| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: pishingemailWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
Heute, 11:31
| #1 |
| |  pishingemail Guten Tag, im Jahr 2019 wurde mir hier bei einem größeren Problem schnell geholfen. Dafür nochmals vielen Dank. Leider wurde auf diesem PC, von dem ich die Anfrage sende, in Outlook ein link in einer fake email von noreply+Ldal8i@cloudstorage01.jmpghana.com geklickt. Der Fehler wurde schnell entdeckt. Kurz danach habe ich den PC geschaltet und den Router vom Stromnetz abgekoppelt und neu gestartet. Jetzt habe ich den PC wieder angeschaltet und möchte ihn überprüfen. Ich sende Ihnen diese Nachricht von dem betroffenen PC. Ich hoffe, Sie können mir nochmals helfen. Mfg Norbert Stoltze Ich möchte noch erwähnen das ich Kleinunternehmer bin und keinen eigenen IT-Support habe. Ich hoffe, das Sie mir helfen können. |
|
Heute, 12:41
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | pishingemail__________________
__________________ |
|
Heute, 19:14
| #3 |
| | pishingemailCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-03-2026
durchgeführt von Stoltze (Administrator) auf DESKTOP-FUM3544 (12-03-2026 17:53:02)
Gestartet von C:\Users\Stoltze\Downloads\FRST64.exe
Geladene Profile: Stoltze
Plattform: Microsoft Windows 11 Pro Version 25H2 26200.8037 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Adobe Crash Processor.exe
(C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AcroCEF\AcroCEF.exe <6>
(C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe ->) (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> ) C:\Program Files (x86)\TeamViewer\crashpad_handler.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Logi\LogiBolt\LogiBolt.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logi\LogiBolt\logi_crashpad_handler.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Mozilla Corporation -> Mozilla Foundation) C:\Program Files\Mozilla Firefox\crashhelper.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe <2>
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(explorer.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logi\LogiBolt\LogiBolt.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (AnyDesk Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(services.exe ->) (Geek Software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\NisSrv.exe
(services.exe ->) (Newyu) [Datei ist nicht signiert] C:\Program Files (x86)\LibreView Device Drivers\LibreViewMASMonitor.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(sihost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> WhatsApp.Root) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2606.102.0_x64__cv1g1gvanyjgm\WhatsApp.Root.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe OS Extension\AdobeNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_6.1.4.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.229.1.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AppActions.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9246656 2018-01-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [10752424 2025-01-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [641752 2025-01-13] (Geek Software GmbH -> geek software GmbH)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1792336 2025-06-06] (Logitech Inc -> Logitech, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [133128 2025-07-08] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2528232 2026-01-25] (Adobe Inc. -> Adobe Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-1836624912-1907861822-591967855-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194112 2026-02-25] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-1836624912-1907861822-591967855-1001\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKU\S-1-5-21-1836624912-1907861822-591967855-1001\...\Run: [MicrosoftEdgeAutoLaunch_4468CB7C92AAFF3199E9C929C9317035] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4342312 2026-03-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1836624912-1907861822-591967855-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [34893272 2026-03-08] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1836624912-1907861822-591967855-1001\...\Run: [Microsoft.Lists] => C:\Users\Stoltze\AppData\Local\Microsoft\OneDrive\26.026.0209.0004\OneDrive.Sync.Service.exe [953232 2026-03-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1836624912-1907861822-591967855-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [34893272 2026-03-08] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1836624912-1907861822-591967855-500\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Administrator\AppData\Local\Microsoft\Teams\Update.exe [1790704 2020-02-09] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1836624912-1907861822-591967855-500\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [2026-03-02] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\145.0.7632.160\Installer\chrmstp.exe [2026-03-06] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2024-12-19]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DTS Custom.lnk [2019-03-19]
ShortcutTarget: DTS Custom.lnk -> C:\Program Files (x86)\DTS, Inc\DTS Custom\APO3GUI.exe (DTS, Inc. -> DTS, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {91533F6F-2FF0-4DE9-A392-20FD7BA492B5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1612800 2026-01-23] (Adobe Inc. -> Adobe Inc.)
Task: {7C8A42C4-DEED-478F-98B2-255C2849EE45} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [10752424 2025-01-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {40188911-DDAA-474E-AE46-7B342DA1E4DD} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [11065256 2025-01-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {90D626C8-3F23-4988-BCA8-93EB5EA2C391} - System32\Tasks\dts_apo_service_task => C:\Program Files (x86)\DTS, Inc\DTS Custom\dts_apo_task.exe [18872 2017-10-13] (DTS, Inc. -> )
Task: {B274A061-F07E-43DB-BCAA-A0AF5CF29985} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem147.0.7703.0{AC52D571-FFAD-491A-8F8D-ECCC34449739} => C:\Program Files (x86)\Google\GoogleUpdater\147.0.7703.0\updater.exe [8495256 2026-02-25] (Google LLC -> Google LLC)
Task: {711A4D45-7969-48AA-AA3D-B57B73EAD5E9} - System32\Tasks\Launch Adobe CCXProcess => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194112 2026-02-25] (Adobe Inc. -> Adobe Inc.)
