Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Bitte um Hilfe. Viele Virenwarnungen über Microsoft Edge (https://www.trojaner-board.de/216038-bitte-um-hilfe-viele-virenwarnungen-microsoft-edge.html)

Susanni 14.07.2025 00:00
Bitte um Hilfe. Viele Virenwarnungen über Microsoft Edge
 
Ich habe ganz viele Warnungen über Microsoft Edge bekommen. Ich habe Edge deinstalliert. Die Warnungen sind jetzt weg. Ich habe aber Angst, dass ich einen Virus im System habe.
Bitte um Hilfe.

cosinus 14.07.2025 09:12
https://www.trojaner-board.de/195567...-beachten.html

Susanni 14.07.2025 12:15
Entschuldigung. Hier sind die Dateien:

FRST.txt:


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-07-2025
Ran by Anwender (administrator) on DESKTOP-DIFQB2Q (Micro-Star International Co., Ltd. MS-7C56) (14-07-2025 13:08:49)
Running from C:\Users\Susi\Downloads\FRST64.exe
Loaded Profiles: Anwender & Susi
Platform: Microsoft Windows 11 Home Version 24H2 26100.4652 (X64) Language: Deutsch (Deutschland) -> Deutsch (Deutschland)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Susi\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(explorer.exe ->) (Telekom Deutschland GmbH -> Deutsche Telekom AG) C:\Program Files\MagentaCLOUD\magentacloud.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25153.1010.3727.5483_x64__8wekyb3d8bbwe\ms-teams.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncHelper.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\GameInputSvc.exe <2>
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\NisSrv.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e54441f6cc56b0cb\RtkAudUService64.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.51.3.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.26100.4651_none_a510910d775cffb2\TiWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e54441f6cc56b0cb\RtkAudUService64.exe [2790352 2025-05-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [367456 2024-04-22] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9524616 2025-07-08] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\...\RunOnce: [TzSyncRunOnce] => C:\Windows\System32\tzsync.exe [233472 2025-07-09] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" [91410296 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\138.0.3351.83\Installer\setup.exe [7362624 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4968328 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4968328 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-300349749-1118940784-3883464041-1000\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4968328 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-300349749-1118940784-3883464041-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4698720 2025-06-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4968328 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Run: [MagentaCLOUD] => C:\Program Files\MagentaCLOUD\magentacloud.exe [6458080 2023-02-17] (Telekom Deutschland GmbH -> Deutsche Telekom AG)
HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Run: [Opera Browser Assistant] => C:\Users\Susi\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4536216 2025-04-14] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Run: [MicrosoftEdgeAutoLaunch_DB15AD90D7033149DA2132D5F6A5FA2F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start (No File)
HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37404064 2025-07-11] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\MountPoints2: {b5555984-4dd6-11ef-b911-d843ae623510} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300349749-1118940784-3883464041-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4968328 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP D711 Status Monitor: C:\WINDOWS\system32\hpinkstsD711LM.dll [393352 2017-03-26] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\138.0.7204.101\Installer\chrmstp.exe [2025-07-11] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {112e5d34-8903-4aab-8132-f10e9d3ebe5a} - no filepath. <==== ATTENTION
Task: {2008adb5-9727-4554-82d1-10bc1745e8b1} - no filepath. <==== ATTENTION
Task: {2269145a-6d62-44c0-a755-2f56b3301453} - no filepath. <==== ATTENTION
Task: {25f23172-2787-4c1b-9500-4106c457e0bb} - no filepath. <==== ATTENTION
Task: {262a40ed-a71e-4de2-875b-29bc1fdb33c7} - no filepath. <==== ATTENTION
Task: {3c6314d9-c7a1-45b6-9291-b9a4e8565a82} - no filepath. <==== ATTENTION
Task: {45840b04-5a74-483d-83cf-de83848d0492} - no filepath. <==== ATTENTION
Task: {49244025-6df9-422b-9e60-fcfe9befa7cc} - no filepath. <==== ATTENTION
Task: {49f467fe-f6ab-47c3-bc8f-feb6ecafdc8d} - no filepath. <==== ATTENTION
Task: {4a81a102-6041-41f8-aec6-9e1577acd5bd} - no filepath. <==== ATTENTION
Task: {4fe10caf-cdf4-464f-b1b6-2d54ba837948} - no filepath. <==== ATTENTION
Task: {59514228-1f82-4abd-afd7-3fcf9583ceb8} - no filepath. <==== ATTENTION
Task: {6252884b-51c4-48b8-bee4-73f01f7305b1} - no filepath. <==== ATTENTION
Task: {77d009d7-1870-47f3-80c4-323541939d46} - no filepath. <==== ATTENTION
Task: {7e1c234c-f8fe-4e89-ad85-93991578a23a} - no filepath. <==== ATTENTION
Task: {81807fe3-4902-4181-8e2a-22c3b638c533} - no filepath. <==== ATTENTION
Task: {87d50552-871e-49a1-9b41-97eb9ef69092} - no filepath. <==== ATTENTION
Task: {8961c923-cd25-44c4-b36a-c42c40d1660d} - no filepath. <==== ATTENTION
Task: {93a33fff-17eb-4842-9faf-7534d5215b10} - no filepath. <==== ATTENTION
Task: {9eaf414f-36f6-4ffd-9684-175b2f318c04} - no filepath. <==== ATTENTION
Task: {a6f37331-826e-4bd1-bbcf-0c0e29bcff2c} - no filepath. <==== ATTENTION
Task: {acc4f9db-bb56-4b53-8d9d-5e013c15118c} - no filepath. <==== ATTENTION
Task: {c5c8f437-adb8-43b5-b8a4-b36b05a3e364} - no filepath. <==== ATTENTION
Task: {ce8233e6-ce9f-49b7-8752-ebaef42a581d} - no filepath. <==== ATTENTION
Task: {d925046e-c8c8-4d8c-824e-37a6fab0368e} - no filepath. <==== ATTENTION
Task: {d94a6419-a129-4abc-a395-5e3dd4ae9b87} - no filepath. <==== ATTENTION
Task: {e91f7dcf-a6ba-4217-89da-5ccf63f6e9fc} - no filepath. <==== ATTENTION
Task: {ec0a6339-a680-49dc-9e67-a2c91d538c04} - no filepath. <==== ATTENTION
Task: {ef7d7f8d-d387-436a-90ec-5890ebacb456} - no filepath. <==== ATTENTION
Task: {fa2bd862-ffe8-49a7-9e7b-f431bb237d75} - no filepath. <==== ATTENTION
Task: {ffdf9004-c786-45d9-a30b-05279132e6c6} - no filepath. <==== ATTENTION
Task: {F290A334-2964-45CD-BA99-FE3D2CF64E7F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {D1E44C35-478B-44CB-BA53-4204D55CE9D7} - System32\Tasks\DropboxSystem\DropboxUpdater\DropboxUpdaterTaskSystem123.0.6299.129{47CD09D9-39F8-43ED-AE63-6F827413F9F7} => C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.129\updater.exe [5898104 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
Task: {7361893A-36F1-4AD3-A384-049AA048FBC9} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem140.0.7272.0{4425CD8D-9E00-4335-AC2C-13963B53FF54} => C:\Program Files (x86)\Google\GoogleUpdater\140.0.7272.0\updater.exe [6836832 2025-07-01] (Google LLC -> Google LLC)
Task: {DFFCFEDF-1029-46D1-B76D-868077302545} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [10453888 2025-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {6379A620-4796-4973-8E53-2A0CC287FC36} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28583776 2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {53C9CCF1-843B-484D-9B12-D4E6026362E1} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\opushutil.exe [61328 2025-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB41A266-49CE-43AF-98A0-AA5D7540FB44} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28583776 2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {7EF468B8-AFA4-4CAD-A16F-7F6EBED71B3B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [224032 2025-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {C329E3E0-DA05-4B16-9475-44330958CEAF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [224032 2025-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A4F9754-7989-4408-8DB6-ED9370A2932B} - System32\Tasks\Microsoft\Office\Office Startup Boost => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [224032 2025-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {A558CC47-7223-457F-85D8-87E697C8F2ED} - System32\Tasks\Microsoft\Office\Office Startup Boost Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [224032 2025-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe  (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (No File)
Task: {C9F12752-B7A1-4BA7-8F64-92111CFF9F00} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CE855363-5302-4F8A-80B0-7882CDD401F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {98B66820-7F65-4FCC-8FB5-696CC65D4297} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {830535A7-40CC-49B4-8E1F-8C11D2E9431B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ADACE8A4-3849-4F2D-9A0C-00FBBAA8EE46} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-300349749-1118940784-3883464041-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [694848 2025-07-10] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {FAEC80E9-6352-4005-8718-0E8CDC26395C} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-300349749-1118940784-3883464041-1002 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [694848 2025-07-10] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {473E1EEA-0A09-40D4-AAD4-B56D6928E2CE} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-07-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {E4855E40-1264-429B-81EF-EC141A3C13A6} - System32\Tasks\MSI_Driver_Utility_Installer => C:\Program Files (x86)\MSI\MSI_Driver_Utility_Installer\MSI_Driver_Utility_Installer.exe [471760 2024-08-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {5F93C471-FC51-4FC2-A23D-BAE25441A5AD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {E19F91EB-5B14-4BEE-9728-DFC86A1290ED} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9C0E9100-1D28-49C9-8A94-8CB2CAB38F27} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {FE4D1531-7D6D-475F-8792-E3DD2EA24867} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BF69616A-B3AC-4E71-BD11-00C887EFA9D5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AD9BE1C8-3EC0-492F-9905-53DC78FE229C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {16C8ED63-194A-422D-B577-1E1D962C859B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {87A32C8C-1EE6-47CD-A4CC-55E440D84D3A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7637B44A-AB77-4FC6-9888-44A37F2650EC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8F509555-BC33-408F-9A4F-439AC0E2A4EB} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4224392 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {125EF511-68BD-4E6B-987F-ACFB67966C45} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-300349749-1118940784-3883464041-1000 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4224392 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {59DB7A75-115A-4D65-BF3A-E3B71C58A2DC} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-300349749-1118940784-3883464041-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4224392 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {2C41C943-88D4-426A-BBE2-C9DE6DDA8D53} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-300349749-1118940784-3883464041-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4224392 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {542869ED-EC98-470F-9FA3-D91045C6DC7C} - System32\Tasks\OneDrive Startup Task-S-1-5-21-300349749-1118940784-3883464041-1000 => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\OneDriveLauncher.exe [685960 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {4F3737D4-FA5B-4399-A491-38CB1F107311} - System32\Tasks\OneDrive Startup Task-S-1-5-21-300349749-1118940784-3883464041-1001 => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\OneDriveLauncher.exe [685960 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {58432F2D-4451-45ED-A255-041ADBDE538A} - System32\Tasks\OneDrive Startup Task-S-1-5-21-300349749-1118940784-3883464041-1002 => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\OneDriveLauncher.exe [685960 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A4D55E5A-7C66-4775-BDBD-D904DFAA8B81} - System32\Tasks\Opera scheduled assistant Autoupdate 1720783592 => C:\Users\Susi\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [6073240 2025-06-26] (Opera Norway AS -> Opera Software) -> --scheduledtask --productiscomponent --bypasslauncher --installdir="C:\Users\Susi\AppData\Local\Programs\Opera\assistant" --producttype=assistant $(Arg0)
Task: {6E2C7DC5-FD17-4F79-9E39-2490D2AB1DE6} - System32\Tasks\Opera scheduled Autoupdate 1720783591 => C:\Users\Susi\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [6073240 2025-06-26] (Opera Norway AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c98ef358-4c5b-4953-aacc-3a8fb6d2d412}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c98ef358-4c5b-4953-aacc-3a8fb6d2d412}: [DhcpDomain] home

Edge:
=======
Edge Profile: C:\Users\Anwender\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-22]
Edge Extension: (Google Docs Offline) - C:\Users\Anwender\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-13]
Edge Extension: (Edge relevant text changes) - C:\Users\Anwender\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-13]

FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-06-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-07-13] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default [2024-04-22]
CHR Extension: (Google Docs Offline) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-16]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-03-16]
CHR HKU\S-1-5-21-300349749-1118940784-3883464041-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103776 2024-03-30] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13045112 2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [5898104 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [5898104 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\System32\DbxSvc.exe [58984 2025-04-29] (Dropbox, Inc -> Dropbox, Inc.)
S2 DropboxUpdaterInternalService123.0.6299.129; C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.129\updater.exe [5898104 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
S2 DropboxUpdaterService123.0.6299.129; C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.129\updater.exe [5898104 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
S3 EpicGamesUpdater; C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesUpdater.exe [2404768 2025-07-11] (Epic Games Inc. -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [1604112 2025-04-01] (Epic Games Inc. -> Epic Games, Inc.)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncHelper.exe [3633512 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2421584 2025-05-31] (GOG  sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7654224 2025-05-31] (GOG  sp. z o.o -> GOG.com)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243720 2025-07-08] (HP Inc. -> HP Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe [2071592 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [74336 2023-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [154216 2023-08-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [36880 2023-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.115.0615.0002\OneDriveUpdaterService.exe [3885448 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [20445008 2025-06-19] (Logitech Inc -> Logitech, Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [4488168 2025-07-02] (Rockstar Games, Inc. -> Rockstar Games)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [794544 2024-05-02] (Oracle America, Inc. -> Oracle and/or its affiliates)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\NisSrv.exe [4513624 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe [278328 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 DropboxElevationService; "C:\Program Files (x86)\Dropbox\Client\227.4.4774\DropboxElevationService.exe" --svc --appid={cc46080e-4c33-4981-859a-bba2f780f31e} [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [36928 2022-09-16] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [573440 2024-12-28] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [204800 2024-12-28] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [110592 2024-12-28] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [222528 2024-12-28] (Microsoft Windows -> Microsoft Corporation)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [330112 2025-06-13] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [140688 2025-07-09] (Microsoft Windows -> Microsoft Corporation)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [32424 2023-07-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2024-01-18] (Nvidia Corporation -> NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [254352 2024-05-02] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [265224 2024-05-02] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxSup; C:\WINDOWS\system32\DRIVERS\VBoxSup.sys [1063752 2024-05-02] (Oracle Corporation -> Oracle and/or its affiliates)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2025-06-11] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20032 2025-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [612768 2025-06-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2024-12-28] (Microsoft Windows -> Microsoft Corporation)
S3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\WSDScan.sys [61440 2024-12-28] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-07-14 13:08 - 2025-07-14 13:09 - 000033986 _____ C:\Users\Susi\Downloads\FRST.txt
2025-07-14 00:44 - 2025-07-14 13:09 - 000000000 ____D C:\FRST
2025-07-14 00:43 - 2025-07-14 00:44 - 002409472 _____ (Farbar) C:\Users\Susi\Downloads\FRST64.exe
2025-07-14 00:31 - 2025-07-14 00:31 - 000002583 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002579 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002558 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Notes (new).lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002536 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002533 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook (classic).lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2025-07-13 16:41 - 2025-07-13 16:41 - 000745650 _____ C:\WINDOWS\system32\perfh007.dat
2025-07-13 16:41 - 2025-07-13 16:41 - 000158752 _____ C:\WINDOWS\system32\perfc007.dat
2025-07-11 17:34 - 2025-07-11 17:34 - 000000000 ____D C:\Users\Susi\Documents\Amnesia
2025-07-11 17:34 - 2025-07-11 17:34 - 000000000 ____D C:\Users\Susi\AppData\Roaming\fltk.org
2025-07-11 17:34 - 2025-07-11 17:34 - 000000000 ____D C:\ProgramData\fltk.org
2025-07-11 17:32 - 2025-07-11 17:32 - 000000385 _____ C:\Users\Susi\Desktop\Amnesia  The Dark Descent.url
2025-07-11 17:32 - 2025-07-11 17:32 - 000000000 ____D C:\Users\Susi\AppData\LocalLow\Something We Made
2025-07-11 17:32 - 2025-07-11 17:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOEM [GOG.com]
2025-07-11 17:27 - 2025-07-11 17:27 - 000000000 ____D C:\Users\Anwender\AppData\Local\UnrealEngine
2025-07-11 17:27 - 2025-07-11 17:27 - 000000000 ____D C:\Users\Anwender\AppData\Local\EpicGamesLauncher
2025-07-11 17:27 - 2025-07-11 17:27 - 000000000 ____D C:\Program Files\Epic Games
2025-07-11 17:23 - 2025-07-11 17:23 - 000000000 ____D C:\Users\Susi\AppData\Local\UnrealEngineLauncher
2025-07-11 17:23 - 2025-07-11 17:23 - 000000000 ____D C:\Users\Susi\AppData\Local\EpicGamesLauncher
2025-07-11 17:22 - 2025-07-11 17:25 - 000000000 ____D C:\ProgramData\Epic
2025-07-11 17:22 - 2025-07-11 17:23 - 000000000 ____D C:\Program Files (x86)\Epic Games
2025-07-11 17:22 - 2025-07-11 17:22 - 000001272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2025-07-11 17:22 - 2025-07-11 17:22 - 000001260 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2025-07-11 17:22 - 2025-07-11 17:22 - 000000000 ____D C:\Users\Susi\AppData\Local\Epic Games
2025-07-11 17:21 - 2025-07-11 17:22 - 186343424 _____ C:\Users\Susi\Downloads\EpicInstaller-18.7.0.msi
2025-07-10 14:28 - 2025-07-10 21:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-07-09 04:39 - 2025-07-09 04:39 - 000000000 ____D C:\WINDOWS\system32\ruxim
2025-07-09 03:18 - 2025-07-14 02:38 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-07-09 03:17 - 2025-07-09 03:17 - 000073956 _____ C:\WINDOWS\SysWOW64\ctac.json
2025-07-09 03:17 - 2025-07-09 03:17 - 000073956 _____ C:\WINDOWS\system32\ctac.json
2025-07-09 03:17 - 2025-07-09 03:17 - 000033519 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-07-09 03:17 - 2025-07-09 03:17 - 000033519 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-07-09 00:18 - 2025-07-09 00:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2025-07-08 23:21 - 2025-07-08 23:21 - 002968134 _____ C:\Users\Susi\Downloads\Fw_ Minutes of the Extraordinary General Assembly 2025.zip
2025-07-03 23:57 - 2025-07-09 04:40 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2025-07-03 19:27 - 2025-07-03 19:27 - 001105920 _____ C:\Users\Susi\Downloads\01JZ8N73MB0EGZZTFZT0MG4Q7W.pdf
2025-07-02 18:39 - 2025-07-02 18:39 - 000470849 _____ C:\Users\Susi\Downloads\ticket_Susanne.pdf
2025-07-02 18:37 - 2025-07-02 18:37 - 000470954 _____ C:\Users\Susi\Downloads\ticket Paula.pdf
2025-07-01 09:14 - 2025-07-01 09:14 - 000001318 _____ C:\Users\Susi\Desktop\Tapirgammon.lnk
2025-06-25 18:24 - 2025-07-12 10:15 - 000000090 _____ C:\logUploaderSettings_temp.ini
2025-06-25 18:24 - 2025-07-12 10:15 - 000000090 _____ C:\logUploaderSettings.ini
2025-06-20 07:20 - 2025-06-20 07:21 - 000000000 ____D C:\Program Files\LogiOptionsPlus
2025-06-20 07:20 - 2025-06-20 07:20 - 000000859 _____ C:\Users\Public\Desktop\Logi Options+.lnk
2025-06-20 07:20 - 2025-06-20 07:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-07-14 13:07 - 2024-06-20 14:48 - 000000000 ____D C:\Users\Susi\AppData\Local\LogiOptionsPlus
2025-07-14 13:07 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-07-14 13:07 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-07-14 13:07 - 2024-03-16 01:29 - 000000000 ___SD C:\Users\Susi\MagentaCLOUD
2025-07-14 13:07 - 2024-03-16 00:56 - 000000000 ____D C:\Users\Susi\AppData\Roaming\Dropbox
2025-07-14 13:07 - 2024-03-16 00:56 - 000000000 ____D C:\Users\Susi\AppData\Local\Dropbox
2025-07-14 13:07 - 2024-03-15 18:59 - 000000000 ___RD C:\Users\Susi\OneDrive
2025-07-14 13:07 - 2024-03-13 15:30 - 000000000 ____D C:\ProgramData\NVIDIA
2025-07-14 08:16 - 2024-03-16 01:28 - 000000000 ____D C:\Users\Susi\AppData\Roaming\MagentaCLOUD
2025-07-14 04:41 - 2024-03-15 19:01 - 000000000 ____D C:\Users\Susi\AppData\Local\D3DSCache
2025-07-14 03:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-07-14 01:34 - 2024-03-16 01:00 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-07-14 00:38 - 2024-03-15 18:59 - 000000000 ____D C:\Users\Susi\AppData\Local\Packages
2025-07-14 00:29 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-07-13 21:19 - 2024-03-16 23:18 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2025-07-13 21:19 - 2024-03-15 21:14 - 000000000 ____D C:\Users\Susi\AppData\Roaming\Microsoft\Excel
2025-07-13 16:41 - 2024-12-29 17:12 - 001729512 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-07-13 16:41 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-07-13 14:27 - 2024-03-16 01:14 - 000000000 ____D C:\Users\Susi\AppData\Roaming\discord
2025-07-13 14:20 - 2024-03-16 01:14 - 000000000 ____D C:\Users\Susi\AppData\Local\Discord
2025-07-12 18:32 - 2024-03-20 09:02 - 000000000 ____D C:\Users\Susi\AppData\Local\CrashDumps
2025-07-12 10:15 - 2025-01-18 09:52 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-300349749-1118940784-3883464041-1002
2025-07-12 10:15 - 2025-01-18 09:52 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-300349749-1118940784-3883464041-1001
2025-07-12 10:15 - 2025-01-18 09:52 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-300349749-1118940784-3883464041-1000
2025-07-12 10:15 - 2024-12-29 03:05 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-300349749-1118940784-3883464041-1002
2025-07-12 10:15 - 2024-12-29 03:05 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-300349749-1118940784-3883464041-1001
2025-07-12 10:15 - 2024-12-29 03:05 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-300349749-1118940784-3883464041-1000
2025-07-12 10:15 - 2024-12-29 03:05 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-07-12 10:15 - 2024-03-16 22:38 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-07-12 10:15 - 2024-03-15 21:14 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-07-11 22:55 - 2024-03-15 19:04 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-07-11 22:55 - 2024-03-15 19:04 - 000002198 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-07-11 17:25 - 2024-03-14 07:36 - 000000000 ____D C:\ProgramData\Package Cache
2025-07-10 21:54 - 2024-12-29 03:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-07-10 21:54 - 2024-04-01 22:46 - 000001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-07-10 21:54 - 2024-03-16 01:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-07-10 00:52 - 2024-03-15 19:09 - 000000000 ____D C:\Program Files (x86)\Steam
2025-07-09 07:24 - 2024-03-14 07:36 - 000000000 ____D C:\MSI
2025-07-09 04:41 - 2024-12-29 03:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-07-09 04:41 - 2024-12-29 03:03 - 000007738 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-07-09 04:41 - 2024-12-29 03:02 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2025-07-09 04:41 - 2024-04-01 09:21 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-07-09 04:41 - 2024-03-13 15:24 - 000012288 ___SH C:\DumpStack.log.tmp
2025-07-09 04:40 - 2024-12-29 03:03 - 000486384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-07-09 04:39 - 2024-04-01 18:35 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\schemas
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-07-09 04:39 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-07-09 03:17 - 2024-12-29 17:12 - 003384320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-07-09 00:17 - 2024-03-16 00:55 - 000000000 ____D C:\Program Files (x86)\Dropbox
2025-07-08 16:05 - 2024-12-29 03:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2025-07-08 16:05 - 2024-04-22 18:08 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2025-07-07 22:35 - 2024-03-16 01:14 - 000002238 _____ C:\Users\Susi\Desktop\Discord.lnk
2025-07-06 22:26 - 2024-03-15 19:09 - 000000000 ____D C:\Users\Susi\AppData\Local\Steam
2025-07-04 15:45 - 2024-05-03 22:11 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2025-07-02 23:57 - 2024-06-17 15:49 - 000000000 ____D C:\Users\Susi\AppData\Roaming\Code
2025-07-02 08:32 - 2025-01-23 10:13 - 000000000 ____D C:\Program Files\Rockstar Games
2025-07-02 08:32 - 2025-01-23 10:13 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2025-07-02 08:31 - 2025-05-26 15:28 - 000001156 _____ C:\Users\Susi\Desktop\Assimil.lnk
2025-07-01 17:36 - 2024-12-29 03:05 - 000004280 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1720783591
2025-07-01 17:36 - 2024-07-12 13:26 - 000001383 _____ C:\Users\Susi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2025-06-29 23:39 - 2024-03-16 22:24 - 000000000 ____D C:\Users\Susi\AppData\Roaming\Microsoft\Word
2025-06-26 21:32 - 2024-12-29 03:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-06-26 09:18 - 2024-06-17 15:49 - 000000000 ____D C:\Users\Susi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2025-06-25 03:19 - 2024-05-26 20:23 - 000000000 ____D C:\Users\Susi\AppData\LocalLow\Temp
2025-06-25 03:19 - 2024-03-28 01:17 - 000000000 ____D C:\Users\Susi\AppData\LocalLow\Adobe
2025-06-20 07:21 - 2025-03-04 11:26 - 000000000 ____D C:\Program Files\Logi
2025-06-20 00:39 - 2024-03-15 21:14 - 000000000 ____D C:\Users\Susi\AppData\Roaming\Microsoft\Office

