Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 11: Möglicher Trojanerbefall nach ausführung dubioser .exe (https://www.trojaner-board.de/218120-windows-11-moeglicher-trojanerbefall-ausfuehrung-dubioser-exe.html)

DrCobra 07.02.2026 17:27
Windows 11: Möglicher Trojanerbefall nach ausführung dubioser .exe
 
Guten Tag,
mein Sohn hat auf seinem Rechner eine fragwürdige .exe Datei ausgeführt. Avast hat hier direkt 2 Dateien in die Quarantäne verschoben und als Trojaner markiert welche er mitsamt dem gedownloadeten gelöscht hat.
Malwarebytes, Avast und Windows Defender sind schon über das System gelaufen. Malwarebytes hat 2 Funde angezeigt welcher aber mit seriösen Programmen zutuen haben.

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 07-02-2026
durchgeführt von ***** (Administrator) auf DESKTOP-JT7T9B0 (ASUS System Product Name) (07-02-2026 16:39:03)
Gestartet von C:\Users\*****\Downloads\FRST64.exe
Geladene Profile: *****
Plattform: Microsoft Windows 11 Pro Version 25H2 26200.7623 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\ShadowPlay\nvsphelper64.exe
(E:\Mozilla Firefox\firefox.exe ->) (Mozilla Corporation -> Mozilla Foundation) E:\Mozilla Firefox\crashhelper.exe
(Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Mozilla Corporation -> Mozilla Corporation) E:\Mozilla Firefox\firefox.exe <16>
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray_service.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CredentialEnrollmentManager.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MsMpEng.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4646b47d9477048e\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.195.0.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18725336 2022-05-12] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4143440 2025-12-02] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [887976 2026-02-03] (Gen Digital Inc. -> Gen Digital Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752264 2025-12-18] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\144.0.3719.115\Installer\setup.exe [7771728 2026-02-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3946404165-2299855374-679032929-1001\...\Run: [GogGalaxy] => E:\GOG Galaxy\GalaxyClient.exe [14592560 2025-12-20] (GOG  sp. z o.o -> GOG.com)
HKU\S-1-5-21-3946404165-2299855374-679032929-1001\...\Run: [WallpaperEngine] => D:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [3647928 2025-02-19] (Skutta Software GmbH -> )
HKU\S-1-5-21-3946404165-2299855374-679032929-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2736744 2024-04-21] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3946404165-2299855374-679032929-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [41671128 2026-01-31] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\141.0.7390.77\Installer\chrmstp.exe [2025-10-14] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2026-02-05]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {DA0EEDEE-9C5F-4F42-9BAD-C53BF6388166} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1581568 2025-08-24] (Adobe Inc. -> Adobe Inc.)
Task: {B05054AB-34EA-4271-8D4A-511BC0C6D29E} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [6108464 2025-07-31] (Avast Software s.r.o. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup" --configpath "C:\ProgramData\Avast Software\Cleanup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\Cle (Der Dateneintrag hat 53 weitere Zeichen).
Task: {BE2C4F24-2446-432F-ACC2-8567DBA12B09} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [8930096 2025-07-09] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {BDD72359-216D-4A1B-990B-7A834D1C1529} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [6108464 2025-07-31] (Avast Software s.r.o. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater" --configpath "C:\ProgramData\Avast Software\Driver Updater" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramD (Der Dateneintrag hat 82 weitere Zeichen).
Task: {8021A201-4B25-4434-9FEB-04A54892C143} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [8930096 2025-07-08] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {E3684F73-97AC-480E-8198-654D6045E73C} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5623464 2026-02-03] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {B9743076-60DB-4AB5-8FEB-3CF61E25DA02} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [6193832 2025-12-11] (Gen Digital Inc. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (Der Dateneintrag hat 80 weitere Zeichen).
Task: {B81A2059-F757-4EC9-B87C-C7A59C4CC13B} - System32\Tasks\Avast Software\Avast SecureLine VPN Emergency Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [3959464 2025-12-11] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {C51F60D1-D821-4089-B205-5275E7BC0D3D} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [9176800 2025-12-09] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {B2024C11-4C38-4B7B-BB76-C5DF89FF1E9E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2977504 2025-10-13] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {67570494-C023-4C1F-BCED-F404ADC55EEF} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem144.0.7547.0{5C4A42FA-B2C2-4B92-9472-3580338B41DB} => C:\Program Files (x86)\Google\GoogleUpdater\144.0.7547.0\updater.exe [7056536 2025-11-26] (Google LLC -> Google LLC)
Task: {C89D998F-23D3-4942-ABB9-C3DC0E3FAB99} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ActionsServer\ActionsServer.exe [16268592 2026-02-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {67D96D47-0E55-47BA-9A3A-DE47B4367AE3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28622664 2026-01-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {6DAA2D58-18AB-457E-A96E-8E59C7AAE543} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\opushutil.exe [73568 2026-02-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {768F748C-DFCC-4B46-B773-D85D98D2059B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28622664 2026-01-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {19A19A59-869C-4ABE-A9CF-92896C0D7B21} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309608 2026-02-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {39297F9F-E3B9-48A3-B96F-20EBED3DE03A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309608 2026-02-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {32992391-F522-4E6C-953C-547649FD738A} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [1346856 2026-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {6A937301-51FB-4122-B750-1CCB27226936} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4447336 2026-01-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {566D07A7-230E-4206-AC44-02E39DBEAE05} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ActionsServer\ActionsServer.exe [16268592 2026-02-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe  (Keine Datei)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe  (Keine Datei)
Task: {0D761667-6667-4FF5-BA32-3DA6E1153716} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe  LogonUpdateResults (Keine Datei)
Task: {F1A8034B-8139-46F4-A6BE-22C32E9AAA67} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe  /RunOnAC ReadyToReboot (Keine Datei)
Task: {2E7984CD-4467-4A03-9C5A-AB2262C215AE} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe  /RunOnBattery ReadyToReboot (Keine Datei)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Keine Datei)
Task: {D6DC3A18-1120-4DDD-9AD9-243F6CFD0B84} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpCmdRun.exe [1786528 2026-02-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CF3C7909-859A-4EAE-8AC6-16F4DEE3EB88} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpCmdRun.exe [1786528 2026-02-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DCA02588-3FBA-4D28-B40D-85756B24DF4A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpCmdRun.exe [1786528 2026-02-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {64C5972A-BA77-41DE-97A7-A894634E74B0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpCmdRun.exe [1786528 2026-02-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9A328E20-A81E-4FC0-A22E-2B0EFA1C91D4} - System32\Tasks\Mozilla\Firefox Default Browser Agent F60400B719B2D51E => E:\Mozilla Firefox\default-browser-agent.exe [34944 2026-02-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {F20129E0-0429-49E4-B492-D3F0F7C75FF6} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3337328 2026-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5B315E7A-6138-478C-AC0F-DF5AD1B47DF5} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [121605552 2022-05-27] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) -> C:\Program Files (x86)\Samsung\Samsung Magician\\/AUTOHIDE
Task: {581AF20F-8789-49C4-AA38-5DEE17228988} - System32\Tasks\Ubisoft\Ubisoft Connect Background Update => E:\Uplay\Ubisoft Game Launcher\upc.exe [17246392 2026-01-31] (UBISOFT ENTERTAINMENT INC. -> Ubisoft)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{45b91815-a1a1-4717-99ad-29460e2200bb}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{45b91815-a1a1-4717-99ad-29460e2200bb}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{4dae2e36-5de2-45a6-9ca3-df783d6b134a}: [DhcpNameServer] 10.240.251.2
Tcpip\..\Interfaces\{63d0dd89-b0b2-400a-b728-0f983d82ce5c}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ae17934b-af2a-4fb8-b399-d1b70fe54cef}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF TaskBarID: F60400B719B2D51E -> E:\Mozilla Firefox
FF DefaultProfile: tdb0hwd4.default -> E020BA2ACACF116C
FF DefaultProfile: em7etpww.default-release -> F60400B719B2D51E
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\em7etpww.default-release [2026-02-07]
FF Extension: (Activist – Bold) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\em7etpww.default-release\Extensions\activist-bold-colorway@mozilla.org.xpi [2023-03-16]
FF Extension: (Tampermonkey) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\em7etpww.default-release\Extensions\firefox@tampermonkey.net.xpi [2025-11-27]
FF Extension: (uBlock Origin) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\em7etpww.default-release\Extensions\uBlock0@raymondhill.net.xpi [2026-01-31]
FF Extension: (Stay secure with CyberGhost VPN Free Proxy) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\em7etpww.default-release\Extensions\{585280b0-ee78-428a-92c5-3fb3c0b85460}.xpi [2025-10-03]
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\tdb0hwd4.default [2022-12-18]
FF Extension: (SteamDB) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\tdb0hwd4.default\Extensions\firefox-extension@steamdb.info.xpi [2022-11-07]
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\tdb0hwd4.default\Extensions\hotfix-update-xpi-intermediate@mozilla.com.xpi [2019-05-15]
FF Extension: (Hotspot Shield Free VPN Proxy - Unlimited VPN) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\tdb0hwd4.default\Extensions\hotspot-shield@anchorfree.com.xpi [2020-12-15]
FF Extension: (uBlock Origin) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\tdb0hwd4.default\Extensions\uBlock0@raymondhill.net.xpi [2022-11-15]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\tdb0hwd4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-12-05]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2026-01-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2026-01-31] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.481.0 -> C:\Program Files (x86)\Java\jre1.8.0_481\bin\dtplugin\npDeployJava1.dll [2025-12-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.481.0 -> C:\Program Files (x86)\Java\jre1.8.0_481\bin\plugin2\npjp2.dll [2025-12-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2026-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-12-08] (Microsoft Corporation -> Microsoft Corporation)

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default [2025-10-10]
Edge Extension: (Google Docs Offline) - C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-10-10]
Edge Extension: (Edge relevant text changes) - C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-15]
Edge HKU\S-1-5-19\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-20\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-21-3946404165-2299855374-679032929-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

