox\crashhelper.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\ShadowPlay\nvsphelper64.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoNotificationUx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <16>
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\wps\1.35.148.1\mc-fw-host.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncHelper.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_20ae8f14a487d5db\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\wps\1.35.148.1\neo\mc-neo-host.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [980792 2024-09-11] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [1320248 2024-09-11] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2765952 2024-10-01] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-1831862165-767579693-4164631539-1001\...\Run: [Mozilla-Firefox-308046B0AF4A39CB] => "C:\Program Files\Mozilla Firefox\firefox.exe" -os-autostart [696960 2025-12-18] (Mozilla Corporation -> Mozilla Corporation)
HKU\S-1-5-21-1831862165-767579693-4164631539-1001\...\Run: [EPSDNMON] => C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE [360776 2025-07-08] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-1831862165-767579693-4164631539-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATISDE.EXE [421736 2021-11-11] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-1831862165-767579693-4164631539-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [5750936 2025-12-23] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1831862165-767579693-4164631539-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4742544 2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\EPSON ET-4750 Series 64MonitorBE: C:\Windows\system32\E_YLMBSDE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
Startup: C:\Users\Volkh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2025-11-15]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Volkh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sclhelper.lnk [2025-10-21]
ShortcutTarget: sclhelper.lnk -> C:\Users\Volkh\AppData\Roaming\SYSCLEANER\sclhelper.exe (Esperanza Pte. Ltd. -> Esperanza Pte. Ltd.)
BootExecute: autocheck autochk *  

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {8A7121B4-394C-4AE3-960C-92FA4B142786} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1581568 2025-08-24] (Adobe Inc. -> Adobe Inc.)
Task: {3BD03221-73DE-4C7C-86E2-77C49DB182DC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe  (Keine Datei)
Task: {D6D8B5A0-AFC7-4C5D-9601-868E5CCF0657} - System32\Tasks\EPSON ET-4750 Series Update {8A6F765B-2407-44E1-A55B-88CCCB8BA060} => C:\Windows\System32\spool\drivers\x64\3\E_YTSSDE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {547A8322-F413-4DD4-BB09-46F5FC785B04} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [31056 2025-11-10] (Garmin International, Inc. -> )
Task: {CB0B629F-887A-4598-82D2-3C13C879BEBD} - System32\Tasks\McAfee\WPS\McAfee Anti-tracker notification => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {50D7C496-2CF6-427F-A63E-3D192158FE2A} - System32\Tasks\McAfee\WPS\McAfee Anti-Tracker Scanner => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {88DEC271-A24D-48F2-84B8-FBA4BC65E6A3} - System32\Tasks\McAfee\WPS\McAfee Cloud Configuration Check => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {8B540D16-117E-4C3E-ABED-E1794B9F0369} - System32\Tasks\McAfee\WPS\McAfee Fake Alert Blocker => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {0349EB53-CCED-4869-BC42-642E95CC14D1} - System32\Tasks\McAfee\WPS\McAfee Health Check => C:\Program Files\McAfee\wps\1.35.148.1\sustainability\mc-sustainability.exe [960864 2025-11-12] (McAfee, LLC -> McAfee, LLC)
Task: {F2707DAC-55C7-4B2E-B4EA-529E37D63B90} - System32\Tasks\McAfee\WPS\McAfee Hotfix => C:\Program Files\McAfee\wps\1.35.148.1\dad\mc-dad.exe [2733968 2025-11-12] (McAfee, LLC -> McAfee, LLC)
Task: {D2DF2817-8F6D-4932-97C4-5407224D45E5} - System32\Tasks\McAfee\WPS\McAfee Message Check => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {2AB0A0BD-E32D-4A8D-95BD-12F80EED7D2E} - System32\Tasks\McAfee\WPS\McAfee PC Optimizer Task => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {63A0A462-5D48-4EE0-B4DE-75C0608BA4E3} - System32\Tasks\McAfee\WPS\McAfee restart of PC => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {D3D99ABC-0A2D-4472-9DEF-3378BFA07E88} - System32\Tasks\McAfee\WPS\McAfee Scheduled AV Scan => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {E96C3BB9-B3D5-4284-AC7C-211776CCADC8} - System32\Tasks\McAfee\WPS\McAfee Scheduled Tracker Remover => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {2B8B5B77-AABC-45B0-91FB-28C57BFAE9E0} - System32\Tasks\McAfee\wps\McAfee Updater => {81A7CB63-BB07-4DAD-8E72-07B3A9BB08E2} C:\Program Files\McAfee\wps\1.35.148.1\mc-update.exe [3457616 2025-11-12] (McAfee, LLC -> McAfee, LLC)
Task: {82758846-73AA-4961-AA45-04B4E003E161} - System32\Tasks\McAfee\WPS\McAfee Virus Definition Update => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {AD0E9EB2-357E-4399-99C0-C46AA0955BB4} - System32\Tasks\McAfee\WPS\McAfee Windows Notification Token => \\?\C:\Program Files\McAfee\wps\1.35.148.1\mc-wns-client\mc-wns-client.exe [1067272 2025-11-12] (McAfee, LLC -> )
Task: {A12E5CD7-50FC-4D1B-9E8A-4269EAE98C73} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28616000 2025-12-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F5B0F54-06D4-4F6B-B32E-2F81D7B0CF41} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28616000 2025-12-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {A7AFA559-0E4F-41D3-8BF1-194EFE5994E8} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [313624 2025-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {38B26517-BC18-48D5-9EBA-1445C549CEE4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [313624 2025-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {92A78166-0905-4D82-8E42-D4BB9C710680} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [188184 2025-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {2A004290-469F-4491-B762-E0ED9CC577B6} - System32\Tasks\Microsoft\Windows\Setup\PITRTask => {093cb270-c282-4c22-b2ea-7d2bf1c30bbf} C:\Windows\system32\oobe\PITRTask.dll [118784 2025-12-10] (Microsoft Windows -> Microsoft Corporation)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Keine Datei)
Task: {2F7DB140-9B5A-4126-9E6A-235AEE881788} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-1831862165-767579693-4164631539-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [696960 2025-12-18] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {F5096ADF-2B73-4A2B-8B4A-4C4AAEDE8FC5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34944 2025-12-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {D47DBFC7-E18F-411A-961D-3F4E01E66AC8} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3324528 2025-09-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FBB339B1-D4B4-4FA3-B1B0-5EF4F19832C0} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4383592 2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E45D5BF-04D5-4912-B6FD-8D6AC58E678D} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1831862165-767579693-4164631539-1000 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4383592 2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {B368AAE0-56DE-467C-9655-83BA5FB4679A} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1831862165-767579693-4164631539-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4383592 2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {CFAB2732-1CB5-4B62-99C1-83F9B01A1DD3} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1831862165-767579693-4164631539-500 => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe  /reporting (Keine Datei)
Task: {D5FA92B4-A80F-474E-979A-2A5B6CAFBCE6} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1831862165-767579693-4164631539-1000 => C:\Program Files\Microsoft OneDrive\25.184.0921.0004\OneDriveLauncher.exe  /startInstances (Keine Datei)
Task: {621AB6CE-1169-4A09-8BA0-6EFF988C8025} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1831862165-767579693-4164631539-1001 => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\OneDriveLauncher.exe [745832 2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {9512198E-CDE1-4AC7-AF6E-35E14080983E} - System32\Tasks\RunScriptOnce => C:\Windows\Setup\Scripts\SetupComplete.cmd  -> 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\EPSON ET-4750 Series Update {8A6F765B-2407-44E1-A55B-88CCCB8BA060}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSSDE.EXE:/EXE:{8A6F765B-2407-44E1-A55B-88CCCB8BA060} /F:UpdateWORKGROUP\BEQUIET$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{56c0949d-daef-4e66-bfa2-b15a98d8ba04}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{56c0949d-daef-4e66-bfa2-b15a98d8ba04}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{ba199584-8540-4535-8472-75d34f8256a1}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ba199584-8540-4535-8472-75d34f8256a1}: [DhcpDomain] fritz.box