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
--- --- ---

--- --- ---


Und die Addition.txt:

[CODE]Additional
FRST Logfile:

FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x64) Version: 13-07-2025
Ran by Anwender (14-07-2025 13:10:09)
Running from C:\Users\Susi\Downloads
Microsoft Windows 11 Home Version 24H2 26100.4652 (X64) (2024-12-29 15:12:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-300349749-1118940784-3883464041-500 - Administrator - Disabled)
Anwender (S-1-5-21-300349749-1118940784-3883464041-1000 - Administrator - Enabled) => C:\Users\Anwender
DefaultAccount (S-1-5-21-300349749-1118940784-3883464041-503 - Limited - Disabled)
Gast (S-1-5-21-300349749-1118940784-3883464041-501 - Limited - Disabled)
Paula (S-1-5-21-300349749-1118940784-3883464041-1002 - Limited - Enabled) => C:\Users\Paula
Susi (S-1-5-21-300349749-1118940784-3883464041-1001 - Limited - Enabled) => C:\Users\Susi
WDAGUtilityAccount (S-1-5-21-300349749-1118940784-3883464041-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 24.09 (x64) (HKLM\...\7-Zip) (Version: 24.09 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 25.001.20531 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601110}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AIDA64 Extreme v6.92 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.92 - FinalWire Ltd.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 6.02.22.053 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.27.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.10.0.2198 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{8da54e84-09f6-45f6-9c1f-2b86dff082b1}) (Version: 6.02.22.053 - Advanced Micro Devices, Inc.) Hidden
Anki (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Anki) (Version: 25.02.6 - )
Apple Mobile Device Support (HKLM\...\{336D80E8-E773-4B6F-BCAB-D291F34A6685}) (Version: 17.5.0.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Arx Libertatis (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\ArxLibertatis) (Version: 1.2.1 - )
BGBlitz 3.2.1 (HKLM\...\BGBlitz_is1) (Version:  - Frank Berger)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Discord (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Discord) (Version: 1.0.9036 - Discord Inc.)
dm-Fotowelt (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\dm-Fotowelt) (Version: 8.0.3 - CEWE Stiftung u Co. KGaA)
Dropbox (HKLM-x32\...\Dropbox) (Version: 228.4.5567 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.983.1 - Dropbox, Inc.) Hidden
Epic Games Launcher (HKLM-x32\...\{EB1746AB-000D-42D9-AF1B-7D998327C33C}) (Version: 1.3.149.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{88FE81B2-A29B-4500-926C-D9F798539574}) (Version: 3.0.1 - Epic Games, Inc.)
Escape from Monkey Island™ (HKLM-x32\...\1885026907_is1) (Version: 1.1 - GOG.com)
eXtreme Gammon 2 (HKLM-x32\...\{2F5AF5E1-E021-4832-A423-EF480EC58A0B}_is1) (Version: 2.10 - GameSite 2000, Ltd.)
FileZilla 3.67.0 (HKU\S-1-5-21-300349749-1118940784-3883464041-1000\...\FileZilla Client) (Version: 3.67.0 - Tim Kosse)
fSpy 1.0.3 (only current user) (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\6c332f2e-0163-5c6e-93bd-836ed62606d6) (Version: 1.0.3 - Per Gantelius)
GIMP 2.10.36-1 (HKLM\...\GIMP-2_is1) (Version: 2.10.36 - The GIMP Team)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.83.4 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 138.0.7204.101 - Google LLC)
GridGammon 3.8.0 (Build 896) (HKLM-x32\...\GridGammon) (Version: 3.8.0 (Build 896) - Jensen-Barclay, LLC)
HP Dropbox Plugin (HKLM-x32\...\{737B7969-CE8E-47B0-98A4-2599F53B3B03}) (Version: 40.13.54.81239 - HP)
HP Google Drive Plugin (HKLM-x32\...\{815D86A1-06B8-451D-9736-BE52D6A06DBD}) (Version: 40.13.54.81239 - HP)
iTunes (HKLM\...\{8A04F54C-B9A8-4C2B-BA5E-C80133232D07}) (Version: 12.13.2.3 - Apple Inc.)
Java(TM) SE Development Kit 21.0.6 (64-bit) (HKLM\...\{26F4C2FF-9E0F-5FD4-B66B-1B13F1068A00}) (Version: 21.0.6.0 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.92.731496 - Logitech)
Logi Plugin Service (HKLM\...\{53C826D9-FB49-497B-B324-E5257D8E4A48}) (Version: 6.1.3.22547 - Logitech)
Logi RightSightForWebcams 1.1.168 (HKLM\...\{5FCBA56A-7453-4BD8-B314-D23F38E77CA9}) (Version: 1.1.168.0 - Logitech) Hidden
MagentaCLOUD (HKLM\...\{1369654A-24FD-4D83-B45A-222E19EAD9A1}) (Version: 3.6.7.20230217 - Deutsche Telekom AG)
Microsoft .NET Host - 8.0.15 (x64) (HKLM\...\{4C903F19-B4C3-4D0C-8CC9-D444C511AF1C}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.15 (x64) (HKLM\...\{11CCC9F6-77AA-4421-9EAC-BAEC36D96817}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.15 (x64) (HKLM\...\{8731E6E3-AF96-4515-ACEC-DBFB3DF55292}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 138.0.3351.83 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.18925.20158 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.115.0615.0002 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.28402 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34438 (HKLM-x32\...\{b49c10dd-4d54-45f8-ad13-fa25704456a4}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34438 (HKLM-x32\...\{ba10fda9-f731-441f-a999-000bbb7ceec2}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34438 (HKLM\...\{E528AD94-12D7-42C4-91A3-908BE28E9BD2}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34438 (HKLM\...\{2E15F519-4FDA-4834-B4EE-7EFCE7D8D4EE}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34438 (HKLM-x32\...\{A5592FEF-F948-4BA6-A066-8BBFC2DC7EE1}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34438 (HKLM-x32\...\{5D0C4511-3CA1-4FF8-A4BA-C0E1957ABEEA}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.101.2 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.15 (x64) (HKLM\...\{0E4A7820-FDA4-4250-B7AC-E7A2F7B43B64}) (Version: 64.60.31203 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.15 (x64) (HKLM-x32\...\{5625bb48-295c-4113-bc92-d6a69b19b04c}) (Version: 8.0.15.34718 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 140.0.4 (x64 de)) (Version: 140.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 115.8.1 - Mozilla)
Mozilla Thunderbird (x64 de) (HKLM\...\Mozilla Thunderbird 128.12.0 (x64 de)) (Version: 128.12.0 - Mozilla)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2023.0919.01 - MSI)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Grafiktreiber 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 31.0.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.18925.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.18925.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.18925.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.18925.20158 - Microsoft Corporation) Hidden
Opera Stable 119.0.5497.141 (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Opera 119.0.5497.141) (Version: 119.0.5497.141 - Opera Software)
Oracle VM VirtualBox 7.0.18 (HKLM\...\{63A2B392-8FBD-450D-B02F-BE287BAF1FE8}) (Version: 7.0.18 - Oracle and/or its affiliates)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
PuTTY release 0.81 (64-bit) (HKLM\...\{DDC95F26-92B1-4546-9678-5DC68DF76BA0}) (Version: 0.81.0.0 - Simon Tatham)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9629.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.68.815.2023 - Realtek)
REDlauncher (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version:  - CD Projekt RED)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.103.2507 - Rockstar Games)
Rockstar Games SDK (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.4.0.94 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TOEM (HKLM-x32\...\1436499377_is1) (Version: 3.0.10 - GOG.com)
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Zoom Workplace (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\ZoomUMX) (Version: 6.0.3 (37634) - Zoom Video Communications, Inc.)

Packages:
=========
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2025-07-08] (Dropbox Inc.)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-03-16] (Microsoft Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0 [2024-03-13] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1000_Classes\CLSID\{D3E34B21-9D75-101A-8C3D-00AA001A1652}\localserver32 -> C:\Program Files\WindowsApps\Microsoft.Paint_11.2402.32.0_x64__8wekyb3d8bbwe\PaintApp\mspaint.exe => No File
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{5634871C-B712-4441-9D69-C40DFCB1E0BF}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{6FF9B5B6-389F-444A-9FDD-A286C36EA079}\InprocServer32 -> C:\Program Files\MagentaCLOUD\CfApiShellExtensions.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{aa178e1e-6eb1-bde3-02d6-5472c2eea423}\localserver32 -> C:\Users\Susi\Downloads\HandBrake-1.9.2-x86_64-Win_GUI\HandBrake\HandBrake.exe (HandBrake Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{C763CCFF-33BC-42AE-9664-8A8FE5408507} -> [Dropbox] => C:\Users\Susi\Dropbox [2024-03-16 00:59]
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{dfe8b165-c232-4a1e-80e5-9ccf41837db2} -> [MagentaCLOUD] => C:\Users\Susi\MagentaCLOUD [2024-03-16 01:29]
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Susi\Dropbox [2024-03-16 00:59]
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{f859c81c-8f87-4ba8-984b-7cb4de15dc2b}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
ShellIconOverlayIdentifiers: [                OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                MagentaCLOUDError] -> {21A727D8-DF75-47AC-9B23-98CA9941E764} => C:\Windows\System32\shellext\NCOverlays.dll -> No File
ShellIconOverlayIdentifiers: [                MagentaCLOUDOK] -> {5FB43024-D810-463E-8298-25AC18B4D657} => C:\Windows\System32\shellext\NCOverlays.dll -> No File
ShellIconOverlayIdentifiers: [                MagentaCLOUDOKShared] -> {207E0D58-A4D2-4BEA-B23F-74B275067FF4} => C:\Windows\System32\shellext\NCOverlays.dll -> No File
ShellIconOverlayIdentifiers: [                MagentaCLOUDSync] -> {B7E41BEC-A46C-4536-A3B8-F20322BC4538} => C:\Windows\System32\shellext\NCOverlays.dll -> No File
ShellIconOverlayIdentifiers: [                MagentaCLOUDWarning] -> {EC74FC2C-CC25-4FF8-B860-8F98CB200CCE} => C:\Windows\System32\shellext\NCOverlays.dll -> No File
ShellIconOverlayIdentifiers: [  DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [                OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [MagentaCLOUDContextMenuHandler] -> {C475B1E0-655A-4080-9D13-C3F0905740CF} => C:\Windows\System32\shellext\NCContextMenu.dll -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\nvshext.dll [2024-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-02-17 17:32 - 2023-02-17 17:32 - 000130560 _____ () [File not signed] C:\Program Files\MagentaCLOUD\magentacloudsync_vfs_cfapi.dll
2023-02-17 17:32 - 2023-02-17 17:32 - 000031232 _____ () [File not signed] C:\Program Files\MagentaCLOUD\magentacloudsync_vfs_suffix.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\SnippingTool.exe:com.dropbox.attrs [52]
AlternateDataStreams: C:\Users\Susi\Downloads\2024-06-03 Tagesordnung Vorstandskonferenz.docx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Susi\Downloads\2024-08-26 Tagesordnung Vorstandskonferenz.docx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Susi\Downloads\audio1803449522.m4a:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Susi\Downloads\BrainstormingFlyerBG.xlsx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Susi\Downloads\BrainstormingFlyerBGx.xlsx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Susi\Downloads\DBGV Flyer 2024.pdf:com.dropbox.attrs [54]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-05] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Network ===========================

(Currently there is no automatic fix for this section.)

DNS Servers: 192.168.0.1
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys

vms_vsf: Erweiterungsfilter für virtuellen Hyper-V-Switch
oracle_VBoxNetLwf: VirtualBox NDIS6 Bridged Networking Driver
ms_l1vhlwf: Nested Network Virtualization
vms_vsp: Extension-Protokoll für virtuellen Hyper-V-Switch

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\PuTTY\;C:\Program Files\dotnet\
HKU\S-1-5-21-300349749-1118940784-3883464041-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-300349749-1118940784-3883464041-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Susi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-300349749-1118940784-3883464041-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Paula\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\13651263922714159053\133869443758257080.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)


==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{54169EE0-818B-452B-8D8C-D9C2501F3A6D}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24334.1101.3280.8162_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C9993EAA-5084-4536-8521-215761F30D3E}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24334.1101.3280.8162_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7556D140-B765-49A7-BB17-90FB0D8449CF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B85AFCD7-B58C-4A0D-8654-4A073B9914C6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{35B166F0-AAFC-4E29-962A-623A78E0CF9E}C:\users\susi\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\susi\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{CE764E72-5902-44F4-81EC-66507C14FEE5}C:\users\susi\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\susi\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{7652F68D-D712-460F-8E36-288EF559F348}C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{CAA82960-4C9D-405A-ACD4-DFE12FEC2E6A}C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{7AB9A7EE-6A0F-4828-96F6-8C872E9DA2A9}] => (Allow) C:\Program Files\LogiOptionsPlus\logivoice\logioptionsplus_logivoice => No File
FirewallRules: [{00AB105D-4F95-45DC-A853-43A35161202B}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{8AB0BA79-8101-474C-A827-07F6C331D3D0}C:\users\susi\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\susi\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{30A09A76-0F52-4B07-989C-63F9C4D18067}C:\users\susi\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\susi\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{82FB69BC-2B50-45DE-9F28-AB75D1098188}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{823AC527-8305-4C26-A9E7-F1E8EA0790FA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{112F5C6E-6531-4CD4-99B4-904F4FF8963F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BE5C2957-3B30-451F-8C9D-681BCC0B6DE3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{692B4D31-8953-4F23-A428-EE1E5CE858D0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{0F85773B-DECB-4389-BB07-E021AC26E849}C:\program files (x86)\gog galaxy\games\empire earth gold\empire earth\empire earth.exe] => (Allow) C:\program files (x86)\gog galaxy\games\empire earth gold\empire earth\empire earth.exe => No File
FirewallRules: [TCP Query User{515289D6-247A-47C9-91C3-3BBAE6FEDEA5}C:\program files (x86)\gog galaxy\games\empire earth gold\empire earth\empire earth.exe] => (Allow) C:\program files (x86)\gog galaxy\games\empire earth gold\empire earth\empire earth.exe => No File
FirewallRules: [{85C8BA67-DE8E-45D2-BD80-CE3878180A0E}] => (Allow) C:\Users\Anwender\AppData\Local\Temp\7zS6D06\HP.EasyStart.exe => No File
FirewallRules: [{23201ACA-2732-4127-BFD3-2BB8FDCC6B58}] => (Allow) LPort=26822
FirewallRules: [{6B22C994-437D-446C-A1ED-5E4EAF1447BF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CF5AD163-0699-4B01-9AA0-B5FF3122DCAB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E7EFD457-3C15-4786-9779-B7BAF46EE858}] => (Allow) C:\Users\Anwender\AppData\Local\Temp\7zS2258\HP.EasyStart.exe => No File
FirewallRules: [{F2B2B098-9657-47CD-B9F5-D0500737753D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outcast - A New Beginning\O2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5473D380-167C-4560-8936-1BABAC437F51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outcast - A New Beginning\O2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{DC3ADBF3-62C8-4C71-B482-FDBE77E9FB99}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EA04981C-2282-4BB0-BA3F-C598542ED668}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4D1290DC-4131-41F5-8318-B0782DF4A24F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{947DDC2D-368C-45FB-88DF-5FA3E5C51C29}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{02F63584-DFCD-4C29-B29C-6DADC109EAC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A05A8732-E233-4386-B672-E85C71153E87}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1D5763C0-41FA-4B92-9900-50547C3F6AB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FB7954C0-B69B-43FF-9CAE-86158B84EEAE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4C2110B0-EDEF-4A00-9985-828F8CFF8332}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B0BC2771-1E6C-4AF7-8FFC-9F6ED2C70BAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D70B3170-85C7-443B-87EF-BE353FC6E96D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{361C49D8-30BC-4428-8D0F-DD87B7B84D44}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6997AE21-3ACB-4595-9BF9-9CCFE3737DF3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{18E71179-46FE-473F-8B3E-6ADB682DD8F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{08F24C62-6C6C-4B6E-9A9B-3DC7F3BC4A0D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5CCD14C1-CC0A-4AF9-86C3-20535F94BE43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2E75E986-20F6-4508-8F30-30E7B42915BC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0896884D-DB6C-4154-9008-3A025C2B51FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{20E1FA1B-389C-4865-8A03-B91A6FF08F50}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9DF82261-E599-44D0-A878-BAF261E42504}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [TCP Query User{03F86610-2181-4049-A4D3-1F6FABA17ED2}C:\program files\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) C:\program files\rockstar games\red dead redemption 2\rdr2.exe => No File
FirewallRules: [UDP Query User{6F7B1FA1-45D8-45E8-9D26-8DBDA7FFF5D1}C:\program files\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) C:\program files\rockstar games\red dead redemption 2\rdr2.exe => No File
FirewallRules: [{EF9DCDBE-13DE-49E5-8267-9F9035B59B61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance2\Bin\Win64MasterMasterSteamPGO\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{B6F13B8A-166B-4056-89DE-D3B2C99F3052}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance2\Bin\Win64MasterMasterSteamPGO\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{B33E97CC-F666-4EB6-9F19-2680C3F36F41}C:\users\susi\downloads\vlc-3.0.21-win32\vlc-3.0.21\vlc.exe] => (Block) C:\users\susi\downloads\vlc-3.0.21-win32\vlc-3.0.21\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{2D8836DC-D174-4591-A690-1990F74C6987}C:\users\susi\downloads\vlc-3.0.21-win32\vlc-3.0.21\vlc.exe] => (Block) C:\users\susi\downloads\vlc-3.0.21-win32\vlc-3.0.21\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{9936672F-6CB9-4A1E-A505-F3E564430BC8}] => (Allow) C:\Program Files\Logi\LogiPluginService\LogiPluginService.exe (LoupeDeck Oy -> Logitech)
FirewallRules: [{F6392804-4C8A-425A-91F8-0EE8B35CB0FF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9043C1D1-F2D4-4436-8290-1C43793D3D38}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{345F7C89-756F-436D-989F-37E731C18D80}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{36E92E57-E7C0-486B-A2A1-D58918E0E7C7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{22E57D38-901B-44AB-88A2-D1306750F35D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4F8EE88D-F1BE-42AF-9A29-F8DA17763FCC}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{B591E2CA-E5E4-47F8-A675-25A4B3ABA9B9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{9CC697EC-7353-4BFB-8E44-B624BB89A58F}] => (Allow) LPort=32683
FirewallRules: [{C93D4288-4BCE-4997-9AE3-FD98B0D51473}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

08-07-2025 16:04:04 Windows Update
11-07-2025 17:22:32 DirectX wurde installiert

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (07/14/2025 01:07:50 PM) (Source: DbxSvc) (EventID: 322) (User: )
Description: Failed to get driver message: (-2147024890) Das Handle ist ungültig.

Error: (07/14/2025 12:38:48 AM) (Source: DbxSvc) (EventID: 322) (User: )
Description: Failed to get driver message: (-2147024890) Das Handle ist ungültig.

Error: (07/14/2025 12:31:11 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DESKTOP-DIFQB2Q)
Description: Die Anwendung oder der Dienst "Microsoft Office SDX Helper" konnte nicht heruntergefahren werden.

Error: (07/14/2025 12:14:59 AM) (Source: DbxSvc) (EventID: 322) (User: )
Description: Failed to get driver message: (-2147024890) Das Handle ist ungültig.