Chrome:
=======
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default [2026-01-12]
CHR Extension: (Google Docs Offline) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-09-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-11]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKU\S-1-5-21-3946404165-2299855374-679032929-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174584 2025-08-24] (Adobe Inc. -> Adobe Inc.)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [845256 2026-02-07] (ASUSTeK Computer Inc. -> )
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7844520 2026-02-03] (Gen Digital Inc. -> Gen Digital Inc.)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [1039528 2026-02-03] (Gen Digital Inc. -> Gen Digital Inc.)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2635432 2026-02-03] (Gen Digital Inc. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1092776 2026-02-03] (Gen Digital Inc. -> Gen Digital Inc.)
R2 AvastCleanupSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [20681008 2025-07-31] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastDriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [18335536 2025-07-31] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2024-09-24] (Avast Software s.r.o. -> AVAST Software)
S4 AvmSwitchUsb; C:\Program Files (x86)\avmwlanstick\AVMSwitchUsb.exe [125440 2015-10-01] () [Datei ist nicht signiert]
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2567304 2024-04-27] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [18991400 2024-11-06] (BattlEye Innovations e.K. -> )
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13263248 2026-01-30] (Microsoft Corporation -> Microsoft Corporation)
S2 DtsHPXV2Apo4Service; C:\WINDOWS\System32\DTS\HP\APO4x\DtsHPXV2Apo4Service.exe [367608 2023-11-22] (HP Inc. -> DTS Inc.)
S4 EAAntiCheatService; C:\Program Files\EA\AC\eaanticheat.gameservice.exe [164234488 2025-12-06] (Electronic Arts, Inc. -> Electronic Arts)
S4 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [14991976 2024-04-21] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1137904 2024-07-13] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [959216 2025-11-30] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicGamesUpdater; E:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesUpdater.exe [3344336 2025-12-18] (Epic Games Inc. -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [381416 2024-07-13] (Epic Games Inc. -> Epic Games, Inc.)
S4 GalaxyClientService; E:\GOG Galaxy\GalaxyClientService.exe [2443312 2025-12-20] (GOG  sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7657008 2025-08-25] (GOG  sp. z o.o -> GOG.com)
S3 GameInputRedistService; C:\Program Files\Microsoft GameInput\x64\GameInputRedistService.exe [141680 2025-10-20] (Microsoft Corporation -> Microsoft Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206808 2022-05-12] (Logitech Inc -> Logitech Inc.)
R2 logi_lamparray_service; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray_service.exe [9903656 2024-04-17] (Logitech Inc -> Logitech, Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [11255744 2026-02-07] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-08-02] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpDefenderCoreService.exe [2067464 2026-02-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4646b47d9477048e\Display.NvContainer\NVDisplay.Container.exe [1275624 2025-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
S4 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1565304 2025-12-11] (Rockstar Games, Inc. -> Rockstar Games)
S4 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [360368 2022-05-27] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [14622376 2025-12-11] (Gen Digital Inc. -> Gen Digital Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [803088 2025-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe [5084200 2024-01-12] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 UpcElevationService; C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher Core\UpcElevationService.exe [351928 2026-01-31] (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [62279264 2025-12-02] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\NisSrv.exe [4435096 2026-02-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MsMpEng.exe [290744 2026-02-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [26193816 2025-08-14] (KRAFTON, Inc. -> KRAFTON, Inc.)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [54752 2022-12-15] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amduw23g; C:\WINDOWS\System32\DriverStore\FileRepository\u0400644.inf_amd64_9691c8ee1bbfcbb7\B399690\amdkmdag.sys [100084632 2024-02-27] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [21088 2026-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [286816 2026-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [435808 2026-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [304736 2026-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [88160 2026-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [29144 2025-08-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [32864 2026-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [289888 2026-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [586336 2026-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [97376 2026-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [73312 2026-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [898656 2026-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [1315424 2026-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [231008 2026-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [404064 2026-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [85776 2025-02-06] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
S3 aswWireGuard; C:\WINDOWS\System32\drivers\aswWireguard.sys [174912 2025-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
S3 avmeject; C:\WINDOWS\System32\drivers\avmeject.sys [14120 2015-10-01] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
S3 AWCCDriver; C:\WINDOWS\System32\drivers\AWCCDriver.sys [43496 2022-12-11] (IndiLogic LLC -> Dell Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [602112 2025-07-08] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [204800 2025-07-08] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [110592 2025-05-19] (Microsoft Corporation) [Datei ist nicht signiert]
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [82352 2026-02-07] (Microsoft Windows -> Microsoft Corporation)
R3 LGBusEnum; C:\WINDOWS\system32\drivers\LGBusEnum64.sys [46264 2022-05-12] (Logitech Inc -> Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore64.sys [76480 2022-05-12] (Logitech Inc -> Logitech Inc.)
R3 LGVirHid; C:\WINDOWS\system32\drivers\LGVirHid64.sys [34496 2022-05-12] (Logitech Inc -> Logitech Inc.)
R3 logi_lamparray; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray.sys [98864 2024-04-17] (Logitech Inc -> Logitech, Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-08-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [245864 2026-02-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
R3 rt25cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt25cx21x64.inf_amd64_8e61b4ea25373168\rt25cx21x64.sys [887776 2024-10-21] (Realtek Semiconductor Corp. -> Realtek)
R0 SCMNdisP; C:\WINDOWS\System32\DRIVERS\scmndisp.sys [29472 2012-09-05] (NETGEAR -> SerComm Corporation)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [44293288 2025-12-01] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21888 2026-02-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [635272 2026-02-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [102832 2026-02-07] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [215864 2024-05-25] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 EAAntiCheat; system32\drivers\eaanticheat.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2026-02-07 16:39 - 2026-02-07 16:39 - 000034145 _____ C:\Users\*****\Downloads\FRST.txt
2026-02-07 16:38 - 2026-02-07 16:39 - 000000000 ____D C:\FRST
2026-02-07 16:35 - 2026-02-07 16:35 - 002447360 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2026-02-07 16:31 - 2026-02-07 16:33 - 000000000 ____D C:\AdwCleaner
2026-02-07 16:31 - 2026-02-07 16:31 - 009629128 _____ (Malwarebytes) C:\Users\*****\Downloads\adwcleaner.exe
2026-02-07 10:45 - 2026-02-07 10:45 - 000001449 _____ C:\Users\Public\Desktop\NVIDIA App.lnk
2026-02-07 10:45 - 2026-01-16 16:37 - 000161912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap32v.dll
2026-02-07 10:45 - 2026-01-16 16:37 - 000060568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2026-02-07 10:44 - 2026-02-07 10:44 - 000745650 _____ C:\WINDOWS\system32\perfh007.dat
2026-02-07 10:44 - 2026-02-07 10:44 - 000158752 _____ C:\WINDOWS\system32\perfc007.dat
2026-02-07 10:44 - 2026-02-07 10:44 - 000000000 ____D C:\Users\*****\AppData\Roaming\Sun
2026-02-07 10:43 - 2026-02-07 10:44 - 000000000 ____D C:\Program Files (x86)\Java
2026-02-07 10:43 - 2026-02-07 10:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2026-02-07 10:43 - 2025-12-18 15:01 - 000178872 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2026-02-07 10:31 - 2026-02-07 10:31 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2026-02-07 10:30 - 2026-02-07 12:38 - 000000000 ____D C:\WINDOWS\CbsTemp
2026-02-07 10:30 - 2026-02-07 10:30 - 000000000 ____D C:\WINDOWS\Panther
2026-02-07 04:59 - 2026-02-07 04:59 - 000000000 ____D C:\Users\*****\ipsniff
2026-02-07 04:59 - 2026-02-07 04:59 - 000000000 ____D C:\Users\*****\AppData\Roaming\decontev
2026-02-06 17:04 - 2026-02-06 17:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2026-02-03 19:08 - 2026-02-03 19:08 - 000323752 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
2026-01-31 22:33 - 2026-01-31 22:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Ubisoft
2026-01-31 22:33 - 2026-01-31 22:33 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2026-01-31 18:38 - 2026-02-01 13:05 - 000000179 _____ C:\Users\*****\Desktop\Enlightment.txt
2026-01-11 22:41 - 2026-01-11 22:41 - 000000000 ____D C:\ProgramData\dbg

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2026-02-07 16:33 - 2024-12-27 01:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2026-02-07 16:33 - 2022-12-11 17:27 - 000000000 ____D C:\ProgramData\NVIDIA
2026-02-07 16:22 - 2023-01-25 21:34 - 000000000 ____D C:\Users\*****\Desktop\Präsi
2026-02-07 16:14 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-02-07 15:27 - 2025-07-17 20:02 - 000000000 ____D C:\SteamLibrary
2026-02-07 14:32 - 2024-12-27 01:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2026-02-07 12:27 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2026-02-07 11:44 - 2022-12-11 18:43 - 000000000 ____D C:\Users\*****\AppData\Roaming\RenPy
2026-02-07 11:41 - 2022-12-11 17:21 - 000000000 ____D C:\Users\*****\AppData\Local\D3DSCache
2026-02-07 11:24 - 2025-08-02 12:11 - 000000000 ____D C:\Users\*****\AppData\Local\Malwarebytes
2026-02-07 10:52 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2026-02-07 10:52 - 2023-01-26 21:00 - 000002080 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2026-02-07 10:52 - 2023-01-19 22:42 - 000002092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2026-02-07 10:48 - 2022-12-11 21:36 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2026-02-07 10:46 - 2025-08-02 12:11 - 000245864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2026-02-07 10:45 - 2024-12-27 01:42 - 000003834 _____ C:\WINDOWS\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2026-02-07 10:45 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2026-02-07 10:45 - 2022-12-11 17:27 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2026-02-07 10:44 - 2024-12-27 01:44 - 001729504 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2026-02-07 10:40 - 2024-07-19 15:00 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2026-02-07 10:37 - 2025-07-17 21:14 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2026-02-07 10:37 - 2024-12-27 01:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2026-02-07 10:37 - 2024-12-27 01:40 - 000069350 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2026-02-07 10:37 - 2022-12-11 21:36 - 000901328 _____ () C:\WINDOWS\system32\wpbbin.exe
2026-02-07 10:37 - 2022-12-11 21:36 - 000845256 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2026-02-07 10:37 - 2022-12-11 21:36 - 000012288 ___SH C:\DumpStack.log.tmp
2026-02-07 10:37 - 2022-12-11 18:50 - 000000000 ____D C:\ProgramData\AVAST Software
2026-02-07 10:31 - 2024-04-01 08:21 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2026-02-07 10:30 - 2024-12-26 19:24 - 000000000 ____D C:\Users\*****
2026-02-07 05:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2026-02-07 05:27 - 2022-12-17 14:27 - 000000000 ____D C:\World_of_Tanks_EU
2026-02-07 05:27 - 2022-12-11 18:37 - 000000000 ____D C:\Users\*****\AppData\Roaming\discord
2026-02-07 04:22 - 2022-12-11 18:38 - 000000000 ____D C:\Users\*****\AppData\Local\Discord
2026-02-07 04:01 - 2022-12-11 21:36 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2026-02-07 01:22 - 2021-04-10 15:57 - 000002257 _____ C:\Users\*****\Desktop\Discord.lnk
2026-02-06 23:11 - 2022-12-11 18:34 - 000000000 ____D C:\Program Files\Common Files\PUBG
2026-02-06 22:33 - 2022-12-11 18:47 - 000000000 ____D C:\Users\*****\AppData\Local\Ubisoft Game Launcher
2026-02-06 17:04 - 2022-12-11 19:29 - 000000790 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2026-02-05 22:34 - 2022-12-11 18:47 - 000000000 ____D C:\Users\*****\AppData\Local\Warframe
2026-02-05 19:28 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2026-02-05 19:01 - 2022-12-11 18:34 - 000000000 ____D C:\Program Files\Microsoft Office
2026-02-04 22:04 - 2022-12-11 21:41 - 000000000 ____D C:\Users\*****\AppData\Local\Packages
2026-02-04 22:04 - 2022-12-11 21:41 - 000000000 ____D C:\ProgramData\Packages
2026-02-03 23:08 - 2025-09-13 17:31 - 000002960 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskCachedFiles
2026-02-03 23:08 - 2024-12-27 01:42 - 000003682 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2026-02-03 23:08 - 2024-12-27 01:42 - 000003456 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2026-02-03 19:08 - 2024-09-24 21:44 - 001315424 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSP.sys
2026-02-03 19:08 - 2024-09-24 21:44 - 000898656 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2026-02-03 19:08 - 2024-09-24 21:44 - 000586336 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2026-02-03 19:08 - 2024-09-24 21:44 - 000435808 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2026-02-03 19:08 - 2024-09-24 21:44 - 000404064 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswVmm.sys
2026-02-03 19:08 - 2024-09-24 21:44 - 000304736 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2026-02-03 19:08 - 2024-09-24 21:44 - 000289888 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2026-02-03 19:08 - 2024-09-24 21:44 - 000286816 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArPot.sys
2026-02-03 19:08 - 2024-09-24 21:44 - 000097376 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2026-02-03 19:08 - 2024-09-24 21:44 - 000088160 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2026-02-03 19:08 - 2024-09-24 21:44 - 000073312 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2026-02-03 19:08 - 2024-09-24 21:44 - 000032864 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2026-02-03 19:08 - 2024-09-24 21:44 - 000021088 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2026-02-03 19:08 - 2024-04-01 08:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2026-02-02 18:27 - 2022-12-11 18:38 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Excel
2026-02-02 17:24 - 2022-12-11 18:41 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Word
2026-01-31 22:38 - 2022-12-11 18:48 - 000000000 ____D C:\Users\*****\AppData\Local\BattlEye
2026-01-29 18:39 - 2025-02-15 23:36 - 000000000 ____D C:\Users\*****\Documents\Assassin's Creed Unity
2026-01-24 22:18 - 2022-12-11 18:38 - 000000000 ____D C:\Users\*****\AppData\Local\CrashDumps
2026-01-17 22:23 - 2023-01-07 17:34 - 000000000 ____D C:\Users\*****\AppData\Roaming\.minecraft
2026-01-16 17:03 - 2024-12-24 16:29 - 001310832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2026-01-16 17:03 - 2024-12-24 16:29 - 001115760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2026-01-16 17:03 - 2022-12-11 17:27 - 000290928 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2026-01-16 17:03 - 2022-12-11 17:27 - 000264816 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2026-01-16 16:37 - 2022-12-11 17:27 - 000185464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2026-01-16 16:37 - 2022-12-11 17:27 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2026-01-16 00:29 - 2024-12-27 01:42 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2026-01-16 00:27 - 2024-12-27 01:39 - 000325208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2026-01-16 00:25 - 2024-04-01 17:36 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2026-01-16 00:25 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2026-01-16 00:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2026-01-16 00:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2026-01-16 00:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2026-01-16 00:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2026-01-16 00:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2026-01-16 00:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\setup
2026-01-16 00:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2026-01-16 00:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2026-01-15 20:15 - 2024-10-09 21:01 - 134222904 _____ C:\WINDOWS\392667600.dat
2026-01-15 20:08 - 2022-12-11 18:49 - 000000000 ____D C:\ProgramData\Riot Games
2026-01-15 19:59 - 2024-04-28 16:46 - 000000000 ____D C:\Users\*****\AppData\Roaming\riot-client-ux
2026-01-13 23:18 - 2023-10-29 12:23 - 000000000 ____D C:\ProgramData\Packer
2026-01-13 23:17 - 2022-12-11 18:38 - 000000000 ____D C:\Users\*****\AppData\Roaming\EasyAntiCheat
2026-01-13 21:06 - 2024-12-27 01:42 - 003276800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2026-01-12 19:46 - 2022-12-11 17:23 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2026-01-12 19:46 - 2022-12-11 17:23 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2023-08-26 14:38 - 2023-09-05 18:01 - 000000170 _____ () C:\Users\*****\AppData\Roaming\BattleBitConfig.ini
2023-09-05 18:43 - 2023-09-05 18:43 - 000000019 _____ () C:\Users\*****\AppData\Roaming\BattleBitMutedPlayers.ini
2024-12-16 20:22 - 2024-12-16 20:22 - 000000048 ____R () C:\Users\*****\AppData\Local\E234B8748ABB76AC94B6B54DE3E7EE44
2022-12-11 18:48 - 2025-07-18 22:26 - 000007592 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