Edge: 
=======
Edge Profile: C:\Users\Volkh\AppData\Local\Microsoft\Edge\User Data\Default [2025-11-22]
Edge StartupUrls: Default -> "hxxp://www.t-online.de/"
Edge Extension: (Google Docs Offline) - C:\Users\Volkh\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-10-21]
Edge Extension: (Edge relevant text changes) - C:\Users\Volkh\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-10-21]

FireFox:
========
FF DefaultProfile: 6szz547c.default
FF ProfilePath: C:\Users\Volkh\AppData\Roaming\Mozilla\Firefox\Profiles\6szz547c.default [2025-10-21]
FF ProfilePath: C:\Users\Volkh\AppData\Roaming\Mozilla\Firefox\Profiles\aib6s37c.default-release-1761377862538 [2025-12-28]
FF Homepage: Mozilla\Firefox\Profiles\aib6s37c.default-release-1761377862538 -> hxxps://www.n-tv.de/
FF Extension: (AdGuard Werbeblocker) - C:\Users\Volkh\AppData\Roaming\Mozilla\Firefox\Profiles\aib6s37c.default-release-1761377862538\Extensions\adguardadblocker@adguard.com.xpi [2025-12-22]
FF Extension: (LiteFox) - C:\Users\Volkh\AppData\Roaming\Mozilla\Firefox\Profiles\aib6s37c.default-release-1761377862538\Extensions\{39e34a35-15de-4e40-9353-d4ec1c91b9d2}.xpi [2025-10-25]
FF Extension: (McAfee® WebAdvisor) - C:\Users\Volkh\AppData\Roaming\Mozilla\Firefox\Profiles\aib6s37c.default-release-1761377862538\Extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}.xpi [2025-10-25] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF Extension: (Misty dark forest II) - C:\Users\Volkh\AppData\Roaming\Mozilla\Firefox\Profiles\aib6s37c.default-release-1761377862538\Extensions\{ac92fc5a-c8cd-4f87-b75c-7a4268e9b5cc}.xpi [2025-10-25]
FF Extension: (BlackSwirlyWater) - C:\Users\Volkh\AppData\Roaming\Mozilla\Firefox\Profiles\aib6s37c.default-release-1761377862538\Extensions\{e65f97fc-ec53-4a1e-80b3-a603d2eeacd7}.xpi [2025-10-25]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-10-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-12-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-10-22] (Microsoft Corporation -> Microsoft Corporation)

