| |
| |||||||
Log-Analyse und Auswertung: Windows 10: multiple Trojaner Infektion: Win32/Wacatac.H!ml, Kepavll!rfn, Wacatac.B!ml, LummaStealerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
Gestern, 19:44
| #1 |
| |  Windows 10: multiple Trojaner Infektion: Win32/Wacatac.H!ml, Kepavll!rfn, Wacatac.B!ml, LummaStealer Hallo. Ich hatte mir über Downloads Malware eingefangen die vom Windows Defender erkannt wurde, aber da war es schon zu spät. Gemerkt habe ich es, weil mein "Kleinanzeigen.de" Account gekapert wurde. Ich habe erstmal alle Passwörter aller relevanten Websites geändert und dann gemäß Tipps aus dem Forum / I-Net folgende Anti-Malware/Virus Software drüber laufen lassen bis keine Funde mehr bei keinem Programm angezeigt wurden: 1. Malwarebytes' AntiMalware (MBAM) 2. AdwCleaner 3. Dr.Web Curelt! 4. HitmanPro 5. Windows Defender - Vollständige Überprüfung Ich bin mir trotzdem unsicher ob ich alles erwischt habe und wieder mit dem PC browsen kann, ohne Angst haben zu müssen. Hier sind die FRST Logfiles und Danke schon Mal für die Hilfe! FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 28-04-2026
durchgeführt von Paradox (Administrator) auf FAT-EICHKATZ (07-05-2026 20:20:23)
Gestartet von C:\Users\Paradox\Downloads\FRST64.exe
Geladene Profile: Paradox
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.7184 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\DDSHelper.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Mozilla Corporation -> Mozilla Foundation) C:\Program Files\Mozilla Firefox\crashhelper.exe
(Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
(explorer.exe ->) (Open-Shell) [Datei ist nicht signiert] C:\Program Files\Open-Shell\StartMenu.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(services.exe ->) () [Datei ist nicht signiert] C:\Program Files (x86)\Brother\iPrint&Scan\UsbAppControl\USBAppControl.exe
(services.exe ->) () [Datei ist nicht signiert] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl\WorkflowAppControl.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2c61c4d89b199ea8\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy) C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [216576 2020-09-01] (Open-Shell) [Datei ist nicht signiert]
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [585464 2021-10-11] (geek software GmbH -> geek software GmbH)
HKLM\...\Run: [C20A] => C:\Windows\twain_64\Brimc20a\Common\TwDsUiLaunch.exe [93184 2024-06-03] () [Datei ist nicht signiert]
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4148120 2026-04-12] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [Sound Blaster Z-Series Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe [877056 2014-11-24] (Creative Technology Ltd) [Datei ist nicht signiert]
HKLM-x32\...\Run: [C20A] => C:\Windows\twain_32\Brimc20a\Common\TwDsUiLaunch.exe [89168 2024-06-20] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4009984 2024-12-23] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3591168 2024-11-29] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM\Software\Policies\...\system: [DisableAcrylicBackgroundOnLogon] 1
HKU\S-1-5-21-495169557-2685978627-3782999117-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [5767832 2026-03-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-495169557-2685978627-3782999117-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [51415480 2026-04-22] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-495169557-2685978627-3782999117-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [42087896 2026-04-29] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-495169557-2685978627-3782999117-1001\...\Run: [RiotClient] => D:\Program Files (x86)\Riot Games\Riot Client\RiotClientServices.exe [75632248 2026-04-23] (Riot Games, Inc. -> Riot Games, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Brother iPSMonitor.lnk [2026-03-18]
ShortcutTarget: Brother iPSMonitor.lnk -> C:\Program Files (x86)\Brother\iPrint&Scan\IPSMONITOR\iPSMonitor.exe (iPSMonitor) [Datei ist nicht signiert]
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {9D074FFA-2FC7-4A45-9A2B-C91C3E59C18D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1612800 2026-01-23] (Adobe Inc. -> Adobe Inc.)
Task: {44CF2553-764D-4A05-9FD2-546D88EDBFED} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21919552 2026-04-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {A8977505-6980-442C-8BC3-60925BFEAA7A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21919552 2026-04-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {1EFE516B-ED0F-4982-BC97-F46CA4AEC45C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143648 2026-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {B23904AE-303C-4419-A853-349F83DABE19} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143648 2026-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {2FDB5C6A-EE3C-4116-AF61-EFB5DCD098DB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {80173221-951A-479C-9065-59A4A35AEAD5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F2C7B3CC-57B9-4961-8AD3-0B867B38FFE7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F31F9E95-8520-4176-B725-74349378E9B0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3BB9607D-3AA5-4E5E-AF50-706AA36A880F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [705152 2026-05-07] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {5013E660-2F2C-4FBB-B37A-35BCFD8D7B30} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-495169557-2685978627-3782999117-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [705152 2026-05-07] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {A704619C-50D5-4762-A54F-CF5924D2C3D0} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3324528 2025-10-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {56D8D4B1-720F-442A-A795-F14E877DF535} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4428648 2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {A3298B35-9D97-4580-92CD-2BB9D1995A75} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-495169557-2685978627-3782999117-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4428648 2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {DFD9C04D-4D32-4C2F-AC8D-032DBEE5F24C} - System32\Tasks\OneDrive Startup Task-S-1-5-21-495169557-2685978627-3782999117-1001 => C:\Program Files\Microsoft OneDrive\26.063.0405.0002\OneDriveLauncher.exe [757608 2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {2F33287B-751D-4E74-917D-495514D5541B} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [140407528 2025-02-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) -> C:\Program Files (x86)\Samsung\Samsung Magician\\--disable-gpu-sandbox /AUTOHIDE
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2e6a26e0-ce17-4be0-81a7-0545beb35224}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2e6a26e0-ce17-4be0-81a7-0545beb35224}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{2e6a26e0-ce17-4be0-81a7-0545beb35224}\A54554F5638473531423: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e84ee910-926a-437e-b4ee-5928092705b9}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{e84ee910-926a-437e-b4ee-5928092705b9}: [DhcpDomain] fritz.box
FireFox:
========
FF TaskBarID: 308046B0AF4A39CB -> C:\Program Files\Mozilla Firefox
FF DefaultProfile: mc71jppu.default-release -> 308046B0AF4A39CB
FF ProfilePath: C:\Users\Paradox\AppData\Roaming\Mozilla\Firefox\Profiles\5uhtmngm.default-nightly [nicht gefunden] <==== ACHTUNG
FF DefaultProfile: 0q9ppvgx.dev-edition-default -> CA9422711AE1A81C
FF ProfilePath: C:\Users\Paradox\AppData\Roaming\Mozilla\Firefox\Profiles\rfmmrx8n.default [nicht gefunden] <==== ACHTUNG
FF DefaultProfile: 5uhtmngm.default-nightly -> 6F193CCC56814779
FF ProfilePath: C:\Users\Paradox\AppData\Roaming\Mozilla\Firefox\Profiles\0q9ppvgx.dev-edition-default [nicht gefunden] <==== ACHTUNG
FF ProfilePath: C:\Users\Paradox\AppData\Roaming\Mozilla\Firefox\Profiles\mc71jppu.default-release [2026-05-07]
FF Homepage: Mozilla\Firefox\Profiles\mc71jppu.default-release -> hxxps://web.de/?origin=lpc
FF Extension: (MyJDownloader Browser Erweiterung) - C:\Users\Paradox\AppData\Roaming\Mozilla\Firefox\Profiles\mc71jppu.default-release\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2021-06-24] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json]
FF Extension: (New Tab) - C:\Users\Paradox\AppData\Roaming\Mozilla\Firefox\Profiles\mc71jppu.default-release\Extensions\newtab@mozilla.org.xpi [2026-04-24]
FF Extension: (uBlock Origin) - C:\Users\Paradox\AppData\Roaming\Mozilla\Firefox\Profiles\mc71jppu.default-release\Extensions\uBlock0@raymondhill.net.xpi [2026-03-13]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-06-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2026-04-29] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Datei ist nicht signiert]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-07-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-06-16] (Microsoft Corporation -> Microsoft Corporation)
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Paradox\AppData\Local\Microsoft\Edge\User Data\Default [2026-04-05]
Edge StartupUrls: Default -> "hxxp://web.de/"
Edge Extension: (Google Docs Offline) - C:\Users\Paradox\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-05]
