Malwarebytes hat einige Bedrohungen gefunden

Petestor · 25.03.2026, 14:31

Hallo meine Tochter hat mir ihren Laptop gegeben, um Updates zu installieren. Schon am Anfang habe ich gesehen, dass eine Datei "wcupdater" irgendetwas machen möchte, ich habe natürlich abgebrochen und Malwarebytes drüber laufen lassen. Hier wurden mir eine Reihe von Bedrohungen angezeigt. Daher melde ich mich an Euch.

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2026
durchgeführt von Johanna (23-03-2026 18:51:27)
Gestartet von C:\Users\Johanna\Desktop
Microsoft Windows 11 Home Version 25H2 26200.8039 (X64) (2025-02-18 18:01:32)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-1955320842-3848616326-4026959706-500 - Administrators - Disabled)
DefaultAccount (S-1-5-21-1955320842-3848616326-4026959706-503 - Limited - Disabled)
Gast (S-1-5-21-1955320842-3848616326-4026959706-501 - Limited - Disabled)
Johanna (S-1-5-21-1955320842-3848616326-4026959706-1001 - Administrators - Enabled) => C:\Users\Johanna
WDAGUtilityAccount (S-1-5-21-1955320842-3848616326-4026959706-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Malwarebytes (Enabled - Up to date) {A537353A-1D6A-F6B5-9153-CE1CF80FBE66}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3029 - Acer Incorporated)
Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.01.3011 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{22165EE8-F79D-4400-A6FB-8E35391B8BEF}) (Version: 2.9.25180 - Acer)
Acer Jumpstart (HKLM-x32\...\{0C5ED25A-B8D1-4E71-BFCB-6B370A4EA19C}) (Version: 3.5.22220.20 - Acer)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3030 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.03.3004 - Acer Incorporated)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 25.001.21288 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601149}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
App Explorer (HKU\S-1-5-21-1955320842-3848616326-4026959706-1001\...\Host App Service) (Version: 0.273.5.155 - SweetLabs) <==== ACHTUNG
Brother MFL-Pro Suite DCP-9022CDW (HKLM-x32\...\{E98A9C92-E767-475B-8BC6-8780A86DDC72}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.8.1.1 - Chip Digital GmbH) <==== ACHTUNG
dm-Fotowelt (HKLM\...\dm-Fotowelt) (Version: 7.2.1 - CEWE Stiftung u Co. KGaA)
Dolby Audio X2 Windows API SDK (HKLM\...\{8738A898-221B-4279-BC87-FEF7938022C1}) (Version: 0.8.8.87 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{D0D32569-4680-490A-905C-5117CEAAB3EF}) (Version: 0.8.8.76 - Dolby Laboratories, Inc.)
EgisTec Touch Fingerprint Sensor WBF Driver (HKLM-x32\...\{E8C889B8-0A8B-46BA-B433-F7D6968A6543}) (Version: 3.5.3.11 - Egis Technology Inc.)
Google Chrome (HKU\S-1-5-21-1955320842-3848616326-4026959706-1001\...\Google Chrome) (Version: 146.0.7680.80 - Google LLC)
Intel(R) Chipset Device Software (HKLM\...\{94E05108-3E4E-4F2E-AC5F-33A1B22B779C}) (Version: 10.1.1.44 - Intel Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10205.4743 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{871689FB-5226-4641-8ED2-6FDAA2DF65C1}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{D9D63ED7-B857-450C-B46A-1371885084E5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4749 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{0AF335C8-701E-41FA-8333-4702475CF32A}) (Version: 30.100.1724.2 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1724.2 - Intel Corporation)
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000071-0190-1031-84C8-B8D95FA3C8C3}) (Version: 19.71.0 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{2bfe770e-2730-43a3-8087-6af7b5a7015f}) (Version: 20.0.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{6B153C64-8B8F-46D6-957C-F27E82B3C5C0}) (Version: 20.0.0.1135 - Intel Corporation) Hidden
Malwarebytes version 5.5.2.242 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.5.2.242 - Malwarebytes)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.19822.20104 - Microsoft Corporation)
Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.19822.20104 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 146.0.3856.72 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 146.0.3856.72 - Microsoft Corporation) Hidden
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1955320842-3848616326-4026959706-1001\...\OneDriveSetup.exe) (Version: 26.032.0217.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1955320842-3848616326-4026959706-1001\...\Teams) (Version: 1.5.00.33362 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.25.06502 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{D736B443-AF61-4775-9488-DDF59F87BD1F}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{F102A269-3323-427C-914D-E5E71F61453D}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211 (HKLM-x32\...\{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35211 (HKLM-x32\...\{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35211 (HKLM-x32\...\{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 148.0.2 (x64 de)) (Version: 148.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 118.0.2 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.19822.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.19822.20086 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.19822.20104 - Microsoft Corporation) Hidden
PDF24 Creator 10.0.12 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.0.12 - PDF24.org)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8555 - Realtek Semiconductor Corp.)
Schnelle Deals (HKLM-x32\...\{61A7CE1E-5BD9-4C01-AB6C-6FA1E732E402}) (Version: 1.0.0.0 - Vondos Media GmbH) <==== ACHTUNG
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version:  - )
Sky Go 22.3.2.0 (HKU\S-1-5-21-1955320842-3848616326-4026959706-1001\...\com.bskyb.skygoplayer_is1) (Version: 22.3.2.0 - Sky)
Sky Ticket 6.6.0.0 (HKU\S-1-5-21-1955320842-3848616326-4026959706-1001\...\com.bskyb.skyticket_is1) (Version: 6.6.0.0 - Sky Ticket)
Skype Version 8.80 (HKLM-x32\...\Skype_is1) (Version: 8.80 - Skype Technologies S.A.)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.22654 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-2) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-3) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-4) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-5) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-6) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-7) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-8) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-9) (Version: 1.0.42.0 - LunarG, Inc.)
Web Companion (HKLM-x32\...\{4f529e76-1be5-45d2-a8cc-76e4bec48958}) (Version: 8.9.0.1091 - Lavasoft) <==== ACHTUNG
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22329 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-1955320842-3848616326-4026959706-1001\...\ZoomUMX) (Version: 5.4.6 (59296.1207) - Zoom Video Communications, Inc.)