Error: (07/13/2025 04:59:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-DIFQB2Q.local already in use; will try DESKTOP-DIFQB2Q-2.local instead

Error: (07/13/2025 04:59:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 DESKTOP-DIFQB2Q.local. Addr 192.168.0.192

Error: (07/13/2025 04:59:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.192:5353  16 DESKTOP-DIFQB2Q.local. AAAA 2A02:0908:0D25:8040:79E0:87BA:1CEC:F607

Error: (07/13/2025 04:59:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:  16 DESKTOP-DIFQB2Q.local. AAAA FE80:0000:0000:0000:B76A:E6E7:983C:D9A2


System errors:
=============
Error: (07/14/2025 08:16:09 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DIFQB2Q)
Description: Der Server "{6FA05A24-B1DF-4155-909E-7B424F2D2BB5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/14/2025 08:16:09 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DIFQB2Q)
Description: Der Server "{6FA05A24-B1DF-4155-909E-7B424F2D2BB5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/14/2025 12:33:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DIFQB2Q)
Description: Der Server "{740FE937-01F7-4482-AA62-C83F0AD3D6D0}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/14/2025 12:33:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DIFQB2Q)
Description: Der Server "{6FA05A24-B1DF-4155-909E-7B424F2D2BB5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/14/2025 12:33:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DIFQB2Q)
Description: Der Server "{6FA05A24-B1DF-4155-909E-7B424F2D2BB5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/14/2025 12:13:42 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DIFQB2Q)
Description: Der Server "{628ACE20-B77A-456F-A88D-547DB6CEEDD5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/14/2025 12:13:40 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DIFQB2Q)
Description: Der Server "{740FE937-01F7-4482-AA62-C83F0AD3D6D0}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/14/2025 12:13:40 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DIFQB2Q)
Description: Der Server "{6FA05A24-B1DF-4155-909E-7B424F2D2BB5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


Windows Defender:
================
Date: 2025-07-14 00:33:44
Description:
Microsoft Defender Antivirus ŝçäи ĥåš вėэй šţōрρěđ вёƒσŗę сŏмρľëŧïόʼn.%л %ťЅсăй ІĐ:%ъ{AA533266-D589-475C-B40C-A08F5FE56EEE}%ⁿ %ŧŞċăπ Тýрё:%ъAntimalware%ή %τŚςâņ Рåřám℮ţĕŗş:%ъVollständige Überprüfung%ņ  %ţÛšēґ:%ъDESKTOP-DIFQB2Q\Susi%ŋ %ťŠţóρ Ŗєāśøή:%вÙⁿκŋσωň

Date: 2025-07-13 22:38:36
Description:
Microsoft Defender Antivirus ŝçäи ĥåš вėэй šţōрρěđ вёƒσŗę сŏмρľëŧïόʼn.%л %ťЅсăй ІĐ:%ъ{4F37F17A-D326-4CD1-A214-D29E561C6CB7}%ⁿ %ŧŞċăπ Тýрё:%ъAntimalware%ή %τŚςâņ Рåřám℮ţĕŗş:%ъSchnellüberprüfung%ņ  %ţÛšēґ:%ъNT-AUTORITÄT\SYSTEM%ŋ %ťŠţóρ Ŗєāśøή:%вŞçђєδůĺęδ ѕçãŋ щäş śкīρρέð ъέĉâυśē ŧћэ ľάšţ śůççеŝѕƒųŀ ѕċąñ щâѕ щіţħïń ťħė ŀáşť 7 ďάγş

Date: 2025-07-12 20:26:58
Description:
Microsoft Defender Antivirus ŝçäи ĥåš вėэй šţōрρěđ вёƒσŗę сŏмρľëŧïόʼn.%л %ťЅсăй ІĐ:%ъ{41C828F7-46AB-452B-9157-C9B2E6E5727C}%ⁿ %ŧŞċăπ Тýрё:%ъAntimalware%ή %τŚςâņ Рåřám℮ţĕŗş:%ъSchnellüberprüfung%ņ  %ţÛšēґ:%ъNT-AUTORITÄT\SYSTEM%ŋ %ťŠţóρ Ŗєāśøή:%вŞçђєδůĺęδ ѕçãŋ щäş śкīρρέð ъέĉâυśē ŧћэ ľάšţ śůççеŝѕƒųŀ ѕċąñ щâѕ щіţħïń ťħė ŀáşť 7 ďάγş

Date: 2025-07-11 19:56:52
Description:
Microsoft Defender Antivirus ŝçäи ĥåš вėэй šţōрρěđ вёƒσŗę сŏмρľëŧïόʼn.%л %ťЅсăй ІĐ:%ъ{A34AE980-B26A-442B-82D7-11979FC2709F}%ⁿ %ŧŞċăπ Тýрё:%ъAntimalware%ή %τŚςâņ Рåřám℮ţĕŗş:%ъSchnellüberprüfung%ņ  %ţÛšēґ:%ъNT-AUTORITÄT\SYSTEM%ŋ %ťŠţóρ Ŗєāśøή:%вŞçђєδůĺęδ ѕçãŋ щäş śкīρρέð ъέĉâυśē ŧћэ ľάšţ śůççеŝѕƒųŀ ѕċąñ щâѕ щіţħïń ťħė ŀáşť 7 ďάγş

Date: 2025-07-10 22:00:08
Description:
Microsoft Defender Antivirus ŝçäи ĥåš вėэй šţōрρěđ вёƒσŗę сŏмρľëŧïόʼn.%л %ťЅсăй ІĐ:%ъ{C5FA2228-697B-4819-94AF-F7603ACF4671}%ⁿ %ŧŞċăπ Тýрё:%ъAntimalware%ή %τŚςâņ Рåřám℮ţĕŗş:%ъSchnellüberprüfung%ņ  %ţÛšēґ:%ъNT-AUTORITÄT\SYSTEM%ŋ %ťŠţóρ Ŗєāśøή:%вŞçђєδůĺęδ ѕçãŋ щäş śкīρρέð ъέĉâυśē ŧћэ ľάšţ śůççеŝѕƒųŀ ѕċąñ щâѕ щіţħïń ťħė ŀáşť 7 ďάγş
Event[0]

Date: 2025-05-14 16:23:46
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.427.787.0
Update Source: Microsoft Update Server
Sicherheitstyp: AntiVirus
Updatetyp: Full
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.25030.1
Fehlercode: 0x80240016
Fehlerbeschreibung: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 

Date: 2024-12-29 02:05:55
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Security Intelligence aufgetreten. Es wird versucht, zu einer vorherigen Version zurückzukehren.
Security Intelligence versucht: Aktuell
Fehlercode: 0x80070003
Fehlerbeschreibung: Das System kann den angegebenen Pfad nicht finden.
Security Intelligence-Version: 0.0.0.0;0.0.0.0
Modulversion: 0.0.0.0

CodeIntegrity:
===============
Date: 2025-07-13 14:20:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\Susi\AppData\Local\Discord\app-1.0.9199\Discord.exe) attempted to load \Device\HarddiskVolume3\ProgramData\obs-studio-hook\graphics-hook64.dll that did not meet the Microsoft signing level requirements.

Date: 2025-07-07 19:42:23
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\Susi\AppData\Local\Discord\app-1.0.9198\Discord.exe) attempted to load \Device\HarddiskVolume3\ProgramData\obs-studio-hook\graphics-hook64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends International, LLC. A.F0 10/11/2023
Motherboard: Micro-Star International Co., Ltd. B550-A PRO (MS-7C56)
Processor: AMD Ryzen 7 5700X 8-Core Processor
Percentage of memory in use: 25%
Total physical RAM: 32694.05 MB
Available physical RAM: 24203.95 MB
Total Virtual: 34742.05 MB
Available Virtual: 25489.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.66 GB) (Free:556.21 GB) (Model: MSI M450 1TB) NTFS
Drive e: (Volume) (Fixed) (Total:953.87 GB) (Free:70.83 GB) (Model: SPCC Solid State Disk) NTFS

\\?\Volume{ad014a6f-2923-4e18-85a0-d34ddaa8bb79}\ () (Fixed) (Total:0.74 GB) (Free:0.15 GB) NTFS
\\?\Volume{8d5dd1d1-a483-4080-a082-7a982f5f68e2}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 953.9 GB) (Disk ID: 9408BF26)
Partition 1: (Not Active) - (Size=953.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
--- --- ---

--- --- ---

cosinus 14.07.2025 12:32
adwCleaner

Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags.

adwcleaner bitte wiederholen falls es Funde gab.

Susanni 14.07.2025 17:00
Das hat nach der Anleitung nicht funktioniert. Der Link führte auf eine russischsprachige Seite vom adwCleaner. Ich habe mir adwCleaner dann aber herunterladen können. Es sah alles ganz anders aus als in der bebilderten Anleitung. Ich habe 4 Funde angezeigt bekommen. Ich wusste nicht, wo ich die Logdatei finde. Evtl. ist es das:

Code:
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 14.07.2025
Scan-Zeit: 17:09
Protokolldatei: 8b40875e-60c4-11f0-b109-d843ae623510.json

-Softwaredaten-
Version: 5.3.4.202
Komponentenversion: 136.0.5312
Version des Aktualisierungspakets: 1.0.101183
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 11 (Build 26100.4652)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-DIFQB2Q\Susi

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 248190
Erkannte Bedrohungen: 4
In die Quarantäne verschobene Bedrohungen: 4
Abgelaufene Zeit: 1 Min., 52 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 4
Malware.AI.3058534724, C:\USERS\SUSI\APPDATA\LOCAL\PROGRAMS\ANKI\ANKI.EXE, In Quarantäne, 1000000, 0, 1.0.101183, A57F0F70A81E3189B64D8944, dds, 03436634, 0721779AE67E2E6DC4AC313654268D4E, 4589A6F9641244E5B4E9E715E001EC29193B31CE23F31445696A370335877BF0
Malware.AI.3058534724, C:\USERS\SUSI\APPDATA\ROAMING\Microsoft\Windows\Start Menu\Programs\Anki.lnk, In Quarantäne, 1000000, 0, 1.0.101183, A57F0F70A81E3189B64D8944, dds, 03436634, 3E1248EEFDB701B9465D1788012BA70C, 15734A44BC2E67B213788BE70029D6944BBA5D1C6056C8765C09D231165D62E3
Malware.AI.3058534724, C:\USERS\SUSI\DESKTOP\Anki.lnk, In Quarantäne, 1000000, 0, 1.0.101183, A57F0F70A81E3189B64D8944, dds, 03436634, 48B2F67B5E2DA4B1DE67A22F8B0F8240, 483017BAE845F98FF603632FD370ABA3C97E41A60AED5E31DF7107342F1EB54B
Generic.Malware/Suspicious, C:\USERS\SUSI\DOWNLOADS\ARX-LIBERTATIS-1.2.1-WINDOWS.EXE, In Quarantäne, 0, 392686, 1.0.101183, , shuriken, , 539CD327B673A0B80DDB2EC2F91111E8, 54DEB2C3D839FD8227BE977278AB0DCFAEC3028EEA8FBDBD57FF2408649895CB

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)
Ich habe den Link jetzt nochmals angeklickt, und es sieht jetzt aus wie in der Anleitung..
Was war da vorher wohl los?
Hier die neue logDatei:

Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.5.1.601
# -------------------------------
# Build:    03-26-2025
# Database: 2025-04-04.3 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    07-14-2025
# Duration: 00:00:05
# OS:      Windows 11 (Build 26100.4652)
# Scanned:  32103
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Ich muss mich nochmals entschuldigen.. Ich hätte abwarten sollen, wie ich weiter vorgehen soll, nachdem der Link nicht wie gewünscht funktionierte.

Ich verspreche, dass ich jetzt nichts mehr alleine unternehme.

cosinus 14.07.2025 19:35
Kannst du mal verraten was da

https://www.malwarebytes.com/adwcleaner

russischsprachig ist?
Oder hast du die Anleitung nur überflogen und hast denn selbst irgendwas bei Google rausgefummelt?


Zitat:
Es sah alles ganz anders aus als in der bebilderten Anleitung.
Ja, weil du beim ersten Mal Malwarebytes Antimalware und eben nicht adwcleaner von Malwarebytes runtergeladen hast.

Sag und bitte was an der dieser Anleitung so unverständlichen ist, dann ändern wir diese.

Susanni 14.07.2025 19:57
Ich bin auf diese Seite geleitet worden:

https://www.malwarebytes.com/ru/adwcleaner

Ich habe nur den Link angeklickt und bin dann dort gelandet..

Und ja, ich hab daraufhin Malwarebytes neu eingegeben und heruntergeladen..
Also ein bisschen Selbstgefummel war dabei.. sorry nochmal dafür

cosinus 14.07.2025 22:20
Nicht wirklich nachvollziehbar. Hast wohl deinen Edge komplett verstellt.

Bitte neue FRST-Logs.

Susanni 15.07.2025 10:52
Ja, das fand ich auch sehr merkwürdig. Edge hatte ich nach den Alarmen deinstalliert. Ich hatte den Link über Chrome aufgerufen..

Hier die neuen Logs:


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-07-2025
Ran by Anwender (administrator) on DESKTOP-DIFQB2Q (Micro-Star International Co., Ltd. MS-7C56) (15-07-2025 11:47:37)
Running from C:\Users\Susi\Downloads\FRST64.exe
Loaded Profiles: Anwender & Susi
Platform: Microsoft Windows 11 Home Version 24H2 26100.4652 (X64) Language: Deutsch (Deutschland) -> Deutsch (Deutschland)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Susi\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(explorer.exe ->) (Telekom Deutschland GmbH -> Deutsche Telekom AG) C:\Program Files\MagentaCLOUD\magentacloud.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25163.3611.3774.6315_x64__8wekyb3d8bbwe\ms-teams.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncHelper.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e54441f6cc56b0cb\RtkAudUService64.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.51.3.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22342.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e54441f6cc56b0cb\RtkAudUService64.exe [2790352 2025-05-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [367456 2024-04-22] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9524616 2025-07-08] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\...\RunOnce: [TzSyncRunOnce] => C:\Windows\System32\tzsync.exe [233472 2025-07-09] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\138.0.3351.83\Installer\setup.exe [7362624 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4968328 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4968328 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-300349749-1118940784-3883464041-1000\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4968328 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-300349749-1118940784-3883464041-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4698720 2025-06-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4968328 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Run: [MagentaCLOUD] => C:\Program Files\MagentaCLOUD\magentacloud.exe [6458080 2023-02-17] (Telekom Deutschland GmbH -> Deutsche Telekom AG)
HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Run: [Opera Browser Assistant] => C:\Users\Susi\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4536216 2025-04-14] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Run: [MicrosoftEdgeAutoLaunch_DB15AD90D7033149DA2132D5F6A5FA2F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start (No File)
HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37404064 2025-07-11] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\MountPoints2: {b5555984-4dd6-11ef-b911-d843ae623510} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300349749-1118940784-3883464041-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4968328 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP D711 Status Monitor: C:\WINDOWS\system32\hpinkstsD711LM.dll [393352 2017-03-26] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\138.0.7204.101\Installer\chrmstp.exe [2025-07-11] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {112e5d34-8903-4aab-8132-f10e9d3ebe5a} - no filepath. <==== ATTENTION
Task: {2008adb5-9727-4554-82d1-10bc1745e8b1} - no filepath. <==== ATTENTION
Task: {2269145a-6d62-44c0-a755-2f56b3301453} - no filepath. <==== ATTENTION
Task: {25f23172-2787-4c1b-9500-4106c457e0bb} - no filepath. <==== ATTENTION
Task: {262a40ed-a71e-4de2-875b-29bc1fdb33c7} - no filepath. <==== ATTENTION
Task: {3c6314d9-c7a1-45b6-9291-b9a4e8565a82} - no filepath. <==== ATTENTION
Task: {45840b04-5a74-483d-83cf-de83848d0492} - no filepath. <==== ATTENTION
Task: {49244025-6df9-422b-9e60-fcfe9befa7cc} - no filepath. <==== ATTENTION
Task: {49f467fe-f6ab-47c3-bc8f-feb6ecafdc8d} - no filepath. <==== ATTENTION
Task: {4a81a102-6041-41f8-aec6-9e1577acd5bd} - no filepath. <==== ATTENTION
Task: {4fe10caf-cdf4-464f-b1b6-2d54ba837948} - no filepath. <==== ATTENTION
Task: {59514228-1f82-4abd-afd7-3fcf9583ceb8} - no filepath. <==== ATTENTION
Task: {6252884b-51c4-48b8-bee4-73f01f7305b1} - no filepath. <==== ATTENTION
Task: {77d009d7-1870-47f3-80c4-323541939d46} - no filepath. <==== ATTENTION
Task: {7e1c234c-f8fe-4e89-ad85-93991578a23a} - no filepath. <==== ATTENTION
Task: {81807fe3-4902-4181-8e2a-22c3b638c533} - no filepath. <==== ATTENTION
Task: {87d50552-871e-49a1-9b41-97eb9ef69092} - no filepath. <==== ATTENTION
Task: {8961c923-cd25-44c4-b36a-c42c40d1660d} - no filepath. <==== ATTENTION
Task: {93a33fff-17eb-4842-9faf-7534d5215b10} - no filepath. <==== ATTENTION
Task: {9eaf414f-36f6-4ffd-9684-175b2f318c04} - no filepath. <==== ATTENTION
Task: {a6f37331-826e-4bd1-bbcf-0c0e29bcff2c} - no filepath. <==== ATTENTION
Task: {acc4f9db-bb56-4b53-8d9d-5e013c15118c} - no filepath. <==== ATTENTION
Task: {c5c8f437-adb8-43b5-b8a4-b36b05a3e364} - no filepath. <==== ATTENTION
Task: {ce8233e6-ce9f-49b7-8752-ebaef42a581d} - no filepath. <==== ATTENTION
Task: {d925046e-c8c8-4d8c-824e-37a6fab0368e} - no filepath. <==== ATTENTION
Task: {d94a6419-a129-4abc-a395-5e3dd4ae9b87} - no filepath. <==== ATTENTION
Task: {e91f7dcf-a6ba-4217-89da-5ccf63f6e9fc} - no filepath. <==== ATTENTION
Task: {ec0a6339-a680-49dc-9e67-a2c91d538c04} - no filepath. <==== ATTENTION
Task: {ef7d7f8d-d387-436a-90ec-5890ebacb456} - no filepath. <==== ATTENTION
Task: {fa2bd862-ffe8-49a7-9e7b-f431bb237d75} - no filepath. <==== ATTENTION
Task: {ffdf9004-c786-45d9-a30b-05279132e6c6} - no filepath. <==== ATTENTION
Task: {F290A334-2964-45CD-BA99-FE3D2CF64E7F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {D1E44C35-478B-44CB-BA53-4204D55CE9D7} - System32\Tasks\DropboxSystem\DropboxUpdater\DropboxUpdaterTaskSystem123.0.6299.129{47CD09D9-39F8-43ED-AE63-6F827413F9F7} => C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.129\updater.exe [5898104 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
Task: {7361893A-36F1-4AD3-A384-049AA048FBC9} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem140.0.7272.0{4425CD8D-9E00-4335-AC2C-13963B53FF54} => C:\Program Files (x86)\Google\GoogleUpdater\140.0.7272.0\updater.exe [6836832 2025-07-01] (Google LLC -> Google LLC)
Task: {DFFCFEDF-1029-46D1-B76D-868077302545} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [10453888 2025-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {6379A620-4796-4973-8E53-2A0CC287FC36} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28583776 2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {53C9CCF1-843B-484D-9B12-D4E6026362E1} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\opushutil.exe [61328 2025-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB41A266-49CE-43AF-98A0-AA5D7540FB44} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28583776 2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {7EF468B8-AFA4-4CAD-A16F-7F6EBED71B3B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [224032 2025-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {C329E3E0-DA05-4B16-9475-44330958CEAF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [224032 2025-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A4F9754-7989-4408-8DB6-ED9370A2932B} - System32\Tasks\Microsoft\Office\Office Startup Boost => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [224032 2025-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {A558CC47-7223-457F-85D8-87E697C8F2ED} - System32\Tasks\Microsoft\Office\Office Startup Boost Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [224032 2025-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe  (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (No File)
Task: {ADACE8A4-3849-4F2D-9A0C-00FBBAA8EE46} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-300349749-1118940784-3883464041-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [694848 2025-07-10] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {FAEC80E9-6352-4005-8718-0E8CDC26395C} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-300349749-1118940784-3883464041-1002 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [694848 2025-07-10] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {473E1EEA-0A09-40D4-AAD4-B56D6928E2CE} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-07-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {E4855E40-1264-429B-81EF-EC141A3C13A6} - System32\Tasks\MSI_Driver_Utility_Installer => C:\Program Files (x86)\MSI\MSI_Driver_Utility_Installer\MSI_Driver_Utility_Installer.exe [471760 2024-08-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {5F93C471-FC51-4FC2-A23D-BAE25441A5AD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {E19F91EB-5B14-4BEE-9728-DFC86A1290ED} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9C0E9100-1D28-49C9-8A94-8CB2CAB38F27} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {FE4D1531-7D6D-475F-8792-E3DD2EA24867} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FE4D1531-7D6D-475F-8792-E3DD2EA24867} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BF69616A-B3AC-4E71-BD11-00C887EFA9D5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AD9BE1C8-3EC0-492F-9905-53DC78FE229C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {16C8ED63-194A-422D-B577-1E1D962C859B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {87A32C8C-1EE6-47CD-A4CC-55E440D84D3A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7637B44A-AB77-4FC6-9888-44A37F2650EC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8F509555-BC33-408F-9A4F-439AC0E2A4EB} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4224392 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {125EF511-68BD-4E6B-987F-ACFB67966C45} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-300349749-1118940784-3883464041-1000 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4224392 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {59DB7A75-115A-4D65-BF3A-E3B71C58A2DC} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-300349749-1118940784-3883464041-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4224392 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {2C41C943-88D4-426A-BBE2-C9DE6DDA8D53} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-300349749-1118940784-3883464041-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4224392 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {542869ED-EC98-470F-9FA3-D91045C6DC7C} - System32\Tasks\OneDrive Startup Task-S-1-5-21-300349749-1118940784-3883464041-1000 => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\OneDriveLauncher.exe [685960 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {4F3737D4-FA5B-4399-A491-38CB1F107311} - System32\Tasks\OneDrive Startup Task-S-1-5-21-300349749-1118940784-3883464041-1001 => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\OneDriveLauncher.exe [685960 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {58432F2D-4451-45ED-A255-041ADBDE538A} - System32\Tasks\OneDrive Startup Task-S-1-5-21-300349749-1118940784-3883464041-1002 => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\OneDriveLauncher.exe [685960 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A4D55E5A-7C66-4775-BDBD-D904DFAA8B81} - System32\Tasks\Opera scheduled assistant Autoupdate 1720783592 => C:\Users\Susi\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [6073240 2025-06-26] (Opera Norway AS -> Opera Software) -> --scheduledtask --productiscomponent --bypasslauncher --installdir="C:\Users\Susi\AppData\Local\Programs\Opera\assistant" --producttype=assistant $(Arg0)
Task: {6E2C7DC5-FD17-4F79-9E39-2490D2AB1DE6} - System32\Tasks\Opera scheduled Autoupdate 1720783591 => C:\Users\Susi\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [6073240 2025-06-26] (Opera Norway AS -> Opera Software)
Task: {CFDA8EA1-07B0-4A3F-B8AC-9D312379BFB0} - System32\Tasks\VoiceControl_Engine => C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Engine.exe [39952 2023-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c98ef358-4c5b-4953-aacc-3a8fb6d2d412}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c98ef358-4c5b-4953-aacc-3a8fb6d2d412}: [DhcpDomain] home