Edge Extension: (Edge relevant text changes) - C:\Users\Paradox\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [180216 2026-01-23] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-05-20] (Apple Inc. -> Apple Inc.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3386064 2026-04-18] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [18991400 2025-02-25] (BattlEye Innovations e.K. -> )
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [512512 2026-01-07] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9205600 2026-02-27] (Microsoft Corporation -> Microsoft Corporation)
R2 CMigrationService; C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe [765672 2025-02-20] (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [123816 2020-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [19225184 2025-02-18] (Electronic Arts, Inc. -> Electronic Arts)
S3 EpicGamesUpdater; C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesUpdater.exe [3407800 2026-04-22] (Epic Games Inc. -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [2604472 2026-03-05] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\26.063.0405.0002\FileSyncHelper.exe [3602792 2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [11483256 2026-05-07] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2026-05-07] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe [2088128 2026-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2c61c4d89b199ea8\Display.NvContainer\NVDisplay.Container.exe [1275544 2025-05-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\26.063.0405.0002\OneDriveUpdaterService.exe [4003688 2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [585464 2021-10-11] (geek software GmbH -> geek software GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2025-03-03] (Even Balance, Inc. -> )
R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [428264 2025-02-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [811328 2026-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\UsbAppControl\USBAppControl.exe [11776 2026-02-25] () [Datei ist nicht signiert]
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [55767304 2026-04-12] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe [4480592 2026-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe [290744 2026-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl\WorkflowAppControl.exe [20992 2026-02-25] () [Datei ist nicht signiert]
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [26193816 2026-04-22] (KRAFTON, Inc. -> KRAFTON, Inc.)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [76800 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 cthda; C:\Windows\system32\drivers\cthda.sys [1081168 2020-11-02] (Creative Technology Ltd -> Creative Technology Ltd)
R3 cthdb; C:\Windows\system32\DRIVERS\cthdb.sys [44368 2020-11-02] (Creative Technology Ltd -> Creative Technology Ltd)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [175824 2024-10-17] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [159296 2026-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2020-12-19] (Martin Malik - REALiX -> REALiX(tm))
R1 HWiNFO_153; C:\Windows\system32\drivers\HWiNFO64A_153.SYS [64240 2020-12-19] (Martin Malik - REALiX -> REALiX(tm))
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [82352 2026-02-10] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [235584 2026-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [22120 2026-05-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\Drivers\farflt.sys [213608 2026-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\Drivers\mbam.sys [81000 2026-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [245864 2026-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [190096 2026-05-07] (Malwarebytes Inc -> Malwarebytes)
S3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_006c; C:\Windows\System32\drivers\RzDev_006c.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S0 secnvme; C:\Windows\System32\drivers\secnvme.sys [133944 2020-01-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174264 2024-10-17] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50896 2024-10-17] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [49744 2021-06-13] (nordvpn s.a. -> The OpenVPN Project)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2020-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [24064 2020-11-19] (Microsoft Corporation) [Datei ist nicht signiert]
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [70158624 2026-04-11] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21888 2026-04-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [647560 2026-04-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [100744 2026-04-15] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\Windows\system32\DRIVERS\wintun.sys [29680 2022-03-14] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 NAL; \??\C:\Windows\system32\Drivers\iqvw64e.sys (Keine Datei)
S4 NvModuleTracker; \SystemRoot\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys (Keine Datei)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2026-05-07 20:21 - 2026-05-07 20:21 - 112721920 _____ C:\Windows\system32\config\SOFTWARE
2026-05-07 20:20 - 2026-05-07 20:20 - 000026665 _____ C:\Users\Paradox\Downloads\FRST.txt
2026-05-07 20:16 - 2026-05-07 20:21 - 000000000 ____D C:\Windows\Microsoft Antimalware
2026-05-07 19:41 - 2026-05-07 19:46 - 000000000 ____D C:\ProgramData\HitmanPro
2026-05-07 19:41 - 2026-05-07 19:41 - 000000000 ____D C:\Program Files\HitmanPro
2026-05-07 19:40 - 2026-05-07 19:41 - 014701656 _____ (Sophos B.V.) C:\Users\Paradox\Downloads\HitmanPro_x64.exe
2026-05-07 19:21 - 2026-05-07 19:21 - 000190096 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2026-05-07 19:21 - 2026-05-07 19:21 - 000000000 ____D C:\Users\Paradox\AppData\LocalLow\IGDump
2026-05-07 18:41 - 2026-05-07 18:44 - 000000000 ____D C:\Users\Paradox\Doctor Web
2026-05-07 18:40 - 2026-05-07 18:41 - 289215864 _____ C:\Users\Paradox\Downloads\lbtianjb.exe
2026-05-07 18:36 - 2026-05-07 20:20 - 000000000 ____D C:\FRST
2026-05-07 18:30 - 2026-05-07 18:30 - 000001660 _____ C:\Users\Paradox\Desktop\AdwCleaner[S02].txt
2026-05-07 18:25 - 2026-05-07 18:25 - 000001420 _____ C:\Users\Paradox\Desktop\Malwarebytes Bedrohungsscan-Bericht 2026-05-07 182127.txt
2026-05-07 18:07 - 2026-05-07 18:09 - 000000000 ____D C:\AdwCleaner
2026-05-07 17:55 - 2026-05-07 18:07 - 009633072 _____ (Malwarebytes) C:\Users\Paradox\Downloads\adwcleaner.exe
2026-05-07 17:53 - 2026-05-07 20:21 - 000000000 ____D C:\Users\Paradox\AppData\Local\Malwarebytes
2026-05-07 17:53 - 2026-05-07 17:53 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2026-05-07 17:53 - 2026-05-07 17:53 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2026-05-07 17:53 - 2026-05-07 17:53 - 000000000 ____D C:\Users\Paradox\AppData\Local\Sentry
2026-05-07 17:52 - 2026-05-07 17:52 - 000000000 ____D C:\ProgramData\Malwarebytes
2026-05-07 17:52 - 2026-05-07 17:52 - 000000000 ____D C:\Program Files\Malwarebytes
2026-05-07 17:50 - 2026-05-07 18:36 - 002447360 _____ (Farbar) C:\Users\Paradox\Downloads\FRST64.exe
2026-05-07 17:44 - 2026-05-07 17:44 - 002851456 _____ (Malwarebytes) C:\Users\Paradox\Downloads\MBSetup.exe
2026-05-07 16:00 - 2026-05-07 18:53 - 000000000 ____D C:\Program Files\Mozilla Firefox
2026-05-06 15:16 - 2026-05-06 15:16 - 000000000 ____D C:\Windows\system32\Tasks\GoogleSystem
2026-05-06 15:15 - 2026-05-07 17:52 - 000000000 ____D C:\ProgramData\config_router_i686
2026-05-06 15:15 - 2026-05-06 15:15 - 000247232 _____ C:\Users\Paradox\NodeProfile.exe
2026-05-06 15:15 - 2026-05-06 15:15 - 000000000 ____D C:\Users\Paradox\AppData\Roaming\RenPy
2026-05-06 15:15 - 2026-05-06 15:15 - 000000000 ____D C:\Users\Paradox\AppData\Roaming\config_router_i686
2026-05-06 15:12 - 2026-05-06 15:12 - 000000000 ____D C:\Users\Paradox\AppData\LocalLow\RegulusNSFW
2026-04-24 15:04 - 2026-04-24 23:34 - 000000504 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2026-04-23 18:54 - 2026-04-23 18:54 - 000000000 ____D C:\Users\Paradox\AppData\Local\WarThunder
2026-04-23 18:54 - 2026-04-23 18:54 - 000000000 ____D C:\ProgramData\WarThunder
2026-04-23 16:29 - 2026-04-23 16:29 - 000000000 ____D C:\Users\Paradox\Documents\League of Legends
2026-04-22 21:55 - 2026-04-22 21:55 - 000000000 ____D C:\Users\Paradox\Documents\Overwatch
2026-04-22 08:58 - 2026-04-22 08:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wargaming.net Game Center for Steam
2026-04-18 13:43 - 2026-05-07 19:24 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2026-04-18 13:43 - 2026-04-23 16:35 - 134222904 _____ C:\Windows\392667600.dat
2026-04-18 12:53 - 2026-04-18 12:53 - 000001739 _____ C:\Users\Public\Desktop\Teamfight Tactics (x86).lnk
2026-04-18 12:53 - 2026-04-18 12:53 - 000000000 ____D C:\Program Files\Riot Vanguard
2026-04-18 12:50 - 2026-04-23 16:14 - 000000000 ____D C:\Users\Paradox\AppData\Roaming\riot-client-ux
2026-04-18 12:50 - 2026-04-23 16:14 - 000000000 ____D C:\Users\Paradox\AppData\Roaming\Riot Client
2026-04-18 12:50 - 2026-04-18 13:44 - 000000807 _____ C:\Users\Public\Desktop\Riot Client (x86).lnk