Packages:
=========
A278AB0D.MarchofEmpires -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_8.8.1.0_x86__h6adky7gbf63m [2025-03-30] (Gameloft SE)
Acer Collection -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollection_1.1.3013.0_x64__48frkmn4z8aw4 [2018-10-21] (Acer Incorporated)
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Assets [2026-03-23] ()
Adobe Photoshop Express -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.19.8.0_x64__ynb6jyjzte8ga [2025-05-08] (Adobe Inc.)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_10.1.2.0_x64__kgqvnymyfvs32 [2025-05-08] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.292.300.0_x64__kgqvnymyfvs32 [2025-05-08] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_10.4.8.0_x86__h6adky7gbf63m [2025-05-08] (Gameloft SE)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.136.4.0_x64__q4d96b2w5wcc2 [2025-05-06] (Evernote) [Startup Task]
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation)
Ink.Handwriting.de-DE.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.de-DE.1.0_0.1082.2350.0_x64__8wekyb3d8bbwe [2026-03-23] (Microsoft Corporation)
Ink.Handwriting.de-DE.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.de-DE.1.0_0.1082.2350.0_x86__8wekyb3d8bbwe [2026-03-23] (Microsoft Corporation)
Ink.Handwriting.Main.de-DE.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.de-DE.1.0_0.1082.2350.0_x64__8wekyb3d8bbwe [2026-03-23] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa [2025-05-06] (Apple Inc.) [Startup Task]
Local AI Manager for Microsoft 365 -> C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\AI [2026-03-23] ()
 Malwarebytes Anti-Malware  -> C:\Program Files\Malwarebytes\Anti-Malware [2026-03-23] ()
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-16] (Microsoft Corporation)
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2022-12-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2022-12-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-12-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-12-28] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2504.16004.0_x64__8wekyb3d8bbwe [2025-05-08] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-10-09] (Microsoft Corp.)
Microsoft.Office.ActionsServer -> C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\ActionsServer [2026-03-23] ()
Minecraft for Windows -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.21.7101.0_x64__8wekyb3d8bbwe [2025-03-30] (Microsoft Studios)
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-31] (MAGIX)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_7.0.8.0_neutral__mcm4njqhnhss8 [2024-10-03] (Netflix, Inc.)
OfficePushNotificationsUtility -> C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16 [2026-03-23] ()
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.5229.0_x64__ypz87dpxkv292 [2019-06-18] (CYBERLINK COM CORP)
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2017-12-26] (CYBERLINK COM CORP)
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_2.0.0.0_x64__pwbj9vvecjh7j [2026-03-23] (Amazon Development Centre (London) Ltd)
QR Code Scanner -> C:\Program Files\WindowsApps\59867MatthiasDuyck.QRCodeScanner_0.0.6.0_x64__d7j0zxtsvs2jr [2025-06-07] (Matthias Duyck)
Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_6.5.37.0_x64__kx24dqmazqk8j [2025-05-06] (Random Salad Games LLC)
Solitär -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.5.25.0_x64__kx24dqmazqk8j [2025-03-30] (Random Salad Games LLC)
Spades -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.Spades_6.1.137.0_x64__kx24dqmazqk8j [2025-02-11] (Random Salad Games LLC)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.262.580.0_x64__zpdnekdrzrea0 [2025-05-06] (Spotify AB) [Startup Task]
WiFi QR Code Scanner -> C:\Program Files\WindowsApps\59867MatthiasDuyck.WiFiQRCodeScanner_0.4.4.0_x64__d7j0zxtsvs2jr [2025-06-07] (Matthias Duyck)
WinAppRuntime.Main.1.8 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.8_8000.770.947.0_x64__8wekyb3d8bbwe [2026-03-23] (Microsoft Corp.)
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2025-02-11] (New Work SE)
Zoom Rooms -> C:\Program Files\WindowsApps\ZoomVideoCommunicationsIn.ZoomRooms_5.2.322.0_x86__r9fg4ykbbcwvc [2025-02-11] (Zoom Video Communications, Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{041F9391-C79D-44EE-AA4E-AF4E029C4B47}\InprocServer32 -> C:\Users\Johanna\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{1F9E0710-2073-435F-9C1B-F29946205947}\InprocServer32 -> C:\Users\Johanna\AppData\Local\Google\Update\1.3.36.152\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{20C79493-A855-5193-A54C-656480EA36B1}\localserver32 -> C:\Users\Johanna\AppData\Local\Google\GoogleUpdater\148.0.7730.0\updater.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Johanna\AppData\Local\Google\GoogleUpdater\148.0.7730.0\updater.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{3BC2EF70-3830-43FC-9009-029942FD2DCE}\InprocServer32 -> C:\Users\Johanna\AppData\Local\Google\Update\1.3.36.372\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{547E9AEF-8043-5D26-879F-01E7664192DC}\localserver32 -> C:\Users\Johanna\AppData\Local\Google\GoogleUpdater\148.0.7730.0\updater.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{5D44759C-CF3F-433D-9EA0-267E45577C77}\InprocServer32 -> C:\Users\Johanna\AppData\Local\Google\Update\1.3.36.212\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{69545769-8D02-4B07-A481-AD374CD8D5D1}\InprocServer32 -> C:\Users\Johanna\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\Johanna\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{6DDCE70D-A4AE-4E97-908C-BE7B2DB750AD}\localserver32 -> C:\Users\Johanna\AppData\Local\Google\GoogleUpdater\148.0.7730.0\updater.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{75399D28-E622-4973-8752-BC0F7DC47AF3}\InprocServer32 -> C:\Users\Johanna\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\Johanna\AppData\Local\Google\Update\1.3.36.372\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652}\InprocServer32 -> C:\Users\Johanna\AppData\Local\Google\Update\1.3.36.92\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\Johanna\AppData\Local\Google\Chrome\Application\146.0.7680.80\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE}\InprocServer32 -> C:\Users\Johanna\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{CA07EE63-A212-4373-AE82-FBF92FCA8DCC}\InprocServer32 -> C:\Users\Johanna\AppData\Local\Google\Update\1.3.36.242\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\Johanna\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\Johanna\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Johanna\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{DA06AAE8-5748-4509-850F-17AA522F8372}\InprocServer32 -> C:\Users\Johanna\AppData\Local\Google\Update\1.3.36.272\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\Johanna\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{E4949BE6-C9FF-4AFA-8672-6127D857418B}\InprocServer32 -> C:\Users\Johanna\AppData\Local\Google\Update\1.3.36.312\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Johanna\AppData\Local\Google\Update\1.3.36.372\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\Johanna\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll => Keine Datei
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2026-03-08] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2026-03-23] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e82bf92cc6526d16\igfxDTCM.dll [2017-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2026-03-23] (Malwarebytes Inc -> Malwarebytes)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [MidisrvTransferComplete] => 1
HKLM\...\Drivers32: [midi1] => C:\WINDOWS\system32\wdmaud2.drv [143360 2026-03-23] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [midi1] => C:\Windows\SysWOW64\wdmaud2.drv [91648 2026-03-23] (Microsoft Windows -> Microsoft Corporation)