DrCobra 07.02.2026 17:59
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 07-02-2026
durchgeführt von ***** (07-02-2026 16:39:40)
Gestartet von C:\Users\*****\Downloads
Microsoft Windows 11 Pro Version 25H2 26200.7623 (X64) (2024-12-27 00:42:10)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-3946404165-2299855374-679032929-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3946404165-2299855374-679032929-503 - Limited - Disabled)
Gast (S-1-5-21-3946404165-2299855374-679032929-501 - Limited - Disabled)
***** (S-1-5-21-3946404165-2299855374-679032929-1001 - Administrator - Enabled) => C:\Users\*****
WDAGUtilityAccount (S-1-5-21-3946404165-2299855374-679032929-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 25.001.21151 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601120}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AIDA64 Extreme v8.20 (HKLM\...\AIDA64 Extreme_is1) (Version: 8.20 - FinalWire Ltd.)
Alienware Command Center Package Manager (HKLM-x32\...\{D2DA930B-CB5D-4DD6-BF62-BE6C310A353D}) (Version: 5.9.2.0 - Dell Inc.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 4.11.02.829 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD I2C Driver (HKLM-x32\...\{B31D92D9-2914-46B0-9738-F668A563DE73}) (Version: 1.2.0.119 - Advanced Micro Devices, Inc.) Hidden
AMD PPM Provisioning File Driver (HKLM-x32\...\{3665A5DE-D07C-46D7-9207-713E8E9FEF32}) (Version: 8.0.0.14 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.22.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{a570d766-1f10-4cc2-8255-1459ab00a6d0}) (Version: 4.11.02.829 - Advanced Micro Devices, Inc.) Hidden
Aslain's WoT Modpack Version 2.1.0.1.08 (HKLM-x32\...\Aslains_WoT_Modpack_Installer_is1) (Version: 2.1.0.1.08 - Aslain)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version:  - Ubisoft)
Audacity 3.7.0 (HKLM\...\Audacity_is1) (Version: 3.7.0 - Audacity Team)
Avast One (HKLM\...\Avast Antivirus) (Version: 26.1.6194 - Avast Software)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 06.20.07 - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: 2.31a - GOG.com)
Diablo IV (HKLM-x32\...\Diablo IV) (Version:  - Blizzard Entertainment)
Dual Monitor Tools (HKLM-x32\...\{4D12B270-FE84-471F-BA5E-273AEC4A26B1}) (Version: 2.10.0.0 - GNE)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.180.0.5693 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{a36332e1-3e44-4857-8cf4-dd2e3048f2a8}) (Version: 13.180.0.5693 - Electronic Arts)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{A1EB595F-651D-4A04-99B0-A7065538B33C}) (Version: 2.0.38.0 - Epic Games, Inc.)
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.92.24 - GOG.com)
Google Chrome (HKLM\...\{D8756D27-79B8-30DE-9331-8EB0A19B2607}) (Version: 141.0.7390.77 - Google LLC)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Helping the Hotties (HKLM-x32\...\1237982317_is1) (Version: 1.0.4.10.8 - GOG.com)
Java 8 Update 481 (HKLM-x32\...\{71024AE4-039E-4CA4-87B4-2F32180481F0}) (Version: 8.0.4810.10 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-3946404165-2299855374-679032929-1001\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Leap of Love (HKLM-x32\...\1111421371_is1) (Version: 2.5.8 - GOG.com)
Logitech Gaming Software 9.04 (HKLM\...\Logitech Gaming Software) (Version: 9.04.49 - Logitech Inc.)
Lust Theory - Season 1 (HKLM-x32\...\1582333296_is1) (Version: 1.0.3 - GOG.com)
Malwarebytes version 5.4.8.232 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.4.8.232 - Malwarebytes)
Microsoft .NET Host - 5.0.10 (x86) (HKLM-x32\...\{EEC610D2-6934-4567-A658-092A1429A21A}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.36 (x86) (HKLM-x32\...\{FBC9D6AE-6396-4FC7-BC18-00852836F16D}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.10 (x86) (HKLM-x32\...\{29F55E7D-9FB8-4F1D-A233-1F5995CB0FF5}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.36 (x86) (HKLM-x32\...\{6F73FE7B-B9C3-4A05-8138-0E44543D755F}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.10 (x86) (HKLM-x32\...\{17675144-2D5B-4BA3-AF21-A65F7D824149}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.36 (x86) (HKLM-x32\...\{89C09E22-01D0-41F6-BAD3-CA0A8B74AD22}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.19628.20166 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\{DE493D86-8367-3619-97B6-69B997F0DBE3}) (Version: 144.0.3719.115 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 144.0.3719.115 - Microsoft Corporation) Hidden
Microsoft GameInput (HKLM\...\{ECB4BDD1-984C-9F25-299C-A9EF75C14197}) (Version: 10.1.26100.6879 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.25.28902 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211 (HKLM-x32\...\{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35211 (HKLM-x32\...\{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35211 (HKLM-x32\...\{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{ba8ab6bd-ad21-447e-b617-feee84353247}) (Version: 5.0.10.30418 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{DCE5198A-7449-4F9F-A630-C8363759D0FB}) (Version: 40.40.30418 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.36 (x86) (HKLM-x32\...\{9A00C541-6944-4969-9DFE-A7289215800D}) (Version: 48.144.23186 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.36 (x86) (HKLM-x32\...\{c37854d7-1852-4785-82ff-86ff988e4caf}) (Version: 6.0.36.34217 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{37737BD0-9439-44AC-BC27-F19E9A742C96}) (Version: 2.0.0.0 - Mojang)
Mozilla Firefox (x64 de) (HKU\S-1-5-21-3946404165-2299855374-679032929-1001\...\Mozilla Firefox 147.0.3 (x64 de)) (Version: 147.0.3 - Mozilla)
NVIDIA App 11.0.6.383 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.6.383 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.5.11821.36727370 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.11821.36727370 - NVIDIA Corporation)
NVIDIA Grafiktreiber 591.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 591.59 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.4.5.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.5.7 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.19426.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.19029.20208 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.19426.20170 - Microsoft Corporation) Hidden
osu! (HKLM-x32\...\{ddb6d170-3413-4d56-b822-1f9b2be6e6af}) (Version: latest - ppy Pty Ltd)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9381.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 11.9.0614.2022 - Realtek)
REDlauncher (HKLM\...\{5FAC19AE-9120-4D9B-AB70-EE91A5750A9D}) (Version: 4.2.0.4 - CD Projekt RED) Hidden
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.105.2733 - Rockstar Games)
Rockstar Games SDK (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.4.0.146 - Rockstar Games)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 7.1.1.820 - Samsung Electronics)
Soulframe (HKLM-x32\...\{81F858CF-3B1D-4E34-94D3-40AA7C20B99F}) (Version: 1.0.0 - Digital Extremes)
Special K (UnX) for Final Fantasy X|X-2 HD Remaster (HKU\S-1-5-21-3946404165-2299855374-679032929-1001\...\{0BD6E499-367A-4B80-B38A-DE55B029599F}_is1) (Version: 0.9.1.9 - The Special K Group)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.5.0.8070 - Microsoft Corporation)
The Evil Within 2 (HKLM-x32\...\1083619800_is1) (Version: 1.04 - GOG.com)
The Genesis Order (HKLM-x32\...\1598140349_is1) (Version: 1.00 - GOG.com)
Trackmania (HKLM-x32\...\Uplay Install 5595) (Version:  - Ubisoft)
Treasure of Nadia (HKLM-x32\...\1592693763_is1) (Version: 1.0117 - GOG.com)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 146.1.10956 - Ubisoft)
WinRAR 7.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
World of Tanks Closed Test (HKU\S-1-5-21-3946404165-2299855374-679032929-1001\...\1082472218) (Version:  - Wargaming.net)
World of Tanks EU (HKU\S-1-5-21-3946404165-2299855374-679032929-1001\...\454072828) (Version:  - Wargaming.net)

Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-12] ()
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Assets [2026-02-07] ()
Brother Print Support App -> C:\Program Files\WindowsApps\C2258428.Brother.PrintSupportApp_2.2.1.0_x64__m06mxaavvcjkt [2025-11-29] (Brother Industries Ltd.)
HyperX NGENUITY -> C:\Program Files\WindowsApps\33C30B79.HyperXNGenuity_5.35.0.0_x64__0a78dr3hq0pvt [2025-11-17] (HP Inc.) [Startup Task]
Ink.Handwriting.de-DE.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.de-DE.1.0_0.1082.2350.0_x64__8wekyb3d8bbwe [2025-12-20] (Microsoft Corporation)
Ink.Handwriting.de-DE.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.de-DE.1.0_0.1082.2350.0_x86__8wekyb3d8bbwe [2025-12-20] (Microsoft Corporation)
Ink.Handwriting.Main.de-DE.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.de-DE.1.0_0.1082.2350.0_x64__8wekyb3d8bbwe [2025-12-23] (Microsoft Corporation)
Local AI Manager for Microsoft 365 -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\AI [2026-02-05] ()
Malwarebytes Anti-Malware -> C:\Program Files\Malwarebytes\Anti-Malware [2026-02-07] ()
Microsoft 365 companion apps -> C:\Program Files\WindowsApps\Microsoft.M365Companions_2.2510.22000.0_x64__8wekyb3d8bbwe [2025-11-05] (Microsoft Corporation)
Microsoft.Office.ActionsServer -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\ActionsServer [2026-02-05] ()
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.969.0_x64__56jybvy8sckqj [2025-11-06] (NVIDIA Corp.)
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16 [2026-02-05] ()
OneNote Virtual Printer -> C:\Program Files\WindowsApps\Microsoft.Office.OneNoteVirtualPrinter_1.0.0.0_x64__8wekyb3d8bbwe [2025-09-03] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.37.275.0_x64__dt26b99r8h8gj [2022-12-21] (Realtek Semiconductor Corp)
WinRAR -> C:\Program Files\WinRAR [2024-09-27] (win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3946404165-2299855374-679032929-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3946404165-2299855374-679032929-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3946404165-2299855374-679032929-1001_Classes\CLSID\{b862e5f7-4485-414e-8a9f-984b945af537}\InprocServer32 -> E:\Mozilla Firefox\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-3946404165-2299855374-679032929-1001_Classes\CLSID\{C4650E08-559E-456F-8D58-78F1C4B24A59}\InprocServer32 -> E:\Mozilla Firefox\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-3946404165-2299855374-679032929-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\*****\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => Keine Datei
CustomCLSID: HKU\S-1-5-21-3946404165-2299855374-679032929-1001_Classes\CLSID\{EABAE40C-B27C-455A-B672-F234DD780948}\InprocServer32 -> C:\Users\*****\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.25.28902\x64\Microsoft.Teams.MeetingAddin.DLL (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2026-02-03] (Gen Digital Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2026-02-03] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2026-01-31] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2026-02-03] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [Avast Cleanup Premium] -> {13004120-FCAF-4232-A255-807EAD6E7D01} => C:\Program Files\Avast Software\Cleanup\tucontextmenu.dll [2025-07-31] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [Kaspersky Free 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> Keine Datei
ContextMenuHandlers1: [Kaspersky Free 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll -> Keine Datei
ContextMenuHandlers1: [Kaspersky Free 21.17] -> {0F574355-9FBE-40DB-ACB8-81F6612BB909} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.17\x64\shellex.dll -> Keine Datei
ContextMenuHandlers2: [Kaspersky Free 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> Keine Datei
ContextMenuHandlers2: [Kaspersky Free 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll -> Keine Datei
ContextMenuHandlers2: [Kaspersky Free 21.17] -> {0F574355-9FBE-40DB-ACB8-81F6612BB909} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.17\x64\shellex.dll -> Keine Datei
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2026-02-03] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2026-02-07] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers4: [Avast Cleanup Premium] -> {13004120-FCAF-4232-A255-807EAD6E7D01} => C:\Program Files\Avast Software\Cleanup\tucontextmenu.dll [2025-07-31] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers4: [Kaspersky Free 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> Keine Datei
ContextMenuHandlers4: [Kaspersky Free 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll -> Keine Datei
ContextMenuHandlers4: [Kaspersky Free 21.17] -> {0F574355-9FBE-40DB-ACB8-81F6612BB909} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.17\x64\shellex.dll -> Keine Datei
ContextMenuHandlers5: [NvAppDesktopContext] -> {F2E8B4A1-9C7D-4F6E-B3A5-8D2C1F4E9B7A} => C:\Program Files\NVIDIA Corporation\NVIDIA App\NvCpl\nvui.dll [2026-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4646b47d9477048e\nvshext.dll [2025-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2026-02-03] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers6: [Avast Cleanup Premium] -> {13004120-FCAF-4232-A255-807EAD6E7D01} => C:\Program Files\Avast Software\Cleanup\tucontextmenu.dll [2025-07-31] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers6: [Kaspersky Free 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> Keine Datei
ContextMenuHandlers6: [Kaspersky Free 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll -> Keine Datei
ContextMenuHandlers6: [Kaspersky Free 21.17] -> {0F574355-9FBE-40DB-ACB8-81F6612BB909} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.17\x64\shellex.dll -> Keine Datei
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2026-02-07] (Malwarebytes Inc -> Malwarebytes)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [Datei ist nicht signiert]

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox Web-Apps\Amazon.lnk -> E:\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "-taskbar-tab" "901e02c6-ecdc-442b-ba60-f4e9ec6a7389" "-new-window" "hxxps://www.amazon.de" "-profile" "C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\em7etpww.default-release" "-container" "0"
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox Web-Apps\Gog.lnk -> E:\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "-taskbar-tab" "d2f61493-405a-476a-9b8f-9dbfeb98fe0c" "-new-window" "hxxps://www.gog.com" "-profile" "C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\em7etpww.default-release" "-container" "0"

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2025-09-29 22:10 - 2025-09-29 22:10 - 000030720 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\de_de\Acrobat Elements\ContextMenuShim64.deu
2026-02-07 10:45 - 2026-02-07 10:45 - 000000000 ___JL (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA App\MessageBusRouter.dll] C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\plugins\NVIDIA Overlay\MessageBusRouter.dll
2024-12-24 16:29 - 2026-02-07 10:45 - 000000000 ___JL (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [3442]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2026-02-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2026-02-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_481\bin\ssv.dll [2025-12-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_481\bin\jp2ssv.dll [2025-12-18] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-02-02] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3946404165-2299855374-679032929-1001\...\sharepoint.com -> hxxps://rmbgt-files.sharepoint.com

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Network ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

DNS Servers: 192.168.178.1
 ist aktiviert.