2026-04-18 12:50 - 2026-04-18 12:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2026-04-18 12:50 - 2026-04-18 12:50 - 000000000 ____D C:\Users\Paradox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2026-04-18 12:49 - 2026-04-23 16:29 - 000000000 ____D C:\ProgramData\Riot Games
2026-04-18 12:49 - 2026-04-23 16:28 - 000000000 ____D C:\Users\Paradox\AppData\Local\Riot Games
2026-04-18 12:20 - 2026-04-18 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2026-04-17 20:46 - 2026-04-17 20:46 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2026-04-14 06:51 - 2026-04-14 06:51 - 000000000 ____D C:\Users\Default\AppData\Local\Epic Games
2026-04-07 20:30 - 2026-04-07 20:30 - 000034925 _____ C:\Users\Paradox\Downloads\ERTRAEGNISAUFSTELLUNG_2026.pdf
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2026-05-07 20:09 - 2022-02-11 18:31 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2026-05-07 19:28 - 2020-12-20 00:39 - 001727214 _____ C:\Windows\system32\PerfStringBackup.INI
2026-05-07 19:28 - 2019-12-07 16:51 - 000744990 _____ C:\Windows\system32\perfh007.dat
2026-05-07 19:28 - 2019-12-07 16:51 - 000150910 _____ C:\Windows\system32\perfc007.dat
2026-05-07 19:28 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2026-05-07 19:26 - 2021-12-17 15:57 - 000000000 ____D C:\Windows\SystemTemp
2026-05-07 19:23 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-05-07 19:21 - 2021-11-07 18:01 - 000000000 ____D C:\ProgramData\NVIDIA
2026-05-07 19:21 - 2020-12-20 00:32 - 000008192 ___SH C:\DumpStack.log.tmp
2026-05-07 19:21 - 2020-11-19 01:51 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2026-05-07 19:15 - 2020-12-20 00:36 - 000000000 ____D C:\Users\Paradox
2026-05-07 19:15 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2026-05-07 18:53 - 2020-12-20 01:05 - 000000000 ____D C:\Users\Paradox\AppData\Local\OpenShell
2026-05-07 18:53 - 2020-12-20 01:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2026-05-07 18:07 - 2020-12-20 00:45 - 000000000 ____D C:\Users\Paradox\Desktop\LAN Icons & more
2026-05-07 17:53 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2026-05-07 17:32 - 2020-12-20 01:00 - 000001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2026-05-07 16:02 - 2020-12-20 00:51 - 000000000 ____D C:\Users\Paradox\AppData\Roaming\Microsoft\MMC
2026-05-06 10:59 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2026-05-05 17:12 - 2024-07-31 20:21 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2026-05-04 20:34 - 2020-11-19 01:53 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2026-05-04 20:33 - 2022-10-12 22:53 - 000002146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2026-05-04 20:31 - 2025-02-08 22:45 - 000003546 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-495169557-2685978627-3782999117-1001
2026-05-04 20:31 - 2024-07-27 21:24 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2026-05-04 20:31 - 2024-07-27 21:24 - 000002023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2026-05-04 20:31 - 2021-12-12 20:24 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-495169557-2685978627-3782999117-1001
2026-05-04 20:28 - 2020-11-19 01:53 - 000003754 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2026-05-04 20:28 - 2020-11-19 01:53 - 000003628 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2026-05-01 20:59 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2026-04-26 21:02 - 2024-12-16 21:45 - 000000000 ____D C:\Users\Paradox\AppData\Roaming\Microsoft\Excel
2026-04-26 20:58 - 2020-12-20 00:38 - 000000000 ____D C:\Users\Paradox\AppData\Local\Packages
2026-04-26 02:32 - 2025-03-05 18:06 - 000000000 ____D C:\Program Files\Common Files\PUBG
2026-04-26 02:32 - 2021-11-04 22:56 - 000000000 ____D C:\Program Files (x86)\Steam
2026-04-25 21:03 - 2020-11-19 00:50 - 000000000 ____D C:\Windows\system32\SleepStudy
2026-04-25 16:38 - 2025-02-25 22:20 - 000000000 ____D C:\Users\Paradox\AppData\Local\Battle.net
2026-04-25 02:00 - 2020-12-20 02:15 - 000000000 ____D C:\Users\Paradox\AppData\Local\CrashDumps
2026-04-25 01:43 - 2021-11-07 19:40 - 000000000 ____D C:\Users\Paradox\AppData\Local\D3DSCache
2026-04-24 16:40 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
2026-04-23 18:54 - 2025-03-05 18:06 - 000000000 ____D C:\Users\Paradox\AppData\Local\BattlEye
2026-04-23 18:54 - 2020-12-20 00:49 - 000000000 ____D C:\Users\Paradox\Documents\My Games
2026-04-23 12:52 - 2025-02-25 22:20 - 000000000 ____D C:\Program Files (x86)\Battle.net
2026-04-22 20:40 - 2021-11-07 18:02 - 000000000 ____D C:\Users\Paradox\AppData\Local\NVIDIA Corporation
2026-04-22 20:38 - 2020-12-20 01:15 - 000000000 ____D C:\ProgramData\Package Cache
2026-04-22 17:54 - 2021-11-04 22:51 - 000000000 ____D C:\Users\Paradox\AppData\Local\ElevatedDiagnostics
2026-04-18 10:09 - 2025-02-25 22:20 - 000000000 ____D C:\Users\Paradox\AppData\Local\Blizzard Entertainment
2026-04-18 10:06 - 2025-02-25 22:20 - 000000000 ____D C:\Users\Paradox\AppData\Roaming\Battle.net
2026-04-17 20:45 - 2024-07-27 21:20 - 000000000 ____D C:\Program Files\Microsoft Office
2026-04-17 20:44 - 2021-11-04 22:57 - 000000000 ____D C:\Users\Paradox\AppData\Local\Steam
2026-04-16 20:46 - 2020-12-20 16:02 - 000000000 ____D C:\Windows\system32\MRT
2026-04-16 20:44 - 2020-12-20 16:02 - 218249592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2026-04-16 20:38 - 2020-11-19 00:50 - 000441096 _____ C:\Windows\system32\FNTCACHE.DAT
2026-04-16 20:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2026-04-16 20:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2026-04-16 20:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2026-04-16 20:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2026-04-16 20:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2026-04-16 20:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2026-04-16 20:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2026-04-16 20:35 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2026-04-16 20:33 - 2020-11-19 01:53 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2026-04-15 20:49 - 2020-11-19 01:51 - 000000000 ____D C:\Windows\system32\Drivers\wd
2026-04-14 06:51 - 2025-02-25 22:01 - 000000000 ____D C:\ProgramData\Epic
2026-04-14 06:51 - 2025-02-25 22:01 - 000000000 ____D C:\Program Files (x86)\Epic Games
2026-04-14 06:19 - 2025-02-25 22:01 - 000000000 ____D C:\Users\Paradox\AppData\Local\UnrealEngine
2026-04-14 06:19 - 2021-11-07 18:01 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2026-04-07 20:07 - 2021-03-02 22:00 - 000000000 ____D C:\ProgramData\Buhl Data Service GmbH
2026-04-07 20:06 - 2023-02-21 10:43 - 000000000 ____D C:\Users\Paradox\AppData\Local\Buhl
2026-04-07 20:06 - 2020-12-20 01:50 - 000000000 ____D C:\Users\Paradox\AppData\Local\JDownloader 2.0
2026-04-07 20:06 - 2020-12-20 00:50 - 000000000 ____D C:\Users\Paradox\Documents\steuer
2026-04-07 20:05 - 2020-12-20 00:50 - 000000000 ____D C:\Users\Paradox\Documents\Steuererklärung
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2026-05-06 15:15 - 2026-05-06 15:15 - 000247232 _____ () C:\Users\Paradox\NodeProfile.exe
2021-11-07 19:40 - 2021-11-07 19:40 - 000007605 _____ () C:\Users\Paradox\AppData\Local\Resmon.ResmonCfg
2026-03-18 23:22 - 2026-03-18 23:22 - 000000000 _____ () C:\Users\Paradox\AppData\Local\settingData.dat
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-04-2026
durchgeführt von Paradox (07-05-2026 20:21:35)
Gestartet von C:\Users\Paradox\Downloads
Microsoft Windows 10 Pro Version 22H2 19045.7184 (X64) (2020-12-19 22:34:13)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-495169557-2685978627-3782999117-500 - Administrators - Disabled)
DefaultAccount (S-1-5-21-495169557-2685978627-3782999117-503 - Limited - Disabled)
Gast (S-1-5-21-495169557-2685978627-3782999117-501 - Limited - Disabled)
Paradox (S-1-5-21-495169557-2685978627-3782999117-1001 - Administrators - Enabled) => C:\Users\Paradox
WDAGUtilityAccount (S-1-5-21-495169557-2685978627-3782999117-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Malwarebytes (Enabled - Up to date) {A537353A-1D6A-F6B5-9153-CE1CF80FBE66}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky Internet Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 26.001.21529 - Adobe)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601149}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.1 - Sereby Corporation)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: 1.17.1.44183 - Amazon)
Apple Application Support (32-Bit) (HKLM-x32\...\{11C4575B-4B32-44D2-A097-D59A00BA60DE}) (Version: 8.5 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D39B163A-9E12-442C-95E9-33FA5746AB21}) (Version: 8.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C788AE25-3D4E-4D18-811B-3219F778487E}) (Version: 13.5.1.2 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.42.1 - Asmedia Technology)
AusweisApp (HKLM\...\{E5B4307B-B88A-46E3-84FE-B85E9864162A}) (Version: 2.3.2 - Governikus GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BrLauncher (HKLM-x32\...\{D939DD00-5D96-4907-9657-8B22D8B4728C}) (Version: 2.0.36.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{3160E76C-99F6-4415-82E9-791C07E1CF4E}) (Version: 1.0.5.0 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{78b767ab-bc1e-4cc1-ba45-1705118b7819}) (Version: 15.0.30.0 - Brother Industries, Ltd.)