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Johanna\Desktop\Geschäftlich - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Default"

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2018-11-11 15:59 - 2009-02-27 16:38 - 000139264 ____R () [Datei ist nicht signiert] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 000017920 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libdtp.dll
2013-07-01 00:15 - 2013-07-01 00:15 - 000022016 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libidb.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 000628224 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libike.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 000116736 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libip.dll
2013-07-01 00:15 - 2013-07-01 00:15 - 000018432 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libith.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 000013312 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\liblog.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 000029184 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libpfk.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 000035840 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libvflt.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 000039936 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libvnet.dll
2018-11-11 15:59 - 2005-04-22 05:36 - 000143360 _____ () [Datei ist nicht signiert] C:\WINDOWS\system32\BrSNMP64.dll
2018-11-11 15:59 - 2013-06-12 19:06 - 000385024 ____R (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\BrMonitor.dll
2018-11-11 15:59 - 2013-12-05 13:04 - 000137728 _____ (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2018-11-11 15:59 - 2014-02-17 19:24 - 000084480 _____ (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2018-11-11 15:59 - 2014-02-17 19:24 - 017905152 _____ (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2018-11-11 15:59 - 2013-11-15 10:17 - 000088064 _____ (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcLGer.dll
2018-11-11 15:59 - 2012-07-14 09:53 - 000087040 _____ (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\WINDOWS\system32\BrNetSti.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Johanna\Desktop\FRST64.exe:MBAM.Zone.Identifier [450]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============

HKU\S-1-5-21-1955320842-3848616326-4026959706-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-1955320842-3848616326-4026959706-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001 -> DefaultScope {E1C84A69-6FF9-478B-8903-D4858545143C} URL = 
SearchScopes: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001 -> {E1C84A69-6FF9-478B-8903-D4858545143C} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2026-03-23] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2026-03-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2026-03-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2026-03-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2026-03-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2026-03-23] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001\...\sharepoint.com -> hxxps://fhvraiv-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-1955320842-3848616326-4026959706-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2021-04-30 13:08 - 2021-04-30 13:08 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Network ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

DNS Servers: 192.168.188.1
 ist aktiviert.

Network Binding:
=============
Bluetooth-Netzwerkverbindung 2: Bluetooth Device (Personal Area Network) #2 -> bthpan.sys
WLAN: Intel(R) Dual Band Wireless-AC 7265 -> Netwtw04.sys

vflt: Shrew Soft Lightweight Filter

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1955320842-3848616326-4026959706-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Johanna\Pictures\20200507_080213[1967].jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)


==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{514544C1-D333-4476-891A-15B0709F4522}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7AFB724E-6713-4924-84F6-272FFFCBB3C9}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B4226399-AFBE-4861-8C5A-E98D0F517EC2}] => (Allow) C:\Users\Johanna\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{740C9F28-D98A-44BF-8349-EB49E98526AD}] => (Allow) C:\Users\Johanna\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{3C576E48-0B5D-4B7A-B232-B5A2010E828D}] => (Allow) C:\Users\Johanna\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{77DDF732-029A-4851-8465-D634220B30D3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{43F50776-FED4-404A-9D44-173463584B42}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1B6AB931-9D9A-45E8-9CA3-02E638ADAD29}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel(R) Wireless Connectivity Solutions -> )
FirewallRules: [{1E932D88-EAC7-49A1-AA8E-A7AE5921BB53}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A19A37DF-BB9D-449C-8968-29F7797A606A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{13D1C099-A859-4F1C-A6DF-880F93D31F81}] => (Allow) LPort=54925
FirewallRules: [{0BFC398E-67B8-40F8-A4DE-BDF35C1A399C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8CE8FE94-F692-401F-86E2-48B4082A2EAA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C0D96131-D3D4-46C7-B512-059F81602110}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25108.501.3586.7144_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D930A5B9-3613-4E07-9124-79C0B791A991}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25108.501.3586.7144_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CDB6C0A6-5E77-4BC5-8C3B-C2900B074F35}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{E913E439-8E51-4A66-AD68-98DBF23FE0F3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{ECD0FC1E-6ABC-4D18-8ABB-1FB458F6C329}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{B7470078-BAE2-4C23-8BF5-5BD98EF18850}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{4676E9B9-0410-4606-999C-D9DEE613B52C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{39831DC7-CF37-4D2C-84B9-71340535118B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{580443F8-2ACA-4F84-B20D-5660BB526863}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{C71F184B-CCC0-4671-B49E-8368F3D99336}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{C90D422F-6783-4B5D-8339-A52D5998BC95}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.262.580.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F7B58C26-4F52-4318-B0F9-6BBEBC1FB416}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.262.580.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E98D3273-611C-47FB-ABEA-BB7726AA8777}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.262.580.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{61BC59EC-17DF-4B35-AAA1-1FF76226AD57}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.262.580.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A4B10831-A1FA-42D5-85EC-01BB813575E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.262.580.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9A99B956-4598-4F18-BA9C-A8C6D2462B5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.262.580.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E290D8D4-4B43-440C-98B7-A8019EA67838}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.262.580.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BBDF1369-BC78-4B72-9318-2275D0C9D20C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.262.580.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BF3E9601-FAD8-4BFB-A3B3-51C23EE9D947}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.262.580.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3810E54B-9807-468A-9A45-82A6D5A4E080}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.262.580.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{52CAE3F4-4C7E-42AE-A8C7-3998BD1116A7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2112D2E5-F7C3-4E7A-95DB-A8667925BC38}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{719E2C6F-4699-4B2E-86CE-39F40DAC82A0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0A1D1554-0622-4EA6-97C9-C1A10ABDAEAE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{92EE4D21-C663-4222-AC9D-65D261FB8FB4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