Network Binding:
=============
Ethernet: Realtek Gaming 2.5GbE Family Controller -> rt25cx21x64.sys

SCM_NDISPROT: General NDIS Protocol Driver

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\java8path;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\dotnet\;C:\Program Files\NVIDIA Corporation\NVIDIA app\NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3946404165-2299855374-679032929-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\*****\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\18227055231437225085\134147026041711635.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)


==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\StartupFolder: => "NETGEAR WNA3100 Genie.lnk"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3946404165-2299855374-679032929-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-3946404165-2299855374-679032929-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_BD4466346BD5635D1FFBFF52F27CF7A7"
HKU\S-1-5-21-3946404165-2299855374-679032929-1001\...\StartupApproved\Run: => "WallpaperEngine"
HKU\S-1-5-21-3946404165-2299855374-679032929-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3946404165-2299855374-679032929-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-3946404165-2299855374-679032929-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3946404165-2299855374-679032929-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3946404165-2299855374-679032929-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [UDP Query User{218F78C7-BB4E-4685-AC86-854CE292E8FC}E:\epic games\games\returntomoria\moria\binaries\win64\moria-win64-shipping.exe] => (Allow) E:\epic games\games\returntomoria\moria\binaries\win64\moria-win64-shipping.exe (North Beach Games) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{99056DF0-54D2-4686-A177-6CC015F02747}E:\epic games\games\returntomoria\moria\binaries\win64\moria-win64-shipping.exe] => (Allow) E:\epic games\games\returntomoria\moria\binaries\win64\moria-win64-shipping.exe (North Beach Games) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{3247303E-F5D8-425C-A3A5-4249AA7D7C5D}E:\epic games\games\rage2\rage2.exe] => (Allow) E:\epic games\games\rage2\rage2.exe => Keine Datei
FirewallRules: [TCP Query User{ABB22685-A794-42A4-AA11-B8952EECBCA9}E:\epic games\games\rage2\rage2.exe] => (Allow) E:\epic games\games\rage2\rage2.exe => Keine Datei
FirewallRules: [{DEFACF06-D08D-4B8A-B460-B9D144BEF069}] => (Allow) F:\SteamLibrary\steamapps\common\MonsterHunterWildsBetatest\MonsterHunterWildsBeta.exe => Keine Datei
FirewallRules: [{AC1B9AD8-BF6E-4899-87FE-90EEB2C363BB}] => (Allow) F:\SteamLibrary\steamapps\common\MonsterHunterWildsBetatest\MonsterHunterWildsBeta.exe => Keine Datei
FirewallRules: [{E1118E5A-B899-42A7-BE10-E19E9F06C8B5}] => (Allow) E:\Steam Games\steamapps\common\Five Hearts Under One Roof Demo\MilkGame.exe => Keine Datei
FirewallRules: [{1EAD9BE0-89E9-4CC9-A84E-A987E600C3FF}] => (Allow) E:\Steam Games\steamapps\common\Five Hearts Under One Roof Demo\MilkGame.exe => Keine Datei
FirewallRules: [{974ECC3B-6A78-4F41-87D2-C4F82023BCBD}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{29DE1AB1-4F0C-4797-BE4D-C5682A350D48}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{B2EC7AE6-9584-4A8B-9664-3BBE88FEE660}] => (Allow) E:\Steam Games\steamapps\common\Dishonored2\Dishonored2.exe => Keine Datei
FirewallRules: [{71851B52-B48C-4AAD-95BB-6FCAD61939B4}] => (Allow) E:\Steam Games\steamapps\common\Dishonored2\Dishonored2.exe => Keine Datei
FirewallRules: [UDP Query User{F7C37F1E-E386-4855-8EC9-FEEC1DBC674C}F:\steamlibrary\steamapps\common\call of duty hq\mp24\mp24-cod.exe] => (Allow) F:\steamlibrary\steamapps\common\call of duty hq\mp24\mp24-cod.exe => Keine Datei
FirewallRules: [TCP Query User{FEB5E666-FA49-4E46-95B0-23E64F012F43}F:\steamlibrary\steamapps\common\call of duty hq\mp24\mp24-cod.exe] => (Allow) F:\steamlibrary\steamapps\common\call of duty hq\mp24\mp24-cod.exe => Keine Datei
FirewallRules: [{D661FB33-C676-4FE1-A357-1BE5999C143A}] => (Allow) F:\SteamLibrary\steamapps\common\Deadlock\game\bin\win64\project8.exe (Valve Corp. -> )
FirewallRules: [{41394F9F-F956-4865-9A9C-EA89081D496E}] => (Allow) F:\SteamLibrary\steamapps\common\Deadlock\game\bin\win64\project8.exe (Valve Corp. -> )
FirewallRules: [{80371AEC-498A-415D-975C-E679667AEDF1}] => (Allow) F:\SteamLibrary\steamapps\common\Hunt Showdown 1896\hunt.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{19717B25-58A3-454C-A5E9-46FD0BC62CF2}] => (Allow) F:\SteamLibrary\steamapps\common\Hunt Showdown 1896\hunt.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{5D882DDC-2C25-4FA9-BB9D-43DC127FE5A7}] => (Allow) D:\Steam\steamapps\common\Second Chance\SecondChance.exe () [Datei ist nicht signiert]
FirewallRules: [{B80D078D-AD9F-4833-864A-35A85E0B23A0}] => (Allow) D:\Steam\steamapps\common\Second Chance\SecondChance.exe () [Datei ist nicht signiert]
FirewallRules: [{663B9D72-C639-4D76-83ED-A5EC324998CB}] => (Allow) D:\Steam\steamapps\common\Fall Guys\FallGuysEACLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{820A5A6B-F9FD-4D81-A2FB-7A6372DD87BC}] => (Allow) D:\Steam\steamapps\common\Fall Guys\FallGuysEACLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{774CB853-182A-4679-8F22-624677FA6C60}] => (Allow) D:\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [{6DC293A8-0D54-4424-BA1C-B2DEE143E0AA}] => (Allow) D:\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{B5B1D08C-D048-41F3-8227-FC60868FF6D8}E:\uplay\ubisoft game launcher\uplaywebcore.exe] => (Block) E:\uplay\ubisoft game launcher\uplaywebcore.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [TCP Query User{A2D0FB68-DDDD-46A0-849E-55FFA3F89F0E}E:\uplay\ubisoft game launcher\uplaywebcore.exe] => (Block) E:\uplay\ubisoft game launcher\uplaywebcore.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [UDP Query User{92AD0D62-5EAC-4F46-BC24-336F3182A729}F:\steamlibrary\steamapps\common\the first descendant\m1\binaries\win64\m1-win64-shipping.exe] => (Allow) F:\steamlibrary\steamapps\common\the first descendant\m1\binaries\win64\m1-win64-shipping.exe => Keine Datei
FirewallRules: [TCP Query User{C9BF304C-17C1-47F6-B4C8-BCADA56BB714}F:\steamlibrary\steamapps\common\the first descendant\m1\binaries\win64\m1-win64-shipping.exe] => (Allow) F:\steamlibrary\steamapps\common\the first descendant\m1\binaries\win64\m1-win64-shipping.exe => Keine Datei
FirewallRules: [{83528E81-A764-4CF7-B46A-A4D98C2C56DE}] => (Allow) F:\SteamLibrary\steamapps\common\The First Descendant\TheFirstDescendant.exe => Keine Datei
FirewallRules: [{B2D8FB69-7FAB-4322-A21A-ED795598498B}] => (Allow) F:\SteamLibrary\steamapps\common\The First Descendant\TheFirstDescendant.exe => Keine Datei
FirewallRules: [{E5E7DD2A-74D9-4CB8-AEAE-7A6281C38CD5}] => (Allow) D:\Steam\steamapps\common\Golf It!\GolfIt.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{26BEB27D-A5A6-4B65-9CB1-AD06BD79C622}] => (Allow) D:\Steam\steamapps\common\Golf It!\GolfIt.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{11F7DB3E-806C-4E3E-A1E8-0757287BD755}E:\minecraft\minecraft launcher\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe] => (Allow) E:\minecraft\minecraft launcher\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe
FirewallRules: [TCP Query User{3B8C48AD-03C7-415A-8161-2230605EA4E0}E:\minecraft\minecraft launcher\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe] => (Allow) E:\minecraft\minecraft launcher\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe
FirewallRules: [UDP Query User{9A64D962-87CC-46F6-A563-649FDF4832F4}D:\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [TCP Query User{E3D83FC2-0F7B-48F1-8800-3610ADFB73F3}D:\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [UDP Query User{135A28F8-A71E-464F-9C9B-661D1CC83B44}E:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) E:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{D3E8D96A-903E-465C-87DE-91D316CC114D}E:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) E:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{8322ACE3-342C-4DAC-9C1F-609BF21CDCB1}] => (Allow) D:\Steam\steamapps\common\Undertale\UNDERTALE.exe (Toby Fox) [Datei ist nicht signiert]
FirewallRules: [{1D49FE64-86ED-4CA1-B188-B50AF6DCD15C}] => (Allow) D:\Steam\steamapps\common\Undertale\UNDERTALE.exe (Toby Fox) [Datei ist nicht signiert]
FirewallRules: [{1CF289B8-98E6-471D-98B2-879D81296A4B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{2A043CB9-0360-497F-9861-3BA1094B1EF7}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{41D8BA31-9CC8-427A-9CA0-D153263F8FDD}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{A8BE8C57-9500-42C1-8B66-6D002B7F2A45}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{973D09EF-CA41-4E2B-A17B-F53D0AC71F25}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{88A21DB1-D56B-4DD5-9835-486ACE999783}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D171623D-F0B0-4DB5-B384-3E56C6D4F179}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{4F8CF6CD-8FA8-4C9B-9C0C-E5287C1B74C9}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F4FCBDBC-FE4A-4890-B10B-9A3BF32802CA}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{24AC5C61-DE75-47FC-A5C1-9B16503425C1}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C84867BA-4226-42D9-96EE-312F630F14F1}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{A780C0CE-7C3C-4072-9009-3DA32A08DE5A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24047.202.2704.38_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5C7EFADE-4A78-42BB-9F0B-0B32DC25F243}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24047.202.2704.38_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{76D19448-D86E-45EE-9DE4-6312B315C240}] => (Allow) E:\Steam Games\steamapps\common\Lethal Company\Lethal Company.exe => Keine Datei
FirewallRules: [{737C9F97-35C1-4CA6-A6ED-86D66B16C8BB}] => (Allow) E:\Steam Games\steamapps\common\Lethal Company\Lethal Company.exe => Keine Datei
FirewallRules: [UDP Query User{73B881BC-7AED-4A92-BC69-32CF0CE7AB55}F:\once_human_launcher\update\update.exe] => (Allow) F:\once_human_launcher\update\update.exe => Keine Datei
FirewallRules: [TCP Query User{CB37B4AD-6387-49C0-B048-8923EFB7FF36}F:\once_human_launcher\update\update.exe] => (Allow) F:\once_human_launcher\update\update.exe => Keine Datei
FirewallRules: [UDP Query User{57C3B899-2E0E-4FF0-AA47-2AED94C1E1A7}F:\uplay\games\skull and bones (open beta)\skullandbones.exe] => (Allow) F:\uplay\games\skull and bones (open beta)\skullandbones.exe => Keine Datei
FirewallRules: [TCP Query User{56630653-5E6F-4ACF-AD46-60DD8CD27B93}F:\uplay\games\skull and bones (open beta)\skullandbones.exe] => (Allow) F:\uplay\games\skull and bones (open beta)\skullandbones.exe => Keine Datei
FirewallRules: [UDP Query User{582CF127-AE19-4191-843B-2055BD8FE241}F:\cw\bin\engine_launcher.exe] => (Block) F:\cw\bin\engine_launcher.exe => Keine Datei
FirewallRules: [TCP Query User{74DFEADF-E5A4-4E69-81EE-87A7ACD960CD}F:\cw\bin\engine_launcher.exe] => (Block) F:\cw\bin\engine_launcher.exe => Keine Datei
FirewallRules: [UDP Query User{627EA4C4-3087-419C-A4B6-B2BC8EE4F9BE}F:\once_human_launcher\launcher.exe] => (Allow) F:\once_human_launcher\launcher.exe => Keine Datei
FirewallRules: [TCP Query User{C4DFB6D1-495C-4143-9914-7055A667473F}F:\once_human_launcher\launcher.exe] => (Allow) F:\once_human_launcher\launcher.exe => Keine Datei
FirewallRules: [{4C66D9BA-CE8C-4CF1-A0FC-FDAABC007F08}] => (Allow) F:\SteamLibrary\steamapps\common\Lords of the Fallen\LOTF2.exe (EasyAntiCheat Oy -> Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{74D8F12D-7822-4F17-B826-832E3C67EE86}] => (Allow) F:\SteamLibrary\steamapps\common\Lords of the Fallen\LOTF2.exe (EasyAntiCheat Oy -> Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{6A7396DB-6B55-4FB9-8756-ACF0A95AE519}] => (Allow) F:\SteamLibrary\steamapps\common\Lies of P\LOP.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{44A9B8B9-86BF-4E2D-8ABC-6C23A99B15C0}] => (Allow) F:\SteamLibrary\steamapps\common\Lies of P\LOP.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{97F68B4D-443D-4377-8C64-EB8FCD501775}E:\minecraft\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) E:\minecraft\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{AF24D4F2-F4F4-4DDA-A30C-EBC746B5A9CA}E:\minecraft\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) E:\minecraft\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{968C807D-3328-4687-B896-C1D1E4BF7571}F:\steamlibrary\steamapps\common\the finals playtest\discovery\binaries\win64\discovery.exe] => (Allow) F:\steamlibrary\steamapps\common\the finals playtest\discovery\binaries\win64\discovery.exe (Embark Studios AB -> Embark Studios AB)
FirewallRules: [TCP Query User{3D3BDDB4-BD6B-4D64-8452-5BA3611186C1}F:\steamlibrary\steamapps\common\the finals playtest\discovery\binaries\win64\discovery.exe] => (Allow) F:\steamlibrary\steamapps\common\the finals playtest\discovery\binaries\win64\discovery.exe (Embark Studios AB -> Embark Studios AB)