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174584 2025-08-24] (Adobe Inc. -> Adobe Inc.)
S2 AmdAppCompatSvc; C:\Windows\System32\DriverStore\FileRepository\amdappcompat.inf_amd64_0cfc8ba812cdbaa8\AmdAppCompatSvc.exe [300872 2025-01-02] (Advanced Micro Devices -> Advanced Micro Devices, Inc)
S2 AmdPpkgSvc; C:\Windows\System32\DriverStore\FileRepository\amdppkg.inf_amd64_299f17ebe11dc358\AmdPpkgSvc.exe [518944 2025-01-01] (Advanced Micro Devices -> Advanced Micro Devices, Inc)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14046016 2025-12-03] (Microsoft Corporation -> Microsoft Corporation)
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [206304 2020-10-02] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncHelper.exe [3614568 2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
S2 GUBootService; C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe [888208 2025-09-28] (Glarysoft Ltd -> Glarysoft Ltd)
S2 GUMemfilesService; C:\Program Files (x86)\Glary Utilities\x64\MemfilesService.exe [416144 2025-12-05] (Glarysoft Ltd -> Glarysoft Ltd)
S3 GUPMService; C:\Program Files (x86)\Glary Utilities\GUPMService.exe [76680 2025-12-05] (Glarysoft Ltd -> Glarysoft Ltd)
R2 mc-fw-host; C:\Program Files\McAfee\wps\1.35.148.1\mc-fw-host.exe [2764624 2025-11-12] (McAfee, LLC -> McAfee, LLC)
S3 mc-wps-update; C:\Program Files\McAfee\wps\1.35.148.1\mc-update.exe [3457616 2025-11-12] (McAfee, LLC -> McAfee, LLC)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [958776 2025-12-10] (McAfee, LLC -> McAfee, LLC)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MpDefenderCoreService.exe [2026184 2025-11-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_20ae8f14a487d5db\Display.NvContainer\NVDisplay.Container.exe [1275624 2025-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.222.1112.0002\OneDriveUpdaterService.exe [3906448 2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [21685912 2025-12-04] (Logitech Inc -> Logitech, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\NisSrv.exe [4414480 2025-11-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MsMpEng.exe [282440 2025-11-18] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AmdAppCompat; C:\Windows\System32\DriverStore\FileRepository\amdappcompat.inf_amd64_0cfc8ba812cdbaa8\AmdAppCompat.sys [35144 2025-01-02] (Advanced Micro Devices -> Advanced Micro Devices)
R3 AmdPpkg; C:\Windows\System32\DriverStore\FileRepository\amdppkg.inf_amd64_299f17ebe11dc358\AmdPpkg.sys [35104 2025-01-01] (Advanced Micro Devices -> Advanced Micro Devices)
S3 atvi-brynhildr_steam; D:\SteamLibrary\steamapps\common\Call of Duty Modern Warfare\brynhildr.sys [2572032 2025-12-22] (Activision Publishing Inc -> Activision Blizzard, Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [602112 2025-09-03] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [204800 2025-09-03] (Microsoft Corporation) [Datei ist nicht signiert]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [175824 2024-10-17] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [23232 2025-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
S3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [333192 2025-11-18] (Microsoft Windows -> Microsoft Corporation)
S0 mfeelam; C:\Windows\System32\DRIVERS\mfeelam.sys [20424 2025-11-12] (Microsoft Windows Early Launch Anti-Malware Publisher -> McAfee, LLC)
R0 mfesec; C:\Windows\System32\DRIVERS\mfesec.sys [78184 2025-11-12] (McAfee, LLC -> McAfee, LLC)
S3 polarbear-split-tunneling; C:\Program Files\McAfee\wps\1.35.148.1\vpn\Drivers\x64\SplitTunnelingDriver.sys [29176 2025-11-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 rt68cx21; C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_16d0e5f2b3759518\rt68cx21x64.sys [845256 2024-08-21] (Realtek Semiconductor Corp. -> Realtek)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_feec7a9662e785f0\rtcx21x64.sys [539648 2024-03-28] (Microsoft Windows -> Realtek)
R3 RtkBtFilter2; C:\Windows\System32\drivers\RtkBtfilter2.sys [187928 2024-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174264 2024-10-17] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [51192 2025-10-21] (OpenVPN Inc. -> The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [20904 2025-11-18] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [629168 2025-11-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [102792 2025-11-18] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2025-12-28 10:44 - 2025-12-28 10:44 - 000023868 _____ C:\Users\Volkh\Downloads\FRST.txt
2025-12-28 10:44 - 2025-12-28 10:44 - 000000000 ____D C:\FRST
2025-12-28 10:43 - 2025-12-28 10:43 - 002444288 _____ (Farbar) C:\Users\Volkh\Downloads\FRST64.exe
2025-12-28 10:13 - 2025-12-28 10:13 - 000745650 _____ C:\Windows\system32\perfh007.dat
2025-12-28 10:13 - 2025-12-28 10:13 - 000158752 _____ C:\Windows\system32\perfc007.dat
2025-12-26 14:02 - 2025-12-27 13:22 - 000000000 ____D C:\Windows\CbsTemp
2025-12-25 21:26 - 2024-10-17 03:54 - 000174264 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2025-12-23 21:01 - 2025-12-23 21:01 - 000000000 ____D C:\Users\Volkh\Documents\Call of Duty Modern Warfare
2025-12-23 21:01 - 2025-12-23 21:01 - 000000000 ____D C:\Users\Volkh\AppData\Local\Activision
2025-12-23 17:09 - 2025-12-23 17:09 - 000169312 _____ C:\Users\Volkh\Downloads\Agentur für Arbeit, Arbeitsbescheinigung II.pdf
2025-12-23 17:09 - 2025-12-23 17:09 - 000169312 _____ C:\Users\Volkh\Downloads\20250611_152121_ARBEITSBESCHEINIGUNG.pdf
2025-12-23 17:09 - 2025-12-23 17:09 - 000168511 _____ C:\Users\Volkh\Downloads\Agentur für Arbeit, Arbeitsbescheinigung I.pdf
2025-12-23 17:09 - 2025-12-23 17:09 - 000168511 _____ C:\Users\Volkh\Downloads\20250612_104607_ARBEITSBESCHEINIGUNG.pdf
2025-12-23 17:08 - 2025-12-23 17:08 - 000134508 _____ C:\Users\Volkh\Downloads\Agentur für Arbeit, Bewilligungsbescheid BVL.pdf
2025-12-23 17:08 - 2025-12-23 17:08 - 000134508 _____ C:\Users\Volkh\Downloads\20250617_153932_Bewilligungsbescheid.pdf
2025-12-22 17:50 - 2025-12-22 17:50 - 000000223 _____ C:\Users\Volkh\Desktop\Call of Duty® Modern Warfare®.url
2025-12-21 13:43 - 2025-12-21 13:43 - 000075538 _____ C:\Users\Volkh\Downloads\BARMER_Anfrage_21.12.2025.pdf
2025-12-19 09:17 - 2025-12-19 09:17 - 000000000 ____D C:\Users\Volkh\ansel
2025-12-18 20:42 - 2025-12-19 09:17 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-12-16 22:07 - 2025-12-16 22:07 - 000000000 ____D C:\Users\Volkh\.ms-ad
2025-12-16 21:02 - 2025-12-16 21:02 - 000000222 _____ C:\Users\Volkh\Desktop\Call of Duty WWII.url
2025-12-16 19:39 - 2025-12-22 17:47 - 000000000 ____D C:\Users\Volkh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2025-12-16 19:39 - 2025-12-16 19:39 - 000000222 _____ C:\Users\Volkh\Desktop\Call of Duty Ghosts.url
2025-12-16 19:01 - 2025-12-16 19:01 - 000000000 ____D C:\Users\Volkh\AppData\Roaming\NVIDIA
2025-12-16 18:51 - 2025-12-16 18:52 - 000000000 ____D C:\Users\Volkh\AppData\Local\Steam
2025-12-16 18:50 - 2025-12-28 10:07 - 000000000 ____D C:\Program Files (x86)\Steam
2025-12-16 18:50 - 2025-12-16 18:50 - 000001039 _____ C:\Users\Public\Desktop\Steam.lnk
2025-12-16 18:50 - 2025-12-16 18:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2025-12-13 22:25 - 2025-12-13 22:25 - 000001019 _____ C:\Users\Volkh\Desktop\adwcleaner.lnk
2025-12-13 11:34 - 2025-12-13 11:34 - 000153525 _____ C:\Users\Volkh\Downloads\49e10885292841ec9d3a2bed331efcf3.pdf
2025-12-13 11:21 - 2025-12-13 11:21 - 000896282 _____ C:\Users\Volkh\Downloads\Änderungsantrag GdB Birgit Volkhardt-Lang.pdf
2025-12-10 23:45 - 2025-12-10 23:45 - 000000000 ____D C:\Windows\system32\NarratorMCAT
2025-12-10 23:23 - 2025-12-18 20:42 - 000390272 _____ (Mozilla Foundation) C:\Users\Volkh\Desktop\Firefox.exe
2025-12-10 16:54 - 2025-12-10 16:54 - 000000000 ____D C:\Users\Volkh\AppData\Roaming\Microsoft\Document Building Blocks
2025-12-10 06:31 - 2025-12-10 06:31 - 000035602 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-12-10 06:31 - 2025-12-10 06:31 - 000035602 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2025-12-10 06:12 - 2025-12-10 06:12 - 000130604 _____ C:\Users\Volkh\Downloads\20251209_233012_Aufhebungsbescheid_und_Entgeltbescheinigung.pdf
2025-12-08 14:48 - 2025-12-16 21:41 - 000000000 ____D C:\Users\Volkh\AppData\Local\CrashDumps
2025-12-07 11:01 - 2025-12-13 22:26 - 000000000 ____D C:\AdwCleaner
2025-12-04 20:09 - 2025-12-04 20:10 - 000000000 ____D C:\Program Files\LogiOptionsPlus
2025-12-04 20:09 - 2025-12-04 20:09 - 000000859 _____ C:\Users\Public\Desktop\Logi Options+.lnk
2025-12-04 20:09 - 2025-12-04 20:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2025-12-28 10:16 - 2025-10-21 17:45 - 000000000 ___RD C:\Users\Volkh\OneDrive
2025-12-28 10:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemTemp
2025-12-28 10:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\AppReadiness
2025-12-28 10:16 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-12-28 10:13 - 2025-09-02 13:08 - 001729504 _____ C:\Windows\system32\PerfStringBackup.INI
2025-12-28 10:13 - 2024-04-01 08:24 - 000000000 ____D C:\Windows\INF
2025-12-28 10:08 - 2025-10-21 18:22 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-12-28 10:07 - 2025-10-25 20:25 - 000000000 ____D C:\Users\Volkh\AppData\Local\LogiOptionsPlus
2025-12-28 10:07 - 2025-10-17 12:31 - 000000000 ____D C:\ProgramData\NVIDIA
2025-12-28 10:06 - 2025-09-02 13:03 - 000013870 _____ C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-12-28 10:06 - 2025-09-02 13:00 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-12-28 10:06 - 2025-09-02 11:59 - 000012288 ___SH C:\DumpStack.log.tmp
2025-12-28 10:06 - 2024-04-01 08:21 - 000524288 _____ C:\Windows\system32\config\BBI
2025-12-28 09:53 - 2025-10-26 21:08 - 000000000 ____D C:\Users\Volkh\Documents\Excel Dateien
2025-12-28 09:45 - 2025-10-22 18:09 - 000000000 ____D C:\Program Files (x86)\Glary Utilities
2025-12-28 09:34 - 2025-09-02 11:59 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-12-25 21:02 - 2025-10-30 19:12 - 000000000 ____D C:\ProgramData\Whesvc
2025-12-25 18:23 - 2025-10-21 17:49 - 000000000 ____D C:\Users\Volkh\AppData\Local\NVIDIA Corporation
2025-12-25 18:06 - 2025-11-11 11:14 - 000000000 ____D C:\Users\Volkh\Downloads\BeQuiet-PC
2025-12-25 18:01 - 2025-10-22 20:37 - 000000000 ____D C:\Users\Volkh\AppData\Roaming\Microsoft\Word
2025-12-25 17:47 - 2025-10-22 20:44 - 000000000 ____D C:\Users\Volkh\AppData\Roaming\Microsoft\Excel
2025-12-24 22:37 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-12-24 16:38 - 2025-10-21 17:49 - 000000000 ____D C:\Users\Volkh\AppData\Local\Packages
2025-12-23 21:01 - 2025-10-21 17:49 - 000000000 ____D C:\Users\Volkh\AppData\Local\D3DSCache
2025-12-23 13:52 - 2025-10-26 21:09 - 000000000 ____D C:\Users\Volkh\Documents\Mercedes Benz Rastatt
2025-12-22 17:46 - 2025-09-02 13:00 - 000003830 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{495B93E0-C0DE-44E0-BD93-7E232E370C80}
2025-12-22 17:46 - 2025-09-02 13:00 - 000003704 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{25B12E25-F68C-42D4-8FD2-CEBB17C5F2CD}
2025-12-20 09:51 - 2025-09-02 13:00 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-12-19 09:17 - 2025-10-25 08:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-12-19 09:17 - 2025-10-21 17:45 - 000000000 ____D C:\Users\Volkh
2025-12-19 01:16 - 2025-10-25 08:37 - 000001072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-12-16 19:48 - 2025-10-22 20:32 - 000000000 ____D C:\Program Files\Microsoft Office
2025-12-16 19:00 - 2025-10-17 12:28 - 000000000 ____D C:\ProgramData\Package Cache
2025-12-16 18:51 - 2025-10-21 17:49 - 000000000 ____D C:\Users\Volkh\AppData\Local\NVIDIA
2025-12-14 10:04 - 2025-10-21 17:33 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-12-12 14:38 - 2025-10-26 21:21 - 000000000 ____D C:\Users\Volkh\Downloads\Arbeitamt Birgit
2025-12-12 07:57 - 2025-10-26 22:13 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-12-12 07:57 - 2025-10-26 22:13 - 000002028 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2025-12-11 12:16 - 2025-10-26 21:08 - 000000000 ____D C:\Users\Volkh\Documents\Word Dateien
2025-12-11 11:06 - 2025-10-23 19:00 - 000003546 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-1831862165-767579693-4164631539-1001
2025-12-11 11:06 - 2025-10-21 18:04 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1831862165-767579693-4164631539-1001
2025-12-11 11:06 - 2025-09-02 13:21 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-12-11 11:06 - 2025-09-02 13:21 - 000002099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-12-10 23:47 - 2025-10-17 21:23 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2025-12-10 23:46 - 2025-09-02 11:59 - 000475808 _____ C:\Windows\system32\FNTCACHE.DAT
2025-12-10 23:45 - 2025-09-03 08:57 - 000000000 ____D C:\Windows\system32\ruxim
2025-12-10 23:45 - 2024-09-06 05:10 - 000000000 ____D C:\Windows\InboxApps
2025-12-10 23:45 - 2024-04-01 09:08 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\SysWOW64\F12
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\system32\F12
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files (x86)\Windows Defender
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ___HD C:\Windows\ELAMBKUP
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\WUModels
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\UUS
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\setup
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\oobe
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\InstallShield
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\Dism
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\DDFs
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemResources
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinMetadata
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ShellExperiences
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\setup
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\oobe
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\migwiz
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\Dism
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\DDFs
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\appraiser
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellExperiences
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellComponents
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\Provisioning
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\DiagTrack
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\BrowserCore
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\bcastdvr
2025-12-10 23:45 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-12-10 23:45 - 2024-04-01 08:21 - 000000000 ____D C:\Windows\servicing
2025-12-10 23:17 - 2025-10-22 18:09 - 000000000 ____D C:\Users\Volkh\AppData\Roaming\GlarySoft
2025-12-10 16:54 - 2025-10-26 21:08 - 000000000 ____D C:\Users\Volkh\Documents\Elke Unterlagen
2025-12-10 06:31 - 2025-09-02 13:02 - 003276800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2025-12-10 06:27 - 2025-09-03 06:47 - 218369424 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2025-12-10 06:27 - 2025-09-03 06:47 - 000000000 ____D C:\Windows\system32\MRT
2025-12-08 23:07 - 2025-10-22 18:09 - 000001154 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities.lnk
2025-12-08 23:07 - 2025-10-22 18:09 - 000001142 _____ C:\Users\Public\Desktop\Glary Utilities.lnk
2025-12-07 20:13 - 2025-10-24 19:15 - 000000000 ____D C:\Users\Volkh\Documents\Outlook-Dateien
2025-12-07 19:52 - 2025-10-26 21:09 - 000000000 ____D C:\Users\Volkh\Documents\Sicherung Lupus
2025-12-07 10:42 - 2025-10-26 21:09 - 000000000 ____D C:\Users\Volkh\Documents\Sicherung Fritzbox
2025-12-06 09:34 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\AppLocker
2025-12-04 20:10 - 2025-10-25 20:25 - 000000000 ____D C:\Program Files\Logi
2025-11-29 15:32 - 2025-10-26 21:09 - 000000000 ____D C:\Users\Volkh\Documents\Powerpoint Dateien