23-03-2026 18:14:36 Windows Modules Installer

==================== Fehlerhafte Geräte im Gerätemanager ============
Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Detection Verification
Description: Detection Verification
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (03/23/2026 06:33:44 PM) (Source: Firefox Default Browser Agent) (EventID: 1140) (User: )
Description: Event-ID 1140

Error: (03/23/2026 06:33:44 PM) (Source: Firefox Default Browser Agent) (EventID: 1140) (User: )
Description: Event-ID 1140

Error: (03/23/2026 05:34:44 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung Fehler in der Wiederherstellungsphase. beendet.

Kontext:  Anwendung, SystemIndex Katalog

Details:
	0x%08x (0x80040d23 - Gatherer wird heruntergefahren.  (HRESULT : 0x80040d23))

Error: (03/23/2026 05:34:44 PM) (Source: Windows Search Service) (EventID: 3602) (User: )
Description: Fehler-ID 1 in der Wiederherstellungsphase von Windows Search. Bitte starten Sie den Dienst erneut. Wenn dieser Fehler weiterhin besteht, führen Sie eine Neuerstellung des Index aus.

Kontext:  Anwendung, SystemIndex Katalog

Details:
	0x%08x (0x80040d23 - Gatherer wird heruntergefahren.  (HRESULT : 0x80040d23))

Error: (03/23/2026 04:44:13 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 12) (User: LAPTOP-SC0FBO3T)
Description: Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy-2147023878

Error: (06/30/2025 09:12:08 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\LAPTOP-SC0FBO3T$ über https://INTC-KeyId-6ca9df62a1aae23e0feb7c3f5eb8e61ecac17cb7.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps

Methode: GET(282ms)
Phase: GetCACaps
Der Servername oder die Serveradresse konnte nicht verarbeitet werden. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (06/30/2025 09:10:07 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\LAPTOP-SC0FBO3T$ über https://INTC-KeyId-6ca9df62a1aae23e0feb7c3f5eb8e61ecac17cb7.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps

Methode: GET(15ms)
Phase: GetCACaps
Der Servername oder die Serveradresse konnte nicht verarbeitet werden. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (06/30/2025 09:08:35 AM) (Source: chip 1-click download service) (EventID: 0) (User: )
Description: |ERORRS=;(380) error at getOrdersForVersion:Der Remotename konnte nicht aufgelöst werden: 'service.chip-secured-download.de'
;(180) error at GetHttpWebRequest: 1Der Remotename konnte nicht aufgelöst werden: 'api.chip-secured-download.de'
;(480) Could not load new Downlaoder


Systemfehler:
=============
Error: (03/23/2026 06:47:03 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT-AUTORITÄT)
Description: Updated Secure Boot certificates are available on this device but have not yet been applied to the firmware. Review the published guidance to complete the update and maintain full protection. This device signature information is included here.
DeviceAttributes: FirmwareManufacturer:Insyde Corp.;FirmwareVersion:V1.07;OEMModelNumber:Swift SF514-52T;OEMModelBaseBoard:Carlsberg_KL;OEMManufacturerName:Acer;OSArchitecture:amd64;
BucketId: e938c17c457b1472766cdcf8ad9f5b38335682ac5570b41652e15ddaab9db100
BucketConfidenceLevel: Under Observation - More Data Needed
UpdateType: 
For more information, please see https://go.microsoft.com/fwlink/?linkid=2301018.

Error: (03/23/2026 06:42:02 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (03/23/2026 06:42:02 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (03/23/2026 06:41:50 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 3221225684A fatal error occurred processing the restoration data.

Error: (03/23/2026 06:42:01 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎23.‎03.‎2026 um 18:30:08 unerwartet heruntergefahren.

Error: (03/23/2026 06:35:32 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT-AUTORITÄT)
Description: Updated Secure Boot certificates are available on this device but have not yet been applied to the firmware. Review the published guidance to complete the update and maintain full protection. This device signature information is included here.
DeviceAttributes: FirmwareManufacturer:Insyde Corp.;FirmwareVersion:V1.07;OEMModelNumber:Swift SF514-52T;OEMModelBaseBoard:Carlsberg_KL;OEMManufacturerName:Acer;OSArchitecture:amd64;
BucketId: e938c17c457b1472766cdcf8ad9f5b38335682ac5570b41652e15ddaab9db100
BucketConfidenceLevel: Under Observation - More Data Needed
UpdateType: 
For more information, please see https://go.microsoft.com/fwlink/?linkid=2301018.