Brother iPrint&Scan (HKLM-x32\...\{AA1BB905-ACAA-41F0-BE91-946BB91E01A9}) (Version: 15.0.30.0 - Brother Industries, Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{562DE0CA-B14B-4157-A342-862671B58917}) (Version: 1.7.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM\...\{62A73CA5-0B79-4E1C-9D31-36FB12B88100}) (Version: 1.0.19.1 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{A878E768-E490-4866-AE0D-1B776C137BA7}) (Version: 1.0.23.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{F7447B09-1FB1-43D0-AF13-7FC986EC4662}) (Version: 1.0.44.0 - Brother Industries Ltd.) Hidden
calibre 64bit (HKLM\...\{6AC20EE9-EC5C-473E-8E60-93B4396402B4}) (Version: 6.11.0 - Kovid Goyal)
ClipGrab 3.9.11 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version: - The ClipGrab Project)
CPUID CPU-Z 1.94 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.94 - CPUID, Inc.)
Die Schlacht um Mittelerde™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.0.0 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{09d243ad-af34-426b-b315-67227aea56b5}) (Version: 13.401.0.5914 - Electronic Arts)
Empire Earth v2.0.0.0 - Setup v1.0.4.1 (HKLM\...\{4C0B46D8-E7EB-4B95-97D4-A578D9B914C6}_is1) (Version: 2.0.0.0 - Empire Earth Community)
Epic Games Launcher (HKLM-x32\...\{7DBFD87F-F11F-4E5C-BE8F-9A5B95BF5E9C}) (Version: 1.3.131.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{6300A8E0-851B-4638-ADBB-1385DCF1248D}) (Version: 4.3.1 - Epic Games, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
HowToGuide (HKLM-x32\...\{3BE17CF6-83FF-4771-B2E0-5A7C76DCE399}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden
HttpToUsbBridge (HKLM-x32\...\{D4BAB468-5801-489D-BC3C-7667BCAC812F}) (Version: 2.6.123.1 - Brother Industries Ltd.)
HWiNFO64 Version 6.40 (HKLM\...\HWiNFO64_is1) (Version: 6.40 - Martin Malik - REALiX)
Intel(R) Chipset Device Software (HKLM\...\{36A16AC6-68D4-44C3-B224-608601D6B353}) (Version: 10.1.1.42 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{9ECA1744-4800-4AE2-AC52-9109E24854AA}) (Version: 11.0.6.1194 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{335F9123-9306-4DB0-AF07-9C636317EE9D}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000010-0220-1031-84C8-B8D95FA3C8C3}) (Version: 22.10.0.2 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{8060a69f-ee27-444b-b126-775f861232ea}) (Version: 20.0.2 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{6B153C64-8B8F-46D6-957C-F27E82B3C5C0}) (Version: 20.0.0.1135 - Intel Corporation) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-495169557-2685978627-3782999117-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Malwarebytes version 5.5.5.253 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.5.5.253 - Malwarebytes)
MediaInfo 21.09 (HKLM\...\MediaInfo) (Version: 21.09 - MediaArea.net)
MediaMonkey 5 (HKLM-x32\...\MediaMonkey 5_is1) (Version: 5 - Ventis Media Inc.)
Microsoft .NET 8.0.19 - Windows Server Hosting (HKLM-x32\...\{59932048-58de-4541-8e3c-69701c17d9d3}) (Version: 8.0.19.25372 - Microsoft Corporation)
Microsoft .NET Host - 8.0.19 (x64) (HKLM\...\{B84443A1-BE1B-4C5E-B834-E12133604B12}) (Version: 64.76.37566 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.19 (x86) (HKLM-x32\...\{D4D10C87-3601-4E52-91EE-A841D6C23424}) (Version: 64.76.37566 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.19 (x64) (HKLM\...\{69A17DA9-300A-49B9-97F1-1EB7424570DE}) (Version: 64.76.37566 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.19 (x86) (HKLM-x32\...\{2883A694-4739-411F-AFCD-E28C81932183}) (Version: 64.76.37566 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.19 (x64) (HKLM\...\{B9F7A454-0CCD-410C-A3E0-D1AAC300F150}) (Version: 64.76.37566 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.19 (x86) (HKLM-x32\...\{83726A11-0834-46DA-A5EF-2F67E8D9AF19}) (Version: 64.76.37566 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.19 Hosting Bundle Options (HKLM-x32\...\{72566518-E5FE-3AF2-8C4E-1361EB3F9E6B}) (Version: 8.0.19.25372 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.19 Shared Framework (x64) (HKLM\...\{23AD4455-B98F-3FC8-9FB9-28001FD3DF52}) (Version: 8.0.19.25372 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.19 Shared Framework (x86) (HKLM-x32\...\{D9E20384-E764-35CA-BD6E-F1A3A06E2A8F}) (Version: 8.0.19.25372 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 147.0.3912.98 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 147.0.3912.98 - Microsoft Corporation) Hidden
Microsoft Office LTSC Professional Plus 2021 - de-de (HKLM\...\ProPlus2021Volume - de-de) (Version: 16.0.14334.20624 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 26.063.0405.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{4ffaf7b8-a84a-4813-840c-8b1f1343ae54}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{dd1e9bde-2ad6-4e92-8c07-7d4723eab8b8}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211 (HKLM-x32\...\{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35211 (HKLM-x32\...\{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35211 (HKLM-x32\...\{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.19 (x86) (HKLM-x32\...\{35A67BFA-8CCC-408D-B39C-F53D3DC0B202}) (Version: 64.76.37602 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.19 (x86) (HKLM-x32\...\{8f05f7f9-d531-4b90-a8b4-5f0b61e78033}) (Version: 8.0.19.35118 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox) (Version: 150.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 85.0 - Mozilla)
Mp3tag v3.31a (HKLM-x32\...\Mp3tag) (Version: 3.31a - Florian Heidenreich)
NetworkRepairTool (HKLM-x32\...\{A7599C88-0008-4D11-8815-4D5AE38B81AE}) (Version: 1.2.29.0 - Brother Industries, Ltd.) Hidden
NVIDIA App 11.0.5.420 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.5.420 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.5.11504.36206172 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.11504.36206172 - NVIDIA Corporation)
NVIDIA Grafiktreiber 576.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 576.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.4.3.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.3.2 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14334.20624 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14334.20624 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.14334.20522 - Microsoft Corporation) Hidden
Open-Shell (HKLM\...\{8D30DB96-8AB6-4C52-B5C7-38EDB5FE2FD7}) (Version: 4.4.152 - The Open-Shell Team)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
PDF24 Creator 10.6.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.6.0 - PDF24.org)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Riot Client (HKU\S-1-5-21-495169557-2685978627-3782999117-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Rocket League MULTi7 - ElAmigos Version 1.78 (HKLM-x32\...\{ED8CB041-9356-4FAF-A488-8DABAA126103}_is1) (Version: 1.78 - Psyonix)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - )
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 8.3.0.810 - Samsung Electronics)
ScannerUtilityInstaller (HKLM-x32\...\{D94DD953-F38C-4220-A17C-9217106510A6}) (Version: 1.20.0.1 - Brother) Hidden
SoftwareUpdateNotification (HKLM-x32\...\{EE08F359-C9E9-449A-8DCB-D799F422DB9E}) (Version: 1.0.26.0 - Brother Industries, Ltd.) Hidden