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-11-2025
durchgeführt von Volkh (28-12-2025 10:45:07)
Gestartet von C:\Users\Volkh\Downloads
Microsoft Windows 11 Home Version 24H2 26100.7462 (X64) (2025-10-17 12:05:12)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-1831862165-767579693-4164631539-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1831862165-767579693-4164631539-503 - Limited - Disabled)
Gast (S-1-5-21-1831862165-767579693-4164631539-501 - Limited - Disabled)
Volkh (S-1-5-21-1831862165-767579693-4164631539-1001 - Administrator - Enabled) => C:\Users\Volkh
WDAGUtilityAccount (S-1-5-21-1831862165-767579693-4164631539-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee (Enabled - Up to date) {0BE13B34-492A-21C0-AE43-C1742279CCB6}
FW: McAfee (Enabled) {33DABA11-0345-2098-851C-6841DCAA8BCD}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 25.001.20997 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601120}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Application Compatibility Database Driver (HKLM-x32\...\{7466773D-AE4B-48F6-8E12-D64B555C1BEA}) (Version: 1.0.0.3 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 7.01.08.129 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.133 - Advanced Micro Devices, Inc.) Hidden
AMD I2C Driver (HKLM-x32\...\{B31D92D9-2914-46B0-9738-F668A563DE73}) (Version: 1.2.0.126 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD PPM Provisioning File Driver (HKLM-x32\...\{3665A5DE-D07C-46D7-9207-713E8E9FEF32}) (Version: 8.0.0.48 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.36.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.44 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{9e92542c-fa37-4c1f-9eba-41336bc79c02}) (Version: 7.01.08.129 - Advanced Micro Devices, Inc.) Hidden
ANT Drivers Installer x64 (HKLM\...\{D57C47C3-2522-4F61-9707-23EAD3B3B200}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Asian Language And Spelling Dictionaries Support For Adobe Acrobat Reader (HKLM\...\{AC76BA86-7AD7-0000-0000-BC17084FC500}) (Version: 23.008.20421 - Adobe Systems Incorporated)
EPSON ET-4750 Series Printer Uninstall (HKLM\...\EPSON ET-4750 Series) (Version:  - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{5E51EA28-9CED-4B92-A636-A71E40D48D50}) (Version: 3.11.82 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 4.02.02.00 - Seiko Epson Corporation)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - Seiko Epson Corporation)
Epson Photo+ (HKLM-x32\...\{7567FF8A-79D8-4B03-B03C-4EBBB7AC9433}) (Version: 4.0.4.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version:  - Seiko Epson Corporation)
Epson Scan OCR Component Pro (HKLM-x32\...\{846031F7-B527-4C07-A69A-DA6D70C1B90A}) (Version: 1.1.2 - Seiko Epson Corporation)
Epson ScanSmart (HKLM-x32\...\{8D3E35BD-10F6-42A9-8F4D-F9BE5F51D477}) (Version: 3.7.17 - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{0184AB6D-F2CA-4338-A12C-1D8858BFD2FF}) (Version: 4.6.10 - Seiko Epson Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation)
Garmin Express (HKLM-x32\...\{acda3a6f-d2ca-421d-9c0f-9fff46e672dc}) (Version: 7.27.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E6DFA576-460E-4729-95F0-7DBA5FEEA62E}) (Version: 7.27.1.0 - Garmin Ltd or its subsidiaries) Hidden
Glary Utilities 6.35 (HKLM-x32\...\Glary Utilities) (Version: 6.35.0.39 - Glarysoft Ltd)
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.98.809639 - Logitech)
Logi Plugin Service (HKLM\...\{FB4DBF89-6BCB-485D-AFA7-6E298885E6A5}) (Version: 6.2.6.1611 - Logitech)
Logi RightSightForWebcams 1.1.207 (HKLM\...\{D6C56CC7-F3A8-4189-9939-AFCA7C4E4C4B}) (Version: 1.1.207.0 - Logitech) Hidden
McAfee (HKLM\...\McAfee.wps) (Version: 1.35.148.1 - McAfee, LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 143.0.3650.96 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 143.0.3650.96 - Microsoft Corporation) Hidden
Microsoft Office LTSC Standard 2024 - de-de (HKLM\...\Standard2024Volume - de-de) (Version: 16.0.17932.20620 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.222.1112.0002 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34438 (HKLM-x32\...\{b49c10dd-4d54-45f8-ad13-fa25704456a4}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35208 (HKLM-x32\...\{e90abaf0-d749-437b-ba99-cda1c84b6754}) (Version: 14.44.35208.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34438 (HKLM\...\{E528AD94-12D7-42C4-91A3-908BE28E9BD2}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34438 (HKLM\...\{2E15F519-4FDA-4834-B4EE-7EFCE7D8D4EE}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35208 (HKLM-x32\...\{5A76FFAE-36C5-4648-80BD-4BB5B6E971F0}) (Version: 14.44.35208 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35208 (HKLM-x32\...\{491C67BA-2F2F-4A90-B9DD-4C76BFDBEA02}) (Version: 14.44.35208 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox) (Version: 146.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 144.0 - Mozilla)
NVIDIA App 11.0.5.266 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.5.266 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.5.11504.36206172 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.11504.36206172 - NVIDIA Corporation)
NVIDIA Grafiktreiber 581.80 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 581.80 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.4.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.5.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17928.20216 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17932.20620 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.17928.20216 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SYSCLEANER (HKU\S-1-5-21-1831862165-767579693-4164631539-1001\...\SYSCLEANER) (Version: 1.1.5.0 - )
WebAdvisor von McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.1084 - McAfee, LLC)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)