FirewallRules: [UDP Query User{005A61E0-6475-4EB4-BFEE-466C2A975904}C:\users\*****\appdata\local\ubisoft\r6siege\y8s3.3.0_c7840976_d1833079_s54156_62486471\2709369856\rainbowsix.exe] => (Allow) C:\users\*****\appdata\local\ubisoft\r6siege\y8s3.3.0_c7840976_d1833079_s54156_62486471\2709369856\rainbowsix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [TCP Query User{4CAC4B4E-620B-437E-9D4C-94D4C2EB0CD4}C:\users\*****\appdata\local\ubisoft\r6siege\y8s3.3.0_c7840976_d1833079_s54156_62486471\2709369856\rainbowsix.exe] => (Allow) C:\users\*****\appdata\local\ubisoft\r6siege\y8s3.3.0_c7840976_d1833079_s54156_62486471\2709369856\rainbowsix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{85CE5102-D389-4D8A-B5D4-4551FF5046DA}] => (Allow) E:\Uplay\games\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe => Keine Datei
FirewallRules: [{8BF5EA2C-C0A1-4BFC-922D-0A1D5C87729D}] => (Allow) E:\Uplay\games\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe => Keine Datei
FirewallRules: [{73CD227B-8AEC-4ED6-95FD-0CF2D8FCD04F}] => (Allow) E:\Uplay\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => Keine Datei
FirewallRules: [{9595C793-10F6-4745-8B78-ABA720D6FCC4}] => (Allow) E:\Uplay\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => Keine Datei
FirewallRules: [{C0B2CBBA-9B33-4BCC-8E2F-FC72C97DA7F2}] => (Allow) E:\Uplay\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe => Keine Datei
FirewallRules: [{0E6F2F47-4718-41D5-A6A2-4337A97D2962}] => (Allow) E:\Uplay\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe => Keine Datei
FirewallRules: [UDP Query User{2C1F3F73-721C-4206-A5B8-1C78DD373B9F}F:\steamlibrary\steamapps\common\the first descendant steam beta\m1\binaries\win64\m1-win64-shipping.exe] => (Allow) F:\steamlibrary\steamapps\common\the first descendant steam beta\m1\binaries\win64\m1-win64-shipping.exe => Keine Datei
FirewallRules: [TCP Query User{9D10BF0F-F728-4FFD-8EB2-D8429DABDFA0}F:\steamlibrary\steamapps\common\the first descendant steam beta\m1\binaries\win64\m1-win64-shipping.exe] => (Allow) F:\steamlibrary\steamapps\common\the first descendant steam beta\m1\binaries\win64\m1-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{710C8192-4D5D-40FB-A6A0-C3FC8BF6778E}C:\users\*****\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\*****\appdata\local\microsoft\teams\current\teams.exe => Keine Datei
FirewallRules: [TCP Query User{0F838B9C-BA19-4D7B-83BE-04CC1A034857}C:\users\*****\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\*****\appdata\local\microsoft\teams\current\teams.exe => Keine Datei
FirewallRules: [{36D5ABB3-8739-4215-8EA4-B0A4B185F765}] => (Allow) F:\SteamLibrary\steamapps\common\BattleBit Remastered\EasyAntiCheat.exe => Keine Datei
FirewallRules: [{8C1120C6-0279-49D1-A9D5-D9AFCCE60DEC}] => (Allow) F:\SteamLibrary\steamapps\common\BattleBit Remastered\EasyAntiCheat.exe => Keine Datei
FirewallRules: [{3FFAE3C2-92C7-4C7E-B952-E8EAA791EC06}] => (Allow) F:\SteamLibrary\steamapps\common\BattleBit Remastered\BattleBit.exe => Keine Datei
FirewallRules: [{3A006298-1F34-4245-84BA-30BAE00962E8}] => (Allow) F:\SteamLibrary\steamapps\common\BattleBit Remastered\BattleBit.exe => Keine Datei
FirewallRules: [{D35014F7-3492-4800-A41F-E3B55F13BD8F}] => (Allow) F:\SteamLibrary\steamapps\common\BattleBit Remastered\EasyAntiCheat\EasyAntiCheat_EOS_Setup.exe => Keine Datei
FirewallRules: [{FD8E9543-480E-4925-9E63-77D62A2C211A}] => (Allow) F:\SteamLibrary\steamapps\common\BattleBit Remastered\EasyAntiCheat\EasyAntiCheat_EOS_Setup.exe => Keine Datei
FirewallRules: [{5BF3BA26-B52A-4E3C-9095-50A0EC897E0B}] => (Allow) F:\SteamLibrary\steamapps\common\BattleBit Remastered\BattleBitEAC.exe => Keine Datei
FirewallRules: [{17B32968-ECAF-4063-A555-5A1621EB96B9}] => (Allow) F:\SteamLibrary\steamapps\common\BattleBit Remastered\BattleBitEAC.exe => Keine Datei
FirewallRules: [UDP Query User{E32BDD42-985D-4832-83C7-C8597D04500F}D:\battlenetspiele\hearthstone\hearthstone.exe] => (Allow) D:\battlenetspiele\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{B99E344D-1B96-41F4-BE5A-65AAEE755FBA}D:\battlenetspiele\hearthstone\hearthstone.exe] => (Allow) D:\battlenetspiele\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{FA96DEED-7388-4221-AFA4-F77B735385E7}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{843DF07E-5DD9-490B-96B6-2A0097FC5EEC}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{EC33FA36-EE94-4781-AA25-6719F7326431}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe => Keine Datei
FirewallRules: [TCP Query User{112E6030-B9CF-40F0-88F0-CEC9856A47CB}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe => Keine Datei
FirewallRules: [UDP Query User{B63A2158-029B-48AC-A027-A4136CC30B96}D:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe] => (Allow) D:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe (Activision Publishing Inc -> )
FirewallRules: [TCP Query User{C438B8C0-7A23-43CA-8238-12AE7866E6C5}D:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe] => (Allow) D:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe (Activision Publishing Inc -> )
FirewallRules: [UDP Query User{BF469EC8-B530-4B21-A581-FC5D00718146}F:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [TCP Query User{42300BA6-7E85-4032-8BB9-101D377C829C}F:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [{963C1EB7-C3C5-4E8D-9EE0-1768B804B88F}] => (Allow) F:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [{FED4C9D4-EE47-4C5B-9BF7-BB85CDA50AD5}] => (Allow) F:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [UDP Query User{AB4B8445-B676-4240-A316-2BA672208155}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [TCP Query User{F7AC1BC1-23BF-4BDC-84A5-718A4B7AEC37}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [UDP Query User{553A81ED-E35D-426D-B1FF-D87AAC9A94AF}C:\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{335E9238-369B-48B4-995E-53FA5FB62727}C:\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{21560FCB-9894-47A0-8776-59C0F5B13BFB}] => (Allow) F:\SteamLibrary\steamapps\common\Overwatch\Overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{FCE348DA-0634-4856-8F86-623791F305E3}] => (Allow) F:\SteamLibrary\steamapps\common\Overwatch\Overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{572B2301-581A-41ED-B50D-E9635F7AEC90}] => (Allow) D:\Steam\steamapps\common\BioShock Remastered\2KLauncher\LauncherPatcher.exe => Keine Datei
FirewallRules: [{5B25AEB3-579E-4840-99DD-A73BA418F4E8}] => (Allow) D:\Steam\steamapps\common\BioShock Remastered\2KLauncher\LauncherPatcher.exe => Keine Datei
FirewallRules: [{A8963F88-A050-4BDC-AB50-13D202800AAE}] => (Allow) E:\Steam Games\steamapps\common\Metro Last Light\MetroLL.exe => Keine Datei
FirewallRules: [{64306E16-5EE7-41DF-BC64-45C53AACB9B8}] => (Allow) E:\Steam Games\steamapps\common\Metro Last Light\MetroLL.exe => Keine Datei
FirewallRules: [{27C3C457-6073-4C78-8745-642BCFC54498}] => (Allow) E:\Steam Games\steamapps\common\A Plague Tale Requiem\APlagueTaleRequiem_x64.exe => Keine Datei
FirewallRules: [{C1D73A23-1C86-40EE-A399-994B4256F04B}] => (Allow) E:\Steam Games\steamapps\common\A Plague Tale Requiem\APlagueTaleRequiem_x64.exe => Keine Datei
FirewallRules: [{75E64746-EB09-4420-9481-C9147DF3E3D7}] => (Allow) E:\Steam Games\steamapps\common\BorderlandsGOTYEnhanced\Binaries\Win64\Launcher.exe (Gearbox Software) [Datei ist nicht signiert]
FirewallRules: [{E06B1BD4-4E6B-4314-B157-DC73EAD9EBA3}] => (Allow) E:\Steam Games\steamapps\common\BorderlandsGOTYEnhanced\Binaries\Win64\Launcher.exe (Gearbox Software) [Datei ist nicht signiert]
FirewallRules: [{54DC2827-0192-451A-9412-69B40804097D}] => (Allow) F:\SteamLibrary\steamapps\common\Medieval Dynasty\Medieval_Dynasty.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{7FF19725-F73D-4EA1-B0B9-69ECF521F163}] => (Allow) F:\SteamLibrary\steamapps\common\Medieval Dynasty\Medieval_Dynasty.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{46B66630-79ED-4375-9215-470EBE301BA9}] => (Allow) D:\Steam\steamapps\common\Welcome to the Game II\WTTG2.exe () [Datei ist nicht signiert]
FirewallRules: [{A834F1D9-AD64-4123-B0A9-180E877973A4}] => (Allow) D:\Steam\steamapps\common\Welcome to the Game II\WTTG2.exe () [Datei ist nicht signiert]
FirewallRules: [{BCC5BD15-683A-46B7-93AD-5F8103C9EF62}] => (Allow) E:\Steam Games\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [Datei ist nicht signiert]
FirewallRules: [{94C41E3C-EBD0-49D4-A554-AD87CCB20FAD}] => (Allow) E:\Steam Games\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [Datei ist nicht signiert]
FirewallRules: [{7991F2DC-2483-40EF-BA63-9F28D9928D56}] => (Allow) D:\Steam\steamapps\common\Love, Money, Rock-n-Roll\Love, Money, Rock'n'Roll.exe () [Datei ist nicht signiert]
FirewallRules: [{6580265C-1805-47F7-A886-57D0D847BF09}] => (Allow) D:\Steam\steamapps\common\Love, Money, Rock-n-Roll\Love, Money, Rock'n'Roll.exe () [Datei ist nicht signiert]
FirewallRules: [{A94F0BE8-28A8-4176-9F4D-E8C296DF78AF}] => (Allow) D:\Steam\steamapps\common\It gets so lonely here\Itgetssolonelyhere.exe () [Datei ist nicht signiert]
FirewallRules: [{B1DB8236-0DC1-4E78-AB10-24EFB1646664}] => (Allow) D:\Steam\steamapps\common\It gets so lonely here\Itgetssolonelyhere.exe () [Datei ist nicht signiert]
FirewallRules: [{D5F9932D-D2B8-480B-9BF1-8C9EC47D8526}] => (Allow) E:\Steam Games\steamapps\common\Highway Blossoms\HighwayBlossoms.exe () [Datei ist nicht signiert]
FirewallRules: [{695A3227-507B-4336-80AF-5AD1E0105ADC}] => (Allow) E:\Steam Games\steamapps\common\Highway Blossoms\HighwayBlossoms.exe () [Datei ist nicht signiert]
FirewallRules: [{E2A8F213-C96E-46FC-98D6-1370F8FDBF4E}] => (Allow) E:\Steam Games\steamapps\common\Only Up!\OnlyUP.exe => Keine Datei
FirewallRules: [{AE07C4D4-81B2-4EE3-8E96-5CD15DA04389}] => (Allow) E:\Steam Games\steamapps\common\Only Up!\OnlyUP.exe => Keine Datei
FirewallRules: [UDP Query User{E09E402D-BE5C-4D74-93F6-8AE6E10FB04B}F:\battle.net\diablo iv\diablo iv.exe] => (Allow) F:\battle.net\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{294B02C1-6111-48EB-A93A-4E6480E5306C}F:\battle.net\diablo iv\diablo iv.exe] => (Allow) F:\battle.net\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{6C5A4A9A-631F-496B-A1DC-D9D114EC5CF7}C:\users\*****\downloads\revanced-builder-win(2).exe] => (Allow) C:\users\*****\downloads\revanced-builder-win(2).exe => Keine Datei
FirewallRules: [TCP Query User{768F1289-A03D-4941-9085-5774D28CCCF7}C:\users\*****\downloads\revanced-builder-win(2).exe] => (Allow) C:\users\*****\downloads\revanced-builder-win(2).exe => Keine Datei
FirewallRules: [UDP Query User{D08FFBDE-26A0-4681-9922-1A49E59729F9}C:\users\*****\downloads\revanced-builder-win.exe] => (Allow) C:\users\*****\downloads\revanced-builder-win.exe => Keine Datei
FirewallRules: [TCP Query User{6AA1AFC2-E67F-4DFF-B7B6-8346F0F4BC98}C:\users\*****\downloads\revanced-builder-win.exe] => (Allow) C:\users\*****\downloads\revanced-builder-win.exe => Keine Datei
FirewallRules: [{543482D6-73AB-4B8D-984E-0C3CBD7A87B7}] => (Allow) D:\Steam\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{0647C081-7C00-4F12-99D7-F8427E4BCF5D}] => (Allow) D:\Steam\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{5644297A-ED9E-4B7D-AB73-C58C19455ED3}] => (Allow) D:\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network Ltd -> Gaijin)
FirewallRules: [{E52AAB6D-F047-4F42-970E-07954167C6A8}] => (Allow) D:\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network Ltd -> Gaijin)
FirewallRules: [{786C8D23-0A13-43A8-8728-0B4AAE089333}] => (Allow) D:\Steam\steamapps\common\War Thunder\eac_wt_mlauncher.exe => Keine Datei
FirewallRules: [{C71CFF58-24C5-4F00-A984-273FE8FFF7AF}] => (Allow) D:\Steam\steamapps\common\War Thunder\eac_wt_mlauncher.exe => Keine Datei
FirewallRules: [{84E605A5-D251-4853-BD97-23F8165DF08E}] => (Allow) E:\Steam Games\steamapps\common\Factorio\bin\x64\factorio.exe => Keine Datei
FirewallRules: [{B2594B35-6B2D-4756-AEB4-572D5695BB05}] => (Allow) E:\Steam Games\steamapps\common\Factorio\bin\x64\factorio.exe => Keine Datei
FirewallRules: [UDP Query User{BA52C99F-FA94-477F-845B-7F1C4ADE52BD}D:\battlenetspiele\hearthstone\hearthstone.exe] => (Allow) D:\battlenetspiele\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{2F5876E9-9EAF-41DC-B2AB-EE2A1B0F9F13}D:\battlenetspiele\hearthstone\hearthstone.exe] => (Allow) D:\battlenetspiele\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{A3B85BC1-320B-4EF5-A13C-E85CEB40B694}D:\battlenetspiele\diablo iv - beta\diablo iv.exe] => (Allow) D:\battlenetspiele\diablo iv - beta\diablo iv.exe => Keine Datei
FirewallRules: [TCP Query User{A069AC12-91CC-4D58-AEA9-6BD4C6394C41}D:\battlenetspiele\diablo iv - beta\diablo iv.exe] => (Allow) D:\battlenetspiele\diablo iv - beta\diablo iv.exe => Keine Datei
FirewallRules: [{85476134-BC6F-4478-A29E-90704DD7F3C8}] => (Allow) D:\Uplay\games\Trackmania\trackmania.exe => Keine Datei
FirewallRules: [{CDF55534-DE81-4627-8E37-73C1D17A0B84}] => (Allow) D:\Uplay\games\Trackmania\trackmania.exe => Keine Datei
FirewallRules: [{AB7ECC73-2DD8-41FF-B388-5EE8D3523490}] => (Allow) F:\SteamLibrary\steamapps\common\Grounded\Grounded.exe (Obsidian Entertainment, Inc. -> Epic Games, Inc.)
FirewallRules: [{026D0D74-9A40-4660-9D13-D285F39E6C10}] => (Allow) F:\SteamLibrary\steamapps\common\Grounded\Grounded.exe (Obsidian Entertainment, Inc. -> Epic Games, Inc.)
FirewallRules: [{67B4694E-3B2E-44EB-9331-BA09C99C39E3}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta Software GmbH -> )