Error: (03/23/2026 06:30:10 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (03/23/2026 06:30:10 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0


Windows Defender:
================
Date: 2026-03-23 17:23:22
Description: 
Microsoft Defender Antivirus šçàⁿ ђάş ъęзņ ѕтőρрēδ ъêƒόг℮ ¢òmρℓēтîòŉ.%и %τŜсäи ĮÐ:%ь{AE50DB2E-4A53-4DE3-AC8B-5F1554A556AA}%π %ŧŜĉāñ Τýρε:%ьAntimalware%ή %ţŜçáŉ Рдґáměτéяѕ:%ьSchnellüberprüfung%ή  %τЦѕеŗ:%ьNT-AUTORITÄT\SYSTEM%π %тŞτοφ Ŗēăşøŋ:%ьŚçћзδџłëď šςάπ шāš šķīφрěδ вéćàцşę ťне ŀāѕŧ şцčĉēŝşƒůł şсāņ ẁàś ŵίťћіή тђе ℓăşţ 7 đаỳŝ 

Date: 2026-03-23 17:13:00
Description: 
Microsoft Defender Antivirus šçàⁿ ђάş ъęзņ ѕтőρрēδ ъêƒόг℮ ¢òmρℓēтîòŉ.%и %τŜсäи ĮÐ:%ь{685335D2-56ED-4068-88DB-03438AABB1F2}%π %ŧŜĉāñ Τýρε:%ьAntimalware%ή %ţŜçáŉ Рдґáměτéяѕ:%ьQuick Scan%ή  %τЦѕеŗ:%ьNT-AUTORITÄT\Netzwerkdienst%π %тŞτοφ Ŗēăşøŋ:%ь%12 

Date: 2025-05-06 13:38:23
Description: 
Microsoft Defender Antivirus šçàⁿ ђάş ъęзņ ѕтőρрēδ ъêƒόг℮ ¢òmρℓēтîòŉ.%и %τŜсäи ĮÐ:%ь{A1D9977B-D176-443E-B97D-2CB54FB86C3B}%π %ŧŜĉāñ Τýρε:%ьAntimalware%ή %ţŜçáŉ Рдґáměτéяѕ:%ьQuick Scan%ή  %τЦѕеŗ:%ьNT-AUTORITÄT\Netzwerkdienst%π %тŞτοφ Ŗēăşøŋ:%ь%12 

Date: 2025-03-30 18:46:50
Description: 
Microsoft Defender Antivirus šçàⁿ ђάş ъęзņ ѕтőρрēδ ъêƒόг℮ ¢òmρℓēтîòŉ.%и %τŜсäи ĮÐ:%ь{C9BE74FD-6B59-4A1B-ADE3-17D566D7BEBE}%π %ŧŜĉāñ Τýρε:%ьAntimalware%ή %ţŜçáŉ Рдґáměτéяѕ:%ьQuick Scan%ή  %τЦѕеŗ:%ьNT-AUTORITÄT\SYSTEM%π %тŞτοφ Ŗēăşøŋ:%ь%12 

Date: 2025-03-30 18:29:27
Description: 
Microsoft Defender Antivirus šçàⁿ ђάş ъęзņ ѕтőρрēδ ъêƒόг℮ ¢òmρℓēтîòŉ.%и %τŜсäи ĮÐ:%ь{7A0C2FA1-B879-46F2-8365-EF9B771B8992}%π %ŧŜĉāñ Τýρε:%ьAntimalware%ή %ţŜçáŉ Рдґáměτéяѕ:%ьQuick Scan%ή  %τЦѕеŗ:%ьNT-AUTORITÄT\SYSTEM%π %тŞτοφ Ŗēăşøŋ:%ь%12 
Event[0]

Date: 2026-03-23 17:09:35
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.427.697.0
Update Source: Microsoft Update Server
Sicherheitstyp: AntiVirus
Updatetyp: Full
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.25030.1
Fehlercode: 0x80240016
Fehlerbeschreibung: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.  

CodeIntegrity:
===============
Date: 2026-03-23 18:52:31
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements. 

Date: 2026-03-23 18:45:12
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Microsoft signing level requirements. 


==================== Speicherinformationen =========================== 

BIOS: Insyde Corp. V1.07 07/09/2018
Hauptplatine: KBL Carlsberg_KL
Prozessor: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz
Prozentuale Nutzung des RAM: 76%
Installierter physikalischer RAM: 8076.47 MB
Verfügbarer physikalischer RAM: 1872.82 MB
Summe virtueller Speicher: 9676.47 MB
Verfügbarer virtueller Speicher: 2942.7 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:475.83 GB) (Free:300.79 GB) (Model: INTEL SSDPEKKW512G7) NTFS

\\?\Volume{02d2dde5-b2d3-4575-86a0-29815d014299}\ () (Fixed) (Total:1 GB) (Free:0.25 GB) NTFS
\\?\Volume{a16a23b7-3814-4ec4-b2ba-06c1d912f927}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 3D7D24D4)

Partition: GPT.