Task: {87B6C09B-7F10-465A-84DE-668EF4BE3835} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ActionsServer\ActionsServer.exe [16300328 2026-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0EE1824-FEC7-4DF2-A7AF-5D9938E90D57} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28604744 2026-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {C97166A6-8D24-47E7-9C38-31FF137682E2} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\opushutil.exe [73648 2026-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {20615F6A-BFD4-49D3-8B27-D032E83AC2D5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28604744 2026-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {54A9F347-C895-4E53-9565-E01645C31C07} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [427808 2026-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {03E31049-9029-4F66-9ED6-0A3F53D7408F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [427808 2026-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {573E5A32-11B0-4AB6-93E2-86CE1A942E93} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [1349992 2026-02-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6E111E4-E9C8-4603-9840-8205596881E8} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ActionsServer\ActionsServer.exe [16300328 2026-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {01D140EE-EF39-47C6-8C27-68944290BE4B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe [83792 2026-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {3681B40B-D104-4DBC-94A3-7144A16B72D7} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => %SystemRoot%\system32\clipesu.exe (Keine Datei)
Task: {D2200191-4F87-4E24-9E18-7293553824E6} - System32\Tasks\Microsoft\Windows\Clip\ClipESUConsumer => %SystemRoot%\system32\ClipESUConsumer.exe -evaluateEligibility (Keine Datei)
Task: {E264D75F-A325-4715-A551-ED1369917F4B} - System32\Tasks\Microsoft\Windows\Clip\ClipESUConsumerProcessECUpdate => %SystemRoot%\system32\ClipESUConsumer.exe -persistEligibilityStatus (Keine Datei)
Task: {7E9AE445-9EF7-4506-B57F-58A4BACA4EF1} - System32\Tasks\Microsoft\Windows\Clip\ClipEsuConsumerProcessPreOrder => %SystemRoot%\system32\ClipESUConsumer.exe -postProcessPreOrder (Keine Datei)
Task: {28266CA5-11D3-46A7-899D-10E434D861FA} - System32\Tasks\Microsoft\Windows\Clip\ClipEsuConsumerProcessRefund => %SystemRoot%\system32\ClipESUConsumer.exe -processRefund (Keine Datei)
Task: {CC894684-8EFB-4718-9F26-E264CE75A95E} - System32\Tasks\Microsoft\Windows\Clip\EnableClipESU => %SystemRoot%\system32\clipesu.exe -e (Keine Datei)
Task: {E88D9B2C-DDEA-47B2-9582-085153004DB5} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (Keine Datei)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Keine Datei)
Task: {31EB96A1-EEA3-45F7-8A6B-7CCDEFF03E63} - System32\Tasks\Microsoft\Windows\Setup\SetupRecoveryDataTask => {717aa9c3-17e5-483b-81cc-8e27ed927763} C:\WINDOWS\system32\oobe\SetupRecoveryDataTask.dll [106496 2026-02-25] (Microsoft Windows -> Microsoft Corporation)
Task: {CAB76809-EDC0-40D2-A888-AD9BEDF4E88A} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => %windir%\System32\UNP\UpdateNotificationMgr.exe (Keine Datei)
Task: {83019506-9F4F-4175-BEDC-8C079573FE4D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe RebootDialog (Keine Datei)
Task: {A4F5D4C3-8898-4E26-A7A6-4E93C69EBF8F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (Keine Datei)
Task: {47B60A26-7D01-4F0B-9FA4-229B6EDB9FCB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (Keine Datei)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei)
Task: {9E2C6D03-D322-4C81-964E-31D94D310666} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpCmdRun.exe [1786528 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C1ED627E-D7A1-45B8-AE8F-27D0A312C7DF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpCmdRun.exe [1786528 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {868F6E4D-ED90-4024-9BFC-99868FA32FEF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpCmdRun.exe [1786528 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {663516BE-5D69-46B5-8F1E-3D09DBCB68B0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpCmdRun.exe [1786528 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {98ADBDC9-29BE-4D4B-AA1C-A5BB1FC2DE27} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463176 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {2FF5FBC6-D1EE-48C3-ABEE-9017D37443E0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938368 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {CA8BDF81-832A-4133-887E-46C1B1CD1C5B} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2323928 2021-02-02] (Microsoft Corporation -> Microsoft)
Task: {1ADCCC38-3BF8-43FD-AD12-6BB85D5902E0} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\CEIP.exe [32704 2021-02-02] (Microsoft Corporation -> Microsoft)
Task: {AFB6D66D-7544-4361-AED4-C8BDA5F71814} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463176 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {69DE97FB-0112-4953-9BED-0B1D11F8238A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938368 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {E695F68C-C7B6-4726-AE8E-4771644388C4} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [707200 2026-03-11] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {3B10189B-CDBC-41A8-B508-DF15B852E1B2} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-1836624912-1907861822-591967855-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [707200 2026-03-11] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {9DAB6460-8088-44B3-9883-4B4C4F1BCBA3} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [33920 2026-03-11] (Mozilla Corporation -> Mozilla Foundation)
Task: {E50A702D-D8AE-4478-A9A1-9F3552E3E109} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2024-05-02] (Nvidia Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {139461D3-7841-45FA-8A6C-A8DC655E5D9C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341432 2024-05-02] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1E9D1194-E888-497A-9243-72B7CFB19908} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647424 2024-05-02] (Nvidia Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {5FBD6BDC-3CCD-4033-B2C5-F8CA97457568} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905984 2024-05-02] (Nvidia Corporation -> NVIDIA Corporation)
Task: {DE4E1A24-238A-4B98-9818-098BA1911B61} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905984 2024-05-02] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A1D579DC-7B5E-472E-82DD-C3003705FB3E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2024-05-02] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B412A8B4-9DF6-4D03-A218-14A8086A7521} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2024-05-02] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9C347FF5-E96A-49BC-B146-58FBB90EC2ED} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2024-05-02] (Nvidia Corporation -> NVIDIA Corporation)
Task: {243951F7-37B0-4460-82A0-3EE01FB9554C} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2024-05-02] (Nvidia Corporation -> NVIDIA Corporation)
Task: {EA44E6F4-FB9F-4DE9-8FED-73223420F6EE} - System32\Tasks\SoftLanding\S-1-5-21-1836624912-1907861822-591967855-1001\SoftLandingCreativeManagementTask => {F576B2F9-7850-4226-ADB0-E5993FED4F02}
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3d91d349-8adb-41bc-8445-7385484033a0}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3d91d349-8adb-41bc-8445-7385484033a0}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{9edd262e-0343-494d-921c-ff45d703637d}: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF TaskBarID: 308046B0AF4A39CB -> C:\Program Files\Mozilla Firefox
FF DefaultProfile: v9boc34z.default-1733333727286 -> 308046B0AF4A39CB
FF ProfilePath: C:\Users\Stoltze\AppData\Roaming\Mozilla\Firefox\Profiles\v9boc34z.default-1733333727286 [2026-03-12]
FF Homepage: Mozilla\Firefox\Profiles\v9boc34z.default-1733333727286 -> hxxps://www.google.de/
FF Extension: (New Tab) - C:\Users\Stoltze\AppData\Roaming\Mozilla\Firefox\Profiles\v9boc34z.default-1733333727286\Extensions\newtab@mozilla.org.xpi [2026-03-10]
FF Extension: (uBlock Origin) - C:\Users\Stoltze\AppData\Roaming\Mozilla\Firefox\Profiles\v9boc34z.default-1733333727286\Extensions\uBlock0@raymondhill.net.xpi [2026-01-31]