Edge:
=======
Edge Profile: C:\Users\Anwender\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-22]
Edge Extension: (Google Docs Offline) - C:\Users\Anwender\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-13]
Edge Extension: (Edge relevant text changes) - C:\Users\Anwender\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-13]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-06-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-07-13] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default [2024-04-22]
CHR Extension: (Google Docs Offline) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-16]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-03-16]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-300349749-1118940784-3883464041-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103776 2024-03-30] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13045112 2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [5898104 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [5898104 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\System32\DbxSvc.exe [58984 2025-04-29] (Dropbox, Inc -> Dropbox, Inc.)
S2 DropboxUpdaterInternalService123.0.6299.129; C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.129\updater.exe [5898104 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
S2 DropboxUpdaterService123.0.6299.129; C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.129\updater.exe [5898104 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
S3 EpicGamesUpdater; C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesUpdater.exe [2404768 2025-07-11] (Epic Games Inc. -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [1604112 2025-04-01] (Epic Games Inc. -> Epic Games, Inc.)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncHelper.exe [3633512 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2421584 2025-05-31] (GOG  sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7654224 2025-05-31] (GOG  sp. z o.o -> GOG.com)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243720 2025-07-08] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9591104 2025-07-14] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-07-14] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe [2071592 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [74336 2023-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [154216 2023-08-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
U2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [36880 2023-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.115.0615.0002\OneDriveUpdaterService.exe [3885448 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [20445008 2025-06-19] (Logitech Inc -> Logitech, Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [4488168 2025-07-02] (Rockstar Games, Inc. -> Rockstar Games)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [794544 2024-05-02] (Oracle America, Inc. -> Oracle and/or its affiliates)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\NisSrv.exe [4513624 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe [278328 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 DropboxElevationService; "C:\Program Files (x86)\Dropbox\Client\227.4.4774\DropboxElevationService.exe" --svc --appid={cc46080e-4c33-4981-859a-bba2f780f31e} [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [36928 2022-09-16] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [573440 2024-12-28] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [204800 2024-12-28] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [110592 2024-12-28] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [159296 2025-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [222528 2024-12-28] (Microsoft Windows -> Microsoft Corporation)
S3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [330112 2025-06-13] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [140688 2025-07-09] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-07-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\Drivers\farflt11.sys [241872 2025-07-14] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\System32\Drivers\mbam.sys [80960 2025-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [242752 2025-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [190096 2025-07-14] (Malwarebytes Inc -> Malwarebytes)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [32424 2023-07-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2024-01-18] (Nvidia Corporation -> NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [254352 2024-05-02] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [265224 2024-05-02] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxSup; C:\WINDOWS\system32\DRIVERS\VBoxSup.sys [1063752 2024-05-02] (Oracle Corporation -> Oracle and/or its affiliates)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2025-06-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20032 2025-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [612768 2025-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2024-12-28] (Microsoft Windows -> Microsoft Corporation)
S3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\WSDScan.sys [61440 2024-12-28] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-07-14 18:20 - 2025-07-14 18:20 - 000745650 _____ C:\WINDOWS\system32\perfh007.dat
2025-07-14 18:20 - 2025-07-14 18:20 - 000158752 _____ C:\WINDOWS\system32\perfc007.dat
2025-07-14 17:53 - 2025-07-14 17:53 - 000190096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2025-07-14 17:42 - 2025-07-14 17:43 - 000000000 ____D C:\AdwCleaner
2025-07-14 17:41 - 2025-07-14 17:42 - 009568256 _____ (Malwarebytes) C:\Users\Susi\Downloads\adwcleaner.exe
2025-07-14 17:30 - 2025-07-14 17:30 - 000002404 _____ C:\Users\Anwender\Downloads\Malwarebytes Scan-Bericht 2025-07-14 150931.txt
2025-07-14 17:26 - 2025-07-14 17:26 - 000002404 _____ C:\Users\Anwender\Desktop\Malwarebytes Scan-Bericht 2025-07-14 170931_2.txt
2025-07-14 17:26 - 2025-07-14 17:26 - 000002404 _____ C:\Users\Anwender\Desktop\Malwarebytes Scan-Bericht 2025-07-14 170931.txt
2025-07-14 17:23 - 2025-07-14 17:23 - 000002404 _____ C:\Users\Anwender\Downloads\Malwarebytes Scan-Bericht 2025-07-14 170931_2.txt
2025-07-14 17:22 - 2025-07-14 17:22 - 000002404 _____ C:\Users\Anwender\Downloads\Malwarebytes Scan-Bericht 2025-07-14 170931.txt
2025-07-14 17:19 - 2025-07-14 17:52 - 000000000 ____D C:\Users\Anwender\AppData\Local\Malwarebytes
2025-07-14 17:09 - 2025-07-14 17:53 - 000241872 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2025-07-14 17:08 - 2025-07-15 11:46 - 000000000 ____D C:\Users\Susi\AppData\Local\Malwarebytes
2025-07-14 17:08 - 2025-07-14 17:08 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-07-14 17:08 - 2025-07-14 17:08 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2025-07-14 17:07 - 2025-07-14 17:07 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-07-14 17:07 - 2025-07-14 17:07 - 000000000 ____D C:\Program Files\Malwarebytes
2025-07-14 16:06 - 2025-07-14 16:06 - 002827496 _____ (Malwarebytes) C:\Users\Susi\Desktop\MBSetup.exe
2025-07-14 13:10 - 2025-07-14 13:10 - 000053778 _____ C:\Users\Susi\Downloads\0714_Addition.txt
2025-07-14 13:08 - 2025-07-15 11:47 - 000034683 _____ C:\Users\Susi\Downloads\FRST.txt
2025-07-14 13:08 - 2025-07-14 13:10 - 000047987 _____ C:\Users\Susi\Downloads\0714FRST.txt
2025-07-14 00:44 - 2025-07-15 11:47 - 000000000 ____D C:\FRST
2025-07-14 00:43 - 2025-07-14 00:44 - 002409472 _____ (Farbar) C:\Users\Susi\Downloads\FRST64.exe
2025-07-14 00:31 - 2025-07-14 00:31 - 000002583 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002579 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002558 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Notes (new).lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002536 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002533 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook (classic).lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2025-07-11 17:34 - 2025-07-11 17:34 - 000000000 ____D C:\Users\Susi\Documents\Amnesia
2025-07-11 17:34 - 2025-07-11 17:34 - 000000000 ____D C:\Users\Susi\AppData\Roaming\fltk.org
2025-07-11 17:34 - 2025-07-11 17:34 - 000000000 ____D C:\ProgramData\fltk.org
2025-07-11 17:32 - 2025-07-11 17:32 - 000000385 _____ C:\Users\Susi\Desktop\Amnesia  The Dark Descent.url
2025-07-11 17:32 - 2025-07-11 17:32 - 000000000 ____D C:\Users\Susi\AppData\LocalLow\Something We Made
2025-07-11 17:32 - 2025-07-11 17:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOEM [GOG.com]
2025-07-11 17:27 - 2025-07-11 17:27 - 000000000 ____D C:\Users\Anwender\AppData\Local\UnrealEngine
2025-07-11 17:27 - 2025-07-11 17:27 - 000000000 ____D C:\Users\Anwender\AppData\Local\EpicGamesLauncher
2025-07-11 17:27 - 2025-07-11 17:27 - 000000000 ____D C:\Program Files\Epic Games
2025-07-11 17:23 - 2025-07-11 17:23 - 000000000 ____D C:\Users\Susi\AppData\Local\UnrealEngineLauncher
2025-07-11 17:23 - 2025-07-11 17:23 - 000000000 ____D C:\Users\Susi\AppData\Local\EpicGamesLauncher
2025-07-11 17:22 - 2025-07-11 17:25 - 000000000 ____D C:\ProgramData\Epic
2025-07-11 17:22 - 2025-07-11 17:23 - 000000000 ____D C:\Program Files (x86)\Epic Games
2025-07-11 17:22 - 2025-07-11 17:22 - 000001272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2025-07-11 17:22 - 2025-07-11 17:22 - 000001260 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2025-07-11 17:22 - 2025-07-11 17:22 - 000000000 ____D C:\Users\Susi\AppData\Local\Epic Games
2025-07-11 17:21 - 2025-07-11 17:22 - 186343424 _____ C:\Users\Susi\Downloads\EpicInstaller-18.7.0.msi
2025-07-10 14:28 - 2025-07-14 17:17 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-07-09 04:39 - 2025-07-09 04:39 - 000000000 ____D C:\WINDOWS\system32\ruxim
2025-07-09 03:18 - 2025-07-14 19:53 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-07-09 03:17 - 2025-07-09 03:17 - 000073956 _____ C:\WINDOWS\SysWOW64\ctac.json
2025-07-09 03:17 - 2025-07-09 03:17 - 000073956 _____ C:\WINDOWS\system32\ctac.json
2025-07-09 03:17 - 2025-07-09 03:17 - 000033519 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-07-09 03:17 - 2025-07-09 03:17 - 000033519 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-07-09 00:18 - 2025-07-09 00:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2025-07-08 23:21 - 2025-07-08 23:21 - 002968134 _____ C:\Users\Susi\Downloads\Fw_ Minutes of the Extraordinary General Assembly 2025.zip
2025-07-03 23:57 - 2025-07-09 04:40 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2025-07-03 19:27 - 2025-07-03 19:27 - 001105920 _____ C:\Users\Susi\Downloads\01JZ8N73MB0EGZZTFZT0MG4Q7W.pdf
2025-07-02 18:39 - 2025-07-02 18:39 - 000470849 _____ C:\Users\Susi\Downloads\ticket_Susanne.pdf
2025-07-02 18:37 - 2025-07-02 18:37 - 000470954 _____ C:\Users\Susi\Downloads\ticket Paula.pdf
2025-07-01 09:14 - 2025-07-01 09:14 - 000001318 _____ C:\Users\Susi\Desktop\Tapirgammon.lnk
2025-06-25 18:24 - 2025-07-12 10:15 - 000000090 _____ C:\logUploaderSettings_temp.ini
2025-06-25 18:24 - 2025-07-12 10:15 - 000000090 _____ C:\logUploaderSettings.ini
2025-06-20 07:20 - 2025-06-20 07:21 - 000000000 ____D C:\Program Files\LogiOptionsPlus
2025-06-20 07:20 - 2025-06-20 07:20 - 000000859 _____ C:\Users\Public\Desktop\Logi Options+.lnk
2025-06-20 07:20 - 2025-06-20 07:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-07-15 11:47 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-07-15 11:46 - 2024-06-20 14:48 - 000000000 ____D C:\Users\Susi\AppData\Local\LogiOptionsPlus
2025-07-15 11:46 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-07-15 11:46 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-07-15 11:46 - 2024-03-16 01:29 - 000000000 ___SD C:\Users\Susi\MagentaCLOUD
2025-07-15 11:46 - 2024-03-16 00:56 - 000000000 ____D C:\Users\Susi\AppData\Roaming\Dropbox
2025-07-15 11:46 - 2024-03-16 00:56 - 000000000 ____D C:\Users\Susi\AppData\Local\Dropbox
2025-07-15 11:46 - 2024-03-15 18:59 - 000000000 ___RD C:\Users\Susi\OneDrive
2025-07-15 11:46 - 2024-03-13 15:30 - 000000000 ____D C:\ProgramData\NVIDIA
2025-07-14 22:04 - 2024-03-16 01:28 - 000000000 ____D C:\Users\Susi\AppData\Roaming\MagentaCLOUD
2025-07-14 18:34 - 2024-03-16 01:14 - 000000000 ____D C:\Users\Susi\AppData\Roaming\discord
2025-07-14 18:20 - 2024-12-29 17:12 - 001729512 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-07-14 18:20 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-07-14 18:20 - 2024-03-16 01:14 - 000000000 ____D C:\Users\Susi\AppData\Local\Discord
2025-07-14 18:07 - 2024-03-16 01:00 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-07-14 17:53 - 2024-12-29 03:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-07-14 17:53 - 2024-12-29 03:03 - 000008030 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-07-14 17:53 - 2024-03-14 07:36 - 000000000 ____D C:\MSI
2025-07-14 17:52 - 2024-04-01 09:21 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-07-14 17:52 - 2024-03-13 15:24 - 000012288 ___SH C:\DumpStack.log.tmp
2025-07-14 17:41 - 2024-03-16 22:24 - 000000000 ____D C:\Users\Susi\AppData\Roaming\Microsoft\Word
2025-07-14 17:17 - 2024-12-29 03:02 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2025-07-14 17:17 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-07-14 17:17 - 2024-03-16 22:38 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-07-14 17:17 - 2024-03-16 01:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-07-14 17:08 - 2024-04-01 09:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-07-14 17:08 - 2024-03-15 18:59 - 000000000 ____D C:\Users\Susi\AppData\Local\Packages
2025-07-14 17:08 - 2024-03-13 15:27 - 000000000 ____D C:\ProgramData\Packages
2025-07-14 13:10 - 2024-12-28 18:43 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\Microsoft\Spelling
2025-07-14 04:41 - 2024-03-15 19:01 - 000000000 ____D C:\Users\Susi\AppData\Local\D3DSCache
2025-07-13 21:19 - 2024-03-16 23:18 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2025-07-13 21:19 - 2024-03-15 21:14 - 000000000 ____D C:\Users\Susi\AppData\Roaming\Microsoft\Excel
2025-07-12 18:32 - 2024-03-20 09:02 - 000000000 ____D C:\Users\Susi\AppData\Local\CrashDumps
2025-07-12 10:15 - 2025-01-18 09:52 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-300349749-1118940784-3883464041-1002
2025-07-12 10:15 - 2025-01-18 09:52 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-300349749-1118940784-3883464041-1001
2025-07-12 10:15 - 2025-01-18 09:52 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-300349749-1118940784-3883464041-1000
2025-07-12 10:15 - 2024-12-29 03:05 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-300349749-1118940784-3883464041-1002
2025-07-12 10:15 - 2024-12-29 03:05 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-300349749-1118940784-3883464041-1001
2025-07-12 10:15 - 2024-12-29 03:05 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-300349749-1118940784-3883464041-1000
2025-07-12 10:15 - 2024-12-29 03:05 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-07-12 10:15 - 2024-03-15 21:14 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-07-11 22:55 - 2024-03-15 19:04 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-07-11 22:55 - 2024-03-15 19:04 - 000002198 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-07-11 17:25 - 2024-03-14 07:36 - 000000000 ____D C:\ProgramData\Package Cache
2025-07-10 21:54 - 2024-12-29 03:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-07-10 21:54 - 2024-04-01 22:46 - 000001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-07-10 00:52 - 2024-03-15 19:09 - 000000000 ____D C:\Program Files (x86)\Steam
2025-07-09 04:40 - 2024-12-29 03:03 - 000486384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-07-09 04:39 - 2024-04-01 18:35 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\schemas
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-07-09 04:39 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-07-09 03:17 - 2024-12-29 17:12 - 003384320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-07-09 00:17 - 2024-03-16 00:55 - 000000000 ____D C:\Program Files (x86)\Dropbox
2025-07-08 16:05 - 2024-12-29 03:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2025-07-08 16:05 - 2024-04-22 18:08 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2025-07-07 22:35 - 2024-03-16 01:14 - 000002238 _____ C:\Users\Susi\Desktop\Discord.lnk
2025-07-06 22:26 - 2024-03-15 19:09 - 000000000 ____D C:\Users\Susi\AppData\Local\Steam
2025-07-04 15:45 - 2024-05-03 22:11 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2025-07-02 23:57 - 2024-06-17 15:49 - 000000000 ____D C:\Users\Susi\AppData\Roaming\Code
2025-07-02 08:32 - 2025-01-23 10:13 - 000000000 ____D C:\Program Files\Rockstar Games
2025-07-02 08:32 - 2025-01-23 10:13 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2025-07-02 08:31 - 2025-05-26 15:28 - 000001156 _____ C:\Users\Susi\Desktop\Assimil.lnk
2025-07-01 17:36 - 2024-12-29 03:05 - 000004280 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1720783591
2025-07-01 17:36 - 2024-07-12 13:26 - 000001383 _____ C:\Users\Susi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2025-06-26 21:32 - 2024-12-29 03:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-06-26 09:18 - 2024-06-17 15:49 - 000000000 ____D C:\Users\Susi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2025-06-25 03:19 - 2024-05-26 20:23 - 000000000 ____D C:\Users\Susi\AppData\LocalLow\Temp
2025-06-25 03:19 - 2024-03-28 01:17 - 000000000 ____D C:\Users\Susi\AppData\LocalLow\Adobe
2025-06-20 07:21 - 2025-03-04 11:26 - 000000000 ____D C:\Program Files\Logi
2025-06-20 00:39 - 2024-03-15 21:14 - 000000000 ____D C:\Users\Susi\AppData\Roaming\Microsoft\Office

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
--- --- ---

--- --- ---


[CODE]Additional
FRST Logfile:

FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x64) Version: 13-07-2025
Ran by Anwender (15-07-2025 11:48:30)
Running from C:\Users\Susi\Downloads
Microsoft Windows 11 Home Version 24H2 26100.4652 (X64) (2024-12-29 15:12:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-300349749-1118940784-3883464041-500 - Administrator - Disabled)
Anwender (S-1-5-21-300349749-1118940784-3883464041-1000 - Administrator - Enabled) => C:\Users\Anwender
DefaultAccount (S-1-5-21-300349749-1118940784-3883464041-503 - Limited - Disabled)
Gast (S-1-5-21-300349749-1118940784-3883464041-501 - Limited - Disabled)
Paula (S-1-5-21-300349749-1118940784-3883464041-1002 - Limited - Enabled) => C:\Users\Paula
Susi (S-1-5-21-300349749-1118940784-3883464041-1001 - Limited - Enabled) => C:\Users\Susi
WDAGUtilityAccount (S-1-5-21-300349749-1118940784-3883464041-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 24.09 (x64) (HKLM\...\7-Zip) (Version: 24.09 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 25.001.20531 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601110}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AIDA64 Extreme v6.92 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.92 - FinalWire Ltd.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 6.02.22.053 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.27.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.10.0.2198 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{8da54e84-09f6-45f6-9c1f-2b86dff082b1}) (Version: 6.02.22.053 - Advanced Micro Devices, Inc.) Hidden
Anki (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Anki) (Version: 25.02.6 - )
Apple Mobile Device Support (HKLM\...\{336D80E8-E773-4B6F-BCAB-D291F34A6685}) (Version: 17.5.0.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Arx Libertatis (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\ArxLibertatis) (Version: 1.2.1 - )
BGBlitz 3.2.1 (HKLM\...\BGBlitz_is1) (Version:  - Frank Berger)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Discord (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Discord) (Version: 1.0.9036 - Discord Inc.)
dm-Fotowelt (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\dm-Fotowelt) (Version: 8.0.3 - CEWE Stiftung u Co. KGaA)
Dropbox (HKLM-x32\...\Dropbox) (Version: 228.4.5567 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.983.1 - Dropbox, Inc.) Hidden
Epic Games Launcher (HKLM-x32\...\{EB1746AB-000D-42D9-AF1B-7D998327C33C}) (Version: 1.3.149.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{88FE81B2-A29B-4500-926C-D9F798539574}) (Version: 3.0.1 - Epic Games, Inc.)
Escape from Monkey Island™ (HKLM-x32\...\1885026907_is1) (Version: 1.1 - GOG.com)
eXtreme Gammon 2 (HKLM-x32\...\{2F5AF5E1-E021-4832-A423-EF480EC58A0B}_is1) (Version: 2.10 - GameSite 2000, Ltd.)
FileZilla 3.67.0 (HKU\S-1-5-21-300349749-1118940784-3883464041-1000\...\FileZilla Client) (Version: 3.67.0 - Tim Kosse)
fSpy 1.0.3 (only current user) (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\6c332f2e-0163-5c6e-93bd-836ed62606d6) (Version: 1.0.3 - Per Gantelius)
GIMP 2.10.36-1 (HKLM\...\GIMP-2_is1) (Version: 2.10.36 - The GIMP Team)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.83.4 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 138.0.7204.101 - Google LLC)
GridGammon 3.8.0 (Build 896) (HKLM-x32\...\GridGammon) (Version: 3.8.0 (Build 896) - Jensen-Barclay, LLC)
HP Dropbox Plugin (HKLM-x32\...\{737B7969-CE8E-47B0-98A4-2599F53B3B03}) (Version: 40.13.54.81239 - HP)
HP Google Drive Plugin (HKLM-x32\...\{815D86A1-06B8-451D-9736-BE52D6A06DBD}) (Version: 40.13.54.81239 - HP)
iTunes (HKLM\...\{8A04F54C-B9A8-4C2B-BA5E-C80133232D07}) (Version: 12.13.2.3 - Apple Inc.)
Java(TM) SE Development Kit 21.0.6 (64-bit) (HKLM\...\{26F4C2FF-9E0F-5FD4-B66B-1B13F1068A00}) (Version: 21.0.6.0 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.92.731496 - Logitech)
Logi Plugin Service (HKLM\...\{53C826D9-FB49-497B-B324-E5257D8E4A48}) (Version: 6.1.3.22547 - Logitech)
Logi RightSightForWebcams 1.1.168 (HKLM\...\{5FCBA56A-7453-4BD8-B314-D23F38E77CA9}) (Version: 1.1.168.0 - Logitech) Hidden
MagentaCLOUD (HKLM\...\{1369654A-24FD-4D83-B45A-222E19EAD9A1}) (Version: 3.6.7.20230217 - Deutsche Telekom AG)
Malwarebytes version 5.3.4.202 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.3.4.202 - Malwarebytes)
Microsoft .NET Host - 8.0.15 (x64) (HKLM\...\{4C903F19-B4C3-4D0C-8CC9-D444C511AF1C}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.15 (x64) (HKLM\...\{11CCC9F6-77AA-4421-9EAC-BAEC36D96817}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.15 (x64) (HKLM\...\{8731E6E3-AF96-4515-ACEC-DBFB3DF55292}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 138.0.3351.83 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.18925.20158 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.115.0615.0002 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.28402 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34438 (HKLM-x32\...\{b49c10dd-4d54-45f8-ad13-fa25704456a4}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34438 (HKLM-x32\...\{ba10fda9-f731-441f-a999-000bbb7ceec2}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34438 (HKLM\...\{E528AD94-12D7-42C4-91A3-908BE28E9BD2}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34438 (HKLM\...\{2E15F519-4FDA-4834-B4EE-7EFCE7D8D4EE}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34438 (HKLM-x32\...\{A5592FEF-F948-4BA6-A066-8BBFC2DC7EE1}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34438 (HKLM-x32\...\{5D0C4511-3CA1-4FF8-A4BA-C0E1957ABEEA}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.101.2 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.15 (x64) (HKLM\...\{0E4A7820-FDA4-4250-B7AC-E7A2F7B43B64}) (Version: 64.60.31203 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.15 (x64) (HKLM-x32\...\{5625bb48-295c-4113-bc92-d6a69b19b04c}) (Version: 8.0.15.34718 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 140.0.4 (x64 de)) (Version: 140.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 115.8.1 - Mozilla)
Mozilla Thunderbird (x64 de) (HKLM\...\Mozilla Thunderbird 128.12.0 (x64 de)) (Version: 128.12.0 - Mozilla)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2023.0919.01 - MSI)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Grafiktreiber 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 31.0.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.18925.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.18925.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.18925.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.18925.20158 - Microsoft Corporation) Hidden
Opera Stable 119.0.5497.141 (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Opera 119.0.5497.141) (Version: 119.0.5497.141 - Opera Software)
Oracle VM VirtualBox 7.0.18 (HKLM\...\{63A2B392-8FBD-450D-B02F-BE287BAF1FE8}) (Version: 7.0.18 - Oracle and/or its affiliates)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
PuTTY release 0.81 (64-bit) (HKLM\...\{DDC95F26-92B1-4546-9678-5DC68DF76BA0}) (Version: 0.81.0.0 - Simon Tatham)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9629.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.68.815.2023 - Realtek)
REDlauncher (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version:  - CD Projekt RED)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.103.2507 - Rockstar Games)
Rockstar Games SDK (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.4.0.94 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TOEM (HKLM-x32\...\1436499377_is1) (Version: 3.0.10 - GOG.com)
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Zoom Workplace (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\ZoomUMX) (Version: 6.0.3 (37634) - Zoom Video Communications, Inc.)