Packages:
=========
@{MicrosoftWindows.58683691.InpApp_1000.26100.6899.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.58683691.InpApp/Resources/ProductPkgDisplayName} -> C:\Windows\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-12-10] ()
@{MicrosoftWindows.59379618.InpApp_1000.26100.7171.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.59379618.InpApp/Resources/ProductPkgDisplayName} -> C:\Windows\SystemApps\SxS\MicrosoftWindows.59379618.InpApp_cw5n1h2txyewy [2025-12-10] (Microsoft Windows)
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Assets [2025-12-12] ()
McAfee -> C:\Program Files\McAfee\wps\1.35.148.1 [2025-11-12] ()
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2025-09-03] (Microsoft Corp.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.969.0_x64__56jybvy8sckqj [2025-11-06] (NVIDIA Corp.)
OneNote Virtual Printer -> C:\Program Files\WindowsApps\Microsoft.Office.OneNoteVirtualPrinter_1.0.0.0_x64__8wekyb3d8bbwe [2025-10-22] (Microsoft Corporation)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.279.427.0_x64__zpdnekdrzrea0 [2025-12-22] (Spotify AB) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\SxS\MicrosoftWindows.57242383.Tasbar_cw5n1h2txyewy [2025-12-10] (Microsoft Windows)
Windows Feature Experience Pack -> C:\Windows\SystemApps\SxS\MicrosoftWindows.59379618.InpApp_cw5n1h2txyewy [2025-12-10] (Microsoft Windows)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1831862165-767579693-4164631539-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1831862165-767579693-4164631539-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2025-09-29] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities\x64\ContextHandler.dll [2025-09-28] (Glarysoft Ltd -> Glarysoft Ltd)
ContextMenuHandlers1: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\wps\1.35.148.1\mc-ctxmnu.dll [2025-11-12] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities\x64\ContextHandler.dll [2025-09-28] (Glarysoft Ltd -> Glarysoft Ltd)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_20ae8f14a487d5db\nvshext.dll [2025-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities\x64\ContextHandler.dll [2025-09-28] (Glarysoft Ltd -> Glarysoft Ltd)
ContextMenuHandlers6: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\wps\1.35.148.1\mc-ctxmnu.dll [2025-11-12] (McAfee, LLC -> McAfee, LLC)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [MidisrvTransferComplete] => 0