FF Extension: (Mobile View Switcher) - C:\Users\Stoltze\AppData\Roaming\Mozilla\Firefox\Profiles\v9boc34z.default-1733333727286\Extensions\{fa247c57-77ac-41cd-b942-332051e15ced}.xpi [2025-12-23]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi => nicht gefunden
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2026-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2025-12-09] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2026-01-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-12-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [Keine Datei]
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.15 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2026-03-08] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2026-03-08] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2025-12-09] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-1836624912-1907861822-591967855-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-1836624912-1907861822-591967855-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-1836624912-1907861822-591967855-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Keine Datei]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2021-06-26] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2021-06-26] <==== ACHTUNG
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Stoltze\AppData\Local\Microsoft\Edge\User Data\Default [2025-12-10]
Edge DownloadDir: C:\Users\Stoltze\Downloads
Edge Extension: (Google Docs Offline) - C:\Users\Stoltze\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-12-01]
Edge Extension: (Edge relevant text changes) - C:\Users\Stoltze\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (uBlock Origin) - C:\Users\Stoltze\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2025-12-01]
Edge DownloadDir: Default -> C:\Users\Stoltze\Downloads
Edge HKU\S-1-5-19\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-20\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-21-1836624912-1907861822-591967855-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-21-1836624912-1907861822-591967855-500\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Chrome:
=======
CHR Profile: C:\Users\Stoltze\AppData\Local\Google\Chrome\User Data\Default [2026-03-06]
CHR Extension: (Google Docs Offline) - C:\Users\Stoltze\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-05]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Stoltze\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-11]
CHR HKU\.DEFAULT\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-1836624912-1907861822-591967855-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [180216 2026-01-23] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944608 2025-12-09] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [11081128 2025-01-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-03] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [5631416 2026-03-09] (AnyDesk Software GmbH -> AnyDesk Software GmbH)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-02-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13270328 2026-03-09] (Microsoft Corporation -> Microsoft Corporation)
S3 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Custom\dts_apo_service.exe [26560 2017-10-13] (DTS, Inc. -> )
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1115560 2021-08-01] (Bayerisches Landesamt fuer Steuern -> )
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [244232 2026-03-10] (HP Inc. -> HP Inc.)
R2 LibreViewMASMonitor; C:\Program Files (x86)\LibreView Device Drivers\LibreViewMASMonitor.exe [17920 2022-08-11] (Newyu) [Datei ist nicht signiert]
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpDefenderCoreService.exe [2067464 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [641752 2025-01-13] (Geek Software GmbH -> geek software GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [811360 2026-02-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [22678888 2026-03-03] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\NisSrv.exe [4435096 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MsMpEng.exe [290744 2026-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [27920 2024-03-26] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-06-01] (ASUSTeK Computer Inc. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [602112 2025-11-13] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [204800 2025-11-13] (Microsoft Corporation) [Datei ist nicht signiert]
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [82352 2026-02-10] (Microsoft Windows -> Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2023-02-24] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21888 2026-02-10] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [635272 2026-02-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [102832 2026-02-10] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2026-03-12 17:53 - 2026-03-12 17:53 - 000038440 _____ C:\Users\Stoltze\Downloads\FRST.txt
2026-03-12 17:52 - 2026-03-12 17:53 - 000000000 ____D C:\FRST
2026-03-12 17:51 - 2026-03-12 17:51 - 002445824 _____ (Farbar) C:\Users\Stoltze\Downloads\FRST64.exe
2026-03-12 17:51 - 2026-03-12 17:51 - 002445824 _____ (Farbar) C:\Users\Stoltze\Downloads\FRST64(1).exe
2026-03-12 14:39 - 2026-03-12 14:39 - 000707760 _____ C:\WINDOWS\system32\perfh007.dat
2026-03-12 14:39 - 2026-03-12 14:39 - 000150734 _____ C:\WINDOWS\system32\perfc007.dat
2026-03-12 11:36 - 2026-03-12 11:36 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2026-03-11 07:44 - 2026-03-11 08:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2026-03-11 07:38 - 2026-03-12 16:34 - 000000000 ____D C:\WINDOWS\CbsTemp
2026-03-10 23:10 - 2026-03-10 23:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\SoftLanding
2026-03-10 22:52 - 2026-03-10 22:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2026-03-10 22:52 - 2026-03-10 22:52 - 000000000 ____D C:\Program Files\HP
2026-03-10 22:51 - 2026-03-10 22:52 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2026-03-10 19:45 - 2026-03-10 19:45 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2026-03-06 09:23 - 2026-03-06 09:23 - 000000000 ____D C:\Users\UMFD-0.Font Driver Host.008
2026-03-06 09:23 - 2026-03-06 09:23 - 000000000 ____D C:\Users\TEMP.Font Driver Host.008
2026-03-05 19:58 - 2026-03-05 19:58 - 000001771 _____ C:\Users\Stoltze\Desktop\1 neue anleitung für die libre 3 app - Verknüpfung.lnk
2026-02-25 12:25 - 2026-02-25 12:25 - 000000000 ____D C:\Users\UMFD-0.Font Driver Host.007
2026-02-25 12:25 - 2026-02-25 12:25 - 000000000 ____D C:\Users\TEMP.Font Driver Host.007
2026-02-25 07:19 - 2026-02-25 07:19 - 000083946 _____ C:\WINDOWS\SysWOW64\ctac.json
2026-02-25 07:19 - 2026-02-25 07:19 - 000083946 _____ C:\WINDOWS\system32\ctac.json
2026-02-25 07:19 - 2026-02-25 07:19 - 000036382 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2026-02-25 07:19 - 2026-02-25 07:19 - 000036382 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2026-02-16 18:30 - 2026-02-16 18:30 - 000000000 ____D C:\Users\UMFD-0.Font Driver Host.006
2026-02-16 18:30 - 2026-02-16 18:30 - 000000000 ____D C:\Users\TEMP.Font Driver Host.006
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2026-03-12 17:51 - 2022-02-09 13:54 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2026-03-12 17:49 - 2019-07-15 12:55 - 000000000 ____D C:\Users\Stoltze\AppData\Roaming\Microsoft\Excel
2026-03-12 17:17 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-03-12 16:58 - 2020-02-08 21:19 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2026-03-12 15:00 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2026-03-12 14:51 - 2025-11-13 11:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2026-03-12 14:39 - 2025-11-13 11:51 - 001637736 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2026-03-12 14:39 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2026-03-12 14:35 - 2021-09-07 21:42 - 000000000 ____D C:\Users\Stoltze\AppData\Local\LogiBolt
2026-03-12 14:34 - 2025-11-13 11:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2026-03-12 14:34 - 2025-11-13 11:46 - 000004234 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2026-03-12 14:34 - 2024-12-19 15:11 - 000000000 ____D C:\ProgramData\AnyDesk