Sound Blaster Z-Series (HKLM-x32\...\{39FD096B-055A-4D68-8DEB-071EA0361B2F}) (Version: 1.01.06 - Creative Technology Limited)
Sound Blaster Z-Series Extras (HKLM-x32\...\{9D9DB4BA-E352-4AC8-AD2B-B10104F5AB80}) (Version: 1.0 - Creative Technology Limited)
Sound Blaster ZxR Driver (HKLM-x32\...\SBZZxR_is1) (Version: 1.0.00.01 - Creative Technology Ltd.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
StatusMonitor (HKLM-x32\...\{DA6177CF-6DA8-4182-A649-BA63892B1FBC}) (Version: 1.43.0.0 - Brother Industries, Ltd.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold Crusader Extreme HD (HKLM-x32\...\1207658713_is1) (Version: 1.41(a) - GOG.com)
Syn3Updater (HKLM-x32\...\Syn3Updater) (Version: - CyanLabs)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: - TechPowerUp)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
TomTom MyDrive Connect 4.2.11.4200 (HKLM-x32\...\MyDriveConnect) (Version: 4.2.11.4200 - TomTom)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{B8D93870-98D1-4980-AFCA-E26563CDFB79}) (Version: 8.94.0.0 - Microsoft Corporation)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Wargaming.net Game Center for Steam (HKU\S-1-5-21-495169557-2685978627-3782999117-1001\...\Wargaming.net Game Center for Steam) (Version: 26.1.0.1957 - Wargaming.net)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 6.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
World in Conflict - Complete Edition (HKLM-x32\...\1438332414_is1) (Version: 2.0.0.3 - GOG.com)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2026-02-22] ()
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.969.0_x64__56jybvy8sckqj [2025-11-06] (NVIDIA Corp.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-495169557-2685978627-3782999117-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-495169557-2685978627-3782999117-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\26.063.0405.0002\FileSyncShell64.dll [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\26.063.0405.0002\FileSyncShell64.dll [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\26.063.0405.0002\FileSyncShell64.dll [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\26.063.0405.0002\FileSyncShell64.dll [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\26.063.0405.0002\FileSyncShell64.dll [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\26.063.0405.0002\FileSyncShell64.dll [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\26.063.0405.0002\FileSyncShell64.dll [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-01] (Open-Shell) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\26.063.0405.0002\FileSyncShell64.dll [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\26.063.0405.0002\FileSyncShell64.dll [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\26.063.0405.0002\FileSyncShell64.dll [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\26.063.0405.0002\FileSyncShell64.dll [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\26.063.0405.0002\FileSyncShell64.dll [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\26.063.0405.0002\FileSyncShell64.dll [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\26.063.0405.0002\FileSyncShell64.dll [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-01] (Open-Shell) [Datei ist nicht signiert]
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\26.063.0405.0002\FileSyncShell64.dll [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2026-04-29] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2026-05-07] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\26.063.0405.0002\FileSyncShell64.dll [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\26.063.0405.0002\FileSyncShell64.dll [2026-05-04] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2c61c4d89b199ea8\nvshext.dll [2025-05-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2026-05-07] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2020-09-01] (Open-Shell) [Datei ist nicht signiert]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2026-03-18 23:17 - 2019-06-06 18:18 - 000174080 _____ () [Datei ist nicht signiert] C:\Program Files\Brother\BrUtilities\BrLogAPI64.dll
2026-03-18 23:16 - 2024-10-28 13:50 - 004751872 _____ () [Datei ist nicht signiert] C:\Windows\system32\BrMuSNMP.dll
2026-03-18 23:16 - 2024-10-29 21:15 - 000098304 _____ () [Datei ist nicht signiert] C:\Windows\system32\BrNetSti.dll
2021-02-08 21:14 - 2009-03-18 17:00 - 000151552 _____ (Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\ShareDLL\CADI\CTCadiEP.dll
2014-07-03 18:22 - 2014-07-03 18:22 - 000555008 _____ (Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\CTAudEp.dll
2011-09-16 18:04 - 2011-09-16 18:04 - 000238080 _____ (Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\CTLoadRs.dll
2013-02-27 12:29 - 2013-02-27 12:29 - 000251904 _____ (Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\HKDetect.dll
2025-06-07 13:36 - 2025-11-29 21:32 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
2020-09-01 18:29 - 2020-09-01 18:29 - 000865792 _____ (Open-Shell) [Datei ist nicht signiert] C:\Program Files\Open-Shell\ClassicExplorer64.dll
2020-09-01 18:29 - 2020-09-01 18:29 - 002554880 _____ (Open-Shell) [Datei ist nicht signiert] C:\Program Files\Open-Shell\StartMenuDLL.dll
2020-09-01 18:29 - 2020-09-01 18:29 - 000562688 _____ (Open-Shell) [Datei ist nicht signiert] C:\Windows\system32\StartMenuHelper64.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData:BDSDRMHK [64]
AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:BDSDRMHK [64]
AlternateDataStreams: C:\Users\Paradox\Downloads\adwcleaner.exe:MBAM.Zone.Identifier [141]
AlternateDataStreams: C:\Users\Paradox\Downloads\lbtianjb.exe:MBAM.Zone.Identifier [205]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2025-06-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-01] (Open-Shell) [Datei ist nicht signiert]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_64.dll [2020-09-01] (Open-Shell) [Datei ist nicht signiert]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-06-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer32.dll [2020-09-01] (Open-Shell) [Datei ist nicht signiert]
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_32.dll [2020-09-01] (Open-Shell) [Datei ist nicht signiert]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-01] (Open-Shell) [Datei ist nicht signiert]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer32.dll [2020-09-01] (Open-Shell) [Datei ist nicht signiert]
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-08-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-07-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-08-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-07-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-08-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-07-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-08-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-07-27] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2019-12-07 11:14 - 2026-05-07 18:45 - 000001000 _____ C:\Windows\system32\drivers\etc\hosts
2026-04-24 15:04 - 2026-04-24 23:34 - 000000504 _____ C:\Windows\system32\drivers\etc\hosts.ics
==================== Network ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
DNS Servers: 192.168.178.1
ist aktiviert.