FirewallRules: [{6690C6BE-9F95-40E2-9CD2-8A9746505CC5}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta Software GmbH -> )
FirewallRules: [{811618D4-59FF-44C7-8C79-D539ECD8E5E7}] => (Allow) F:\SteamLibrary\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [Datei ist nicht signiert]
FirewallRules: [{216BB037-9FD9-4194-8D19-A8CF5C6F571C}] => (Allow) F:\SteamLibrary\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [Datei ist nicht signiert]
FirewallRules: [{73B51FA6-3916-4F1D-9A75-C0C4F823F783}] => (Allow) E:\Steam Games\steamapps\common\Brotato\Brotato.exe (Blobfish Games) [Datei ist nicht signiert]
FirewallRules: [{78758978-2EF7-4A8B-AC8F-1034645A03BE}] => (Allow) E:\Steam Games\steamapps\common\Brotato\Brotato.exe (Blobfish Games) [Datei ist nicht signiert]
FirewallRules: [{7EBE67D7-03BB-4687-ABC4-B31E43E8B17C}] => (Allow) D:\Steam\steamapps\common\Heart of the Woods\HeartoftheWoods.exe () [Datei ist nicht signiert]
FirewallRules: [{0DB33609-F982-4030-B029-0048CB9C0E64}] => (Allow) D:\Steam\steamapps\common\Heart of the Woods\HeartoftheWoods.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{91BF5CD6-0646-4C22-B2AD-303E4B992164}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [TCP Query User{9D2D54AA-D822-4C35-9F19-F4B15FD55E37}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [{3D690979-FDB1-4BDF-8F5C-468AD5940E90}] => (Allow) D:\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => Keine Datei
FirewallRules: [{C9B68410-FDF4-4D8F-8F61-48838F30AC01}] => (Allow) D:\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => Keine Datei
FirewallRules: [UDP Query User{C3A8E1DD-B0E8-4A4E-9A46-958D1D61C4E8}D:\steam\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) D:\steam\steamapps\common\smite\binaries\win64\smite.exe => Keine Datei
FirewallRules: [TCP Query User{459296A4-C1DE-460F-B0EE-561F3A59B888}D:\steam\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) D:\steam\steamapps\common\smite\binaries\win64\smite.exe => Keine Datei
FirewallRules: [UDP Query User{2D5E5B9C-4AF2-4D59-9637-184DE01D9D85}E:\minecraft\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) E:\minecraft\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{55845298-586E-4FF9-8FA7-087C1EC366D4}E:\minecraft\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) E:\minecraft\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{B28C4761-9F34-44AC-9FCF-32D9D015E205}E:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{1DA586FF-E99E-4253-BC6C-5D070DA53ED5}E:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{8F57FBE1-4560-42AE-AFC4-6242D51DEE9E}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{8FBDBD5A-F373-498F-99AF-1A5DF6D60735}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E3FBC3D8-D766-4DAB-AEE3-CF152CE64109}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.91.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F35E099D-4351-4547-B9EA-C6CB984A6AE2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.91.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BF4D40A6-CBE9-4D18-927E-FB197C521C46}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.91.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D4AA349C-480C-4093-8B59-72BB83F0A3D9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.91.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4B3580A6-88BB-4242-A081-852EF8B79E80}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Keine Datei
FirewallRules: [{0F1526D7-4D9D-4CE4-8B65-317C8C786FC5}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Keine Datei
FirewallRules: [{D48D68F5-F3D4-4973-8BC2-366192241C3F}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta Software GmbH -> )
FirewallRules: [{A5CF649C-9A76-419B-A526-460543282983}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta Software GmbH -> )
FirewallRules: [TCP Query User{9A4B7CCA-C456-40FB-AAC7-13B961030B46}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{4D296F51-195F-480B-ACFD-9AB3B70AE664}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{F49ADCA8-189A-4B34-938D-22B995C11567}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta Software GmbH -> )
FirewallRules: [{B2FFF31F-0CA0-4E4A-90FA-62180FBBE71E}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta Software GmbH -> )
FirewallRules: [TCP Query User{CAF4FAFE-3F5F-4FC1-A134-B6C28C5DAC26}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{E9442354-D368-4081-B754-A60CD5CEA4EE}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{70CEAC9A-17F9-4AEC-B939-E32C308705BA}D:\minecraft\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) D:\minecraft\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{BDEBD04A-E843-47C3-ABA4-748FBCF39092}D:\minecraft\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) D:\minecraft\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{7BECE1B7-80AF-4872-9461-1967C5218E6A}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{C26165FE-DF14-4EBB-B72B-74AD8458AF02}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{17FB66B0-7A07-4BDA-B4BD-DC21D37223AD}E:\mozilla firefox\firefox.exe] => (Block) E:\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{E4ACCFC7-8FB9-4E94-BA04-3A69A9ABF4D6}E:\mozilla firefox\firefox.exe] => (Block) E:\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2D2FA72F-3A56-483B-BCC9-2838AF62BA76}] => (Allow) D:\Steam\steamapps\common\Fall Guys\FallGuys_client.exe () [Datei ist nicht signiert]
FirewallRules: [{E5E06FD1-A229-4EB7-9967-0B2C20907CB2}] => (Allow) D:\Steam\steamapps\common\Fall Guys\FallGuys_client.exe () [Datei ist nicht signiert]
FirewallRules: [{94BBBB54-AC28-4A0C-9AA3-0F44FFFB1B32}] => (Allow) D:\Steam\steamapps\common\GarrysMod\hl2.exe => Keine Datei
FirewallRules: [{9B7A3334-CA56-4577-A49A-A82F69867D6C}] => (Allow) D:\Steam\steamapps\common\GarrysMod\hl2.exe => Keine Datei
FirewallRules: [{F50CE1E3-6326-4B48-B709-233D0504EE14}] => (Allow) D:\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe (ZeniMax Media Inc.) [Datei ist nicht signiert]
FirewallRules: [{1901967A-5D63-4F7C-BA0B-6940D2257911}] => (Allow) D:\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe (ZeniMax Media Inc.) [Datei ist nicht signiert]
FirewallRules: [{4176E181-D271-4929-8EA5-5E1819BD56AC}] => (Allow) E:\Steam Games\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{5B06BCCE-73E4-47FD-A0BB-CD14BB9DFA71}] => (Allow) E:\Steam Games\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{BEFF55E9-6A03-446F-88E5-35676286FD78}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe => Keine Datei
FirewallRules: [{6E956D74-2A50-4623-84E7-BAF060C19CCF}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe => Keine Datei
FirewallRules: [{15B1ABF8-63D4-4903-8786-F460EAF9E3CA}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe () [Datei ist nicht signiert]
FirewallRules: [{43557AAC-9267-496B-A229-0378BCE083E9}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe () [Datei ist nicht signiert]
FirewallRules: [{86DA7C95-0275-406E-AAAC-E4732CF83B95}] => (Allow) D:\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [Datei ist nicht signiert]
FirewallRules: [{2F0072E0-4DF5-4CC0-BD9C-670D3832C3F7}] => (Allow) D:\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [Datei ist nicht signiert]
FirewallRules: [{348FE4A0-3127-43D7-854F-AACAA573A99E}] => (Allow) D:\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{D156B2FE-09F6-474E-912C-944DEAAB5B9E}] => (Allow) D:\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{35969F67-6265-46BC-9185-74722EA187B1}] => (Allow) D:\Steam\steamapps\common\ELDEN RING\AdvGuide\ELDEN RING Adventure Guide.exe () [Datei ist nicht signiert]
FirewallRules: [{D61CA4A3-2D3D-451F-81D0-69DB3197075B}] => (Allow) D:\Steam\steamapps\common\ELDEN RING\AdvGuide\ELDEN RING Adventure Guide.exe () [Datei ist nicht signiert]
FirewallRules: [{E4E8F9D6-7BE0-412F-BC28-1CE36EAA87CE}] => (Allow) E:\Steam Games\steamapps\common\VRising\VRising.exe (Stunlock Studios AB -> Stunlock Studios)
FirewallRules: [{7412532A-A6CB-4D69-81DE-82ADD37F279B}] => (Allow) E:\Steam Games\steamapps\common\VRising\VRising.exe (Stunlock Studios AB -> Stunlock Studios)
FirewallRules: [{8F95E14C-EF32-47CF-AE2E-04275969AA68}] => (Allow) D:\Steam\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe => Keine Datei
FirewallRules: [{D195774E-5390-4222-9810-A5A91269975F}] => (Allow) D:\Steam\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe => Keine Datei
FirewallRules: [{B79B5174-4BFD-4F4E-BA8E-7B8811C7CE8B}] => (Allow) D:\Steam\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe => Keine Datei
FirewallRules: [{9126C25E-58AB-4AB1-9F13-259EA923B24F}] => (Allow) D:\Steam\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe => Keine Datei
FirewallRules: [TCP Query User{36DA4214-D18B-4BB4-B372-596197926B08}C:\users\*****\appdata\local\discord\app-1.0.9008\discord.exe] => (Allow) C:\users\*****\appdata\local\discord\app-1.0.9008\discord.exe => Keine Datei
FirewallRules: [UDP Query User{213BC7CB-7D7E-45FC-AC34-B25F1F5D1E57}C:\users\*****\appdata\local\discord\app-1.0.9008\discord.exe] => (Allow) C:\users\*****\appdata\local\discord\app-1.0.9008\discord.exe => Keine Datei
FirewallRules: [TCP Query User{E935E647-6ABD-4467-8348-28A238412C24}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe => Keine Datei
FirewallRules: [UDP Query User{DEEE690C-0B2C-432F-9E0B-95C2F7DC6C93}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe => Keine Datei
FirewallRules: [TCP Query User{B0A765AD-3C5E-482C-AD6B-F342BF0CF0B1}C:\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{A744B06D-7AF9-4F18-A637-5DDC6D9325DC}C:\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{C6791E93-C2A7-4FCF-89EB-7EDFEC7B21E9}] => (Allow) D:\Steam\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [{FADCC394-A5CF-4033-ADE6-1AA624EB11C4}] => (Allow) D:\Steam\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{311BF509-9378-4279-B11B-8438DB593232}D:\minecraft\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) D:\minecraft\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{72F5CD3E-FE63-44D5-93EF-97CDE037CC5A}D:\minecraft\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) D:\minecraft\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe => Keine Datei
FirewallRules: [{28434B82-7D0F-4AC1-9BF7-9F4F6C5DD335}] => (Allow) E:\Uplay\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{23C13FF6-BD68-416D-AB67-3A0712A04820}] => (Allow) E:\Uplay\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{40308B83-F1D2-4DAA-90C6-4A8D38C132D7}] => (Allow) C:\Users\*****\AppData\Local\Soulframe\Downloaded\Public\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{29D8E3DB-4C54-4AC7-9AD0-2946AD74BA38}] => (Allow) F:\Downloaded\Public\Soulframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{16285C06-2318-454A-ACF8-45125AF16C12}] => (Allow) F:\Downloaded\Public\Soulframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{8A345DAA-BF8C-425C-9CDD-18C6896B6F05}] => (Allow) C:\Users\*****\AppData\Local\Soulframe\Downloaded\Public\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{A757F4BF-7E08-4053-A322-A6095E40A308}] => (Allow) C:\Users\*****\AppData\Local\Soulframe\Downloaded\Public\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{4B8DCEA5-85F2-4E40-AF2A-05CE2EA5CCC3}] => (Allow) F:\Downloaded\Public\Soulframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{33008F65-8C4C-4E04-818E-337E57272993}] => (Allow) F:\Downloaded\Public\Soulframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{409049E4-A8A0-4BC9-BEE0-4955EDA24404}] => (Allow) C:\Users\*****\AppData\Local\Soulframe\Downloaded\Public\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{607C79FA-CF6D-4371-88A5-31F78B49AF7C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C395CE6F-F3B8-43B5-81E9-562DBA9B1B60}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A8CB2513-A7D5-4C21-B0BA-B5A65A353420}] => (Allow) G:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{EEA033B9-128F-4B1C-8167-65BC95A42241}] => (Allow) G:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{06A12BE4-2250-4FCE-BE4A-8EC6C85CC0B1}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{2A40EDA6-2C94-4541-8604-706C2ABC943D}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{E26E1F47-9115-4825-90B6-89E71FB6FA05}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{671A2DC9-D664-417D-9181-ECA642049B6C}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{AFDC3363-7D0D-4915-B28A-7F9FD0873FC5}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{61EFB9E9-02D3-42F2-8B8B-4F5B826F2EA3}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{FA2438F9-D019-4B44-883A-E20217CB4686}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{1F121F7E-A3F6-47B9-A916-D41A5B858392}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{522713A5-0BFC-4134-A17B-5FFDB0BA4641}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9EAB13D2-DD8B-4EE5-9D53-7F17779C1172}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{106B898E-69BB-4BA9-BACD-20E7EF5DA5F2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9D12A1CA-1B59-42D4-8323-1377876BB73A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{74D0B10A-BCB1-495F-9047-8DB765FC201D}] => (Allow) D:\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2B2176A2-91E5-4153-8D4A-D15F77A75547}] => (Allow) D:\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)