2026-03-12 14:34 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2026-03-12 14:34 - 2020-08-04 00:08 - 000012288 ___SH C:\DumpStack.log.tmp
2026-03-12 14:34 - 2019-10-18 12:27 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2026-03-12 14:34 - 2019-09-13 11:23 - 000000000 ____D C:\ProgramData\NVIDIA
2026-03-12 13:39 - 2024-04-01 08:21 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2026-03-12 11:28 - 2019-07-21 19:19 - 000000000 ____D C:\Users\Stoltze\Documents\zugangsdaten
2026-03-12 11:27 - 2019-07-21 21:56 - 000000000 ____D C:\Users\Stoltze\AppData\Roaming\Microsoft\Word
2026-03-12 09:27 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2026-03-12 08:56 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2026-03-12 08:10 - 2022-10-13 12:51 - 000002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2026-03-12 08:01 - 2022-10-12 22:34 - 000002120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2026-03-12 08:01 - 2022-10-12 22:34 - 000002109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2026-03-11 08:29 - 2025-11-13 11:46 - 000492712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2026-03-11 08:29 - 2023-05-09 09:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2026-03-11 08:28 - 2024-04-01 17:36 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2026-03-11 08:28 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2026-03-11 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2026-03-11 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2026-03-11 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2026-03-11 07:50 - 2025-11-13 11:50 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2026-03-11 07:50 - 2023-05-09 09:35 - 000001031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2026-03-11 07:41 - 2024-04-01 08:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2026-03-11 07:41 - 2024-04-01 08:26 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2026-03-11 07:31 - 2025-11-13 11:46 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2026-03-10 23:08 - 2022-05-22 13:22 - 000000000 ____D C:\Program Files (x86)\Brother
2026-03-10 23:08 - 2022-05-22 13:20 - 000000000 ____D C:\Program Files (x86)\ControlCenter4
2026-03-10 23:08 - 2019-03-19 13:34 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2026-03-10 22:53 - 2019-03-19 13:25 - 000000000 ____D C:\ProgramData\Packages
2026-03-10 22:53 - 2019-03-19 13:08 - 000000000 ____D C:\Users\Stoltze\AppData\Local\Packages
2026-03-10 22:51 - 2019-03-19 13:10 - 000000000 ____D C:\Users\Stoltze\AppData\Local\PlaceholderTileLogoFolder
2026-03-10 22:51 - 2019-03-19 13:08 - 000000000 ____D C:\Users\Stoltze\AppData\Local\Publishers
2026-03-10 19:45 - 2019-07-06 10:29 - 000000000 ____D C:\Program Files\Microsoft Office
2026-03-10 14:10 - 2025-11-13 11:50 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1836624912-1907861822-591967855-1001
2026-03-10 14:10 - 2025-11-13 11:50 - 000003574 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1836624912-1907861822-591967855-1001
2026-03-10 14:10 - 2025-11-13 11:50 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1836624912-1907861822-591967855-1001
2026-03-10 14:10 - 2021-12-09 14:37 - 000002391 _____ C:\Users\Stoltze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2026-03-10 02:56 - 2019-07-06 11:55 - 000000000 ____D C:\Users\Stoltze\AppData\Roaming\Microsoft\Office
2026-03-10 02:42 - 2022-09-14 11:47 - 000000000 ____D C:\Users\Stoltze\Documents\ms hauptdatei
2026-03-09 22:54 - 2024-12-19 15:11 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2026-03-09 12:59 - 2019-07-25 06:38 - 000000000 ____D C:\Users\Stoltze\AppData\Local\D3DSCache
2026-03-08 17:46 - 2020-06-20 10:31 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2026-03-08 07:41 - 2025-11-13 11:50 - 000003754 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2026-03-08 07:41 - 2025-11-13 11:50 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2026-03-06 15:37 - 2020-04-25 09:02 - 000001456 _____ C:\Users\Stoltze\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2026-03-06 15:10 - 2022-09-14 12:19 - 000000000 ____D C:\Users\Stoltze\AppData\Roaming\com.adobe.dunamis
2026-03-06 15:10 - 2019-03-19 13:08 - 000000000 ____D C:\Users\Stoltze\AppData\Roaming\Adobe
2026-03-06 07:00 - 2022-12-11 12:51 - 000002205 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2026-02-27 09:22 - 2019-11-05 17:12 - 000000000 ____D C:\Users\Stoltze\AppData\Local\CrashDumps
2026-02-26 00:41 - 2024-04-01 17:37 - 000000000 ____D C:\WINDOWS\InboxApps
2026-02-26 00:41 - 2024-04-01 17:37 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2026-02-26 00:41 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2026-02-26 00:41 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2026-02-26 00:41 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2026-02-26 00:41 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2026-02-26 00:41 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2026-02-26 00:41 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2026-02-26 00:41 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2026-02-26 00:41 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2026-02-26 00:41 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\setup
2026-02-26 00:41 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2026-02-26 00:41 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2026-02-26 00:41 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2026-02-26 00:41 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2026-02-26 00:41 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2026-02-26 00:41 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2026-02-26 00:41 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2026-02-26 00:41 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2026-02-26 00:41 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\appcompat
2026-02-26 00:41 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing
2026-02-25 13:13 - 2019-08-31 15:03 - 000000000 ____D C:\Program Files\Common Files\Adobe
2026-02-25 13:13 - 2019-08-31 15:03 - 000000000 ____D C:\Program Files\Adobe
2026-02-24 12:31 - 2025-11-13 11:50 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2026-02-14 03:57 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2026-02-11 01:45 - 2019-03-19 13:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2026-02-11 01:44 - 2019-03-19 13:25 - 221154392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2026-02-10 11:19 - 2019-03-19 13:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-01-21 15:14 - 2020-01-21 15:14 - 000000186 _____ () C:\Program Files\Common Files\TrackerSoftwareInstallerPDFXVwer.log
2022-12-07 13:51 - 2025-11-26 16:01 - 000000128 _____ () C:\Users\Stoltze\AppData\Roaming\winscp.rnd
2020-04-25 09:02 - 2026-03-06 15:37 - 000001456 _____ () C:\Users\Stoltze\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2020-02-08 21:25 - 2020-02-08 21:25 - 000000000 _____ () C:\Users\Stoltze\AppData\Local\oobelibMkey.log
2025-11-05 22:17 - 2025-11-05 22:17 - 000000218 _____ () C:\Users\Stoltze\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-03-2026
durchgeführt von Stoltze (12-03-2026 17:54:13)
Gestartet von C:\Users\Stoltze\Downloads
Microsoft Windows 11 Pro Version 25H2 26200.8037 (X64) (2025-11-13 10:50:29)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-1836624912-1907861822-591967855-500 - Administrators - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1836624912-1907861822-591967855-503 - Limited - Disabled)
Gast (S-1-5-21-1836624912-1907861822-591967855-501 - Limited - Disabled)
Stoltze (S-1-5-21-1836624912-1907861822-591967855-1001 - Administrators - Enabled) => C:\Users\Stoltze
WDAGUtilityAccount (S-1-5-21-1836624912-1907861822-591967855-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Small Office Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Small Office Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 25.001.21288 - Adobe Systems Incorporated)
Adobe Acrobat Reader - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 25.001.21288 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.8.1.865 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.6.0.79 - Adobe Inc.)