Network Binding:
=============
Ethernet: Intel(R) Ethernet Connection (2) I219-V -> e1i65x64.sys
Bluetooth-Netzwerkverbindung: Bluetooth Device (Personal Area Network) -> bthpan.sys
WLAN: Intel(R) Dual Band Wireless-AC 8260 -> Netwtw06.sys
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-495169557-2685978627-3782999117-1001\Control Panel\Desktop\\Wallpaper ->
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 5) (TamperProtectionSource: 2)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths|D:\Spiele-LAN-2011
HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths|D:\SteamLibrary
HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths|I:\
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\StartupFolder: => "Brother iPSMonitor.lnk"
HKLM\...\StartupApproved\Run: => "PDF24"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run: => "C20A"
HKLM\...\StartupApproved\Run32: => "BrotherSoftwareUpdateNotification"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "C20A"
HKU\S-1-5-21-495169557-2685978627-3782999117-1001\...\StartupApproved\StartupFolder: => "TLS.lnk"
HKU\S-1-5-21-495169557-2685978627-3782999117-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-495169557-2685978627-3782999117-1001\...\StartupApproved\Run: => "Synapse3"
HKU\S-1-5-21-495169557-2685978627-3782999117-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-495169557-2685978627-3782999117-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-495169557-2685978627-3782999117-1001\...\StartupApproved\Run: => "RiotClient"
HKU\S-1-5-21-495169557-2685978627-3782999117-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{5CD87449-DA5B-483B-84C7-5BCFDB67D94C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4608E2C3-CC37-4B51-B8FB-405AB971FB62}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{221FF390-2E14-4459-97FF-29F774B7DF6C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel(R) Wireless Connectivity Solutions -> )
FirewallRules: [{64146D94-5A3C-4295-A91E-0EA8C0C04617}] => (Allow) C:\Program Files\Firefox Nightly\firefox.exe => Keine Datei
FirewallRules: [{A290BCFD-A3CE-4F51-A90B-F8FC7101273E}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe => Keine Datei
FirewallRules: [{26316CE2-CC45-4F23-AC85-8476AC64D353}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International B.V. -> TomTom)
FirewallRules: [{C0F0CDED-0687-40C1-9FB8-DF864B60063C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4302F61C-6719-46F8-895E-4D64B3C0DD6E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BC2216FF-6345-4498-82A7-43080CE45F13}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1BC81B89-D543-46A1-8193-43E89D57F733}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7E989278-1722-4322-ABB4-06B2911D9D44}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{8910A649-08CC-4160-8CCC-D36E1BFA7305}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{6EC2944F-6982-4531-B002-F90AB7D6B924}] => (Allow) D:\Spiele-LAN-2011\Die Schlacht um Mittelerde II\game.dat (Electronic Arts Inc.) [Datei ist nicht signiert]
FirewallRules: [{495B0688-FE72-46E9-8AC8-0DCA5C588C18}] => (Allow) D:\Spiele-LAN-2011\Die Schlacht um Mittelerde II\game.dat (Electronic Arts Inc.) [Datei ist nicht signiert]
FirewallRules: [{525A4987-0DCC-4392-B7EC-D9BB6DCBF284}] => (Allow) D:\Spiele-LAN-2011\Die Schlacht um Mittelerde II\game.dat (Electronic Arts Inc.) [Datei ist nicht signiert]
FirewallRules: [{AD593498-E194-4299-B341-0A00FDE1A317}] => (Allow) D:\Spiele-LAN-2011\Die Schlacht um Mittelerde II\game.dat (Electronic Arts Inc.) [Datei ist nicht signiert]
FirewallRules: [{BD06BAA5-8FD4-42DE-B308-B73F3029DE25}] => (Allow) D:\Spiele-LAN-2011\game.dat => Keine Datei
FirewallRules: [{686115BC-FAB2-41F7-9BD6-DFBB11B30AE0}] => (Allow) D:\Spiele-LAN-2011\game.dat => Keine Datei
FirewallRules: [{18B0924C-5255-46AF-92AD-023FB560B4C4}] => (Allow) D:\SteamLibrary\steamapps\common\Act of War Direct Action\ActOfWar.exe () [Datei ist nicht signiert]
FirewallRules: [{5414F7C7-9603-4555-A1A5-1F1C936995D6}] => (Allow) D:\SteamLibrary\steamapps\common\Act of War Direct Action\ActOfWar.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{2D54C82F-21A7-444E-801A-6BF527DF932E}E:2\spiele-lan-2011\dota 2 beta\game\bin\win32\dota2.exe] => (Allow) E:2\spiele-lan-2011\dota 2 beta\game\bin\win32\dota2.exe => Keine Datei
FirewallRules: [UDP Query User{C4C42B68-9C71-476A-866E-42AEA7AC9B70}E:2\spiele-lan-2011\dota 2 beta\game\bin\win32\dota2.exe] => (Allow) E:2\spiele-lan-2011\dota 2 beta\game\bin\win32\dota2.exe => Keine Datei
FirewallRules: [{8C43D071-AE32-4F4E-92C8-C7F152C127FA}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Keine Datei
FirewallRules: [{0D867DB5-F8F6-4B0E-B4B6-3B67E5F6921D}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Keine Datei
FirewallRules: [{ACEDBDA5-1A57-4ED2-8678-7A3E02DDD9D1}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => Keine Datei
FirewallRules: [{727DDA02-F38E-43B0-8EF1-285299CA068B}] => (Allow) D:\SteamLibrary\steamapps\common\Mighty Party\Mighty_party.exe () [Datei ist nicht signiert]
FirewallRules: [{BEFE4D4C-E380-4BB8-AE98-95E40CF507BA}] => (Allow) D:\SteamLibrary\steamapps\common\Mighty Party\Mighty_party.exe () [Datei ist nicht signiert]
FirewallRules: [{051850CD-7B13-47CC-89E3-BA0A41516E6E}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe => Keine Datei
FirewallRules: [{AA161AE1-E2CD-4DFC-B1DC-730D1285CBFB}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe => Keine Datei
FirewallRules: [{C3577F6B-5EDE-4C27-82D3-C2B865510E98}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{8D7B3C05-B1C1-48DB-BBBB-C968F0888711}C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe] => (Allow) C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [UDP Query User{BB30EC94-7980-4612-867D-877925B8F45C}C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe] => (Allow) C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{C5DFBEC8-157D-45C7-8C66-69D16050BE7F}] => (Allow) D:\Spiele-LAN-2011\Empire Earth\Empire Earth\Empire Earth.exe (Empire Earth Community -> )
FirewallRules: [{EC93094C-EE25-4291-A394-D1835C9C658D}] => (Allow) D:\Spiele-LAN-2011\Empire Earth\Empire Earth\Empire Earth.exe (Empire Earth Community -> )
FirewallRules: [{43E19CB5-6FBB-4151-A603-A4FEEDD569D2}] => (Allow) D:\Spiele-LAN-2011\Empire Earth\Empire Earth\Empire Earth.exe (Empire Earth Community -> )
FirewallRules: [{F1619885-74A9-4F4E-972D-369EAE205F8A}] => (Allow) D:\Spiele-LAN-2011\Empire Earth\Empire Earth\Empire Earth.exe (Empire Earth Community -> )
FirewallRules: [{5661A2BE-01EA-432D-871A-5D8218C338AD}] => (Allow) C:\Program Files\WISO\Steuersoftware 2024\WISO2024.EXE => Keine Datei
FirewallRules: [{9EC58F6D-07C4-4461-ABA1-3CD9168171A2}] => (Allow) C:\Program Files\WISO\Steuersoftware 2024\WISO2024.EXE => Keine Datei
FirewallRules: [{9A79E61E-05EE-48FE-8B35-7B9197D105DC}] => (Allow) C:\Program Files\WISO\Steuersoftware 2024\WISO2024.EXE => Keine Datei
FirewallRules: [{6361450A-F593-4BB3-8F1D-A5FF51181324}] => (Allow) C:\Program Files\WISO\Steuersoftware 2024\WISO2024.EXE => Keine Datei
FirewallRules: [{9CDE9111-B86D-446F-B8C1-B085431585D3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AD8353B7-BC3E-40DE-AD4A-29ECAC4213BB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{989C52CE-22FD-44CC-829E-D42D846D9312}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{8BAF0E12-C959-426A-8321-3A8901F8E646}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{28C05293-9941-431B-B8FE-D50145966EB7}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{AFBC4D93-4271-43AD-953E-CB666EAED82F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2246BF4E-B3B4-4F16-89EC-48BE236965AE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0C46A794-B913-4F63-90F1-88F8CC0D02ED}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [{AFF52F53-905B-4B9C-A513-909DDD87BB82}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [{E513E68E-D629-4894-87A3-8DE37D5F898B}] => (Allow) D:\SteamLibrary\steamapps\common\World of Tanks\wgcs_api.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{45C31911-E1AA-4060-A609-CA126C73A367}] => (Allow) D:\SteamLibrary\steamapps\common\World of Tanks\wgcs_api.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{750ABD47-F315-4CFE-A885-70701A7DDCC8}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter for Steam\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{0C200DBA-7E12-4BBF-8269-54F4812BA188}D:\steamlibrary\steamapps\common\world of tanks\eu\win64\worldoftanks.exe] => (Allow) D:\steamlibrary\steamapps\common\world of tanks\eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{28EF2D3E-7406-464F-8909-03CC4F96D71B}D:\steamlibrary\steamapps\common\world of tanks\eu\win64\worldoftanks.exe] => (Allow) D:\steamlibrary\steamapps\common\world of tanks\eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{D0533A1D-BF30-4D44-B7E2-3DBD17EE84B2}] => (Allow) D:\SteamLibrary\steamapps\common\Sniper Elite V2 Remastered\Launcher\SEV2RLauncher.exe () [Datei ist nicht signiert]
FirewallRules: [{3658A36F-8F04-4710-A337-017617ECBDE4}] => (Allow) D:\SteamLibrary\steamapps\common\Sniper Elite V2 Remastered\Launcher\SEV2RLauncher.exe () [Datei ist nicht signiert]