Packages:
=========
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2025-07-08] (Dropbox Inc.)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-03-16] (Microsoft Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0 [2024-03-13] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1000_Classes\CLSID\{D3E34B21-9D75-101A-8C3D-00AA001A1652}\localserver32 -> C:\Program Files\WindowsApps\Microsoft.Paint_11.2402.32.0_x64__8wekyb3d8bbwe\PaintApp\mspaint.exe => No File
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{5634871C-B712-4441-9D69-C40DFCB1E0BF}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{6FF9B5B6-389F-444A-9FDD-A286C36EA079}\InprocServer32 -> C:\Program Files\MagentaCLOUD\CfApiShellExtensions.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{aa178e1e-6eb1-bde3-02d6-5472c2eea423}\localserver32 -> C:\Users\Susi\Downloads\HandBrake-1.9.2-x86_64-Win_GUI\HandBrake\HandBrake.exe (HandBrake Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{C763CCFF-33BC-42AE-9664-8A8FE5408507} -> [Dropbox] => C:\Users\Susi\Dropbox [2024-03-16 00:59]
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{dfe8b165-c232-4a1e-80e5-9ccf41837db2} -> [MagentaCLOUD] => C:\Users\Susi\MagentaCLOUD [2024-03-16 01:29]
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Susi\Dropbox [2024-03-16 00:59]
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{f859c81c-8f87-4ba8-984b-7cb4de15dc2b}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
ShellIconOverlayIdentifiers: [                OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                MagentaCLOUDError] -> {21A727D8-DF75-47AC-9B23-98CA9941E764} => C:\Windows\System32\shellext\NCOverlays.dll -> No File
ShellIconOverlayIdentifiers: [                MagentaCLOUDOK] -> {5FB43024-D810-463E-8298-25AC18B4D657} => C:\Windows\System32\shellext\NCOverlays.dll -> No File
ShellIconOverlayIdentifiers: [                MagentaCLOUDOKShared] -> {207E0D58-A4D2-4BEA-B23F-74B275067FF4} => C:\Windows\System32\shellext\NCOverlays.dll -> No File
ShellIconOverlayIdentifiers: [                MagentaCLOUDSync] -> {B7E41BEC-A46C-4536-A3B8-F20322BC4538} => C:\Windows\System32\shellext\NCOverlays.dll -> No File
ShellIconOverlayIdentifiers: [                MagentaCLOUDWarning] -> {EC74FC2C-CC25-4FF8-B860-8F98CB200CCE} => C:\Windows\System32\shellext\NCOverlays.dll -> No File
ShellIconOverlayIdentifiers: [  DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [                OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [MagentaCLOUDContextMenuHandler] -> {C475B1E0-655A-4080-9D13-C3F0905740CF} => C:\Windows\System32\shellext\NCContextMenu.dll -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-07-14] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\nvshext.dll [2024-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-07-14] (Malwarebytes Inc -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-02-17 17:32 - 2023-02-17 17:32 - 000130560 _____ () [File not signed] C:\Program Files\MagentaCLOUD\magentacloudsync_vfs_cfapi.dll
2023-02-17 17:32 - 2023-02-17 17:32 - 000031232 _____ () [File not signed] C:\Program Files\MagentaCLOUD\magentacloudsync_vfs_suffix.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\SnippingTool.exe:com.dropbox.attrs [52]
AlternateDataStreams: C:\Users\Susi\Downloads\2024-06-03 Tagesordnung Vorstandskonferenz.docx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Susi\Downloads\2024-08-26 Tagesordnung Vorstandskonferenz.docx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Susi\Downloads\adwcleaner.exe:MBAM.Zone.Identifier [292]
AlternateDataStreams: C:\Users\Susi\Downloads\audio1803449522.m4a:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Susi\Downloads\BrainstormingFlyerBG.xlsx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Susi\Downloads\BrainstormingFlyerBGx.xlsx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Susi\Downloads\DBGV Flyer 2024.pdf:com.dropbox.attrs [54]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-05] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Network ===========================

(Currently there is no automatic fix for this section.)

DNS Servers: 192.168.0.1
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys

vms_vsf: Erweiterungsfilter für virtuellen Hyper-V-Switch
oracle_VBoxNetLwf: VirtualBox NDIS6 Bridged Networking Driver
ms_l1vhlwf: Nested Network Virtualization
vms_vsp: Extension-Protokoll für virtuellen Hyper-V-Switch

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\PuTTY\;C:\Program Files\dotnet\
HKU\S-1-5-21-300349749-1118940784-3883464041-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-300349749-1118940784-3883464041-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Susi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-300349749-1118940784-3883464041-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Paula\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\13651263922714159053\133869443758257080.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)


==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{54169EE0-818B-452B-8D8C-D9C2501F3A6D}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24334.1101.3280.8162_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C9993EAA-5084-4536-8521-215761F30D3E}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24334.1101.3280.8162_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7556D140-B765-49A7-BB17-90FB0D8449CF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B85AFCD7-B58C-4A0D-8654-4A073B9914C6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{35B166F0-AAFC-4E29-962A-623A78E0CF9E}C:\users\susi\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\susi\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{CE764E72-5902-44F4-81EC-66507C14FEE5}C:\users\susi\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\susi\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{7652F68D-D712-460F-8E36-288EF559F348}C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{CAA82960-4C9D-405A-ACD4-DFE12FEC2E6A}C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{7AB9A7EE-6A0F-4828-96F6-8C872E9DA2A9}] => (Allow) C:\Program Files\LogiOptionsPlus\logivoice\logioptionsplus_logivoice => No File
FirewallRules: [{00AB105D-4F95-45DC-A853-43A35161202B}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{8AB0BA79-8101-474C-A827-07F6C331D3D0}C:\users\susi\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\susi\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{30A09A76-0F52-4B07-989C-63F9C4D18067}C:\users\susi\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\susi\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{82FB69BC-2B50-45DE-9F28-AB75D1098188}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{823AC527-8305-4C26-A9E7-F1E8EA0790FA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{112F5C6E-6531-4CD4-99B4-904F4FF8963F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BE5C2957-3B30-451F-8C9D-681BCC0B6DE3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{692B4D31-8953-4F23-A428-EE1E5CE858D0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{0F85773B-DECB-4389-BB07-E021AC26E849}C:\program files (x86)\gog galaxy\games\empire earth gold\empire earth\empire earth.exe] => (Allow) C:\program files (x86)\gog galaxy\games\empire earth gold\empire earth\empire earth.exe => No File
FirewallRules: [TCP Query User{515289D6-247A-47C9-91C3-3BBAE6FEDEA5}C:\program files (x86)\gog galaxy\games\empire earth gold\empire earth\empire earth.exe] => (Allow) C:\program files (x86)\gog galaxy\games\empire earth gold\empire earth\empire earth.exe => No File
FirewallRules: [{85C8BA67-DE8E-45D2-BD80-CE3878180A0E}] => (Allow) C:\Users\Anwender\AppData\Local\Temp\7zS6D06\HP.EasyStart.exe => No File
FirewallRules: [{23201ACA-2732-4127-BFD3-2BB8FDCC6B58}] => (Allow) LPort=26822
FirewallRules: [{6B22C994-437D-446C-A1ED-5E4EAF1447BF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CF5AD163-0699-4B01-9AA0-B5FF3122DCAB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E7EFD457-3C15-4786-9779-B7BAF46EE858}] => (Allow) C:\Users\Anwender\AppData\Local\Temp\7zS2258\HP.EasyStart.exe => No File
FirewallRules: [{F2B2B098-9657-47CD-B9F5-D0500737753D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outcast - A New Beginning\O2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5473D380-167C-4560-8936-1BABAC437F51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outcast - A New Beginning\O2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{DC3ADBF3-62C8-4C71-B482-FDBE77E9FB99}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EA04981C-2282-4BB0-BA3F-C598542ED668}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4D1290DC-4131-41F5-8318-B0782DF4A24F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{947DDC2D-368C-45FB-88DF-5FA3E5C51C29}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{02F63584-DFCD-4C29-B29C-6DADC109EAC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A05A8732-E233-4386-B672-E85C71153E87}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1D5763C0-41FA-4B92-9900-50547C3F6AB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FB7954C0-B69B-43FF-9CAE-86158B84EEAE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4C2110B0-EDEF-4A00-9985-828F8CFF8332}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B0BC2771-1E6C-4AF7-8FFC-9F6ED2C70BAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D70B3170-85C7-443B-87EF-BE353FC6E96D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{361C49D8-30BC-4428-8D0F-DD87B7B84D44}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6997AE21-3ACB-4595-9BF9-9CCFE3737DF3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{18E71179-46FE-473F-8B3E-6ADB682DD8F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{08F24C62-6C6C-4B6E-9A9B-3DC7F3BC4A0D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5CCD14C1-CC0A-4AF9-86C3-20535F94BE43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2E75E986-20F6-4508-8F30-30E7B42915BC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0896884D-DB6C-4154-9008-3A025C2B51FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{20E1FA1B-389C-4865-8A03-B91A6FF08F50}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9DF82261-E599-44D0-A878-BAF261E42504}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [TCP Query User{03F86610-2181-4049-A4D3-1F6FABA17ED2}C:\program files\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) C:\program files\rockstar games\red dead redemption 2\rdr2.exe => No File
FirewallRules: [UDP Query User{6F7B1FA1-45D8-45E8-9D26-8DBDA7FFF5D1}C:\program files\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) C:\program files\rockstar games\red dead redemption 2\rdr2.exe => No File
FirewallRules: [{EF9DCDBE-13DE-49E5-8267-9F9035B59B61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance2\Bin\Win64MasterMasterSteamPGO\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{B6F13B8A-166B-4056-89DE-D3B2C99F3052}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance2\Bin\Win64MasterMasterSteamPGO\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{B33E97CC-F666-4EB6-9F19-2680C3F36F41}C:\users\susi\downloads\vlc-3.0.21-win32\vlc-3.0.21\vlc.exe] => (Block) C:\users\susi\downloads\vlc-3.0.21-win32\vlc-3.0.21\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{2D8836DC-D174-4591-A690-1990F74C6987}C:\users\susi\downloads\vlc-3.0.21-win32\vlc-3.0.21\vlc.exe] => (Block) C:\users\susi\downloads\vlc-3.0.21-win32\vlc-3.0.21\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{9936672F-6CB9-4A1E-A505-F3E564430BC8}] => (Allow) C:\Program Files\Logi\LogiPluginService\LogiPluginService.exe (LoupeDeck Oy -> Logitech)
FirewallRules: [{F6392804-4C8A-425A-91F8-0EE8B35CB0FF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9043C1D1-F2D4-4436-8290-1C43793D3D38}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{345F7C89-756F-436D-989F-37E731C18D80}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{36E92E57-E7C0-486B-A2A1-D58918E0E7C7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{22E57D38-901B-44AB-88A2-D1306750F35D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4F8EE88D-F1BE-42AF-9A29-F8DA17763FCC}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{B591E2CA-E5E4-47F8-A675-25A4B3ABA9B9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{C93D4288-4BCE-4997-9AE3-FD98B0D51473}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E5DBBA6F-9C41-4D79-B99E-94EFD37D50B1}] => (Allow) LPort=32683

==================== Restore Points =========================

08-07-2025 16:04:04 Windows Update
11-07-2025 17:22:32 DirectX wurde installiert

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (07/15/2025 11:46:48 AM) (Source: DbxSvc) (EventID: 322) (User: )
Description: Failed to get driver message: (-2147024890) Das Handle ist ungültig.

Error: (07/14/2025 05:58:33 PM) (Source: Windows App Runtime) (EventID: 50) (User: )
Description: Event-ID 50

Error: (07/14/2025 05:52:20 PM) (Source: Service1) (EventID: 0) (User: )
Description: Fehler beim Verarbeiten von Sitzungsänderung. System.IO.FileNotFoundException: Das System kann die angegebene Datei nicht finden. (Ausnahme von HRESULT: 0x80070002)
  bei TaskScheduler.IRegisteredTask.get_Enabled()
  bei VoiceControl_Service.VoiceControlService.CreateTask(_TASK_RUNLEVEL taskRunLevel, String sName, String sPath, String sArg)
  bei VoiceControl_Service.VoiceControlService.OnSessionChange(SessionChangeDescription changeDescription)
  bei System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)

Error: (07/14/2025 04:50:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-DIFQB2Q.local already in use; will try DESKTOP-DIFQB2Q-2.local instead

Error: (07/14/2025 04:50:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 DESKTOP-DIFQB2Q.local. Addr 192.168.0.192

Error: (07/14/2025 04:50:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.192:5353  16 DESKTOP-DIFQB2Q.local. AAAA 2A02:0908:0D25:8040:A913:2FF8:EFA9:0F7D

Error: (07/14/2025 04:50:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:  16 DESKTOP-DIFQB2Q.local. AAAA FE80:0000:0000:0000:B76A:E6E7:983C:D9A2

Error: (07/14/2025 04:50:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.192:5353  16 DESKTOP-DIFQB2Q.local. AAAA 2A02:0908:0D25:8040:A913:2FF8:EFA9:0F7D


System errors:
=============
Error: (07/14/2025 10:04:15 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DIFQB2Q)
Description: Der Server "{6FA05A24-B1DF-4155-909E-7B424F2D2BB5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/14/2025 10:04:15 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DIFQB2Q)
Description: Der Server "{6FA05A24-B1DF-4155-909E-7B424F2D2BB5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/14/2025 05:55:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (07/14/2025 05:55:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.

Error: (07/14/2025 05:55:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Dropbox-Update-Service (dbupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (07/14/2025 05:55:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Dropbox-Update-Service (dbupdate) erreicht.

Error: (07/14/2025 05:53:04 PM) (Source: Microsoft-Windows-Windows Firewall With Advanced Security) (EventID: 2042) (User: NT-AUTORITÄT)
Description: 18-2147024662

Error: (07/14/2025 05:52:20 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DIFQB2Q)
Description: Der Server "{6FA05A24-B1DF-4155-909E-7B424F2D2BB5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


Windows Defender:
================
Date: 2025-07-14 00:33:44
Description:
Microsoft Defender Antivirus ŝçäи ĥåš вėэй šţōрρěđ вёƒσŗę сŏмρľëŧïόʼn.%л %ťЅсăй ІĐ:%ъ{AA533266-D589-475C-B40C-A08F5FE56EEE}%ⁿ %ŧŞċăπ Тýрё:%ъAntimalware%ή %τŚςâņ Рåřám℮ţĕŗş:%ъVollständige Überprüfung%ņ  %ţÛšēґ:%ъDESKTOP-DIFQB2Q\Susi%ŋ %ťŠţóρ Ŗєāśøή:%вÙⁿκŋσωň

Date: 2025-07-13 22:38:36
Description:
Microsoft Defender Antivirus ŝçäи ĥåš вėэй šţōрρěđ вёƒσŗę сŏмρľëŧïόʼn.%л %ťЅсăй ІĐ:%ъ{4F37F17A-D326-4CD1-A214-D29E561C6CB7}%ⁿ %ŧŞċăπ Тýрё:%ъAntimalware%ή %τŚςâņ Рåřám℮ţĕŗş:%ъSchnellüberprüfung%ņ  %ţÛšēґ:%ъNT-AUTORITÄT\SYSTEM%ŋ %ťŠţóρ Ŗєāśøή:%вŞçђєδůĺęδ ѕçãŋ щäş śкīρρέð ъέĉâυśē ŧћэ ľάšţ śůççеŝѕƒųŀ ѕċąñ щâѕ щіţħïń ťħė ŀáşť 7 ďάγş

Date: 2025-07-12 20:26:58
Description:
Microsoft Defender Antivirus ŝçäи ĥåš вėэй šţōрρěđ вёƒσŗę сŏмρľëŧïόʼn.%л %ťЅсăй ІĐ:%ъ{41C828F7-46AB-452B-9157-C9B2E6E5727C}%ⁿ %ŧŞċăπ Тýрё:%ъAntimalware%ή %τŚςâņ Рåřám℮ţĕŗş:%ъSchnellüberprüfung%ņ  %ţÛšēґ:%ъNT-AUTORITÄT\SYSTEM%ŋ %ťŠţóρ Ŗєāśøή:%вŞçђєδůĺęδ ѕçãŋ щäş śкīρρέð ъέĉâυśē ŧћэ ľάšţ śůççеŝѕƒųŀ ѕċąñ щâѕ щіţħïń ťħė ŀáşť 7 ďάγş

Date: 2025-07-11 19:56:52
Description:
Microsoft Defender Antivirus ŝçäи ĥåš вėэй šţōрρěđ вёƒσŗę сŏмρľëŧïόʼn.%л %ťЅсăй ІĐ:%ъ{A34AE980-B26A-442B-82D7-11979FC2709F}%ⁿ %ŧŞċăπ Тýрё:%ъAntimalware%ή %τŚςâņ Рåřám℮ţĕŗş:%ъSchnellüberprüfung%ņ  %ţÛšēґ:%ъNT-AUTORITÄT\SYSTEM%ŋ %ťŠţóρ Ŗєāśøή:%вŞçђєδůĺęδ ѕçãŋ щäş śкīρρέð ъέĉâυśē ŧћэ ľάšţ śůççеŝѕƒųŀ ѕċąñ щâѕ щіţħïń ťħė ŀáşť 7 ďάγş

Date: 2025-07-10 22:00:08
Description:
Microsoft Defender Antivirus ŝçäи ĥåš вėэй šţōрρěđ вёƒσŗę сŏмρľëŧïόʼn.%л %ťЅсăй ІĐ:%ъ{C5FA2228-697B-4819-94AF-F7603ACF4671}%ⁿ %ŧŞċăπ Тýрё:%ъAntimalware%ή %τŚςâņ Рåřám℮ţĕŗş:%ъSchnellüberprüfung%ņ  %ţÛšēґ:%ъNT-AUTORITÄT\SYSTEM%ŋ %ťŠţóρ Ŗєāśøή:%вŞçђєδůĺęδ ѕçãŋ щäş śкīρρέð ъέĉâυśē ŧћэ ľάšţ śůççеŝѕƒųŀ ѕċąñ щâѕ щіţħïń ťħė ŀáşť 7 ďάγş
Event[0]

Date: 2025-07-14 17:11:12
Description:
Microsoft Defender Antivirus Dienst scheint beim Herunterfahren nicht reagiert zu sein.
Timout (Sekunden):  120
Komponente:  ServiceMiscTasksClose
Selbstbeendigend:  0

Date: 2025-05-14 16:23:46
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.427.787.0
Update Source: Microsoft Update Server
Sicherheitstyp: AntiVirus
Updatetyp: Full
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.25030.1
Fehlercode: 0x80240016
Fehlerbeschreibung: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 

Date: 2024-12-29 02:05:55
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Security Intelligence aufgetreten. Es wird versucht, zu einer vorherigen Version zurückzukehren.
Security Intelligence versucht: Aktuell
Fehlercode: 0x80070003
Fehlerbeschreibung: Das System kann den angegebenen Pfad nicht finden.
Security Intelligence-Version: 0.0.0.0;0.0.0.0
Modulversion: 0.0.0.0

CodeIntegrity:
===============
Date: 2025-07-15 11:48:38
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.