Adobe Illustrator 2026 (HKLM-x32\...\ILST_30_0) (Version: 30.0 - Adobe Inc.)
Adobe Photoshop 2026 (HKLM-x32\...\PHSP_27_0) (Version: 27.0.0.25 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601149}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 6.05.16.221 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.133 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.27.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.44 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{1ee7f179-da35-4723-a064-99a2a93c80be}) (Version: 6.05.16.221 - Advanced Micro Devices, Inc.) Hidden
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 9.0.10 - AnyDesk Software GmbH)
AppLogLibSetup (HKLM-x32\...\{52FB0C8F-DF05-4C61-AEB6-18C55F8C385F}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden
Audacity 3.5.1 (HKLM\...\Audacity_is1) (Version: 3.5.1 - Audacity Team)
AusweisApp2 (HKLM-x32\...\{C04EA002-0878-4DBA-810E-8FE84CE35CB5}) (Version: 1.22.2 - Governikus GmbH & Co. KG)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Ihr Firmenname) Hidden
Brother Port Driver (HKLM-x32\...\{F9496A68-777D-4B9F-A72B-34FCA4AB6D55}) (Version: 1.0.2.1 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{DC05CAEF-CDB0-4DAA-A8A1-5B72B4714FD3}) (Version: 1.1.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{2326DFD5-AF8C-46B0-B2BA-943999A62FB9}) (Version: 1.0.12.1 - Brother Industries Ltd.) Hidden
Catalyst Control Center - Branding (HKLM-x32\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
DTS Custom (HKLM-x32\...\{84504AA1-7F93-40F9-BDF6-0630D0E9E45D}) (Version: 1.00.0500 - DTS, Inc.)
ElsterFormular (HKLM-x32\...\{0F35BEE6-976E-4324-9AA2-35B156664F92}) (Version: 21.4 - Thüringer Landesamt für Finanzen)
FileZilla 3.69.5 (HKLM-x32\...\FileZilla Client) (Version: 3.69.5 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 145.0.7632.160 - Google LLC)
HttpToUsbBridge (HKLM-x32\...\{2316FF8E-7DEC-4EB9-A50D-64C304A25469}) (Version: 1.5.30.1 - Brother Industries Ltd.)
LibreView Device Drivers3.3.4 (HKLM-x32\...\{D2200BF1-9BF0-4C1C-9282-A727FFCC5046}) (Version: 3.3.4 - Newyu)
Logi Bolt (HKLM\...\LogiBolt) (Version: 1.2.6024.0 - Logi)
Logitech Options (HKLM\...\LogiOptions) (Version: 10.26.12 - Logitech)
Microsoft 365 Apps for Business - de-de (HKLM\...\O365BusinessRetail - de-de) (Version: 16.0.19725.20172 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 145.0.3800.97 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 145.0.3800.97 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1836624912-1907861822-591967855-1001\...\OneDriveSetup.exe) (Version: 26.026.0209.0004 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1836624912-1907861822-591967855-500\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1836624912-1907861822-591967855-500\...\Teams) (Version: 1.2.00.24753 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.25.28902 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211 (HKLM-x32\...\{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35211 (HKLM-x32\...\{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35211 (HKLM-x32\...\{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{7C0242A3-8B66-35D1-9FE0-13B426ACB609}) (Version: 10.0.60729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.60724 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-1836624912-1907861822-591967855-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.106.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 13.250.137.0 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox) (Version: 148.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 112.0.2 - Mozilla)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.8 - Notepad++ Team)
NVIDIA FrameView SDK 1.2.7704.31296923 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7704.31296923 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.24.0.135 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.135 - NVIDIA Corporation)
NVIDIA Grafiktreiber 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Ihr Firmenname) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.19725.20172 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.19029.20208 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.19725.20172 - Microsoft Corporation) Hidden
PDF24 Creator 11.23.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.23.0 - geek software GmbH)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.1.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.26.328.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8339 - Realtek Semiconductor Corp.)
Support- und Wiederherstellungs-Assistent von Microsoft (HKU\S-1-5-21-1836624912-1907861822-591967855-1001\...\f9a89bd2a46a7606) (Version: 16.0.3306.3 - Microsoft Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.24753 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.75.5 - TeamViewer)
UltraCompare (HKLM\...\{07A7AE94-5AAA-468A-9A3C-EF75E73D8EE2}) (Version: 24.0.0.26 - IDM Computer Solutions, Inc.)
UltraEdit (HKLM\...\{AFFE5F64-3248-41E9-96AE-8B475F6EFAB3}) (Version: 31.1.0.36 - IDM Computer Solutions, Inc.)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{B8D93870-98D1-4980-AFCA-E26563CDFB79}) (Version: 8.94.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_3_0) (Version: 1.3.0 - Adobe Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22866 - Microsoft Corporation)
Windows*11-Installationsassistent (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.6448 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{E06F96B5-4369-4BDC-B64D-2A8A02FE069B}) (Version: 4.0.2410.23001 - Microsoft Corporation)
WinRAR 6.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.21.0 - win.rar GmbH)
WinSCP 6.5.4 (HKLM-x32\...\winscp3_is1) (Version: 6.5.4 - Martin Prikryl)
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-08-03] (Adobe Systems Incorporated)
Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC [2026-03-12] ()
Adobe Acrobat Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC [2025-11-13] ()
Adobe Native Client -> C:\Program Files\Common Files\Adobe\Adobe OS Extension [2025-11-14] ()
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_163.1.1121.0_x64__v10z8vjag6ke6 [2026-03-10] (HP Inc.)