FirewallRules: [{C956AA45-4723-4521-98C1-26E51E4AA277}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{038A7FC0-B9CC-457B-B0C5-A10529E8344E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{BF612CA8-9D65-408A-A657-520EFB74E2E0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{904205E5-0483-49C8-91FA-D69B9A086D10}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{8353E3CC-0CFF-466D-AB4E-598B901A0A83}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{DBBCFC69-8BF8-49BC-875E-643FDF90DCDC}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{D08D994E-3D14-4303-B797-8876C4A4B71A}] => (Allow) D:\Program Files (x86)\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{B4B79507-D08E-46CB-B431-B473CBAFFC9B}] => (Allow) D:\Program Files (x86)\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{F6CFD6A2-0042-446C-9A66-D42878A7CACA}] => (Allow) D:\Program Files (x86)\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{396A7778-1845-47F5-8385-82C238E1EC23}] => (Allow) D:\Program Files (x86)\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{B571153B-F78F-41A7-A667-6B13B6A9ADEB}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{3EA474DA-570C-4E6C-853B-9F4644A8FF5B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{8E148B15-2B2F-4A9C-BD7B-24027828C0A6}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{32C566B6-631A-450C-AD9E-CFCA2E3DFE8D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{66F13DD4-9A58-4C95-A637-297509409613}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E1A19EBE-8C78-408A-8DED-29CE2FBE521E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C8D05C78-15F9-4261-BFA9-C43A204E3129}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E55B375D-355D-42FB-9708-6CA5E40B0203}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{BE488B9E-0D16-44F6-B3EB-429D9E7EB5E4}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{390C58E5-0398-4E8C-A08A-C3CDC4EF344A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{253616D4-0623-4F1D-8295-69D5D6BCA8A8}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{4C692816-6FF3-4A30-B470-B87BB8186601}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [UDP Query User{8BAA3F22-C319-421C-A2AC-15C68C89F26A}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [TCP Query User{86E42426-4E7F-4B5E-A1EB-65E44061F90B}D:\program files (x86)\epic games\rocketleague\binaries\win64\rocketleague.exe] => (Allow) D:\program files (x86)\epic games\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC)
FirewallRules: [UDP Query User{4AC1B120-8E7A-4214-AE6D-D09CB49BD668}D:\program files (x86)\epic games\rocketleague\binaries\win64\rocketleague.exe] => (Allow) D:\program files (x86)\epic games\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC)
FirewallRules: [TCP Query User{90C91907-A8C1-4928-BA13-B498B845D4E8}D:\spiele-lan-2011\counter-strike source\hl2.exe] => (Allow) D:\spiele-lan-2011\counter-strike source\hl2.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{CD89E7AC-819D-440E-B332-5BE3FE53E2BC}D:\spiele-lan-2011\counter-strike source\hl2.exe] => (Allow) D:\spiele-lan-2011\counter-strike source\hl2.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{02B99A5D-DC0B-460C-8D70-AE64167E17D4}D:\spiele-lan-2011\flatout 2\{app}\flatout2.exe] => (Allow) D:\spiele-lan-2011\flatout 2\{app}\flatout2.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{34CD502A-8970-4607-A930-F36A76718219}D:\spiele-lan-2011\flatout 2\{app}\flatout2.exe] => (Allow) D:\spiele-lan-2011\flatout 2\{app}\flatout2.exe () [Datei ist nicht signiert]
FirewallRules: [{112A6D52-7CF9-4D25-AA8C-75D37A8B4F73}] => (Allow) D:\Program Files (x86)\StarCraft II\Versions\Base93333\SC2_x64.exe => Keine Datei
FirewallRules: [{BA319B16-5C6C-4AA7-B51A-97ED6E5AD814}] => (Allow) D:\Program Files (x86)\StarCraft II\Versions\Base93333\SC2_x64.exe => Keine Datei
FirewallRules: [TCP Query User{E97787C8-9008-4C88-8017-A7EC3607634D}D:\steamlibrary\steamapps\common\world of tanks\eu\win64\worldoftanks.exe] => (Allow) D:\steamlibrary\steamapps\common\world of tanks\eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{CC34697D-E95C-4F07-8F6D-1BE2E60477AC}D:\steamlibrary\steamapps\common\world of tanks\eu\win64\worldoftanks.exe] => (Allow) D:\steamlibrary\steamapps\common\world of tanks\eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{9D2102FC-175E-4219-915D-ACFF552C604C}D:\spiele-lan-2011\dod\hl2.exe] => (Allow) D:\spiele-lan-2011\dod\hl2.exe (Valve -> )
FirewallRules: [UDP Query User{BF977C4D-1EFD-46EB-9DEC-D32E154C0845}D:\spiele-lan-2011\dod\hl2.exe] => (Allow) D:\spiele-lan-2011\dod\hl2.exe (Valve -> )
FirewallRules: [TCP Query User{967614B5-DB51-460B-A7CF-E8E44C7C7BC3}D:\spiele-lan-2011\rocket league 1.78\binaries\win64\rocketleague.exe] => (Allow) D:\spiele-lan-2011\rocket league 1.78\binaries\win64\rocketleague.exe (Psyonix, LLC) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{B5A9A856-1295-4A40-8D68-0B1BEEF20F25}D:\spiele-lan-2011\rocket league 1.78\binaries\win64\rocketleague.exe] => (Allow) D:\spiele-lan-2011\rocket league 1.78\binaries\win64\rocketleague.exe (Psyonix, LLC) [Datei ist nicht signiert]
FirewallRules: [{E59D4368-EC12-476C-9951-EE1FC5104DF0}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter for Steam\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{3D7E6362-2E8C-4D1F-ACAE-9DBBDDF0B32C}] => (Allow) C:\Program Files\AusweisApp\AusweisApp.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [AusweisApp-Firewall-Rule] => (Allow) C:\Program Files\AusweisApp\AusweisApp.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [{3109573E-6023-42CB-BEFF-70435C9EF8AC}] => (Allow) LPort=54925
FirewallRules: [{14F17C6C-6B07-4455-9E30-6D0F566C5A5A}] => (Allow) LPort=54950
FirewallRules: [{50846B50-0E07-4A53-B0D2-F5AC287DD689}] => (Allow) LPort=54955
FirewallRules: [{BA3F7A3B-E5CE-45FB-A605-26F6CEEAD10A}] => (Allow) C:\Program Files (x86)\Brother\iPrint&Scan\IPSMONITOR\iPSMonitor.exe (iPSMonitor) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{132524DB-6665-462C-9D82-D6C283D7813C}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{35046EEC-0241-4C54-8513-FB981AE148E2}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{3E56DB22-631F-409E-A030-75621824B7F9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{449BDA08-519B-4ABE-A098-8209A63CD2A0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8B0AFD4C-1B07-48B5-8BDF-0C5A83840FE1}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\beac_wt_mlauncher.exe (Gaijin Entertainment) [Datei ist nicht signiert]
FirewallRules: [{BE5B54EA-F7D2-4555-ABFF-4F4607266A5D}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\beac_wt_mlauncher.exe (Gaijin Entertainment) [Datei ist nicht signiert]
FirewallRules: [{A6BC9075-F29C-412E-A74B-CCCFAA28F47E}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [{25870F12-E3B3-4BEB-BCF6-FF9F10DCA51A}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [TCP Query User{9C65E80C-E89E-40AC-B507-4786ABDD49A0}D:\program files (x86)\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) D:\program files (x86)\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{60BED384-F88C-4E4F-BE27-F8DA649FE8B2}D:\program files (x86)\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) D:\program files (x86)\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{F66A89FD-511C-46A8-8A28-A7E6D8281CE6}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter for Steam\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{0A097AF4-BBF8-46CB-8141-749860E4C51B}D:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) D:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{FC3BAED1-DD02-4A08-8A47-89567A6DE4FB}D:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) D:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{83DEB21F-70B4-4F5D-B0BA-FA1416628378}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe (GAIJIN NETWORK LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{6C9C1793-4B5B-4A5B-AD78-BDFD58843FB0}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe (GAIJIN NETWORK LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{FED0AC26-7504-4581-9877-0F85E979615D}D:\spiele-lan-2011\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) D:\spiele-lan-2011\call of duty 4 - modern warfare\iw3mp.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{CC8D4A03-FFE5-40AB-91D7-C0C030F34DA2}D:\spiele-lan-2011\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) D:\spiele-lan-2011\call of duty 4 - modern warfare\iw3mp.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{4BF1B30B-B538-498C-AF3D-8E8C5731414A}D:\spiele-lan-2011\company of heroes\reliccoh.exe] => (Allow) D:\spiele-lan-2011\company of heroes\reliccoh.exe (THQ Canada Inc. -> THQ Canada Inc.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{9CF9DD1B-5E36-4418-8D60-9FF3B2475698}D:\spiele-lan-2011\company of heroes\reliccoh.exe] => (Allow) D:\spiele-lan-2011\company of heroes\reliccoh.exe (THQ Canada Inc. -> THQ Canada Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{035356DE-C468-4A5A-B901-805FFBBC1E3A}D:\spiele-lan-2011\company of heroes\relicdownloader\relicdownloader.exe] => (Block) D:\spiele-lan-2011\company of heroes\relicdownloader\relicdownloader.exe (THQ Canada Inc. -> THQ Canada Inc.)