Date: 2025-07-15 11:48:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends International, LLC. A.F0 10/11/2023
Motherboard: Micro-Star International Co., Ltd. B550-A PRO (MS-7C56)
Processor: AMD Ryzen 7 5700X 8-Core Processor
Percentage of memory in use: 23%
Total physical RAM: 32694.05 MB
Available physical RAM: 25028.97 MB
Total Virtual: 34742.05 MB
Available Virtual: 26619.49 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.66 GB) (Free:550.45 GB) (Model: MSI M450 1TB) NTFS
Drive e: (Volume) (Fixed) (Total:953.87 GB) (Free:70.83 GB) (Model: SPCC Solid State Disk) NTFS

\\?\Volume{ad014a6f-2923-4e18-85a0-d34ddaa8bb79}\ () (Fixed) (Total:0.74 GB) (Free:0.15 GB) NTFS
\\?\Volume{8d5dd1d1-a483-4080-a082-7a982f5f68e2}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 953.9 GB) (Disk ID: 9408BF26)
Partition 1: (Not Active) - (Size=953.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
--- --- ---

--- --- ---

cosinus 16.07.2025 09:03
Du hast da mehrere Benutzerkonten. Welche sist betroffen? Susi oder Paula?

Susanni 16.07.2025 12:27
Nutzer Susi ist betroffen.

cosinus 16.07.2025 12:43
Dann diesen Benutzer zum Admin machen und nochmal neue Logs. Denn in den bisherigen Logs sieht man nicht viel.

Susanni 16.07.2025 13:41
Ich hoffe, ich hatte dich richtig verstanden bei der Frage, welcher Benutzer betroffen ist.
Also eigentlich gibt es drei Benutzer: Susanne (Admin), Susi und Paula. In den letzten Wochen war aber immer nur Susi angemeldet. Ich habe jetzt Susi als Administrator gemacht.
Sollten die anderen Konten auch besser noch überprüft werden?

Hier kommen die Logs von Susi (als Admin):

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 13-07-2025
durchgeführt von Susi (Administrator) auf DESKTOP-DIFQB2Q (Micro-Star International Co., Ltd. MS-7C56) (16-07-2025 14:33:08)
Gestartet von C:\Users\Susi\Desktop\FRST64.exe
Geladene Profile: Susi
Plattform: Microsoft Windows 11 Home Version 24H2 26100.4652 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Susi\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(explorer.exe ->) (Telekom Deutschland GmbH -> Deutsche Telekom AG) C:\Program Files\MagentaCLOUD\magentacloud.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25163.3611.3774.6315_x64__8wekyb3d8bbwe\ms-teams.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncHelper.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e54441f6cc56b0cb\RtkAudUService64.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.51.3.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Engine.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e54441f6cc56b0cb\RtkAudUService64.exe [2790352 2025-05-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [367456 2024-04-22] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9524616 2025-07-08] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4968328 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4968328 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-300349749-1118940784-3883464041-1000\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4968328 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-300349749-1118940784-3883464041-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4698720 2025-06-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4968328 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Run: [MagentaCLOUD] => C:\Program Files\MagentaCLOUD\magentacloud.exe [6458080 2023-02-17] (Telekom Deutschland GmbH -> Deutsche Telekom AG)
HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Run: [Opera Browser Assistant] => C:\Users\Susi\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4536216 2025-04-14] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Run: [MicrosoftEdgeAutoLaunch_DB15AD90D7033149DA2132D5F6A5FA2F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start (Keine Datei)
HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37404064 2025-07-11] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\MountPoints2: {b5555984-4dd6-11ef-b911-d843ae623510} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300349749-1118940784-3883464041-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4968328 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP D711 Status Monitor: C:\WINDOWS\system32\hpinkstsD711LM.dll [393352 2017-03-26] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\138.0.7204.101\Installer\chrmstp.exe [2025-07-11] (Google LLC -> Google LLC)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {112e5d34-8903-4aab-8132-f10e9d3ebe5a} - kein Dateipfad. <==== ACHTUNG
Task: {2008adb5-9727-4554-82d1-10bc1745e8b1} - kein Dateipfad. <==== ACHTUNG
Task: {2269145a-6d62-44c0-a755-2f56b3301453} - kein Dateipfad. <==== ACHTUNG
Task: {25f23172-2787-4c1b-9500-4106c457e0bb} - kein Dateipfad. <==== ACHTUNG
Task: {262a40ed-a71e-4de2-875b-29bc1fdb33c7} - kein Dateipfad. <==== ACHTUNG
Task: {3c6314d9-c7a1-45b6-9291-b9a4e8565a82} - kein Dateipfad. <==== ACHTUNG
Task: {45840b04-5a74-483d-83cf-de83848d0492} - kein Dateipfad. <==== ACHTUNG
Task: {49244025-6df9-422b-9e60-fcfe9befa7cc} - kein Dateipfad. <==== ACHTUNG
Task: {49f467fe-f6ab-47c3-bc8f-feb6ecafdc8d} - kein Dateipfad. <==== ACHTUNG
Task: {4a81a102-6041-41f8-aec6-9e1577acd5bd} - kein Dateipfad. <==== ACHTUNG
Task: {4fe10caf-cdf4-464f-b1b6-2d54ba837948} - kein Dateipfad. <==== ACHTUNG
Task: {59514228-1f82-4abd-afd7-3fcf9583ceb8} - kein Dateipfad. <==== ACHTUNG
Task: {6252884b-51c4-48b8-bee4-73f01f7305b1} - kein Dateipfad. <==== ACHTUNG
Task: {77d009d7-1870-47f3-80c4-323541939d46} - kein Dateipfad. <==== ACHTUNG
Task: {7e1c234c-f8fe-4e89-ad85-93991578a23a} - kein Dateipfad. <==== ACHTUNG
Task: {81807fe3-4902-4181-8e2a-22c3b638c533} - kein Dateipfad. <==== ACHTUNG
Task: {87d50552-871e-49a1-9b41-97eb9ef69092} - kein Dateipfad. <==== ACHTUNG
Task: {8961c923-cd25-44c4-b36a-c42c40d1660d} - kein Dateipfad. <==== ACHTUNG
Task: {93a33fff-17eb-4842-9faf-7534d5215b10} - kein Dateipfad. <==== ACHTUNG
Task: {9eaf414f-36f6-4ffd-9684-175b2f318c04} - kein Dateipfad. <==== ACHTUNG
Task: {a6f37331-826e-4bd1-bbcf-0c0e29bcff2c} - kein Dateipfad. <==== ACHTUNG
Task: {acc4f9db-bb56-4b53-8d9d-5e013c15118c} - kein Dateipfad. <==== ACHTUNG
Task: {c5c8f437-adb8-43b5-b8a4-b36b05a3e364} - kein Dateipfad. <==== ACHTUNG
Task: {ce8233e6-ce9f-49b7-8752-ebaef42a581d} - kein Dateipfad. <==== ACHTUNG
Task: {d925046e-c8c8-4d8c-824e-37a6fab0368e} - kein Dateipfad. <==== ACHTUNG
Task: {d94a6419-a129-4abc-a395-5e3dd4ae9b87} - kein Dateipfad. <==== ACHTUNG
Task: {e91f7dcf-a6ba-4217-89da-5ccf63f6e9fc} - kein Dateipfad. <==== ACHTUNG
Task: {ec0a6339-a680-49dc-9e67-a2c91d538c04} - kein Dateipfad. <==== ACHTUNG
Task: {ef7d7f8d-d387-436a-90ec-5890ebacb456} - kein Dateipfad. <==== ACHTUNG
Task: {fa2bd862-ffe8-49a7-9e7b-f431bb237d75} - kein Dateipfad. <==== ACHTUNG
Task: {ffdf9004-c786-45d9-a30b-05279132e6c6} - kein Dateipfad. <==== ACHTUNG
Task: {F290A334-2964-45CD-BA99-FE3D2CF64E7F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {D1E44C35-478B-44CB-BA53-4204D55CE9D7} - System32\Tasks\DropboxSystem\DropboxUpdater\DropboxUpdaterTaskSystem123.0.6299.129{47CD09D9-39F8-43ED-AE63-6F827413F9F7} => C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.129\updater.exe [5898104 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
Task: {7361893A-36F1-4AD3-A384-049AA048FBC9} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem140.0.7272.0{4425CD8D-9E00-4335-AC2C-13963B53FF54} => C:\Program Files (x86)\Google\GoogleUpdater\140.0.7272.0\updater.exe [6836832 2025-07-01] (Google LLC -> Google LLC)
Task: {DFFCFEDF-1029-46D1-B76D-868077302545} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [10453888 2025-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {6379A620-4796-4973-8E53-2A0CC287FC36} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28583776 2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {53C9CCF1-843B-484D-9B12-D4E6026362E1} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\opushutil.exe [61328 2025-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB41A266-49CE-43AF-98A0-AA5D7540FB44} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28583776 2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {7EF468B8-AFA4-4CAD-A16F-7F6EBED71B3B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [224032 2025-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {C329E3E0-DA05-4B16-9475-44330958CEAF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [224032 2025-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A4F9754-7989-4408-8DB6-ED9370A2932B} - System32\Tasks\Microsoft\Office\Office Startup Boost => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [224032 2025-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {A558CC47-7223-457F-85D8-87E697C8F2ED} - System32\Tasks\Microsoft\Office\Office Startup Boost Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [224032 2025-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe  (Keine Datei)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Keine Datei)
Task: {ADACE8A4-3849-4F2D-9A0C-00FBBAA8EE46} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-300349749-1118940784-3883464041-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [694848 2025-07-10] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {FAEC80E9-6352-4005-8718-0E8CDC26395C} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-300349749-1118940784-3883464041-1002 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [694848 2025-07-10] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {473E1EEA-0A09-40D4-AAD4-B56D6928E2CE} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-07-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {5F93C471-FC51-4FC2-A23D-BAE25441A5AD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {E19F91EB-5B14-4BEE-9728-DFC86A1290ED} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9C0E9100-1D28-49C9-8A94-8CB2CAB38F27} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {FE4D1531-7D6D-475F-8792-E3DD2EA24867} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BF69616A-B3AC-4E71-BD11-00C887EFA9D5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AD9BE1C8-3EC0-492F-9905-53DC78FE229C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {16C8ED63-194A-422D-B577-1E1D962C859B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {87A32C8C-1EE6-47CD-A4CC-55E440D84D3A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7637B44A-AB77-4FC6-9888-44A37F2650EC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8F509555-BC33-408F-9A4F-439AC0E2A4EB} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4224392 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {125EF511-68BD-4E6B-987F-ACFB67966C45} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-300349749-1118940784-3883464041-1000 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4224392 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {59DB7A75-115A-4D65-BF3A-E3B71C58A2DC} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-300349749-1118940784-3883464041-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4224392 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {2C41C943-88D4-426A-BBE2-C9DE6DDA8D53} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-300349749-1118940784-3883464041-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4224392 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {542869ED-EC98-470F-9FA3-D91045C6DC7C} - System32\Tasks\OneDrive Startup Task-S-1-5-21-300349749-1118940784-3883464041-1000 => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\OneDriveLauncher.exe [685960 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {4F3737D4-FA5B-4399-A491-38CB1F107311} - System32\Tasks\OneDrive Startup Task-S-1-5-21-300349749-1118940784-3883464041-1001 => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\OneDriveLauncher.exe [685960 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {58432F2D-4451-45ED-A255-041ADBDE538A} - System32\Tasks\OneDrive Startup Task-S-1-5-21-300349749-1118940784-3883464041-1002 => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\OneDriveLauncher.exe [685960 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A4D55E5A-7C66-4775-BDBD-D904DFAA8B81} - System32\Tasks\Opera scheduled assistant Autoupdate 1720783592 => C:\Users\Susi\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [6073240 2025-06-26] (Opera Norway AS -> Opera Software) -> --scheduledtask --productiscomponent --bypasslauncher --installdir="C:\Users\Susi\AppData\Local\Programs\Opera\assistant" --producttype=assistant $(Arg0)
Task: {6E2C7DC5-FD17-4F79-9E39-2490D2AB1DE6} - System32\Tasks\Opera scheduled Autoupdate 1720783591 => C:\Users\Susi\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [6073240 2025-06-26] (Opera Norway AS -> Opera Software)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c98ef358-4c5b-4953-aacc-3a8fb6d2d412}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c98ef358-4c5b-4953-aacc-3a8fb6d2d412}: [DhcpDomain] home

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Susi\AppData\Local\Microsoft\Edge\User Data\Default [2025-07-13]
Edge Notifications: Default -> hxxps://d1q2usinaffc7397jcng.saq-protect.co.in
Edge Extension: (Google Docs Offline) - C:\Users\Susi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-07-06]
Edge Extension: (Edge relevant text changes) - C:\Users\Susi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-15]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF DefaultProfile: sxkod3qx.default
FF ProfilePath: C:\Users\Susi\AppData\Roaming\Mozilla\Firefox\Profiles\sxkod3qx.default [2024-04-01]
FF ProfilePath: C:\Users\Susi\AppData\Roaming\Mozilla\Firefox\Profiles\czyxkz54.default-release [2025-07-14]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-06-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-07-13] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Susi\AppData\Local\Google\Chrome\User Data\Default [2025-07-16]
CHR Notifications: Default -> hxxps://backgammonstudio.com; hxxps://de31.the-west.de; hxxps://heroes.backgammonstudio.com; hxxps://heroes3.backgammonstudio.com; hxxps://mingle.respondi.de; hxxps://naka-24.jgw-ev.de; hxxps://www.backgammonstudio.com; hxxps://www.ipsosisay.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.de/
CHR Extension: (Google Docs Offline) - C:\Users\Susi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-06-25]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Susi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-07-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Susi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-03-15]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-300349749-1118940784-3883464041-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera:
=======
OPR DefaultProfile: Default