HP Universal Print Application -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterDriver_2601.1.3917.0_x64__v10z8vjag6ke6 [2026-03-12] (HP Inc.)
Local AI Manager for Microsoft 365 -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\AI [2026-03-10] ()
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-03] (Microsoft Corporation)
Microsoft 365 companion apps -> C:\Program Files\WindowsApps\Microsoft.M365Companions_2.2510.30002.0_x64__8wekyb3d8bbwe [2025-11-17] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-08-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-08-03] (Microsoft Corporation) [MS Ad]
Microsoft.Office.ActionsServer -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\ActionsServer [2026-03-10] ()
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.969.0_x64__56jybvy8sckqj [2025-11-13] (NVIDIA Corp.)
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16 [2026-03-10] ()
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.27.25.0_x64__nfy108tqq3p12 [2023-01-06] (Thumbmunkeys Ltd)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2606.102.0_x64__cv1g1gvanyjgm [2026-02-27] (WhatsApp Inc.) [Startup Task]
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1836624912-1907861822-591967855-1001_Classes\CLSID\{04271989-C4D2-BE93-3D8F-A0773ED42F54} -> [OneDrive - Dima-Tech e.K] => C:\Users\Stoltze\OneDrive - Dima-Tech e.K [2025-11-05 21:56]
CustomCLSID: HKU\S-1-5-21-1836624912-1907861822-591967855-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-1836624912-1907861822-591967855-1001_Classes\CLSID\{b5eedee0-c06e-11cf-8c56-444553540000}\InprocServer32 -> C:\Program Files\IDM Computer Solutions\UltraEdit\ue64ctmn.dll (UltraEdit, Inc. -> )
CustomCLSID: HKU\S-1-5-21-1836624912-1907861822-591967855-1001_Classes\CLSID\{C3B42C03-C1B7-4c1a-B384-BBAE19646333}\InprocServer32 -> C:\Program Files\IDM Computer Solutions\UltraCompare\UC_ShellExt64.dll (IDM Computer Solutions, Inc. -> )
CustomCLSID: HKU\S-1-5-21-1836624912-1907861822-591967855-1001_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1836624912-1907861822-591967855-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1836624912-1907861822-591967855-1001_Classes\CLSID\{EABAE40C-B27C-455A-B672-F234DD780948}\InprocServer32 -> C:\Users\Stoltze\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.25.28902\x64\Microsoft.Teams.MeetingAddin.DLL (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-12-08] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-12-08] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-12-08] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-12-08] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2026-02-17] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2022-11-08] (Notepad++ -> )
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> Keine Datei
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> Keine Datei
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\nvshext.dll [2024-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-12-08] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2026-02-17] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1836624912-1907861822-591967855-1001: [UltraCompare] -> {C3B42C03-C1B7-4c1a-B384-BBAE19646333} => C:\Program Files\IDM Computer Solutions\UltraCompare\UC_ShellExt64.dll [2024-09-10] (IDM Computer Solutions, Inc. -> )
ContextMenuHandlers1_S-1-5-21-1836624912-1907861822-591967855-1001: [UltraEdit] -> {b5eedee0-c06e-11cf-8c56-444553540000} => C:\Program Files\IDM Computer Solutions\UltraEdit\ue64ctmn.dll [2024-12-18] (UltraEdit, Inc. -> )
ContextMenuHandlers4_S-1-5-21-1836624912-1907861822-591967855-1001: [UltraCompare] -> {C3B42C03-C1B7-4c1a-B384-BBAE19646333} => C:\Program Files\IDM Computer Solutions\UltraCompare\UC_ShellExt64.dll [2024-09-10] (IDM Computer Solutions, Inc. -> )
ContextMenuHandlers6_S-1-5-21-1836624912-1907861822-591967855-1001: [UltraEdit] -> {b5eedee0-c06e-11cf-8c56-444553540000} => C:\Program Files\IDM Computer Solutions\UltraEdit\ue64ctmn.dll [2024-12-18] (UltraEdit, Inc. -> )
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [MidisrvTransferComplete] => 1
HKLM\...\Drivers32: [midi1] => C:\Windows\system32\wdmaud2.drv [143360 2026-02-25] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [midi1] => C:\Windows\SysWOW64\wdmaud2.drv [91648 2026-02-25] (Microsoft Windows -> Microsoft Corporation)
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2025-09-30 00:10 - 2025-09-30 00:10 - 000030720 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\Acrobat Elements\ContextMenuShim64.deu
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2026-01-29] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2026-03-08] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2026-03-08] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2026-01-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2026-03-08] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2026-03-08] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2026-03-08] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2026-03-08] (Adobe Inc. -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-02-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-02-25] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-02-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-02-25] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-02-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-02-25] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-02-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-02-25] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1836624912-1907861822-591967855-1001\...\sharepoint.com -> hxxps://dimatechkiel-files.sharepoint.com
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2018-09-15 08:31 - 2023-04-18 12:40 - 000000836 ____R C:\WINDOWS\system32\drivers\etc\hosts
==================== Network ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
DNS Servers: 192.168.178.1
ist aktiviert.