==================== Ende von Addition.txt =======================

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2026
durchgeführt von Johanna (Administrator) auf LAPTOP-SC0FBO3T (Acer Swift SF514-52T) (23-03-2026 18:49:15)
Gestartet von C:\Users\Johanna\Desktop\FRST64.exe
Geladene Profile: Johanna
Plattform: Microsoft Windows 11 Home Version 25H2 26200.8039 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.262.580.0_x64__zpdnekdrzrea0\Spotify.exe <6>
(5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(C:\Program Files\Acer\Acer Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(C:\Program Files\Acer\Acer Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\DDSHelper.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(explorer.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <44>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (SweetLabs Inc -> SweetLabs, Inc) C:\Users\Johanna\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(services.exe ->) (7270356 Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (Chip Digital GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2>
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e82bf92cc6526d16\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e82bf92cc6526d16\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e82bf92cc6526d16\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(services.exe ->) (Shrew Soft Inc -> ) C:\Program Files\ShrewSoft\VPN Client\iked.exe
(services.exe ->) (Shrew Soft Inc -> ) C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(svchost.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e82bf92cc6526d16\igfxEM.exe
(svchost.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e82bf92cc6526d16\igfxext.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.229.1.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Johanna\AppData\Local\Microsoft\OneDrive\26.032.0217.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18399912 2018-12-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515176 2018-12-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515176 2018-12-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [564928 2021-03-25] (geek software GmbH -> geek software GmbH)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [876032 2018-09-05] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2013-12-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-1955320842-3848616326-4026959706-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize  (Keine Datei) <==== ACHTUNG
HKU\S-1-5-21-1955320842-3848616326-4026959706-1001\...\Run: [GoogleUpdaterTaskUser148.0.7730.0] => C:\Users\Johanna\AppData\Local\Google\GoogleUpdater\148.0.7730.0\updater.exe [8459416 2026-03-12] (Google LLC -> Google LLC)
HKU\S-1-5-21-1955320842-3848616326-4026959706-1001\...\Run: [MicrosoftEdgeAutoLaunch_740445C53EA95F8F548CA99CC63A47DC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [5001808 2026-03-20] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {BBAF8935-4862-4FCD-96A9-C1781B3BDE66} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-05-24] (Acer Incorporated -> ) -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {5E500D0C-C489-4498-B62A-AB28DE866B8C} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41264 2017-05-24] (Acer Incorporated -> )
Task: {DFD9B198-90C9-433B-B1D7-E17D9712825A} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4645168 2017-05-24] (Acer Incorporated -> )
Task: {DDBD1C72-22BA-4DC9-94A7-A3B44D134290} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-14] (Acer Incorporated -> )
Task: {BA5E9F53-645C-422B-99B1-D9D128F79038} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-13] (Acer Incorporated -> Acer Incorporated)
Task: {45737FFC-6396-4DEF-8CEA-8A17BF642166} - System32\Tasks\AcerCMUpdateTask2.9.25180 => C:\Program Files (x86)\Acer\Amundsen\2.9.25180\awc.exe [97480 2025-06-24] (Acer Incorporated -> )
Task: {97711607-95B6-4A31-95C2-DA168120BD13} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1612800 2026-01-23] (Adobe Inc. -> Adobe Inc.)
Task: {E51AE32A-5662-4B0D-809C-CEC958F37D3A} - System32\Tasks\App Explorer => C:\Users\Johanna\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [9793520 2025-06-30] (SweetLabs Inc -> SweetLabs, Inc) <==== ACHTUNG
Task: {5301B662-992C-4A36-90DA-0A5F03666169} - System32\Tasks\GoogleUser\GoogleUpdater\GoogleUpdaterTaskUser148.0.7730.0{CD4E7DBB-67B5-434B-9DB2-99F6D4B3954F} => C:\Users\Johanna\AppData\Local\Google\GoogleUpdater\148.0.7730.0\updater.exe [8459416 2026-03-12] (Google LLC -> Google LLC)
Task: {172BDB53-FF7B-4489-A403-7CA9944ADE00} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-09-20] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {1D39C7CF-357E-42A6-99E6-69D7495A87CC} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\ActionsServer\ActionsServer.exe [11484032 2026-03-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {B5FB877E-2A92-4468-853C-9CD3F6681692} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28533568 2026-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {83B78AC8-3CA8-42F7-BAB8-DDDC552F3ADB} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonx86\Microsoft Shared\OFFICE16\opushutil.exe [62816 2026-03-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E83547C-42ED-4C6B-BEBC-991049ECC4D1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28533568 2026-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {83B00C54-8D8E-4343-912C-66C929DA4E10} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [309528 2026-03-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A13CC03-CA20-4781-AA82-7016A12FE516} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [309528 2026-03-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {290A7694-FBD5-4B94-B061-F58A4352B9A2} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\ActionsServer\ActionsServer.exe [11484032 2026-03-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {464B66DA-3091-408D-A0E4-8D646228B1C6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonx86\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe [70992 2026-03-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe  (Keine Datei)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe  (Keine Datei)
Task: {E3FB42C4-3953-41AE-9D85-52977E528B6F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe  LogonUpdateResults (Keine Datei)
Task: {E5A9B85F-1B47-436E-A23E-D9EA535214DD} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => %systemroot%\system32\MusNotification.exe  Display (Keine Datei)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe  RebootDialog (Keine Datei)
Task: {05351B01-C446-4EF9-88DA-DC04C21C771B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe  /RunOnAC ReadyToReboot (Keine Datei)
Task: {2046F015-542A-42FB-B3A4-11B9FA02CFE1} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe  /RunOnBattery ReadyToReboot (Keine Datei)
Task: {D3D40956-3249-488A-A3F9-1AC4D2874C01} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe  Display (Keine Datei)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Keine Datei)
Task: {B0E2D6AB-FD78-42B0-B5E3-B835562B000E} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [707200 2026-03-23] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {D64423DF-812F-49BE-A395-BCAADD20A2FF} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-1955320842-3848616326-4026959706-1001 E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [707200 2026-03-23] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {D34B42B8-24C8-445B-ADA7-D58519E8240E} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [33920 2026-03-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {10FCA9D7-7B15-487B-B43D-07E0069F3833} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )
Task: {DB8E41BD-2129-400A-834E-21B0BEB81E34} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2771104 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {AA79ED46-AAF9-4167-870E-0B10B9989AA4} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [446624 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {05F95C17-2089-47B8-8405-03D8D8D91940} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {34DB9D05-570D-4EE7-BDB6-A75A6F512C27} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [215856 2017-05-23] (Acer Incorporated -> TODO: <Company name>)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.188.1
Tcpip\..\Interfaces\{784d37e0-59d9-4996-83ab-ac1cf93b124c}: [DhcpNameServer] 172.19.128.24
Tcpip\..\Interfaces\{87f5996b-a84d-403a-8bb2-1e9c12412823}: [DhcpNameServer] 192.168.188.1
Tcpip\..\Interfaces\{87f5996b-a84d-403a-8bb2-1e9c12412823}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{a9b7dad4-fffd-4d9f-af9e-298e88d7932f}: [NameServer] 10.69.24.15,10.69.24.16

FireFox:
========
FF TaskBarID: E7CF176E110C211B -> C:\Program Files (x86)\Mozilla Firefox
FF DefaultProfile: vpffu85r.default-1707334510862 -> E7CF176E110C211B
FF ProfilePath: C:\Users\Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\vpffu85r.default-1707334510862 [2026-03-23]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2026-03-08] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2026-03-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2026-03-23] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Johanna\AppData\Local\Microsoft\Edge\User Data\Default [2026-03-23]
Edge DownloadDir: C:\Users\Johanna\Downloads
Edge HomePage: Default -> hxxps://?
Edge StartupUrls: Default -> "hxxps://www.google.de/"
Edge DefaultSearchURL: Default -> hxxps://af.xdock.co?keyword={searchTerms}&pid=490&subid=4903
Edge DefaultSearchKeyword: Default -> yahoosearch
Edge DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Johanna\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2026-03-23]
Edge Extension: (Google Docs Offline) - C:\Users\Johanna\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-30]
Edge Extension: (Edge relevant text changes) - C:\Users\Johanna\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-07]
Edge Profile: C:\Users\Johanna\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2023-10-09]
Edge Extension: (Google Docs Offline) - C:\Users\Johanna\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-09]
Edge Extension: (Edge relevant text changes) - C:\Users\Johanna\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-09]
Edge DownloadDir: Default -> C:\Users\Johanna\Downloads
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