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103776 2024-03-30] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13045112 2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [5898104 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [5898104 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\System32\DbxSvc.exe [58984 2025-04-29] (Dropbox, Inc -> Dropbox, Inc.)
S2 DropboxUpdaterInternalService123.0.6299.129; C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.129\updater.exe [5898104 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
S2 DropboxUpdaterService123.0.6299.129; C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.129\updater.exe [5898104 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
S3 EpicGamesUpdater; C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesUpdater.exe [2404768 2025-07-11] (Epic Games Inc. -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [1604112 2025-04-01] (Epic Games Inc. -> Epic Games, Inc.)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncHelper.exe [3633512 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2421584 2025-05-31] (GOG  sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7654224 2025-05-31] (GOG  sp. z o.o -> GOG.com)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243720 2025-07-08] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9591104 2025-07-14] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-07-14] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe [2071592 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [74336 2023-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [154216 2023-08-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [36880 2023-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.115.0615.0002\OneDriveUpdaterService.exe [3885448 2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [20445008 2025-06-19] (Logitech Inc -> Logitech, Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [4488168 2025-07-02] (Rockstar Games, Inc. -> Rockstar Games)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [794544 2024-05-02] (Oracle America, Inc. -> Oracle and/or its affiliates)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\NisSrv.exe [4513624 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe [278328 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 DropboxElevationService; "C:\Program Files (x86)\Dropbox\Client\227.4.4774\DropboxElevationService.exe" --svc --appid={cc46080e-4c33-4981-859a-bba2f780f31e} [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [36928 2022-09-16] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [573440 2024-12-28] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [204800 2024-12-28] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [110592 2024-12-28] (Microsoft Corporation) [Datei ist nicht signiert]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [159296 2025-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [222528 2024-12-28] (Microsoft Windows -> Microsoft Corporation)
S3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [330112 2025-06-13] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [140688 2025-07-09] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-07-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\Drivers\farflt11.sys [241872 2025-07-14] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\System32\Drivers\mbam.sys [80960 2025-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [242752 2025-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [190096 2025-07-14] (Malwarebytes Inc -> Malwarebytes)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [32424 2023-07-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2024-01-18] (Nvidia Corporation -> NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [254352 2024-05-02] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [265224 2024-05-02] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxSup; C:\WINDOWS\system32\DRIVERS\VBoxSup.sys [1063752 2024-05-02] (Oracle Corporation -> Oracle and/or its affiliates)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2025-06-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20032 2025-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [612768 2025-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2024-12-28] (Microsoft Windows -> Microsoft Corporation)
S3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\WSDScan.sys [61440 2024-12-28] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2025-07-16 14:33 - 2025-07-16 14:33 - 000034420 _____ C:\Users\Susi\Desktop\FRST.txt
2025-07-16 14:29 - 2025-07-16 14:29 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\Apple Computer
2025-07-16 14:29 - 2025-07-16 14:29 - 000000000 ____D C:\Users\Anwender\AppData\Local\Backup
2025-07-16 14:28 - 2025-07-16 14:28 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-07-15 11:48 - 2025-07-15 11:49 - 000055358 _____ C:\Users\Susi\Downloads\0716_.txt
2025-07-14 18:20 - 2025-07-14 18:20 - 000745650 _____ C:\WINDOWS\system32\perfh007.dat
2025-07-14 18:20 - 2025-07-14 18:20 - 000158752 _____ C:\WINDOWS\system32\perfc007.dat
2025-07-14 17:53 - 2025-07-14 17:53 - 000190096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2025-07-14 17:42 - 2025-07-14 17:43 - 000000000 ____D C:\AdwCleaner
2025-07-14 17:41 - 2025-07-14 17:42 - 009568256 _____ (Malwarebytes) C:\Users\Susi\Downloads\adwcleaner.exe
2025-07-14 17:30 - 2025-07-14 17:30 - 000002404 _____ C:\Users\Anwender\Downloads\Malwarebytes Scan-Bericht 2025-07-14 150931.txt
2025-07-14 17:26 - 2025-07-14 17:26 - 000002404 _____ C:\Users\Anwender\Desktop\Malwarebytes Scan-Bericht 2025-07-14 170931_2.txt
2025-07-14 17:26 - 2025-07-14 17:26 - 000002404 _____ C:\Users\Anwender\Desktop\Malwarebytes Scan-Bericht 2025-07-14 170931.txt
2025-07-14 17:23 - 2025-07-14 17:23 - 000002404 _____ C:\Users\Anwender\Downloads\Malwarebytes Scan-Bericht 2025-07-14 170931_2.txt
2025-07-14 17:22 - 2025-07-14 17:22 - 000002404 _____ C:\Users\Anwender\Downloads\Malwarebytes Scan-Bericht 2025-07-14 170931.txt
2025-07-14 17:19 - 2025-07-16 14:31 - 000000000 ____D C:\Users\Anwender\AppData\Local\Malwarebytes
2025-07-14 17:09 - 2025-07-14 17:53 - 000241872 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2025-07-14 17:08 - 2025-07-16 14:24 - 000000000 ____D C:\Users\Susi\AppData\Local\Malwarebytes
2025-07-14 17:08 - 2025-07-14 17:08 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-07-14 17:08 - 2025-07-14 17:08 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2025-07-14 17:07 - 2025-07-14 17:07 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-07-14 17:07 - 2025-07-14 17:07 - 000000000 ____D C:\Program Files\Malwarebytes
2025-07-14 16:06 - 2025-07-14 16:06 - 002827496 _____ (Malwarebytes) C:\Users\Susi\Desktop\MBSetup.exe
2025-07-14 13:10 - 2025-07-14 13:10 - 000053778 _____ C:\Users\Susi\Downloads\0714_Addition.txt
2025-07-14 13:08 - 2025-07-15 11:48 - 000050875 _____ C:\Users\Susi\Downloads\0716_FRST.txt
2025-07-14 13:08 - 2025-07-14 13:10 - 000047987 _____ C:\Users\Susi\Downloads\0714FRST.txt
2025-07-14 00:44 - 2025-07-16 14:33 - 000000000 ____D C:\FRST
2025-07-14 00:43 - 2025-07-14 00:44 - 002409472 _____ (Farbar) C:\Users\Susi\Desktop\FRST64.exe
2025-07-14 00:31 - 2025-07-14 00:31 - 000002583 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002579 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002558 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Notes (new).lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002536 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002533 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook (classic).lnk
2025-07-14 00:31 - 2025-07-14 00:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2025-07-11 17:34 - 2025-07-11 17:34 - 000000000 ____D C:\Users\Susi\Documents\Amnesia
2025-07-11 17:34 - 2025-07-11 17:34 - 000000000 ____D C:\Users\Susi\AppData\Roaming\fltk.org
2025-07-11 17:34 - 2025-07-11 17:34 - 000000000 ____D C:\ProgramData\fltk.org
2025-07-11 17:32 - 2025-07-11 17:32 - 000000385 _____ C:\Users\Susi\Desktop\Amnesia  The Dark Descent.url
2025-07-11 17:32 - 2025-07-11 17:32 - 000000000 ____D C:\Users\Susi\AppData\LocalLow\Something We Made
2025-07-11 17:32 - 2025-07-11 17:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOEM [GOG.com]
2025-07-11 17:27 - 2025-07-11 17:27 - 000000000 ____D C:\Users\Anwender\AppData\Local\UnrealEngine
2025-07-11 17:27 - 2025-07-11 17:27 - 000000000 ____D C:\Users\Anwender\AppData\Local\EpicGamesLauncher
2025-07-11 17:27 - 2025-07-11 17:27 - 000000000 ____D C:\Program Files\Epic Games
2025-07-11 17:23 - 2025-07-11 17:23 - 000000000 ____D C:\Users\Susi\AppData\Local\UnrealEngineLauncher
2025-07-11 17:23 - 2025-07-11 17:23 - 000000000 ____D C:\Users\Susi\AppData\Local\EpicGamesLauncher
2025-07-11 17:22 - 2025-07-11 17:25 - 000000000 ____D C:\ProgramData\Epic
2025-07-11 17:22 - 2025-07-11 17:23 - 000000000 ____D C:\Program Files (x86)\Epic Games
2025-07-11 17:22 - 2025-07-11 17:22 - 000001272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2025-07-11 17:22 - 2025-07-11 17:22 - 000001260 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2025-07-11 17:22 - 2025-07-11 17:22 - 000000000 ____D C:\Users\Susi\AppData\Local\Epic Games
2025-07-11 17:21 - 2025-07-11 17:22 - 186343424 _____ C:\Users\Susi\Downloads\EpicInstaller-18.7.0.msi
2025-07-10 14:28 - 2025-07-14 17:17 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-07-09 04:39 - 2025-07-09 04:39 - 000000000 ____D C:\WINDOWS\system32\ruxim
2025-07-09 03:17 - 2025-07-09 03:17 - 000073956 _____ C:\WINDOWS\SysWOW64\ctac.json
2025-07-09 03:17 - 2025-07-09 03:17 - 000073956 _____ C:\WINDOWS\system32\ctac.json
2025-07-09 03:17 - 2025-07-09 03:17 - 000033519 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-07-09 03:17 - 2025-07-09 03:17 - 000033519 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-07-09 00:18 - 2025-07-09 00:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2025-07-08 23:21 - 2025-07-08 23:21 - 002968134 _____ C:\Users\Susi\Downloads\Fw_ Minutes of the Extraordinary General Assembly 2025.zip
2025-07-03 23:57 - 2025-07-09 04:40 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2025-07-03 19:27 - 2025-07-03 19:27 - 001105920 _____ C:\Users\Susi\Downloads\01JZ8N73MB0EGZZTFZT0MG4Q7W.pdf
2025-07-02 18:39 - 2025-07-02 18:39 - 000470849 _____ C:\Users\Susi\Downloads\ticket_Susanne.pdf
2025-07-02 18:37 - 2025-07-02 18:37 - 000470954 _____ C:\Users\Susi\Downloads\ticket Paula.pdf
2025-07-01 09:14 - 2025-07-01 09:14 - 000001318 _____ C:\Users\Susi\Desktop\Tapirgammon.lnk
2025-06-25 18:24 - 2025-07-12 10:15 - 000000090 _____ C:\logUploaderSettings_temp.ini
2025-06-25 18:24 - 2025-07-12 10:15 - 000000090 _____ C:\logUploaderSettings.ini
2025-06-20 07:20 - 2025-06-20 07:21 - 000000000 ____D C:\Program Files\LogiOptionsPlus
2025-06-20 07:20 - 2025-06-20 07:20 - 000000859 _____ C:\Users\Public\Desktop\Logi Options+.lnk
2025-06-20 07:20 - 2025-06-20 07:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2025-07-16 14:33 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-07-16 14:32 - 2024-03-16 00:56 - 000000000 ____D C:\Users\Susi\AppData\Roaming\Dropbox
2025-07-16 14:32 - 2024-03-16 00:56 - 000000000 ____D C:\Users\Susi\AppData\Local\Dropbox
2025-07-16 14:31 - 2024-06-20 14:48 - 000000000 ____D C:\Users\Susi\AppData\Local\LogiOptionsPlus
2025-07-16 14:31 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-07-16 14:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-07-16 14:31 - 2024-03-16 01:29 - 000000000 ___SD C:\Users\Susi\MagentaCLOUD
2025-07-16 14:31 - 2024-03-15 18:59 - 000000000 ___RD C:\Users\Susi\OneDrive
2025-07-16 14:31 - 2024-03-13 15:30 - 000000000 ____D C:\ProgramData\NVIDIA
2025-07-16 14:31 - 2024-03-13 15:28 - 000000000 ____D C:\Users\Anwender\AppData\Local\PlaceholderTileLogoFolder
2025-07-16 14:30 - 2024-03-16 00:55 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\Dropbox
2025-07-16 14:30 - 2024-03-16 00:55 - 000000000 ____D C:\Users\Anwender\AppData\Local\Dropbox
2025-07-16 14:30 - 2024-03-15 19:09 - 000000000 ____D C:\Program Files (x86)\Steam
2025-07-16 14:30 - 2024-03-13 15:27 - 000000000 ____D C:\Users\Anwender\AppData\Local\Packages
2025-07-16 14:29 - 2024-12-28 18:43 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\Microsoft\Windows
2025-07-16 14:29 - 2024-03-15 19:11 - 000000000 ____D C:\Users\Anwender\AppData\Local\Steam
2025-07-16 14:29 - 2024-03-13 15:27 - 000000000 ____D C:\Users\Anwender\AppData\Local\D3DSCache
2025-07-16 14:28 - 2024-04-22 17:46 - 000000000 ____D C:\Users\Anwender\AppData\Local\LogiOptionsPlus
2025-07-16 14:28 - 2024-03-16 01:28 - 000000000 ____D C:\Users\Susi\AppData\Roaming\MagentaCLOUD
2025-07-16 14:28 - 2024-03-13 15:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2025-07-16 14:28 - 2024-03-13 15:27 - 000000000 ____D C:\ProgramData\Packages
2025-07-16 14:24 - 2024-12-29 03:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-07-16 14:24 - 2024-12-29 03:03 - 000008176 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-07-16 14:24 - 2024-12-29 03:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-07-16 14:24 - 2024-12-29 03:02 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2025-07-16 14:24 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-07-16 14:24 - 2024-03-14 07:36 - 000000000 ____D C:\MSI
2025-07-16 14:24 - 2024-03-13 15:24 - 000012288 ___SH C:\DumpStack.log.tmp
2025-07-14 18:34 - 2024-03-16 01:14 - 000000000 ____D C:\Users\Susi\AppData\Roaming\discord
2025-07-14 18:20 - 2024-12-29 17:12 - 001729512 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-07-14 18:20 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-07-14 18:20 - 2024-03-16 01:14 - 000000000 ____D C:\Users\Susi\AppData\Local\Discord
2025-07-14 18:07 - 2024-03-16 01:00 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-07-14 17:52 - 2024-04-01 09:21 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-07-14 17:41 - 2024-03-16 22:24 - 000000000 ____D C:\Users\Susi\AppData\Roaming\Microsoft\Word
2025-07-14 17:17 - 2024-03-16 22:38 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-07-14 17:17 - 2024-03-16 01:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-07-14 17:08 - 2024-04-01 09:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-07-14 17:08 - 2024-03-15 18:59 - 000000000 ____D C:\Users\Susi\AppData\Local\Packages
2025-07-14 13:10 - 2024-12-28 18:43 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\Microsoft\Spelling
2025-07-14 04:41 - 2024-03-15 19:01 - 000000000 ____D C:\Users\Susi\AppData\Local\D3DSCache
2025-07-13 21:19 - 2024-03-16 23:18 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2025-07-13 21:19 - 2024-03-15 21:14 - 000000000 ____D C:\Users\Susi\AppData\Roaming\Microsoft\Excel
2025-07-12 18:32 - 2024-03-20 09:02 - 000000000 ____D C:\Users\Susi\AppData\Local\CrashDumps
2025-07-12 10:15 - 2025-01-18 09:52 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-300349749-1118940784-3883464041-1002
2025-07-12 10:15 - 2025-01-18 09:52 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-300349749-1118940784-3883464041-1001
2025-07-12 10:15 - 2025-01-18 09:52 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-300349749-1118940784-3883464041-1000
2025-07-12 10:15 - 2024-12-29 03:05 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-300349749-1118940784-3883464041-1002
2025-07-12 10:15 - 2024-12-29 03:05 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-300349749-1118940784-3883464041-1001
2025-07-12 10:15 - 2024-12-29 03:05 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-300349749-1118940784-3883464041-1000
2025-07-12 10:15 - 2024-12-29 03:05 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-07-12 10:15 - 2024-03-15 21:14 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-07-11 22:55 - 2024-03-15 19:04 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-07-11 22:55 - 2024-03-15 19:04 - 000002198 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-07-11 17:25 - 2024-03-14 07:36 - 000000000 ____D C:\ProgramData\Package Cache
2025-07-10 21:54 - 2024-12-29 03:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-07-10 21:54 - 2024-04-01 22:46 - 000001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-07-09 04:40 - 2024-12-29 03:03 - 000486384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-07-09 04:39 - 2024-04-01 18:35 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\schemas
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-07-09 04:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-07-09 04:39 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-07-09 03:17 - 2024-12-29 17:12 - 003384320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-07-09 00:17 - 2024-03-16 00:55 - 000000000 ____D C:\Program Files (x86)\Dropbox
2025-07-08 16:05 - 2024-12-29 03:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2025-07-08 16:05 - 2024-04-22 18:08 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2025-07-07 22:35 - 2024-03-16 01:14 - 000002238 _____ C:\Users\Susi\Desktop\Discord.lnk
2025-07-06 22:26 - 2024-03-15 19:09 - 000000000 ____D C:\Users\Susi\AppData\Local\Steam
2025-07-04 15:45 - 2024-05-03 22:11 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2025-07-02 23:57 - 2024-06-17 15:49 - 000000000 ____D C:\Users\Susi\AppData\Roaming\Code
2025-07-02 08:32 - 2025-01-23 10:13 - 000000000 ____D C:\Program Files\Rockstar Games
2025-07-02 08:32 - 2025-01-23 10:13 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2025-07-02 08:31 - 2025-05-26 15:28 - 000001156 _____ C:\Users\Susi\Desktop\Assimil.lnk
2025-07-01 17:36 - 2024-12-29 03:05 - 000004280 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1720783591
2025-07-01 17:36 - 2024-07-12 13:26 - 000001383 _____ C:\Users\Susi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2025-06-26 09:18 - 2024-06-17 15:49 - 000000000 ____D C:\Users\Susi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2025-06-25 03:19 - 2024-05-26 20:23 - 000000000 ____D C:\Users\Susi\AppData\LocalLow\Temp
2025-06-25 03:19 - 2024-03-28 01:17 - 000000000 ____D C:\Users\Susi\AppData\LocalLow\Adobe
2025-06-20 07:21 - 2025-03-04 11:26 - 000000000 ____D C:\Program Files\Logi
2025-06-20 00:39 - 2024-03-15 21:14 - 000000000 ____D C:\Users\Susi\AppData\Roaming\Microsoft\Office

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2024-06-11 23:13 - 2024-06-11 23:13 - 000000128 _____ () C:\Users\Susi\AppData\Roaming\PUTTY.RND
2024-05-26 23:14 - 2024-06-15 22:06 - 000000128 _____ () C:\Users\Susi\AppData\Local\PUTTY.RND
2025-05-21 16:36 - 2025-05-21 16:36 - 000001418 _____ () C:\Users\Susi\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 13-07-2025
durchgeführt von Susi (16-07-2025 14:34:03)
Gestartet von C:\Users\Susi\Desktop
Microsoft Windows 11 Home Version 24H2 26100.4652 (X64) (2024-12-29 15:12:20)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-300349749-1118940784-3883464041-500 - Administrator - Disabled)
Anwender (S-1-5-21-300349749-1118940784-3883464041-1000 - Administrator - Enabled) => C:\Users\Anwender
DefaultAccount (S-1-5-21-300349749-1118940784-3883464041-503 - Limited - Disabled)
Gast (S-1-5-21-300349749-1118940784-3883464041-501 - Limited - Disabled)
Paula (S-1-5-21-300349749-1118940784-3883464041-1002 - Limited - Enabled) => C:\Users\Paula
Susi (S-1-5-21-300349749-1118940784-3883464041-1001 - Administrator - Enabled) => C:\Users\Susi
WDAGUtilityAccount (S-1-5-21-300349749-1118940784-3883464041-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 24.09 (x64) (HKLM\...\7-Zip) (Version: 24.09 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 25.001.20531 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601110}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AIDA64 Extreme v6.92 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.92 - FinalWire Ltd.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 6.02.22.053 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.27.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.10.0.2198 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{8da54e84-09f6-45f6-9c1f-2b86dff082b1}) (Version: 6.02.22.053 - Advanced Micro Devices, Inc.) Hidden
Anki (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Anki) (Version: 25.02.6 - )
Apple Mobile Device Support (HKLM\...\{336D80E8-E773-4B6F-BCAB-D291F34A6685}) (Version: 17.5.0.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Arx Libertatis (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\ArxLibertatis) (Version: 1.2.1 - )
BGBlitz 3.2.1 (HKLM\...\BGBlitz_is1) (Version:  - Frank Berger)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Discord (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Discord) (Version: 1.0.9036 - Discord Inc.)
dm-Fotowelt (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\dm-Fotowelt) (Version: 8.0.3 - CEWE Stiftung u Co. KGaA)
Dropbox (HKLM-x32\...\Dropbox) (Version: 228.4.5567 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.983.1 - Dropbox, Inc.) Hidden
Epic Games Launcher (HKLM-x32\...\{EB1746AB-000D-42D9-AF1B-7D998327C33C}) (Version: 1.3.149.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{88FE81B2-A29B-4500-926C-D9F798539574}) (Version: 3.0.1 - Epic Games, Inc.)
Escape from Monkey Island™ (HKLM-x32\...\1885026907_is1) (Version: 1.1 - GOG.com)
eXtreme Gammon 2 (HKLM-x32\...\{2F5AF5E1-E021-4832-A423-EF480EC58A0B}_is1) (Version: 2.10 - GameSite 2000, Ltd.)
FileZilla 3.67.0 (HKU\S-1-5-21-300349749-1118940784-3883464041-1000\...\FileZilla Client) (Version: 3.67.0 - Tim Kosse)
fSpy 1.0.3 (only current user) (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\6c332f2e-0163-5c6e-93bd-836ed62606d6) (Version: 1.0.3 - Per Gantelius)
GIMP 2.10.36-1 (HKLM\...\GIMP-2_is1) (Version: 2.10.36 - The GIMP Team)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.83.4 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 138.0.7204.101 - Google LLC)
GridGammon 3.8.0 (Build 896) (HKLM-x32\...\GridGammon) (Version: 3.8.0 (Build 896) - Jensen-Barclay, LLC)
HP Dropbox Plugin (HKLM-x32\...\{737B7969-CE8E-47B0-98A4-2599F53B3B03}) (Version: 40.13.54.81239 - HP)
HP Google Drive Plugin (HKLM-x32\...\{815D86A1-06B8-451D-9736-BE52D6A06DBD}) (Version: 40.13.54.81239 - HP)
iTunes (HKLM\...\{8A04F54C-B9A8-4C2B-BA5E-C80133232D07}) (Version: 12.13.2.3 - Apple Inc.)
Java(TM) SE Development Kit 21.0.6 (64-bit) (HKLM\...\{26F4C2FF-9E0F-5FD4-B66B-1B13F1068A00}) (Version: 21.0.6.0 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.92.731496 - Logitech)
Logi Plugin Service (HKLM\...\{53C826D9-FB49-497B-B324-E5257D8E4A48}) (Version: 6.1.3.22547 - Logitech)
Logi RightSightForWebcams 1.1.168 (HKLM\...\{5FCBA56A-7453-4BD8-B314-D23F38E77CA9}) (Version: 1.1.168.0 - Logitech) Hidden
MagentaCLOUD (HKLM\...\{1369654A-24FD-4D83-B45A-222E19EAD9A1}) (Version: 3.6.7.20230217 - Deutsche Telekom AG)
Malwarebytes version 5.3.4.202 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.3.4.202 - Malwarebytes)
Microsoft .NET Host - 8.0.15 (x64) (HKLM\...\{4C903F19-B4C3-4D0C-8CC9-D444C511AF1C}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.15 (x64) (HKLM\...\{11CCC9F6-77AA-4421-9EAC-BAEC36D96817}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.15 (x64) (HKLM\...\{8731E6E3-AF96-4515-ACEC-DBFB3DF55292}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 138.0.3351.83 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.18925.20158 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.115.0615.0002 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.28402 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34438 (HKLM-x32\...\{b49c10dd-4d54-45f8-ad13-fa25704456a4}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34438 (HKLM-x32\...\{ba10fda9-f731-441f-a999-000bbb7ceec2}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34438 (HKLM\...\{E528AD94-12D7-42C4-91A3-908BE28E9BD2}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34438 (HKLM\...\{2E15F519-4FDA-4834-B4EE-7EFCE7D8D4EE}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34438 (HKLM-x32\...\{A5592FEF-F948-4BA6-A066-8BBFC2DC7EE1}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34438 (HKLM-x32\...\{5D0C4511-3CA1-4FF8-A4BA-C0E1957ABEEA}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.101.2 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.15 (x64) (HKLM\...\{0E4A7820-FDA4-4250-B7AC-E7A2F7B43B64}) (Version: 64.60.31203 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.15 (x64) (HKLM-x32\...\{5625bb48-295c-4113-bc92-d6a69b19b04c}) (Version: 8.0.15.34718 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 140.0.4 (x64 de)) (Version: 140.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 115.8.1 - Mozilla)
Mozilla Thunderbird (x64 de) (HKLM\...\Mozilla Thunderbird 128.12.0 (x64 de)) (Version: 128.12.0 - Mozilla)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2023.0919.01 - MSI)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Grafiktreiber 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 31.0.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.18925.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.18925.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.18925.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.18925.20158 - Microsoft Corporation) Hidden
Opera Stable 119.0.5497.141 (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\Opera 119.0.5497.141) (Version: 119.0.5497.141 - Opera Software)
Oracle VM VirtualBox 7.0.18 (HKLM\...\{63A2B392-8FBD-450D-B02F-BE287BAF1FE8}) (Version: 7.0.18 - Oracle and/or its affiliates)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
PuTTY release 0.81 (64-bit) (HKLM\...\{DDC95F26-92B1-4546-9678-5DC68DF76BA0}) (Version: 0.81.0.0 - Simon Tatham)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9629.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.68.815.2023 - Realtek)
REDlauncher (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version:  - CD Projekt RED)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.103.2507 - Rockstar Games)
Rockstar Games SDK (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.4.0.94 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TOEM (HKLM-x32\...\1436499377_is1) (Version: 3.0.10 - GOG.com)
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Zoom Workplace (HKU\S-1-5-21-300349749-1118940784-3883464041-1001\...\ZoomUMX) (Version: 6.0.3 (37634) - Zoom Video Communications, Inc.)

Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-11] ()
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Assets [2025-05-25] ()
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2025-07-16] (Dropbox Inc.)
Hearts in Nature -> C:\Program Files\WindowsApps\Microsoft.HeartsinNature_1.0.0.0_neutral__8wekyb3d8bbwe [2024-03-15] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_160.1.1192.0_x64__v10z8vjag6ke6 [2025-07-08] (HP Inc.)
Malwarebytes Anti-Malware -> C:\Program Files\Malwarebytes\Anti-Malware [2025-07-14] ()
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-03-16] (Microsoft Corp.)
MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.55.0_x64__kzh8wxbdkxb8p [2025-07-01] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
Natural Hearts PREMIUM -> C:\Program Files\WindowsApps\Microsoft.NaturalHeartsPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2024-03-15] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.968.0_x64__56jybvy8sckqj [2025-06-11] (NVIDIA Corp.)
OfficePushNotificationsUtility -> C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16 [2025-07-16] ()
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.52.363.0_x64__dt26b99r8h8gj [2025-07-10] (Realtek Semiconductor Corp)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-01-22] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_7000.522.1444.0_x64__8wekyb3d8bbwe [2025-06-11] (Microsoft Corp.)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57074904.InpApp_cw5n1h2txyewy [2025-07-09] (Microsoft Windows)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{5634871C-B712-4441-9D69-C40DFCB1E0BF}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{6FF9B5B6-389F-444A-9FDD-A286C36EA079}\InprocServer32 -> C:\Program Files\MagentaCLOUD\CfApiShellExtensions.dll () [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{aa178e1e-6eb1-bde3-02d6-5472c2eea423}\localserver32 -> C:\Users\Susi\Downloads\HandBrake-1.9.2-x86_64-Win_GUI\HandBrake\HandBrake.exe (HandBrake Team) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{C763CCFF-33BC-42AE-9664-8A8FE5408507} -> [Dropbox] => C:\Users\Susi\Dropbox [2024-03-16 00:59]
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{dfe8b165-c232-4a1e-80e5-9ccf41837db2} -> [MagentaCLOUD] => C:\Users\Susi\MagentaCLOUD [2024-03-16 01:29]
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Susi\Dropbox [2024-03-16 00:59]
CustomCLSID: HKU\S-1-5-21-300349749-1118940784-3883464041-1001_Classes\CLSID\{f859c81c-8f87-4ba8-984b-7cb4de15dc2b}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
ShellIconOverlayIdentifiers: [                OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                MagentaCLOUDError] -> {21A727D8-DF75-47AC-9B23-98CA9941E764} => C:\Windows\System32\shellext\NCOverlays.dll -> Keine Datei
ShellIconOverlayIdentifiers: [                MagentaCLOUDOK] -> {5FB43024-D810-463E-8298-25AC18B4D657} => C:\Windows\System32\shellext\NCOverlays.dll -> Keine Datei
ShellIconOverlayIdentifiers: [                MagentaCLOUDOKShared] -> {207E0D58-A4D2-4BEA-B23F-74B275067FF4} => C:\Windows\System32\shellext\NCOverlays.dll -> Keine Datei
ShellIconOverlayIdentifiers: [                MagentaCLOUDSync] -> {B7E41BEC-A46C-4536-A3B8-F20322BC4538} => C:\Windows\System32\shellext\NCOverlays.dll -> Keine Datei
ShellIconOverlayIdentifiers: [                MagentaCLOUDWarning] -> {EC74FC2C-CC25-4FF8-B860-8F98CB200CCE} => C:\Windows\System32\shellext\NCOverlays.dll -> Keine Datei
ShellIconOverlayIdentifiers: [  DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [                OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [                OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [  DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [MagentaCLOUDContextMenuHandler] -> {C475B1E0-655A-4080-9D13-C3F0905740CF} => C:\Windows\System32\shellext\NCContextMenu.dll -> Keine Datei
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-07-14] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncShell64.dll [2025-07-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.80.0.dll [2025-06-24] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\nvshext.dll [2024-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-07-14] (Malwarebytes Inc -> Malwarebytes)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2023-02-17 17:32 - 2023-02-17 17:32 - 000130560 _____ () [Datei ist nicht signiert] C:\Program Files\MagentaCLOUD\magentacloudsync_vfs_cfapi.dll
2023-02-17 17:32 - 2023-02-17 17:32 - 000031232 _____ () [Datei ist nicht signiert] C:\Program Files\MagentaCLOUD\magentacloudsync_vfs_suffix.dll
2025-06-10 14:03 - 2024-11-29 20:00 - 000101376 _____ (Igor Pavlov) [Datei ist nicht signiert] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\system32\SnippingTool.exe:com.dropbox.attrs [52]
AlternateDataStreams: C:\Users\Susi\Downloads\2024-06-03 Tagesordnung Vorstandskonferenz.docx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Susi\Downloads\2024-08-26 Tagesordnung Vorstandskonferenz.docx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Susi\Downloads\adwcleaner.exe:MBAM.Zone.Identifier [292]
AlternateDataStreams: C:\Users\Susi\Downloads\audio1803449522.m4a:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Susi\Downloads\BrainstormingFlyerBG.xlsx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Susi\Downloads\BrainstormingFlyerBGx.xlsx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Susi\Downloads\DBGV Flyer 2024.pdf:com.dropbox.attrs [54]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-05] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Network ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

DNS Servers: 192.168.0.1
 ist aktiviert.

Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys

vms_vsf: Erweiterungsfilter für virtuellen Hyper-V-Switch
oracle_VBoxNetLwf: VirtualBox NDIS6 Bridged Networking Driver
ms_l1vhlwf: Nested Network Virtualization
vms_vsp: Extension-Protokoll für virtuellen Hyper-V-Switch

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\PuTTY\;C:\Program Files\dotnet\
HKU\S-1-5-21-300349749-1118940784-3883464041-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\DesktopSpotlight\Assets\Images\image_3.jpg
HKU\S-1-5-21-300349749-1118940784-3883464041-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Susi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-300349749-1118940784-3883464041-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Paula\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\13651263922714159053\133869443758257080.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)


==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{54169EE0-818B-452B-8D8C-D9C2501F3A6D}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24334.1101.3280.8162_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C9993EAA-5084-4536-8521-215761F30D3E}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24334.1101.3280.8162_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7556D140-B765-49A7-BB17-90FB0D8449CF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B85AFCD7-B58C-4A0D-8654-4A073B9914C6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{35B166F0-AAFC-4E29-962A-623A78E0CF9E}C:\users\susi\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\susi\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{CE764E72-5902-44F4-81EC-66507C14FEE5}C:\users\susi\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\susi\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{7652F68D-D712-460F-8E36-288EF559F348}C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Keine Datei
FirewallRules: [TCP Query User{CAA82960-4C9D-405A-ACD4-DFE12FEC2E6A}C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Keine Datei
FirewallRules: [{7AB9A7EE-6A0F-4828-96F6-8C872E9DA2A9}] => (Allow) C:\Program Files\LogiOptionsPlus\logivoice\logioptionsplus_logivoice => Keine Datei
FirewallRules: [{00AB105D-4F95-45DC-A853-43A35161202B}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{8AB0BA79-8101-474C-A827-07F6C331D3D0}C:\users\susi\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\susi\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{30A09A76-0F52-4B07-989C-63F9C4D18067}C:\users\susi\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\susi\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{82FB69BC-2B50-45DE-9F28-AB75D1098188}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{823AC527-8305-4C26-A9E7-F1E8EA0790FA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{112F5C6E-6531-4CD4-99B4-904F4FF8963F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BE5C2957-3B30-451F-8C9D-681BCC0B6DE3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{692B4D31-8953-4F23-A428-EE1E5CE858D0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{0F85773B-DECB-4389-BB07-E021AC26E849}C:\program files (x86)\gog galaxy\games\empire earth gold\empire earth\empire earth.exe] => (Allow) C:\program files (x86)\gog galaxy\games\empire earth gold\empire earth\empire earth.exe => Keine Datei
FirewallRules: [TCP Query User{515289D6-247A-47C9-91C3-3BBAE6FEDEA5}C:\program files (x86)\gog galaxy\games\empire earth gold\empire earth\empire earth.exe] => (Allow) C:\program files (x86)\gog galaxy\games\empire earth gold\empire earth\empire earth.exe => Keine Datei
FirewallRules: [{85C8BA67-DE8E-45D2-BD80-CE3878180A0E}] => (Allow) C:\Users\Anwender\AppData\Local\Temp\7zS6D06\HP.EasyStart.exe => Keine Datei
FirewallRules: [{6B22C994-437D-446C-A1ED-5E4EAF1447BF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CF5AD163-0699-4B01-9AA0-B5FF3122DCAB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E7EFD457-3C15-4786-9779-B7BAF46EE858}] => (Allow) C:\Users\Anwender\AppData\Local\Temp\7zS2258\HP.EasyStart.exe => Keine Datei
FirewallRules: [{F2B2B098-9657-47CD-B9F5-D0500737753D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outcast - A New Beginning\O2.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{5473D380-167C-4560-8936-1BABAC437F51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outcast - A New Beginning\O2.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{DC3ADBF3-62C8-4C71-B482-FDBE77E9FB99}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EA04981C-2282-4BB0-BA3F-C598542ED668}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4D1290DC-4131-41F5-8318-B0782DF4A24F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{947DDC2D-368C-45FB-88DF-5FA3E5C51C29}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{02F63584-DFCD-4C29-B29C-6DADC109EAC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A05A8732-E233-4386-B672-E85C71153E87}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1D5763C0-41FA-4B92-9900-50547C3F6AB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FB7954C0-B69B-43FF-9CAE-86158B84EEAE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4C2110B0-EDEF-4A00-9985-828F8CFF8332}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B0BC2771-1E6C-4AF7-8FFC-9F6ED2C70BAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D70B3170-85C7-443B-87EF-BE353FC6E96D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{361C49D8-30BC-4428-8D0F-DD87B7B84D44}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6997AE21-3ACB-4595-9BF9-9CCFE3737DF3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{18E71179-46FE-473F-8B3E-6ADB682DD8F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{08F24C62-6C6C-4B6E-9A9B-3DC7F3BC4A0D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5CCD14C1-CC0A-4AF9-86C3-20535F94BE43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2E75E986-20F6-4508-8F30-30E7B42915BC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0896884D-DB6C-4154-9008-3A025C2B51FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{20E1FA1B-389C-4865-8A03-B91A6FF08F50}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9DF82261-E599-44D0-A878-BAF261E42504}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [TCP Query User{03F86610-2181-4049-A4D3-1F6FABA17ED2}C:\program files\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) C:\program files\rockstar games\red dead redemption 2\rdr2.exe => Keine Datei
FirewallRules: [UDP Query User{6F7B1FA1-45D8-45E8-9D26-8DBDA7FFF5D1}C:\program files\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) C:\program files\rockstar games\red dead redemption 2\rdr2.exe => Keine Datei
FirewallRules: [{EF9DCDBE-13DE-49E5-8267-9F9035B59B61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance2\Bin\Win64MasterMasterSteamPGO\KingdomCome.exe (Warhorse Studios sro) [Datei ist nicht signiert]
FirewallRules: [{B6F13B8A-166B-4056-89DE-D3B2C99F3052}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance2\Bin\Win64MasterMasterSteamPGO\KingdomCome.exe (Warhorse Studios sro) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{B33E97CC-F666-4EB6-9F19-2680C3F36F41}C:\users\susi\downloads\vlc-3.0.21-win32\vlc-3.0.21\vlc.exe] => (Block) C:\users\susi\downloads\vlc-3.0.21-win32\vlc-3.0.21\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{2D8836DC-D174-4591-A690-1990F74C6987}C:\users\susi\downloads\vlc-3.0.21-win32\vlc-3.0.21\vlc.exe] => (Block) C:\users\susi\downloads\vlc-3.0.21-win32\vlc-3.0.21\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{9936672F-6CB9-4A1E-A505-F3E564430BC8}] => (Allow) C:\Program Files\Logi\LogiPluginService\LogiPluginService.exe (LoupeDeck Oy -> Logitech)
FirewallRules: [{F6392804-4C8A-425A-91F8-0EE8B35CB0FF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9043C1D1-F2D4-4436-8290-1C43793D3D38}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{345F7C89-756F-436D-989F-37E731C18D80}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{36E92E57-E7C0-486B-A2A1-D58918E0E7C7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{22E57D38-901B-44AB-88A2-D1306750F35D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4F8EE88D-F1BE-42AF-9A29-F8DA17763FCC}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{B591E2CA-E5E4-47F8-A675-25A4B3ABA9B9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{C93D4288-4BCE-4997-9AE3-FD98B0D51473}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C30EBB18-5DCC-46E6-9921-D897025D5C88}] => (Allow) LPort=32683
FirewallRules: [{AA368CBC-B9D5-41F9-8925-CFC4FE300CBC}] => (Allow) LPort=26822

==================== Wiederherstellungspunkte =========================

08-07-2025 16:04:04 Windows Update
11-07-2025 17:22:32 DirectX wurde installiert
16-07-2025 14:31:10 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager ============

==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (07/16/2025 02:32:00 PM) (Source: DbxSvc) (EventID: 322) (User: )
Description: Failed to get driver message: (-2147024890) Das Handle ist ungültig.

Error: (07/15/2025 11:51:38 AM) (Source: Windows App Runtime) (EventID: 50) (User: )
Description: Event-ID 50

Error: (07/15/2025 11:46:48 AM) (Source: DbxSvc) (EventID: 322) (User: )
Description: Failed to get driver message: (-2147024890) Das Handle ist ungültig.

Error: (07/14/2025 05:58:33 PM) (Source: Windows App Runtime) (EventID: 50) (User: )
Description: Event-ID 50

Error: (07/14/2025 05:52:20 PM) (Source: Service1) (EventID: 0) (User: )
Description: Fehler beim Verarbeiten von Sitzungsänderung. System.IO.FileNotFoundException: Das System kann die angegebene Datei nicht finden. (Ausnahme von HRESULT: 0x80070002)
  bei TaskScheduler.IRegisteredTask.get_Enabled()
  bei VoiceControl_Service.VoiceControlService.CreateTask(_TASK_RUNLEVEL taskRunLevel, String sName, String sPath, String sArg)
  bei VoiceControl_Service.VoiceControlService.OnSessionChange(SessionChangeDescription changeDescription)
  bei System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)

Error: (07/14/2025 04:50:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-DIFQB2Q.local already in use; will try DESKTOP-DIFQB2Q-2.local instead

Error: (07/14/2025 04:50:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 DESKTOP-DIFQB2Q.local. Addr 192.168.0.192

Error: (07/14/2025 04:50:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.192:5353  16 DESKTOP-DIFQB2Q.local. AAAA 2A02:0908:0D25:8040:A913:2FF8:EFA9:0F7D


Systemfehler:
=============
Error: (07/16/2025 02:31:17 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DIFQB2Q)
Description: Der Server "Microsoft.Windows.ContentDeliveryManager_10.0.26100.1_neutral_neutral_cw5n1h2txyewy!App.AppXryc2qd338f5728r9gzzazav8206ba77s.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/16/2025 02:28:30 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DIFQB2Q)
Description: Der Server "{6FA05A24-B1DF-4155-909E-7B424F2D2BB5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/16/2025 02:28:00 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DIFQB2Q)
Description: Der Server "{6FA05A24-B1DF-4155-909E-7B424F2D2BB5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/16/2025 02:26:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (07/16/2025 02:26:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.

Error: (07/16/2025 02:26:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Dropbox-Update-Service (dbupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (07/16/2025 02:26:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Dropbox-Update-Service (dbupdate) erreicht.

Error: (07/16/2025 02:24:47 PM) (Source: Microsoft-Windows-Windows Firewall With Advanced Security) (EventID: 2042) (User: NT-AUTORITÄT)
Description: 18-2147024662


Windows Defender:
================
Date: 2025-07-14 00:33:44
Description:
Microsoft Defender Antivirus ŝçäи ĥåš вėэй šţōрρěđ вёƒσŗę сŏмρľëŧïόʼn.%л %ťЅсăй ІĐ:%ъ{AA533266-D589-475C-B40C-A08F5FE56EEE}%ⁿ %ŧŞċăπ Тýрё:%ъAntimalware%ή %τŚςâņ Рåřám℮ţĕŗş:%ъVollständige Überprüfung%ņ  %ţÛšēґ:%ъDESKTOP-DIFQB2Q\Susi%ŋ %ťŠţóρ Ŗєāśøή:%вÙⁿκŋσωň

Date: 2025-07-13 22:38:36
Description:
Microsoft Defender Antivirus ŝçäи ĥåš вėэй šţōрρěđ вёƒσŗę сŏмρľëŧïόʼn.%л %ťЅсăй ІĐ:%ъ{4F37F17A-D326-4CD1-A214-D29E561C6CB7}%ⁿ %ŧŞċăπ Тýрё:%ъAntimalware%ή %τŚςâņ Рåřám℮ţĕŗş:%ъSchnellüberprüfung%ņ  %ţÛšēґ:%ъNT-AUTORITÄT\SYSTEM%ŋ %ťŠţóρ Ŗєāśøή:%вŞçђєδůĺęδ ѕçãŋ щäş śкīρρέð ъέĉâυśē ŧћэ ľάšţ śůççеŝѕƒųŀ ѕċąñ щâѕ щіţħïń ťħė ŀáşť 7 ďάγş

Date: 2025-07-12 20:26:58
Description:
Microsoft Defender Antivirus ŝçäи ĥåš вėэй šţōрρěđ вёƒσŗę сŏмρľëŧïόʼn.%л %ťЅсăй ІĐ:%ъ{41C828F7-46AB-452B-9157-C9B2E6E5727C}%ⁿ %ŧŞċăπ Тýрё:%ъAntimalware%ή %τŚςâņ Рåřám℮ţĕŗş:%ъSchnellüberprüfung%ņ  %ţÛšēґ:%ъNT-AUTORITÄT\SYSTEM%ŋ %ťŠţóρ Ŗєāśøή:%вŞçђєδůĺęδ ѕçãŋ щäş śкīρρέð ъέĉâυśē ŧћэ ľάšţ śůççеŝѕƒųŀ ѕċąñ щâѕ щіţħïń ťħė ŀáşť 7 ďάγş

Date: 2025-07-11 19:56:52
Description:
Microsoft Defender Antivirus ŝçäи ĥåš вėэй šţōрρěđ вёƒσŗę сŏмρľëŧïόʼn.%л %ťЅсăй ІĐ:%ъ{A34AE980-B26A-442B-82D7-11979FC2709F}%ⁿ %ŧŞċăπ Тýрё:%ъAntimalware%ή %τŚςâņ Рåřám℮ţĕŗş:%ъSchnellüberprüfung%ņ  %ţÛšēґ:%ъNT-AUTORITÄT\SYSTEM%ŋ %ťŠţóρ Ŗєāśøή:%вŞçђєδůĺęδ ѕçãŋ щäş śкīρρέð ъέĉâυśē ŧћэ ľάšţ śůççеŝѕƒųŀ ѕċąñ щâѕ щіţħïń ťħė ŀáşť 7 ďάγş

Date: 2025-07-10 22:00:08
Description:
Microsoft Defender Antivirus ŝçäи ĥåš вėэй šţōрρěđ вёƒσŗę сŏмρľëŧïόʼn.%л %ťЅсăй ІĐ:%ъ{C5FA2228-697B-4819-94AF-F7603ACF4671}%ⁿ %ŧŞċăπ Тýрё:%ъAntimalware%ή %τŚςâņ Рåřám℮ţĕŗş:%ъSchnellüberprüfung%ņ  %ţÛšēґ:%ъNT-AUTORITÄT\SYSTEM%ŋ %ťŠţóρ Ŗєāśøή:%вŞçђєδůĺęδ ѕçãŋ щäş śкīρρέð ъέĉâυśē ŧћэ ľάšţ śůççеŝѕƒųŀ ѕċąñ щâѕ щіţħïń ťħė ŀáşť 7 ďάγş
Event[0]

Date: 2025-07-14 17:11:12
Description:
Microsoft Defender Antivirus Dienst scheint beim Herunterfahren nicht reagiert zu sein.
Timout (Sekunden):  120
Komponente:  ServiceMiscTasksClose
Selbstbeendigend:  0

Date: 2025-05-14 16:23:46
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.427.787.0
Update Source: Microsoft Update Server
Sicherheitstyp: AntiVirus
Updatetyp: Full
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.25030.1
Fehlercode: 0x80240016
Fehlerbeschreibung: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 

Date: 2024-12-29 02:05:55
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Security Intelligence aufgetreten. Es wird versucht, zu einer vorherigen Version zurückzukehren.
Security Intelligence versucht: Aktuell
Fehlercode: 0x80070003
Fehlerbeschreibung: Das System kann den angegebenen Pfad nicht finden.
Security Intelligence-Version: 0.0.0.0;0.0.0.0
Modulversion: 0.0.0.0

CodeIntegrity:
===============
Date: 2025-07-16 14:32:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.


==================== Speicherinformationen ===========================

BIOS: American Megatrends International, LLC. A.F0 10/11/2023
Hauptplatine: Micro-Star International Co., Ltd. B550-A PRO (MS-7C56)
Prozessor: AMD Ryzen 7 5700X 8-Core Processor
Prozentuale Nutzung des RAM: 24%
Installierter physikalischer RAM: 32694.05 MB
Verfügbarer physikalischer RAM: 24659.51 MB
Summe virtueller Speicher: 34742.05 MB
Verfügbarer virtueller Speicher: 26557.75 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:930.66 GB) (Free:550.11 GB) (Model: MSI M450 1TB) NTFS
Drive e: (Volume) (Fixed) (Total:953.87 GB) (Free:70.83 GB) (Model: SPCC Solid State Disk) NTFS

\\?\Volume{ad014a6f-2923-4e18-85a0-d34ddaa8bb79}\ () (Fixed) (Total:0.74 GB) (Free:0.15 GB) NTFS
\\?\Volume{8d5dd1d1-a483-4080-a082-7a982f5f68e2}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 953.9 GB) (Disk ID: 9408BF26)
Partition 1: (Not Active) - (Size=953.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================

cosinus 16.07.2025 14:23
Ja hast du richtig verstanden und auch richtig gemacht :)
Ich schau mir die Logs gleich an

cosinus 16.07.2025 14:27
Scripting/Repair mit FRST64

WARNUNG AN ALLE MITLESER !!!
Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System angewendet werden!
  • Kopiere den gesamten Inhalt der folgenden Code-Box:

    Code:
    Start::
    Edge Notifications: Default -> https://d1q2usinaffc7397jcng.saq-protect.co.in
    CHR Notifications: Default -> https://backgammonstudio.com; https://de31.the-west.de; https://heroes.backgammonstudio.com; https://heroes3.backgammonstudio.com; https://mingle.respondi.de; https://naka-24.jgw-ev.de; https://www.backgammonstudio.com; https://www.ipsosisay.com; https://www.youtube.com
    Task: {112e5d34-8903-4aab-8132-f10e9d3ebe5a} - kein Dateipfad. <==== ACHTUNG
    Task: {2008adb5-9727-4554-82d1-10bc1745e8b1} - kein Dateipfad. <==== ACHTUNG
    Task: {2269145a-6d62-44c0-a755-2f56b3301453} - kein Dateipfad. <==== ACHTUNG
    Task: {25f23172-2787-4c1b-9500-4106c457e0bb} - kein Dateipfad. <==== ACHTUNG
    Task: {262a40ed-a71e-4de2-875b-29bc1fdb33c7} - kein Dateipfad. <==== ACHTUNG
    Task: {3c6314d9-c7a1-45b6-9291-b9a4e8565a82} - kein Dateipfad. <==== ACHTUNG
    Task: {45840b04-5a74-483d-83cf-de83848d0492} - kein Dateipfad. <==== ACHTUNG
    Task: {49244025-6df9-422b-9e60-fcfe9befa7cc} - kein Dateipfad. <==== ACHTUNG
    Task: {49f467fe-f6ab-47c3-bc8f-feb6ecafdc8d} - kein Dateipfad. <==== ACHTUNG
    Task: {4a81a102-6041-41f8-aec6-9e1577acd5bd} - kein Dateipfad. <==== ACHTUNG
    Task: {4fe10caf-cdf4-464f-b1b6-2d54ba837948} - kein Dateipfad. <==== ACHTUNG
    Task: {59514228-1f82-4abd-afd7-3fcf9583ceb8} - kein Dateipfad. <==== ACHTUNG
    Task: {6252884b-51c4-48b8-bee4-73f01f7305b1} - kein Dateipfad. <==== ACHTUNG
    Task: {77d009d7-1870-47f3-80c4-323541939d46} - kein Dateipfad. <==== ACHTUNG
    Task: {7e1c234c-f8fe-4e89-ad85-93991578a23a} - kein Dateipfad. <==== ACHTUNG
    Task: {81807fe3-4902-4181-8e2a-22c3b638c533} - kein Dateipfad. <==== ACHTUNG
    Task: {87d50552-871e-49a1-9b41-97eb9ef69092} - kein Dateipfad. <==== ACHTUNG
    Task: {8961c923-cd25-44c4-b36a-c42c40d1660d} - kein Dateipfad. <==== ACHTUNG
    Task: {93a33fff-17eb-4842-9faf-7534d5215b10} - kein Dateipfad. <==== ACHTUNG
    Task: {9eaf414f-36f6-4ffd-9684-175b2f318c04} - kein Dateipfad. <==== ACHTUNG
    Task: {a6f37331-826e-4bd1-bbcf-0c0e29bcff2c} - kein Dateipfad. <==== ACHTUNG
    Task: {acc4f9db-bb56-4b53-8d9d-5e013c15118c} - kein Dateipfad. <==== ACHTUNG
    Task: {c5c8f437-adb8-43b5-b8a4-b36b05a3e364} - kein Dateipfad. <==== ACHTUNG
    Task: {ce8233e6-ce9f-49b7-8752-ebaef42a581d} - kein Dateipfad. <==== ACHTUNG
    Task: {d925046e-c8c8-4d8c-824e-37a6fab0368e} - kein Dateipfad. <==== ACHTUNG
    Task: {d94a6419-a129-4abc-a395-5e3dd4ae9b87} - kein Dateipfad. <==== ACHTUNG
    Task: {e91f7dcf-a6ba-4217-89da-5ccf63f6e9fc} - kein Dateipfad. <==== ACHTUNG
    Task: {ec0a6339-a680-49dc-9e67-a2c91d538c04} - kein Dateipfad. <==== ACHTUNG
    Task: {ef7d7f8d-d387-436a-90ec-5890ebacb456} - kein Dateipfad. <==== ACHTUNG
    Task: {fa2bd862-ffe8-49a7-9e7b-f431bb237d75} - kein Dateipfad. <==== ACHTUNG
    Task: {ffdf9004-c786-45d9-a30b-05279132e6c6} - kein Dateipfad. <==== ACHTUNG
    EmptyTemp:
    End::
  • Starte nun FRST und klicke direkt den Reparieren Button.Wichtig: Du brauchst den Inhalt der Code-Box nirgends einfügen, da sich FRST den Code aus der Zwischenablage holt!
  • Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich FRST befindet.
  • Gegebenenfalls muss dein Rechner neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:38 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132