Network Binding:
=============
Ethernet 2: Realtek PCIe GbE Family Controller #2 -> rt640x64.sys
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1836624912-1907861822-591967855-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-1836624912-1907861822-591967855-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\DesktopSpotlight\Assets\Images\image_3.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 5) (TamperProtectionSource: 2)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\StartupFolder: => "Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2019 - Schnellstarter.lnk"
HKLM\...\StartupApproved\StartupFolder: => "DTS Custom.lnk"
HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "PDF24"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1836624912-1907861822-591967855-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1836624912-1907861822-591967855-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1836624912-1907861822-591967855-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-1836624912-1907861822-591967855-1001\...\StartupApproved\Run: => "InversMonitor"
HKU\S-1-5-21-1836624912-1907861822-591967855-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1836624912-1907861822-591967855-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_4468CB7C92AAFF3199E9C929C9317035"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{0856C2FC-3225-477A-9888-04AFDFA26322}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{392276A8-D5FB-459E-AB05-BE78B2FDE418}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D582C1A7-572E-4284-B91B-E6AC057CC8F4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{F999C705-5E6F-49C3-802E-13F6689D4BBE}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{57DEC0E1-9AB6-43FF-9E15-F8FD54AEB4A4}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E6866D71-450D-4C59-9978-A01560899C3E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{93F1909C-97FF-4BE5-B360-72FCAB3DF627}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{00C74C20-A230-4646-8584-D373CFA4A9D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{BFA1594B-113F-4A81-BFD3-91C1F4330F96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{DCE72D77-F0FC-4DC1-9FA8-E7C4437C9E8C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{C165F6FC-A639-4F75-A9ED-FE04DDC26E29}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{FF6C5149-D7F1-43F2-8EF6-C93F44BC8163}] => (Block) C:\program files (x86)\ausweisapp2\ausweisapp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [{7945D191-34F8-4CCA-BCC5-51EDFD97F8F1}] => (Block) C:\program files (x86)\ausweisapp2\ausweisapp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [UDP Query User{9DF3D1FC-3028-47E6-BC58-00ACE367B7D3}C:\program files (x86)\ausweisapp2\ausweisapp2.exe] => (Allow) C:\program files (x86)\ausweisapp2\ausweisapp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [TCP Query User{4A6D14B5-0043-4B7A-B2C5-1D2D2BDD276E}C:\program files (x86)\ausweisapp2\ausweisapp2.exe] => (Allow) C:\program files (x86)\ausweisapp2\ausweisapp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [{9ACA901C-03FB-4513-9733-BD33B5B61103}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F18BC23B-D4C5-4F37-96AE-56804694C339}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{24607192-FE5B-4A69-9429-9444ABFDD85D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{4C60EDC3-837F-4051-990F-6426694B71EF}C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe] => (Allow) C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{F211431F-5D3A-48D1-84C9-A7A24CBDEEDB}C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe] => (Allow) C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{E4C7BB97-672C-4DEA-A780-B1EDFD6C9160}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{CA913DA8-D031-4D67-9DE9-C9F5C1C5BC57}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E0737FD7-BFFC-45D7-A2A1-B2F0260F316D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{18949DB5-E2C6-41F6-8806-99C465835B8F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{63009087-38BE-43FA-AF2C-651021AAA9E3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0948E0F0-5EAB-4FC6-81B8-3C8A49048F67}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{324A0767-7527-442B-BC07-7A384570633A}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{98193B33-D464-4C35-B3D0-9427D0E3320E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{F6158845-C02F-48BC-8B4E-5E256BE7062A}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{E67D75F9-DFF5-4159-A325-32684F60931F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{680B73BE-E22E-48FC-860E-496EE046A176}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{FB23DF8B-9880-4D38-8C72-81514E92D818}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
==================== Wiederherstellungspunkte =========================
06-03-2026 18:54:42 Windows Update
10-03-2026 08:40:50 Windows Update
11-03-2026 07:27:50 Windows Modules Installer
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (03/12/2026 04:18:14 PM) (Source: Universal Print) (EventID: 1) (User: )
Description: IPP TLS certificate error. WINHTTP_CALLBACK_STATUS_SECURE_FAILURE: WINHTTP_CALLBACK_STATUS_FLAG_SECURITY_CHANNEL_ERROR
Error: (03/12/2026 02:35:16 PM) (Source: DTSAPOService) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ArgumentNullException: Der Wert darf nicht NULL sein.
Parametername: source
bei System.Linq.Enumerable.Contains[TSource](IEnumerable`1 source, TSource value, IEqualityComparer`1 comparer)
bei dts_apo_service.Service1.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (03/12/2026 01:39:22 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren..
Error: (03/12/2026 01:39:22 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.]
Error: (03/12/2026 01:37:13 PM) (Source: DTSAPOService) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ArgumentNullException: Der Wert darf nicht NULL sein.
Parametername: source
bei System.Linq.Enumerable.Contains[TSource](IEnumerable`1 source, TSource value, IEqualityComparer`1 comparer)
bei dts_apo_service.Service1.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (03/12/2026 12:40:25 PM) (Source: DTSAPOService) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ArgumentNullException: Der Wert darf nicht NULL sein.
Parametername: source
bei System.Linq.Enumerable.Contains[TSource](IEnumerable`1 source, TSource value, IEqualityComparer`1 comparer)
bei dts_apo_service.Service1.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (03/12/2026 11:51:34 AM) (Source: DTSAPOService) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ArgumentNullException: Der Wert darf nicht NULL sein.
Parametername: source
bei System.Linq.Enumerable.Contains[TSource](IEnumerable`1 source, TSource value, IEqualityComparer`1 comparer)
bei dts_apo_service.Service1.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (03/12/2026 11:28:02 AM) (Source: Universal Print) (EventID: 1) (User: )
Description: IPP TLS certificate error. WINHTTP_CALLBACK_STATUS_SECURE_FAILURE: WINHTTP_CALLBACK_STATUS_FLAG_SECURITY_CHANNEL_ERROR
Systemfehler:
=============
Error: (03/12/2026 02:37:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (03/12/2026 02:37:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.
Error: (03/12/2026 02:35:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (45000 ms) wurde beim Verbindungsversuch mit dem Dienst asComSvc erreicht.
Error: (03/12/2026 02:34:44 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1040) (User: NT-AUTORITÄT)
Description: Integritätsprüfungen vor dem Nachweis bestätigen, dass eine kritische Komponente fehlgeschlagen ist und dass das Gerät nicht den Nachweis bestehen soll.
Ausführliche Informationen zu den durchgeführten Überprüfungen finden Sie in C:\WINDOWS\Logs\MeasuredBoot\0000000036-0000000000.json.
Error: (03/12/2026 01:37:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (45000 ms) wurde beim Verbindungsversuch mit dem Dienst asComSvc erreicht.
Error: (03/12/2026 01:36:41 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1040) (User: NT-AUTORITÄT)
Description: Integritätsprüfungen vor dem Nachweis bestätigen, dass eine kritische Komponente fehlgeschlagen ist und dass das Gerät nicht den Nachweis bestehen soll.
Ausführliche Informationen zu den durchgeführten Überprüfungen finden Sie in C:\WINDOWS\Logs\MeasuredBoot\0000000035-0000000000.json.
Error: (03/12/2026 01:36:39 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 12.03.2026 um 13:07:01 unerwartet heruntergefahren.
Error: (03/12/2026 01:36:27 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 3221225684A fatal error occurred processing the restoration data.