==================== Wiederherstellungspunkte =========================

04-02-2026 22:04:48 Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211

==================== Fehlerhafte Geräte im Gerätemanager ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI-Ver-/Entschlüsselungscontroller
Description: PCI-Ver-/Entschlüsselungscontroller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (02/07/2026 10:37:48 AM) (Source: Universal Print) (EventID: 1) (User: )
Description: Failed to GetUserSid. hr: 0x8001012d

Error: (02/07/2026 10:37:48 AM) (Source: Universal Print) (EventID: 1) (User: )
Description: Failed to GetUserSid. hr: 0x8001012d

Error: (02/07/2026 10:12:43 AM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Das Programm mmc.exe Version 10.0.26100.7309 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.

Error: (02/06/2026 05:03:13 PM) (Source: Universal Print) (EventID: 1) (User: )
Description: Failed to GetUserSid. hr: 0x8001012d

Error: (02/06/2026 05:03:13 PM) (Source: Universal Print) (EventID: 1) (User: )
Description: Failed to GetUserSid. hr: 0x8001012d

Error: (02/05/2026 05:37:25 PM) (Source: Universal Print) (EventID: 1) (User: )
Description: Failed to GetUserSid. hr: 0x8001012d

Error: (02/05/2026 05:37:25 PM) (Source: Universal Print) (EventID: 1) (User: )
Description: Failed to GetUserSid. hr: 0x8001012d

Error: (02/04/2026 05:04:04 PM) (Source: Universal Print) (EventID: 1) (User: )
Description: Failed to GetUserSid. hr: 0x8001012d


Systemfehler:
=============
Error: (02/07/2026 04:33:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "CredentialEnrollmentManagerUserSvc_1a3670" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/07/2026 04:33:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/07/2026 04:33:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avast Cleanup service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/07/2026 04:33:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avast Driver Updater service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/07/2026 04:33:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avast SecureLine VPN" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/07/2026 04:33:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/07/2026 04:33:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Logitech LampArray Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/07/2026 04:33:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DtsHPXV2Apo4Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Windows Defender:
================Event[0]

Date: 2025-10-22 03:10:17
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.419.167.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.24080.9
Fehlercode: 0x8007045b
Fehlerbeschreibung: Der Computer wird heruntergefahren. 

CodeIntegrity:
===============
Date: 2026-02-05 17:48:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\AI\aimgr.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Microsoft signing level requirements.

Date: 2026-02-05 17:37:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

BIOS: American Megatrends Inc. 0823 11/21/2022
Hauptplatine: ASUSTeK COMPUTER INC. PRIME X670-P
Prozessor: AMD Ryzen 7 7700X 8-Core Processor
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 31895.04 MB
Verfügbarer physikalischer RAM: 22311.24 MB
Summe virtueller Speicher: 33943.04 MB
Verfügbarer virtueller Speicher: 23391.49 MB

==================== Laufwerke ================================

Drive c: (Samsung 980 M2 Boot) (Fixed) (Total:930.65 GB) (Free:617.85 GB) (Model: Samsung SSD 980 PRO 1TB) NTFS
Drive d: (HDD 2TB) (Fixed) (Total:1862.89 GB) (Free:858.97 GB) (Model: ST2000DM001-1ER164) NTFS
Drive e: (HDD 2TB 2.0) (Fixed) (Total:1863.01 GB) (Free:758.98 GB) (Model: ST2000DM006-2DM164) NTFS
Drive f: (Sasmung EVO 870 SSD) (Fixed) (Total:931.5 GB) (Free:142.62 GB) (Model: Samsung SSD 870 EVO 1TB) NTFS
Drive g: (Samsung 990 M2) (Fixed) (Total:1863 GB) (Free:967.54 GB) (Model: Samsung SSD 980 PRO 2TB) NTFS

\\?\Volume{ee0ac38e-23a3-41bb-a267-6efef66b96a2}\ () (Fixed) (Total:0.75 GB) (Free:0.09 GB) NTFS
\\?\Volume{f72bf007-3b64-471e-b7ef-f396cc0b1239}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 18C3B53C)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 2344F2E9)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 3 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 4 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================
Code:
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 07.02.2026
Scan-Zeit: 05:38
Protokolldatei: e7ddec82-03de-11f1-924c-a036bcbebd23.json

-Softwaredaten-
Version: 5.4.6.227
Komponentenversion: 147.0.5453
Version des Aktualisierungspakets: 1.0.0
Lizenz: Kostenlos

-Systemdaten-
Betriebssystem: Windows 11 (Build 26200.7623)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-JT7T9B0\*****

-Scan-Übersicht-
Scan-Typ: Benutzerdefinierter Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 1123210
Erkannte Bedrohungen: 2
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 1 Std., 58 Min., 42 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 2
Malware.AI.431342650, D:\STEAM\STEAMAPPS\COMMON\FINAL FANTASY FFX&FFX-2 HD REMASTER\FMODEX.DLL, Keine Aktion durch Benutzer, 1000000, 0, 1.0.0, 8266261E074A155019B5C43A, dds, 03646260, E676989CD955FF4A874C06B8C749853F, 85664452F2EF04E8A2E2BFAC13D7FBC33515CF5D1291C1A43D63F2E1CED5CCE3
Malware.AI.3920354744, G:\STEAMLIBRARY\STEAMAPPS\COMMON\DEAD ISLAND 2\LIGHTWEIGHTDEBUGGER\LIGHTWEIGHTDEBUGGER.EXE, Keine Aktion durch Benutzer, 1000000, 0, 1.0.0, CD29179F8EAAEEA4E9ABDDB8, dds, 03646260, A9224A375489B906D2E62E4B5B6F395D, 4BB644D46F83AD78D9DC4F45D83CD49F43FAEB1DC4BFD163B27C8577B80AA333

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)
Da die Avast logs die ich finden kann leider alle mehrer Millionen Zeichen lang sind und auch die größe des Uploads übersteigen sind diese erstmal nicht hier.

cosinus 07.02.2026 19:24
Edit: Ich ziehe die Frage zurück, MKDB übernimmt.

M-K-D-B 07.02.2026 19:28
:hallo:


Mein Name ist Matthias und ich werde dir bei der Analyse und Bereinigung deines Systems helfen.




Wir entfernen mit FRST ein paar verwaiste Einträge der Malware sowie von Kaspersky und leeren die temporären Speicher.





Reparatur mit FRST
Bitte gedulde dich, sobald du die Reparatur gestartet hast. Je nach Art und Umfang der notwendigen Reparaturen kann dies einige Minuten dauern.
Eventuell erhältst du während der Reparatur auch die Information "keine Rückmeldung" von FRST. Das ist normal, du musst nichts weiter tun, nur abwarten.