Chrome: 
=======
CHR Profile: C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default [2022-09-20]
CHR StartupUrls: Default -> "hxxps://www.bing.com/?PC=YA01"
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (Slides) - C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-06]
CHR Extension: (Docs) - C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-06]
CHR Extension: (Google Drive) - C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-06-06]
CHR Extension: (YouTube) - C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-06]
CHR Extension: (Sheets) - C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-06]
CHR Extension: (Google Docs Offline) - C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-06-06]
CHR Extension: (Gmail) - C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-06-06]
CHR Extension: (Chrome Media Router) - C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-06]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [180216 2026-01-23] (Adobe Inc. -> Adobe Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2018-10-25] (Chip Digital GmbH) [Datei ist nicht signiert] <==== ACHTUNG
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13233464 2026-03-19] (Microsoft Corporation -> Microsoft Corporation)
S2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [3420376 2024-10-03] (Lavasoft Software Canada Inc. -> ) <==== ACHTUNG
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2018-09-25] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [1127736 2013-07-01] (Shrew Soft Inc -> )
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [810808 2013-07-01] (Shrew Soft Inc -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [11420952 2026-03-23] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2026-03-23] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpDefenderCoreService.exe [2067464 2026-03-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [564928 2021-03-25] (geek software GmbH -> geek software GmbH)
S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [466592 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [505504 2022-01-03] (Acer Incorporated -> Acer Incorporated)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [299824 2017-05-23] (Acer Incorporated -> acer)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [27800 2024-10-03] (7270356 Canada Inc. -> ) <==== ACHTUNG
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\NisSrv.exe [4435096 2026-03-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MsMpEng.exe [290744 2026-03-23] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AcerAirplaneModeController; C:\WINDOWS\System32\DriverStore\FileRepository\acerairplanemodecontroller.inf_amd64_36869d4d52526b5b\AcerAirplaneModeController.sys [36200 2024-06-03] (Acer Incorporated -> Acer Incorporated)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2021-11-22] (Bitdefender SRL -> Bitdefender)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [159296 2026-03-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [82352 2026-03-23] (Microsoft Windows -> Microsoft Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234600 2026-03-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2026-03-23] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\Drivers\farflt11.sys [214632 2026-03-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\System32\Drivers\mbam.sys [81000 2026-03-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [245864 2026-03-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [190096 2026-03-23] (Malwarebytes Inc -> Malwarebytes)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S3 rtucx22x64; C:\WINDOWS\System32\DriverStore\FileRepository\rtucx22x64.inf_amd64_a6eb3abe5befec7d\rtucx22x64.sys [1876424 2024-04-24] (Realtek Semiconductor Corp. -> Realtek Corporation)
R1 vflt; C:\WINDOWS\system32\DRIVERS\vfilter.sys [24064 2013-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Shrew Soft Inc)
S3 vnet; C:\WINDOWS\System32\drivers\virtualnet.sys [17408 2013-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Shrew Soft Inc)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [21888 2026-03-23] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [635272 2026-03-23] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [102832 2026-03-23] (Microsoft Windows -> Microsoft Corporation)
S3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2025-02-13] (Microsoft Windows -> Microsoft Corporation)
S3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_a6dc64e436f22951\WSDScan.sys [61440 2026-03-23] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2026-03-23 18:49 - 2026-03-23 18:49 - 000748376 _____ C:\WINDOWS\system32\perfh007.dat
2026-03-23 18:49 - 2026-03-23 18:49 - 000159426 _____ C:\WINDOWS\system32\perfc007.dat
2026-03-23 18:49 - 2026-03-23 18:49 - 000029694 _____ C:\Users\Johanna\Desktop\FRST.txt
2026-03-23 18:49 - 2026-03-23 18:49 - 000000000 ____D C:\FRST
2026-03-23 18:46 - 2026-03-23 18:48 - 002445312 _____ (Farbar) C:\Users\Johanna\Desktop\FRST64.exe
2026-03-23 18:34 - 2026-03-23 18:42 - 000000000 ____D C:\Users\Johanna\AppData\LocalLow\IGDump
2026-03-23 18:34 - 2026-03-23 18:34 - 000190096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2026-03-23 18:33 - 2026-03-23 18:35 - 000000000 ____D C:\Users\Johanna\AppData\Local\Malwarebytes
2026-03-23 18:33 - 2026-03-23 18:33 - 000002097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2026-03-23 18:33 - 2026-03-23 18:33 - 000002085 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2026-03-23 18:32 - 2026-03-23 18:32 - 002849080 _____ (Malwarebytes) C:\Users\Johanna\Downloads\MBSetup.exe
2026-03-23 18:32 - 2026-03-23 18:32 - 000000000 ____D C:\ProgramData\Malwarebytes
2026-03-23 18:32 - 2026-03-23 18:32 - 000000000 ____D C:\Program Files\Malwarebytes
2026-03-23 18:29 - 2026-03-23 18:29 - 000000000 ____D C:\WINDOWS\CbsTemp
2026-03-23 18:14 - 2026-03-23 18:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\SoftLanding
2026-03-23 18:10 - 2026-03-23 18:10 - 000000000 ____D C:\WINDOWS\system32\ruxim
2026-03-23 18:10 - 2026-03-23 18:10 - 000000000 ____D C:\WINDOWS\system32\NarratorMCAT
2026-03-23 18:10 - 2026-03-23 18:10 - 000000000 ____D C:\WINDOWS\system32\braille-tables
2026-03-23 17:46 - 2026-03-23 17:46 - 000001681 _____ C:\WINDOWS\system32\DeviceFeatureDDF.json
2026-03-23 17:45 - 2026-03-23 17:45 - 000083946 _____ C:\WINDOWS\SysWOW64\ctac.json
2026-03-23 17:45 - 2026-03-23 17:45 - 000083946 _____ C:\WINDOWS\system32\ctac.json
2026-03-23 17:45 - 2026-03-23 17:45 - 000036382 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2026-03-23 17:45 - 2026-03-23 17:45 - 000036382 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2026-03-23 16:54 - 2026-03-23 18:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2026-03-23 16:44 - 2026-03-23 16:44 - 000004880 _____ C:\WINDOWS\system32\Tasks\AcerCMUpdateTask2.9.25180