Windows Defender:
================
Date: 2026-03-12 13:04:29
Description:
Microsoft Defender Antivirus šçàⁿ ђάş ъęзņ ѕтőρрēδ ъêƒόг℮ ¢òmρℓēтîòʼn.%и %τŜсäи ĮÐ:%ь{382C79F7-7A91-4DE7-8DC9-9A4F8A9FCCB7}%π %ŧŜĉāñ Τýρε:%ьAntimalware%ή %ţŜçáʼn Рдґáměτéяѕ:%ьSchnellüberprüfung%ή %τЦѕеŗ:%ьNT-AUTORITÄT\SYSTEM%π %тŞτοφ Ŗēăşøŋ:%ьГΡĊ čόⁿήеĉτïòŋ řũηδőωŋ
Date: 2026-03-12 12:27:21
Description:
Microsoft Defender Antivirus šçàⁿ ђάş ъęзņ ѕтőρрēδ ъêƒόг℮ ¢òmρℓēтîòʼn.%и %τŜсäи ĮÐ:%ь{DFA8D10E-AB40-4A06-BDCD-9841293001C6}%π %ŧŜĉāñ Τýρε:%ьAntimalware%ή %ţŜçáʼn Рдґáměτéяѕ:%ьSchnellüberprüfung%ή %τЦѕеŗ:%ьNT-AUTORITÄT\SYSTEM%π %тŞτοφ Ŗēăşøŋ:%ьГΡĊ čόⁿήеĉτïòŋ řũηδőωŋ
Date: 2026-03-12 11:52:17
Description:
Microsoft Defender Antivirus šçàⁿ ђάş ъęзņ ѕтőρрēδ ъêƒόг℮ ¢òmρℓēтîòʼn.%и %τŜсäи ĮÐ:%ь{EDF34577-A461-47E3-90BF-9567EDE1FF8C}%π %ŧŜĉāñ Τýρε:%ьAntimalware%ή %ţŜçáʼn Рдґáměτéяѕ:%ьSchnellüberprüfung%ή %τЦѕеŗ:%ьDESKTOP-FUM3544\Stoltze%π %тŞτοφ Ŗēăşøŋ:%ьǺвõŕтэď вý τђé ĉĺīёйŧ
Date: 2026-03-11 14:29:22
Description:
Microsoft Defender Antivirus šçàⁿ ђάş ъęзņ ѕтőρрēδ ъêƒόг℮ ¢òmρℓēтîòʼn.%и %τŜсäи ĮÐ:%ь{7D33BD58-E456-439B-8895-A8C3675B117D}%π %ŧŜĉāñ Τýρε:%ьAntimalware%ή %ţŜçáʼn Рдґáměτéяѕ:%ьSchnellüberprüfung%ή %τЦѕеŗ:%ьNT-AUTORITÄT\SYSTEM%π %тŞτοφ Ŗēăşøŋ:%ьГΡĊ čόⁿήеĉτïòŋ řũηδőωŋ
Date: 2026-03-10 11:40:40
Description:
Microsoft Defender Antivirus šçàⁿ ђάş ъęзņ ѕтőρрēδ ъêƒόг℮ ¢òmρℓēтîòʼn.%и %τŜсäи ĮÐ:%ь{E497D94F-0A13-4190-9D85-FE9825CB51F6}%π %ŧŜĉāñ Τýρε:%ьAntimalware%ή %ţŜçáʼn Рдґáměτéяѕ:%ьSchnellüberprüfung%ή %τЦѕеŗ:%ьNT-AUTORITÄT\SYSTEM%π %тŞτοφ Ŗēăşøŋ:%ьŚçћзδџłëď šςάπ шāš šķīφрěδ вéćàцşę ťне ŀāѕŧ şцčĉēŝşƒůł şсāņ ẁàś ŵίťћіή тђе ℓăşţ 7 đаỳŝ
CodeIntegrity:
===============
Date: 2026-03-12 16:17:40
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\AI\aimgr.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Microsoft signing level requirements.
Date: 2026-03-12 14:34:39
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume2\Windows\SysWOW64\Drivers\AsIO.sys that did not meet the Authenticode signing level requirements or violated code integrity policy (Policy ID:{d2bda982-ccf6-4344-ac5b-0b44427b6816}).
Date: 2026-03-12 14:34:39
Description:
The driver \Device\HarddiskVolume2\Windows\SysWOW64\Drivers\AsIO.sys is blocked from loading as the driver has been revoked by Microsoft.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. 4202 06/16/2023
Hauptplatine: ASUSTeK COMPUTER INC. TUF B450M-PLUS GAMING
Prozessor: AMD Ryzen 5 5500
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 16177 MB
Verfügbarer physikalischer RAM: 9585.39 MB
Summe virtueller Speicher: 17201 MB
Verfügbarer virtueller Speicher: 7880.79 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:463.71 GB) (Free:265.48 GB) (Model: KINGSTON SNV3S500G) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.54 GB) (Free:0.52 GB) (Model: KINGSTON SNV3S500G) NTFS
\\?\Volume{bc0e85fd-8b56-4ae5-a156-023bf6aabe27}\ () (Fixed) (Total:0.89 GB) (Free:0.21 GB) NTFS
\\?\Volume{8d02de00-c073-11f0-b968-305a3a83ffc8}\ () (Fixed) (Total:0.53 GB) (Free:0.51 GB) NTFS
\\?\Volume{8d02ddff-c073-11f0-b968-305a3a83ffc8}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 0E04DDB5)
Partition: GPT.
==================== Ende von Addition.txt =======================
Ich hatte vergessen zu erwähnen, das der PC bei einem Neustart immer im Bios landet. Im Nov. 2025 wurde der PC von einer Firma aufgerüstet. Windows 11 Pro darauf installiert und die Daten geklont. Am Montag soll das Problem von der Firma behoben werden. |
|
Heute, 22:15
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | pishingemail Schädlinge sind da nicht zu sehen. Sie waren eh nicht zu erwarten, weil ein Klick auf einen Link nicht gleich das gesamte System in den Abgrund reißt. Du solltest dich hiervon Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
| Themen zu pishingemail |
| anfrage, email, entdeck, fake, fehler, frage, gemail, größere, guten, hoffe, link, nachricht, neu, nochmals, outlook, pishingemail, problem, router, schnell, sende, strom, stromnetz, überprüfe |
Hybrid-Darstellung