HINWEIS AN ALLE MITLESER:
Dieses FRST-Skript ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System verwendet werden!
  • Speichere deine Arbeiten und schließe alle offenen Programme, damit keine Daten verloren gehen.
  • Markiere den gesamten Inhalt der folgenden Code-Box mit der Maus und kopiere ihn (gleichzeitiges Drücken der beiden Tasten "STRG" + "C"):
    Code:
    Start::
    CreateRestorePoint:
    CloseProcesses:
    AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [3442]
    AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [3442]
    ContextMenuHandlers6: [Kaspersky Free 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> Keine Datei
    ContextMenuHandlers6: [Kaspersky Free 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll -> Keine Datei
    ContextMenuHandlers6: [Kaspersky Free 21.17] -> {0F574355-9FBE-40DB-ACB8-81F6612BB909} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.17\x64\shellex.dll -> Keine Datei
    C:\Program Files (x86)\Kaspersky Lab
    ContextMenuHandlers4: [Kaspersky Free 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> Keine Datei
    ContextMenuHandlers4: [Kaspersky Free 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll -> Keine Datei
    ContextMenuHandlers4: [Kaspersky Free 21.17] -> {0F574355-9FBE-40DB-ACB8-81F6612BB909} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.17\x64\shellex.dll -> Keine Datei
    ContextMenuHandlers1: [Kaspersky Free 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> Keine Datei
    ContextMenuHandlers1: [Kaspersky Free 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll -> Keine Datei
    ContextMenuHandlers1: [Kaspersky Free 21.17] -> {0F574355-9FBE-40DB-ACB8-81F6612BB909} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.17\x64\shellex.dll -> Keine Datei
    ContextMenuHandlers2: [Kaspersky Free 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> Keine Datei
    ContextMenuHandlers2: [Kaspersky Free 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll -> Keine Datei
    ContextMenuHandlers2: [Kaspersky Free 21.17] -> {0F574355-9FBE-40DB-ACB8-81F6612BB909} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.17\x64\shellex.dll -> Keine Datei
    ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
    ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
    ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
    ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
    ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
    ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei
    ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
    ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
    ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
    ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
    ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
    ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
    ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei
    ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
    CustomCLSID: HKU\S-1-5-21-3946404165-2299855374-679032929-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\*****\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => Keine Datei
    REDlauncher (HKLM\...\{5FAC19AE-9120-4D9B-AB70-EE91A5750A9D}) (Version: 4.2.0.4 - CD Projekt RED) Hidden
    AV: Kaspersky (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
    C:\Users\AllUserName\AppData\Local\E234B8748ABB76AC94B6B54DE3E7EE44
    S3 EAAntiCheat; system32\drivers\eaanticheat.sys [X]
    CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
    CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
    Edge HKU\S-1-5-19\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
    Edge HKU\S-1-5-20\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
    Edge HKU\S-1-5-21-3946404165-2299855374-679032929-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
    Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe  (Keine Datei)
    Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe  (Keine Datei)
    Task: {0D761667-6667-4FF5-BA32-3DA6E1153716} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe  LogonUpdateResults (Keine Datei)
    Task: {F1A8034B-8139-46F4-A6BE-22C32E9AAA67} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe  /RunOnAC ReadyToReboot (Keine Datei)
    Task: {2E7984CD-4467-4A03-9C5A-AB2262C215AE} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe  /RunOnBattery ReadyToReboot (Keine Datei)
    Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Keine Datei)
    CMD: netsh winsock reset
    CMD: netsh advfirewall reset
    CMD: netsh advfirewall set allprofiles state ON
    CMD: netsh winhttp reset proxy
    CMD: Bitsadmin /Reset /Allusers
    CMD: Winmgmt /salvagerepository
    CMD: Winmgmt /verifyrepository
    CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
    CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
    CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
    CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
    Hosts:
    RemoveProxy:
    EmptyEventLogs:
    EmptyTemp:
    End::
  • Starte nun FRST und klicke direkt auf den Button Reparieren.
    Wichtig: Du brauchst den Inhalt der Code-Box nirgends einfügen, da sich FRST den Code aus der Zwischenablage holt!
  • Das Tool führt die gewünschten Schritte aus und erstellt die Datei fixlog.txt im selben Verzeichnis, in dem sich FRST befindet.
  • Zum Abschluss wird das System neu gestartet.
  • Poste mir den Inhalt der Datei fixlog.txt mit deiner nächsten Antwort.

DrCobra 07.02.2026 19:47
Danke schonmal für die schnelle Antwort,laut ihm wurde Sie ausgeführt und mit Adminrechten bestätigt. Er kann sich noch daran erinnern das beide Dateien auf .dll enden. Ich denke das wird aber wenig helfen. Reperatur ist durch folgend das Log:
Code:
Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 07-02-2026
durchgeführt von ***** (07-02-2026 19:38:00) Run:1
Gestartet von C:\Users\*****\Downloads
Geladene Profile: *****
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
Start::
CreateRestorePoint:
CloseProcesses:
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [3442]
ContextMenuHandlers6: [Kaspersky Free 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> Keine Datei
ContextMenuHandlers6: [Kaspersky Free 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll -> Keine Datei
ContextMenuHandlers6: [Kaspersky Free 21.17] -> {0F574355-9FBE-40DB-ACB8-81F6612BB909} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.17\x64\shellex.dll -> Keine Datei
C:\Program Files (x86)\Kaspersky Lab
ContextMenuHandlers4: [Kaspersky Free 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> Keine Datei
ContextMenuHandlers4: [Kaspersky Free 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll -> Keine Datei
ContextMenuHandlers4: [Kaspersky Free 21.17] -> {0F574355-9FBE-40DB-ACB8-81F6612BB909} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.17\x64\shellex.dll -> Keine Datei
ContextMenuHandlers1: [Kaspersky Free 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> Keine Datei
ContextMenuHandlers1: [Kaspersky Free 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll -> Keine Datei
ContextMenuHandlers1: [Kaspersky Free 21.17] -> {0F574355-9FBE-40DB-ACB8-81F6612BB909} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.17\x64\shellex.dll -> Keine Datei
ContextMenuHandlers2: [Kaspersky Free 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> Keine Datei
ContextMenuHandlers2: [Kaspersky Free 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll -> Keine Datei
ContextMenuHandlers2: [Kaspersky Free 21.17] -> {0F574355-9FBE-40DB-ACB8-81F6612BB909} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.17\x64\shellex.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
CustomCLSID: HKU\S-1-5-21-3946404165-2299855374-679032929-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\*****\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => Keine Datei
REDlauncher (HKLM\...\{5FAC19AE-9120-4D9B-AB70-EE91A5750A9D}) (Version: 4.2.0.4 - CD Projekt RED) Hidden
AV: Kaspersky (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
C:\Users\AllUserName\AppData\Local\E234B8748ABB76AC94B6B54DE3E7EE44
S3 EAAntiCheat; system32\drivers\eaanticheat.sys [X]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
Edge HKU\S-1-5-19\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-20\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-21-3946404165-2299855374-679032929-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe  (Keine Datei)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe  (Keine Datei)
Task: {0D761667-6667-4FF5-BA32-3DA6E1153716} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe  LogonUpdateResults (Keine Datei)
Task: {F1A8034B-8139-46F4-A6BE-22C32E9AAA67} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe  /RunOnAC ReadyToReboot (Keine Datei)
Task: {2E7984CD-4467-4A03-9C5A-AB2262C215AE} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe  /RunOnBattery ReadyToReboot (Keine Datei)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Keine Datei)
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh winhttp reset proxy
CMD: Bitsadmin /Reset /Allusers
CMD: Winmgmt /salvagerepository
CMD: Winmgmt /verifyrepository
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
Hosts:
RemoveProxy:
EmptyEventLogs:
EmptyTemp:
End::
*****************

Wiederherstellungspunkt wurde erfolgreich erstellt.
Prozesse erfolgreich geschlossen.
C:\ProgramData\mntemp => ":8EAD8B3507" ADS erfolgreich entfernt
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk" => ":09A0A90EF3" ADS nicht gefunden.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Kaspersky Free 21.15 => erfolgreich entfernt
HKLM\Software\Classes\CLSID\{AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => erfolgreich entfernt
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Kaspersky Free 21.16 => erfolgreich entfernt
HKLM\Software\Classes\CLSID\{AE776072-9FCA-48AF-941C-5759266BB644} => erfolgreich entfernt
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Kaspersky Free 21.17 => erfolgreich entfernt
HKLM\Software\Classes\CLSID\{0F574355-9FBE-40DB-ACB8-81F6612BB909} => erfolgreich entfernt

"C:\Program Files (x86)\Kaspersky Lab" Ordner verschieben:

C:\Program Files (x86)\Kaspersky Lab => erfolgreich verschoben
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Kaspersky Free 21.15 => erfolgreich entfernt
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Kaspersky Free 21.16 => erfolgreich entfernt
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Kaspersky Free 21.17 => erfolgreich entfernt
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Kaspersky Free 21.15 => erfolgreich entfernt
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Kaspersky Free 21.16 => erfolgreich entfernt
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Kaspersky Free 21.17 => erfolgreich entfernt
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\Kaspersky Free 21.15 => erfolgreich entfernt
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\Kaspersky Free 21.16 => erfolgreich entfernt
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\Kaspersky Free 21.17 => erfolgreich entfernt
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => erfolgreich entfernt
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => erfolgreich entfernt
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => erfolgreich entfernt
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => erfolgreich entfernt
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => erfolgreich entfernt
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => erfolgreich entfernt
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => erfolgreich entfernt
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => erfolgreich entfernt
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => erfolgreich entfernt
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => erfolgreich entfernt
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => erfolgreich entfernt
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => erfolgreich entfernt
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => erfolgreich entfernt
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => erfolgreich entfernt
HKU\S-1-5-21-3946404165-2299855374-679032929-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a} => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5FAC19AE-9120-4D9B-AB70-EE91A5750A9D}\\SystemComponent" => erfolgreich entfernt
"AV: Kaspersky (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}" => erfolgreich entfernt
"C:\Users\ProgramData\AppData\Local\E234B8748ABB76AC94B6B54DE3E7EE44" => nicht gefunden
"C:\Users\Default\AppData\Local\E234B8748ABB76AC94B6B54DE3E7EE44" => nicht gefunden
C:\Users\*****\AppData\Local\E234B8748ABB76AC94B6B54DE3E7EE44 => erfolgreich verschoben
"C:\Users\Public\AppData\Local\E234B8748ABB76AC94B6B54DE3E7EE44" => nicht gefunden
HKLM\System\CurrentControlSet\Services\EAAntiCheat => erfolgreich entfernt
EAAntiCheat => Dienst erfolgreich entfernt
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm => erfolgreich entfernt
HKLM\SOFTWARE\Google\Chrome\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm => erfolgreich entfernt
HKU\S-1-5-19\SOFTWARE\Microsoft\Edge\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm => erfolgreich entfernt
HKU\S-1-5-20\SOFTWARE\Microsoft\Edge\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm => erfolgreich entfernt
HKU\S-1-5-21-3946404165-2299855374-679032929-1001\SOFTWARE\Microsoft\Edge\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Location\Notifications => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0D761667-6667-4FF5-BA32-3DA6E1153716}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D761667-6667-4FF5-BA32-3DA6E1153716}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F1A8034B-8139-46F4-A6BE-22C32E9AAA67}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1A8034B-8139-46F4-A6BE-22C32E9AAA67}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2E7984CD-4467-4A03-9C5A-AB2262C215AE}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E7984CD-4467-4A03-9C5A-AB2262C215AE}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => erfolgreich entfernt

========= netsh winsock reset =========


Der Winsock-Katalog wurde zurückgesetzt.
Sie müssen den Computer neu starten, um den Vorgang abzuschließen.



========= Ende von CMD: =========


========= netsh advfirewall reset =========

OK.



========= Ende von CMD: =========


========= netsh advfirewall set allprofiles state ON =========

OK.



========= Ende von CMD: =========


========= netsh winhttp reset proxy =========


Aktuelle WinHTTP-Proxyeinstellungen:

    DirectAccess (kein Proxyserver).



========= Ende von CMD: =========


========= Bitsadmin /Reset /Allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

{4959A998-0C10-401A-909B-F7F2ABFDD475} canceled.
1 out of 1 jobs canceled.


========= Ende von CMD: =========


========= Winmgmt /salvagerepository =========

Das WMI-Repository ist konsistent.


========= Ende von CMD: =========


========= Winmgmt /verifyrepository =========

Das WMI-Repository ist konsistent.


========= Ende von CMD: =========


========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellungen wurden erfolgreich aus dem Systemsicherungsspeicher neu erstellt.


========= Ende von CMD: =========


========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellungen wurden erfolgreich aus dem Systemsicherungsspeicher neu erstellt.


========= Ende von CMD: =========


========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellungen wurden erfolgreich aus dem Systemsicherungsspeicher neu erstellt.


========= Ende von CMD: =========


========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellungen wurden erfolgreich aus dem Systemsicherungsspeicher neu erstellt.


========= Ende von CMD: =========

C:\Windows\System32\Drivers\etc\hosts => erfolgreich verschoben
Hosts erfolgreich wiederhergestellt.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-21-3946404165-2299855374-679032929-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-3946404165-2299855374-679032929-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========== EmptyEventLogs: ==========

1259 Event logs cleared.


================================

=========== EmptyTemp: ==========

FlushDNS => abgeschlossen
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12951529 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1918280759 B
Windows/system/drivers => 105744253 B
Edge => 445132135 B
Chrome => 284932099 B
Firefox => 1859975751 B
Opera => 0 B

Local\Temp, Local\*.tmp, LocalLow\Temp, Roaming\Temp, Roaming\*.tmp , IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 180 B
systemprofile32 => 0 B
LocalService => 2627148 B
NetworkService => 3750 B
***** => 168800315 B

RecycleBin => 16142409 B
EmptyTemp: => 4.5 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 19:40:46 ====

M-K-D-B 07.02.2026 19:50
Gut gemacht. :daumenhoc


Lass mal ESET zur Kontrolle bitte laufen.

Führe ESET Online Scanner (EOS) gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei.

DrCobra 07.02.2026 22:29
Scan ist fertig, folgend das Log:
Code:
07.02.2026 22:26:09
Geprüfte Dateien: 1010989
Erkannte Dateien: 3
Gesäuberte Dateien: 4
Scandauer gesamt 02:31:17
Scanstatus: Abgeschlossen
C:\Program Files\Avast Software\Browser\AvastBrowserUninstall.exe        a variant of Win32/Avast.AVGSecureBrowser.A potentially unwanted application,a variant of Win32/CCleaner.A potentially unsafe application        cleaned by deleting

E:\Genshin Impact\Genshin Impact Game\mhyprot2.Sys        Win64/VulnDriver.miHoYo.I potentially unsafe application        cleaned by deleting

E:\Steam Games\steamapps\common\SugarStyle\SugarStyle.exe        Win32/GameTool.KE potentially unsafe application        cleaned by deleting


Alle Zeitangaben in WEZ +1. Es ist jetzt 01:45 Uhr.

Copyright ©2000-2026, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132