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2025-10-21 18:19 - 2025-10-21 18:19 - 000000000 ___JL (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA App\MessageBusRouter.dll] C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\plugins\NVIDIA Overlay\MessageBusRouter.dll
2025-10-17 12:31 - 2025-10-21 18:19 - 000000000 ___JL (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mc-fw-host => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mc-fw-host => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-10-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-12-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-12-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-12-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-12-16] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2024-04-01 08:26 - 2025-12-13 22:45 - 000000822 _____ C:\Windows\system32\drivers\etc\hosts

==================== Network ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

DNS Servers: 192.168.178.1
 ist aktiviert.

Network Binding:
=============
WLAN 4: Realtek 8851BE Wireless LAN WiFi 6 PCI-E NIC -> rtwlane613.sys
WLAN 2: Realtek 8851BE Wireless LAN WiFi 6 PCI-E NIC -> rtwlane613.sys
WLAN 3: Realtek 8851BE Wireless LAN WiFi 6 PCI-E NIC -> rtwlane613.sys
WLAN: Realtek 8851BE Wireless LAN WiFi 6 PCI-E NIC -> rtwlane613.sys
McAfee VPN: TAP-Windows Adapter V9 -> tap0901.sys
Bluetooth-Netzwerkverbindung: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt68cx21x64.sys
WLAN 5: Realtek 8851BE Wireless LAN WiFi 6 PCI-E NIC -> rtwlane613.sys

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1831862165-767579693-4164631539-1001\Control Panel\Desktop\\Wallpaper -> c:\users\volkh\downloads\hintergrundbilder\pexels-simon-berger-1323550.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)