FirewallRules: [UDP Query User{CA0BAB16-7BDA-4F4B-8823-F13A0B0BC1C6}D:\spiele-lan-2011\company of heroes\relicdownloader\relicdownloader.exe] => (Block) D:\spiele-lan-2011\company of heroes\relicdownloader\relicdownloader.exe (THQ Canada Inc. -> THQ Canada Inc.)
FirewallRules: [TCP Query User{4A78F633-BA63-400A-9592-FAD8F466DF96}D:\spiele-lan-2011\counter-strike source\hl2.exe] => (Allow) D:\spiele-lan-2011\counter-strike source\hl2.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{1420A487-ED56-4192-A7C1-E54416950A34}D:\spiele-lan-2011\counter-strike source\hl2.exe] => (Allow) D:\spiele-lan-2011\counter-strike source\hl2.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{840C952B-9BCF-4868-A81C-415BF363C839}D:\spiele-lan-2011\sniper - ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Allow) D:\spiele-lan-2011\sniper - ghost warrior 2\bin32\sniperghostwarrior2.exe (City Interactive S.A.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{6EB5C074-A1D4-47E4-A601-C400A77C79CC}D:\spiele-lan-2011\sniper - ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Allow) D:\spiele-lan-2011\sniper - ghost warrior 2\bin32\sniperghostwarrior2.exe (City Interactive S.A.) [Datei ist nicht signiert]
==================== Wiederherstellungspunkte =========================
17-04-2026 21:11:40 Geplanter Prüfpunkt
22-04-2026 20:38:25 Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: Intel(R) Dual Band Wireless-AC 8260
Description: Intel(R) Dual Band Wireless-AC 8260
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: Netwtw06
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (05/07/2026 07:21:58 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2026/05/07 19:21:58.100]: [00001572]: BrMfNet::GetAddressByName Error
Error: (05/07/2026 07:08:35 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (05/07/2026 07:06:57 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf Programme (E:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)
Error: (05/07/2026 06:54:11 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2026/05/07 18:54:11.411]: [00001596]: BrMfNet::GetAddressByName Error
Error: (05/07/2026 06:53:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2026/05/07 18:53:56.143]: [00001596]: BrMfNet::GetAddressByName Error
Error: (05/07/2026 06:51:26 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (05/07/2026 06:51:20 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (05/07/2026 06:45:09 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Systemfehler:
=============
Error: (05/07/2026 07:21:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "luafv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (05/07/2026 06:53:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "luafv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (05/07/2026 06:53:02 PM) (Source: DCOM) (EventID: 10010) (User: FAT-EICHKATZ)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/07/2026 06:20:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "PDF24" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/07/2026 06:20:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/07/2026 06:20:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/07/2026 06:20:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/07/2026 06:20:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office Click-to-Run Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (04/24/2026 10:43:17 AM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error: (04/24/2026 10:43:17 AM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error: (04/24/2026 10:43:16 AM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error: (04/24/2026 10:43:15 AM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Windows Defender:
================
Date: 2026-05-07 17:52:05
Description:
Microsoft Defender Antivirus šĉαⁿ ħãŝ вèėň ѕŧθφρεđ ъёƒόřĕ ĉǿмρłęťíοй.%ή %тŜçдⁿ ЇĐ:%ъ{631E059E-64D1-4C60-A59A-4B945897F901}%ⁿ %ţЅćαη Τурē:%вAntimalware%η %ťŞċαή Рǻřămεţęяś:%вVollständige Überprüfung%π %τŮѕéř:%ъFAT-EICHKATZ\Paradox%ⁿ %τŞтòφ Яęάşőⁿ:%ьАъοŗťëđ вγ ŧђ℮ çŀιєñť
Date: 2026-05-07 17:52:05
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/LummaStealer&threatid=2147859289&enterprise=0
Name: Trojan:Win32/LummaStealer
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\ProgramData\config_router_i686\python38.dll
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Benutzer
Benutzer: FAT-EICHKATZ\Paradox
Prozessname: Unknown
Sicherheitsversion: AV: 1.449.496.0, AS: 1.449.496.0, NIS: 1.449.496.0
Modulversion: AM: 1.1.26030.3008, NIS: 1.1.26030.3008
Date: 2026-05-07 16:00:23
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0
Name: Trojan:Script/Wacatac.B!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\Paradox\AppData\Local\Temp\tmp-60272-UFzaiiBBbRvY\python38.dll
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: FAT-EICHKATZ\Paradox
Prozessname: C:\Users\Paradox\AppData\Local\Temp\tmp-60272-UFzaiiBBbRvY\Pf1aflSEl.exe
Sicherheitsversion: AV: 1.449.477.0, AS: 1.449.477.0, NIS: 1.449.477.0
Modulversion: AM: 1.1.26030.3008, NIS: 1.1.26030.3008
Date: 2026-05-06 15:43:29
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Kepavll!rfn&threatid=2147939874&enterprise=0
Name: Trojan:Win32/Kepavll!rfn
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: containerfile:_C:\Users\Paradox\Downloads\full_version_54756925_local_game_installation.rar; file:_C:\Users\Paradox\Downloads\full_version_54756925_local_game_installation.rar->Game.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Benutzer
Benutzer: FAT-EICHKATZ\Paradox
Prozessname: Unknown
Sicherheitsversion: AV: 1.449.477.0, AS: 1.449.477.0, NIS: 1.449.477.0
Modulversion: AM: 1.1.26030.3008, NIS: 1.1.26030.3008
Event[0]:
Date: 2026-05-07 18:53:08
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Security Intelligence aufgetreten. Es wird versucht, zu einer vorherigen Version zurückzukehren.
Security Intelligence versucht: Aktuell
Fehlercode: 0x80501102
Fehlerbeschreibung: Unerwartetes Problem. Installieren Sie bei Bedarf verfügbare Updates, und starten Sie das Programm dann erneut. Informationen zum Installieren von Updates finden Sie unter "Hilfe und Support".
Security Intelligence-Version: 1.449.498.0;1.449.498.0
Modulversion: 1.1.26030.3008
Date: 2025-09-12 20:33:58
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.435.727.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.25070.4
Fehlercode: 0x8024001e
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
Date: 2024-03-09 11:57:33
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.405.1102.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.24010.10
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
Date: 2024-03-09 11:57:33
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.405.1102.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.24010.10
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
Date: 2024-03-09 11:57:33
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.405.1102.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.24010.10
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
CodeIntegrity:
===============
Date: 2026-05-07 19:28:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. 3805 05/16/2018
Hauptplatine: ASUSTeK COMPUTER INC. Z170 PRO GAMING
Prozessor: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 32710.98 MB
Verfügbarer physikalischer RAM: 23602.46 MB
Summe virtueller Speicher: 37574.98 MB
Verfügbarer virtueller Speicher: 28174.79 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:476.32 GB) (Free:197.34 GB) (Model: SAMSUNG MZVPV512HDGL-00000) NTFS
Drive d: (SSD Games&Programme) (Fixed) (Total:1863 GB) (Free:348.17 GB) (Model: Samsung SSD 860 EVO 2TB) NTFS
Drive e: (Programme) (Fixed) (Total:931.51 GB) (Free:184.21 GB) (Model: ST2000DX001-1CM164) NTFS
Drive f: (Daten&Zeuch) (Fixed) (Total:931.51 GB) (Free:272.72 GB) (Model: ST2000DX001-1CM164) NTFS
\\?\Volume{951e7fd1-2af3-433d-a7ef-7959b07ba367}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{7e970c42-bf41-4384-8c8e-7c31f793093a}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 7BC9C5BC)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 2 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt =======================
|
|
| Themen zu Windows 10: multiple Trojaner Infektion: Win32/Wacatac.H!ml, Kepavll!rfn, Wacatac.B!ml, LummaStealer |
| antivirus, desktop, firefox, google, homepage, internet, internet explorer, kaspersky, malware, mozilla, programm, prozesse, registry, rundll, scan, services.exe, software, starten, svchost.exe, trojan, trojaner, udp, updates, windows, wiso |
Linear-Darstellung