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2026-03-23 18:49 - 2025-02-18 19:04 - 001729504 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2026-03-23 18:49 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2026-03-23 18:49 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2026-03-23 18:45 - 2018-08-02 18:23 - 000000000 ____D C:\Users\Johanna\AppData\Local\Host App Service
2026-03-23 18:42 - 2025-02-13 15:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2026-03-23 18:42 - 2025-02-13 15:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2026-03-23 18:42 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2026-03-23 18:42 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ServiceState
2026-03-23 18:42 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2026-03-23 18:42 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-03-23 18:42 - 2018-03-05 18:21 - 000000000 __SHD C:\Users\Johanna\IntelGraphicsProfiles
2026-03-23 18:41 - 2020-11-26 15:28 - 000012288 ___SH C:\DumpStack.log.tmp
2026-03-23 18:41 - 2017-12-26 13:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2026-03-23 18:33 - 2024-04-01 08:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2026-03-23 18:33 - 2018-07-04 13:26 - 000000000 ____D C:\ProgramData\Packages
2026-03-23 18:33 - 2018-03-05 20:02 - 000000000 ____D C:\Users\Johanna\AppData\Local\Packages
2026-03-23 18:33 - 2017-12-26 13:35 - 000001236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2026-03-23 18:29 - 2024-04-01 08:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2026-03-23 18:24 - 2025-02-13 15:08 - 000001460 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2026-03-23 18:24 - 2020-08-26 23:25 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2026-03-23 18:24 - 2020-08-26 23:25 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2026-03-23 18:24 - 2020-06-06 12:17 - 000002508 _____ C:\Users\Johanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2026-03-23 18:24 - 2020-06-06 12:17 - 000002471 _____ C:\Users\Johanna\Desktop\Google Chrome.lnk
2026-03-23 18:12 - 2025-02-13 15:02 - 000474472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2026-03-23 18:11 - 2024-04-01 17:33 - 000000000 ____D C:\WINDOWS\SysWOW64\de
2026-03-23 18:11 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2026-03-23 18:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\WUModels
2026-03-23 18:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2026-03-23 18:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2026-03-23 18:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2026-03-23 18:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2026-03-23 18:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2026-03-23 18:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2026-03-23 18:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2026-03-23 18:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2026-03-23 18:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\DDFs
2026-03-23 18:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2026-03-23 18:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2026-03-23 18:10 - 2025-02-13 14:56 - 000000000 ____D C:\WINDOWS\InboxApps
2026-03-23 18:10 - 2024-04-01 17:35 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2026-03-23 18:10 - 2024-04-01 17:35 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2026-03-23 18:10 - 2024-04-01 17:35 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2026-03-23 18:10 - 2024-04-01 17:33 - 000000000 ____D C:\WINDOWS\system32\de
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files\Windows Defender
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files (x86)\Windows Defender
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemApps
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\te-IN
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\setup
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\qps-plocm
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\qps-ploc
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\or-IN
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\km-KH
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\is-IS
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\id-ID
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\et-EE
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\es-MX
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\DDFs
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Com
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\be-BY
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\as-IN
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\am-ET
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\schemas
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\Provisioning
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\DiagTrack
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\appcompat
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\USOPrivate
2026-03-23 18:10 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2026-03-23 18:10 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing
2026-03-23 18:03 - 2024-04-01 08:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2026-03-23 18:03 - 2024-04-01 08:26 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2026-03-23 18:00 - 2017-12-26 13:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2026-03-23 17:58 - 2022-10-11 18:55 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2026-03-23 17:58 - 2022-10-11 18:55 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2026-03-23 17:45 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2026-03-23 17:44 - 2025-02-13 15:04 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2026-03-23 17:33 - 2017-12-26 13:14 - 000000000 ____D C:\ProgramData\Package Cache
2026-03-23 17:13 - 2018-03-07 19:21 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2026-03-23 17:09 - 2018-03-05 19:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2026-03-23 17:06 - 2018-03-05 19:21 - 221154392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2026-03-23 16:47 - 2025-02-13 15:12 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1955320842-3848616326-4026959706-1001
2026-03-23 16:47 - 2025-02-13 15:12 - 000003580 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1955320842-3848616326-4026959706-1001
2026-03-23 16:47 - 2025-02-13 15:12 - 000003384 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1955320842-3848616326-4026959706-1001
2026-03-23 16:47 - 2023-02-12 15:13 - 000002393 _____ C:\Users\Johanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2026-03-23 16:46 - 2025-02-13 15:12 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2026-03-23 16:46 - 2018-10-02 20:17 - 000000000 ____D C:\Users\Johanna\AppData\Local\PlaceholderTileLogoFolder
2026-03-23 16:45 - 2025-02-13 15:12 - 000003754 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2026-03-23 16:45 - 2025-02-13 15:12 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2026-03-23 16:44 - 2025-02-13 15:12 - 000004176 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{E38C1E16-1786-42F9-9AC3-171762D89D14}
2026-03-23 16:44 - 2017-12-26 13:31 - 000000000 ____D C:\Program Files (x86)\Acer

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

Malwarebytes hat einige Bedrohungen gefunden

Plagegeister aller Art und deren Bekämpfung: Malwarebytes hat einige Bedrohungen gefunden

Malwarebytes hat einige Bedrohungen gefunden

Ähnliche Themen: Malwarebytes hat einige Bedrohungen gefunden