==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{D06690D4-32B7-4D1B-BF49-8012132BC646}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25255.703.3978.7153_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F0E19C44-4D68-45F3-8688-8DB876651AB7}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25255.703.3978.7153_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{36BC916D-D74C-498F-B111-9CC26F4E7344}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25255.703.3978.7153_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{32045A5B-19A2-4D07-A0A4-C6688533D91B}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25255.703.3978.7153_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B321FF39-DB19-4294-B03D-B2EB25591D7E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{68D03BF4-5F12-4A01-B07E-109D68B54D1A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8D110783-2AA7-4B51-AA72-03BB38887650}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{4CD70235-9B5C-420C-8A5B-AF605F69DA5D}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{C026236A-4F37-4002-AAA1-4E20008C58D1}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{139C2B88-9A0E-4430-8DB3-5F45E89DA6F5}] => (Allow) C:\Program Files\Logi\LogiPluginService\LogiPluginService.exe (Logitech Inc -> Logitech)
FirewallRules: [{3A6D5878-929F-45D2-9165-093DF3C27E01}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{47FFB3F1-53E7-4F2A-8579-66EA15B506AE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{445926DF-7C03-450A-BDC8-35F6D0396A8F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Keine Datei
FirewallRules: [{40501300-49F4-4A95-9C58-C97217BC1736}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Keine Datei
FirewallRules: [{FC335D32-1117-4076-9071-B5388E4E3684}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Ghosts\iw6mp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{10F3D005-A95A-4AC8-BDD3-D45F7459EFC4}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Ghosts\iw6mp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{7A84B54B-7DB6-4684-9163-F7DD97B51667}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Ghosts\iw6sp64_ship.exe (Activision) [Datei ist nicht signiert]
FirewallRules: [{70F35113-854F-4227-9E02-EBFB9F3C4C80}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Ghosts\iw6sp64_ship.exe (Activision) [Datei ist nicht signiert]
FirewallRules: [{13C72CFC-C36E-4C8A-B89F-F04220D67EC9}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty WWII\s2_sp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{A44C8919-9764-41DF-B580-2BD8C7D8BE24}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty WWII\s2_sp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{85DC79DE-ECC2-408E-88F9-9FABC015CC99}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{98BB4F8E-C674-4193-A366-9A1422928F9C}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{4B07B5A2-C53C-4D66-82C8-7BFEF481E34F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A8E55637-560A-4677-AD91-4AB2E4C7F397}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{CE45D504-96E3-4877-AAD9-4B33C841699D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.279.427.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{04EC3FDF-E3B4-439B-A5F7-2DDD9B5B14D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.279.427.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{57FE1A0E-C437-4570-9F7F-FFBFABA188D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.279.427.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6A3FA450-CABD-44D0-8FF0-1CAB27E0B8E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.279.427.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E671EB9E-78F8-4F7C-92D8-A6DC3F66D537}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.279.427.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CC2CE3A0-F5C0-4046-8827-E35EC7CBD5B7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.279.427.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1043DA9A-4DF5-4641-A6EE-1AFFC23458E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.279.427.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0DE89348-D8BE-4FBA-BE83-F54E8A62C90C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.279.427.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3DCE202E-052E-4038-9141-A6B9A92020FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.279.427.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9B0A5937-6C8F-41BF-AD2E-CB1DB8BD4E92}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.279.427.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{03E28F9E-8FB5-4081-BA5B-004044E37CF1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.279.427.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{41570F50-9B33-4CBD-BC33-520DFE9AC131}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.279.427.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C6BE6429-1033-4F61-8E24-56D9E2DADD27}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.279.427.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A4E1008A-730E-40C7-A568-881BCBE8AEDC}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Modern Warfare\bootstrapper.exe (Activision Publishing Inc -> )
FirewallRules: [{1E9F5F2B-D862-4AC3-8AC0-5543F5D433B3}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Modern Warfare\bootstrapper.exe (Activision Publishing Inc -> )
FirewallRules: [{7B1F7ECC-4B12-4986-B274-444806F0CA47}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Modern Warfare\ModernWarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{C56925C9-3C59-4232-A2CE-09514D373C06}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Modern Warfare\ModernWarfare.exe (Activision Publishing Inc -> Activision)

==================== Wiederherstellungspunkte =========================

20-12-2025 15:56:09 Windows Update
23-12-2025 22:57:32 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager ============

==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (12/28/2025 10:06:44 AM) (Source: Windows App Runtime) (EventID: 22) (User: )
Description: Event-ID 22

Error: (12/26/2025 04:27:32 PM) (Source: Windows App Runtime) (EventID: 22) (User: )
Description: Event-ID 22

Error: (12/26/2025 10:02:39 AM) (Source: Windows App Runtime) (EventID: 22) (User: )
Description: Event-ID 22

Error: (12/26/2025 12:34:42 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren..

Error: (12/26/2025 12:34:42 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.]

Error: (12/25/2025 04:04:17 PM) (Source: Windows App Runtime) (EventID: 22) (User: )
Description: Event-ID 22

Error: (12/24/2025 03:57:05 PM) (Source: Windows App Runtime) (EventID: 22) (User: )
Description: Event-ID 22

Error: (12/24/2025 09:33:50 AM) (Source: Windows App Runtime) (EventID: 22) (User: )
Description: Event-ID 22


Systemfehler:
=============
Error: (12/28/2025 10:11:40 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT-AUTORITÄT)
Description: Secure Boot certificates have been updated but are not yet applied to the device firmware. Review the published guidance to complete the update and ensure full protection. This device signature information is included here.
DeviceAttributes: BaseBoardManufacturer:Gigabyte Technology Co., Ltd.;FirmwareManufacturer:American Megatrends International, LLC.;FirmwareVersion:F7d;OEMModelNumber:Gaming;OEMModelBaseBoard:B850 GAMING WIFI6;OEMModelSystemFamily:PC Konfigurator;OEMManufacturerName:CSL Computer GmbH;OEMModelSKU:88496;OSArchitecture:amd64;
BucketId: 2cc68ed5777feced9f7f9de2409b0784d697077c0e97f38f74bbd52869e54e74
BucketConfidenceLevel: 
UpdateType: 
For more information, please see https://go.microsoft.com/fwlink/?linkid=2301018.

Error: (12/28/2025 10:07:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/28/2025 10:07:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Logi Options+" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/28/2025 10:07:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "McAfee WebAdvisor" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/28/2025 10:07:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office Click-to-Run Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/28/2025 10:07:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/28/2025 10:07:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/28/2025 10:07:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "GUBootService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Windows Defender:
================Event[0]

Date: 2025-10-24 23:42:15
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.439.422.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.25090.3001
Fehlercode: 0x8024001e
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".  

CodeIntegrity:
===============
Date: 2025-12-28 10:16:47
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\wps\1.35.148.1\mc-sec-plugin-x64.dll that did not meet the Windows signing level requirements. 

Date: 2025-12-28 10:13:44
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\wps\1.35.148.1\mc-sec-plugin-x64.dll that did not meet the Windows signing level requirements. 


==================== Speicherinformationen =========================== 

BIOS: American Megatrends International, LLC. F7d 09/18/2025
Hauptplatine: Gigabyte Technology Co., Ltd. B850 GAMING WIFI6
Prozessor: AMD Ryzen 5 7500F 6-Core Processor 
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 15990.91 MB
Verfügbarer physikalischer RAM: 9618.81 MB
Summe virtueller Speicher: 17654.91 MB
Verfügbarer virtueller Speicher: 9827.16 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:930.41 GB) (Free:665.73 GB) (Model: KINGSTON SNV3S1000G) NTFS
Drive d: (T7 Shield) (Fixed) (Total:931.48 GB) (Free:444.46 GB) (Model: Samsung PSSD T7 Shield SCSI Disk Device) exFAT

\\?\Volume{3b7e211e-8d18-43a6-8de8-33c9d7a3433b}\ (Recovery) (Fixed) (Total:0.83 GB) (Free:0.07 GB) NTFS
\\?\Volume{55918bb7-6d72-4914-9831-0ce627a00270}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E2166BC0)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 6E98C27E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt =======================

Code:
ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 8.5.0.595
# -------------------------------
# Build:    03-05-2025
# Database: 2024-10-23.4 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    12-28-2025
# Duration: 00:00:08
# OS:       Windows 11 (Build 26100.7462)
# Scanned:  32106
# Detected: 1


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Adware.Heuristic            HKCU\SOFTWARE\773fcb1fa6f859d3bad8d70a435628f2

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1464 octets] - [07/12/2025 11:01:28]
AdwCleaner[S01].txt - [1525 octets] - [13/12/2025 22:25:49]
AdwCleaner[C01].txt - [1695 octets] - [13/12/2025 22:26:17]
AdwCleaner[S02].txt - [1605 octets] - [13/12/2025 22:29:07]
AdwCleaner[S03].txt - [1708 octets] - [28/12/2025 09:53:53]
AdwCleaner[C03].txt - [1878 octets] - [28/12/2025 10:04:11]
AdwCleaner[S04].txt - [1788 octets] - [28/12/2025 10:05:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########

 

Themen zu Windows 11: Windows 11: PUP.Adware.Heuristic von AdwCleaner gefunden
adware, computer, defender, excel, firefox, frage, google, home, homepage, internet, internet explorer, mozilla, performance, problem, programm, prozesse, realtek, registry, scan, services.exe, software, svchost.exe, system, updates, windows


« Discord zeigt nur noch einen schwarzen Bildschirm | - »


Ähnliche Themen: Windows 11: Windows 11: PUP.Adware.Heuristic von AdwCleaner gefunden


  1. PUP.Adware.Heuristic auf Win 11 PC
    Log-Analyse und Auswertung - 30.11.2025 (22)
  2. PUP.Adware.Heuristic
    Plagegeister aller Art und deren Bekämpfung - 14.09.2025 (13)
  3. PUP.Adware.Heuristic / bcnexum
    Plagegeister aller Art und deren Bekämpfung - 24.04.2025 (11)
  4. Windows 10: PUP.Adware.Heuristic
    Log-Analyse und Auswertung - 19.02.2025 (12)
  5. Windows 10 PUP.Adware.Heuristic
    Log-Analyse und Auswertung - 13.02.2025 (11)
  6. Windows 11: Adw-Cleaner findet PUP.Adware.Heuristic
    Log-Analyse und Auswertung - 01.04.2024 (27)
  7. AdwCleaner findet Adware.TryMedia und PUP's
    Log-Analyse und Auswertung - 24.01.2020 (9)
  8. MS Jigsaw öffnet Chrome selbstständig. Scan findet - Adware.KeenValue - PUP.Adware.Heuristic - PUP.Optional.InstallCore
    Log-Analyse und Auswertung - 25.09.2019 (18)
  9. Windows 7: ADWCleaner löscht PUP.Optional.Legacy nicht
    Log-Analyse und Auswertung - 09.07.2018 (17)
  10. AdwCleaner findet die Bedrohung "PUP.Conduit.Heuristic."...
    Plagegeister aller Art und deren Bekämpfung - 07.07.2018 (1)
  11. Kriege ständig Adware Pup Heuristic angezeigt und nicht gelöscht - Adw Cleaner
    Plagegeister aller Art und deren Bekämpfung - 03.04.2018 (7)
  12. adw cleaner findet pup adware heuristic
    Plagegeister aller Art und deren Bekämpfung - 21.01.2018 (29)
  13. Window 7 - PUP.Adware.Heuristic in Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
    Log-Analyse und Auswertung - 24.10.2017 (5)
  14. AdwCleaner 3 Funde PUP.Adware.Heuristic
    Plagegeister aller Art und deren Bekämpfung - 07.08.2017 (5)
  15. Windows 7: ADWARE/CrossRider.Gen4, ADWARE/EoRezo.Gen4 und ADWARE/MPlug 6.14 durch AntiVir gefunden
    Log-Analyse und Auswertung - 22.10.2014 (4)
  16. PC läuft langsam Adware Agent,Pup Optional B..,Pup Optional S..,wurde von Malewarebytes gefunden
    Log-Analyse und Auswertung - 04.10.2013 (41)
  17. Windows 7: PUP.Optional.OpenCandy von MBAM gefunden
    Plagegeister aller Art und deren Bekämpfung - 14.08.2013 (9)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 11: Windows 11: PUP.Adware.Heuristic von AdwCleaner gefunden - Hallo, auf meinem Desktop-PC findet das Programm AdwCleaner nach jedem Neustart die Adware PUP.Adware.Heuristic. Ich habe schon mehrfach die Adware in die Quarantäne verschoben und gelöscht, jedoch ohne Erfolg. Der - Windows 11: Windows 11: PUP.Adware.Heuristic von AdwCleaner gefunden...
Archiv
Du betrachtest: Windows 11: Windows 11: PUP.Adware.Heuristic von AdwCleaner gefunden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132